My journey to CCIE RS — IP Routing 1

This is the first article about IP Routing of my notes series, gathered over years of work and studies until I pass the CCIE RS lab. Nearly 400 pages of notebook with key notes and remarks that I found important when working with Routing and Switching for almost 15 years. During this series, some technologies presented are no longer used, but I’ll post anyway because I’m digitizing everything :)

I believe this information will help not only with the certification exam, but also on the daily lives of others (like me) when dealing with Cisco infrastructure.

For those who have not read the previous articles, follow the 2 links on “Switching 1”, “Switching 2”, “PPP” and “Frame relay”. Below is the first part about “IP Routing” exploring Administrative Distances, Switching and Routing Proccess, ODR and types of backup routing.

IP Routing

3 main steps:

1. Routing — find exit interface (routing protocols)
2. Switching — move packets between interfaces. This step is where etherchannel, load balancing and any L2 decision happens, use of Global FIB or Local FIB…
3. Encapsulation — L2 header construction

The main difference between Routing and Switching is that the routing process reconstructs the L2 header into a hop-by-hop process.

Routing Process

Matches most bits between routes and destination using RIB or FIB longest match. It then uses route recursion to find the destination interface (exit).

For multiple “longest matches”:

• different protocols -> lowest AD
• same protocol -> smallest metric

Administrative Distances

• 0 — Connected
• 1 — Static
• 5 — EIGRP summary
• 20 — EBGP
• 90 — EIGRP
• 110 — OSPF
• 120 — RIP
• 170 — EIGRP EX
• 200 — iBGP

AD Preferences

• EBGP — If the route was received through EBGP, it is probably external to the AS.
• Internal IGP — If the route is internal, then we must use IGP.
• iBGP — By the opposite logic, if the route is internal we should always try to use IGP before iBGP.

NOTE: OSPF does not differentiate internal and external routes with different ADs, and this can cause problems.

NOTE: RIP cannot even distinguish internal and external routes, so most loop problems occur between RIP and other routing protocols.

Every static route has AD 1, although many books say it is 0 (zero). Also there is no way to set a route to AD 0.

Switching Proccess

Makes all L2 decisions:

• process, FAST, CEF
• load balancing
• uses Global FIB or Local FIB
• etc

Multiple routes in the routing table may be used differently. It is up to the Switching Process to determine how to use it.

CEF always performs deterministic search with 4 searches (1 for each octet) regardless of A.B.C.D address. In this way, CEF populates the data plane entirely, before it operates (copies the RIB to the FIB), and will always succeed with the 4 surveys (thus deterministic behavior).

Here’s a great article about switching forms in IOS: http://www.itcertnotes.com/2012/04/cisco-ios-packet-switching.html

Process Switching performs top-down search based on routing table organization. There is no way to predict the table organization and the search is performed by package (it s#ck$).

Fast Switching is performed by the data plane that caches the mapping when the first packet is received. Therefore the data plane is populated as targets are used in real time (while CEF is fully pre-calculated).

• NOTE: On modular equipment (eg catalyst 6500) the modules stores local copies of the data plane.

Very low level books about operating system, queueing, memory management, etc:

• Cisco Express Forwarding
• Inside Cisco IOS Software Architecture

Usually the L2 header remains unchanged between L2 interfaces, changing if NAT is used, QoS change, etc.

• Encapsulation on multipoint interfaces requires L3 -> L2 resolution.
• Tunnels on P2P interfaces do not need an L2 address because by definition they are P2P.

Routing Process

• For Next-Hop:
• — interface recursion
• — if multipoint, perform next-hop resolution L3 -> L2
• For Multipoint interface:
• — recursion is not required
• — perform L2 resolution for final destination:
• — — ethernet proxy-arp
• — — NBMA mappings
• For Point-to-Point interface (the simplest):
• — no recursion required
• — no L2 resolution required

Routing to multipoint interfaces is not a good solution because you need each destination’s L2 address (not next-hop).

You can use next-hop + multipoint interface, but since CEF copies the correct L2 destination mapping in the Data Plane (FIB), there is no need to specify the interface.

The easiest and most efficient way to route is through the P2P interface because you don’t have to do recursive searching or L3 -> L2 resolution.

Proxy ARP accounts for all other IP addresses that you have routes with your MAC.

Local Proxy ARP responds for local addresses (from other interfaces) with your MAC.

Default Routing

• For Next-hop
• — Use next-hop L2 address for all destinations
• For Point-to-point interface
• — No resolution L3 -> L2 is required
• For Multipoint interface
• — All devices require L3 -> L2 resolution
• — May cause problems with L3 -> L2 mapping table size

NOTE: If the edge router uses default routing for a multipoint interface and its peer uses ARP Proxy, the number of destinations pointing to the peer can be monstrous and will fill ARP CACHE (needs one entry for each destination).

It is possible to point an address range to the multipoint interface and map the L3 destination addresses to the correct L2. This is a form of static routing in L2 (… workaround).

In short… static routing for multipoint interface is shit :)

• ip default-gateway
• — only with disabled routing
• ip default-network
• — prefix is marked as default in routing propagations
• — must be a classful network that is not directly connected

<Ip default-network> was created primarily because RIP v1 and IGRP did not support route announcement 0.0.0.0. It does not install a default route, it just adds a “candidate default” tag.

On-Demand Routing (ODR)

• Uses CDP to propagate networks directly connected to the “hub”.
• Hub propagates only default route to the “stub” router via CDP because the stub only has 1 outbound link.
• Routing protocols are not allowed on the stub. The moment any protocol is enabled, prefix propagation is disabled from CDP.

NOTE: CDP is disabled by default on main frame-relay multipoint interfaces (on subinterfaces is enabled).

ODR is based on CDP, therefore:

• To disable ODR propagation, simply disable CDP
• ODR CDP timer = keepalive
• CDP holdtime = ODR holdtime

Floating Static Routes

• These are static routes with the highest AD, used as a backup to another route.
• Routes must have the same size.
• Convergence time is directly related to interface status.

Backup Interface

It comes from dial-up technologies where the dial-up interface should only be enabled if the main one disconnects, because it usually is “on-demand charging”.

Performs line protocol tracking on the primary interface.

• If line protocol is UP, backup interface remains in “standby”.
• If line protocol is DOWN, backup interface remains “active”.

It has a load threshold option for the main interface.

Manually disabling the primary interface does not enable the backup interface :( Backup remains disabled to prevent dial-in connections from being unintentionally activated ($$$). So, to test, you need to disable the main interface by other means (line protocol).

But line protocol status is not a good indicator of end-to-end connectivity. This happens with any technology that has intermediate devices (eg switches, frame relay, etc.).

NOTE: This feature is AD-independent, so you can take preferred routes from RIB by setting as back up interface.

On Frame relay:

• Main interface is only affected by local link failures, so dropping the interface on the other side does not affect the main interface because multipoint interface tracks multiple circuits.
• Multipoint subinterface remains UP / UP if any DLCI remains active.
• P2P subinterface remains UP / UP if DLCI remains active.

NOTE: If possible, always use P2P because it simplifies L3 -> L2 resolution and is theoretically a good indication of end-to-end connectivity.

F-relay between ISPs usually travels through MPLS tunneling, so end-to-end LMI will not work in these cases (after all, it does not pass LMI).

Does this IP Routing content help you in everyday tasks?

Is it missing something important?

Tell me in the comments.

If you like this content, please share. Don’t forget to follow me and TechRebels by clicking “follow” down below :)

About the author:

Giuliano Barros is Network Consultant at PS Network Experts.

Gratuated in Computer Science, CCIE certified by Cisco Systems and work for 15 years with projects for medium and big size companies.

linkedin.com/in/giulianobarros