APNIC Routing Workshop

Similar documents
APNIC Training. Internet Routing Registry (IRR)

Internet Routing Registry Tutorial

Welcome! APNIC Internet Routing Registry Tutorial. In conjunction with SANOG IV

APNIC Internet Routing Registry. Tutorial Seoul 19 August 2003

IP addressing. Overview. IP addressing Issues and solution Variable Length Subnet Mask (VLSM)

APNIC Internet Routing Registry

Small additions by Dr. Enis Karaarslan, Purdue - Aaron Jarvis (Network Engineer)

Routing Concepts. IPv4 Routing Forwarding Some definitions Policy options Routing Protocols

Routing Basics. ISP Workshops. Last updated 10 th December 2015

Routing Basics ISP/IXP Workshops

Routing Basics. Routing Concepts. IPv4. IPv4 address format. A day in a life of a router. What does a router do? IPv4 Routing

TDC 363 Introduction to LANs

Route Filtering. Types of prefixes in IP core network: Internal Prefixes External prefixes. Downstream customers Internet prefixes

IPv6 Protocol Architecture

Introduction to Routing

Routing Basics ISP/IXP Workshops

Route Filtering. Types of prefixes in IP core network: Internal Prefixes External prefixes. Downstream customers Internet prefixes

IPv6 Protocol & Structure. npnog Dec, 2017 Chitwan, NEPAL

Building the Routing Table. Introducing the Routing Table Directly Connected Networks Static Routing Dynamic Routing Routing Table Principles

Chapter 7: Routing Dynamically. Routing & Switching

APNIC Routing II Workshop

Routing Basics. Campus Network Design & Operations Workshop

OSI Data Link & Network Layer

Top-Down Network Design, Ch. 7: Selecting Switching and Routing Protocols. Top-Down Network Design. Selecting Switching and Routing Protocols

Routing Basics. ISP Workshops

CHAPTER 4: ROUTING DYNAMIC. Routing & Switching

Introduction to IPv6

debug ip ospf database external default-metric subnet area 0 stub distribute-list in Serial0/1

Top-Down Network Design

Routing Protocol Type Primarily IGP or EGP RIP Distance-Vector IGP EIGRP OSPF IS-IS BGP

Networking Fundamentals IPv6 APNIC 44. TAICHUNG, TAIWAN 7-14 September 2017

ABR (Area Border Router), 206, 216 access, dedicated networks, 23 access layer, three-layer hierarchical design model, 6

Chapter 3. Introduction to Dynamic Routing Protocols. CCNA2-1 Chapter 3

Chapter 5 RIP version 1

Introduction. Keith Barker, CCIE #6783. YouTube - Keith6783.

OSI Data Link & Network Layer

APNIC Internet Routing Registry. Kuala Lumpur, Malaysia, February 2004 APNIC 17 Open Policy Meeting

MPLS VPN C H A P T E R S U P P L E M E N T. BGP Advertising IPv4 Prefixes with a Label

OSI Data Link & Network Layer

Introduction to BGP. ISP/IXP Workshops

Top-Down Network Design

Unit 3: Dynamic Routing

Inter-networking. Problem. 3&4-Internetworking.key - September 20, LAN s are great but. We want to connect them together. ...

Routing, Routing Algorithms & Protocols

APNIC elearning: Internet Registry Policies. Revision:

BGP in the Internet Best Current Practices

Connecting to a Service Provider Using External BGP

LEA Workshop. Champika Wijayatunga & George Kuo, APNIC Wellington, New Zealand 09, May, 2013

Recommended IOS Releases. BGP in the Internet. Which IOS? Which IOS? 12.2 IOS release images IOS release images is the old mainline train

Basic Idea. Routing. Example. Routing by the Network

IPv6 Protocols & Standards

Introduction to OSPF

Internet Routing Protocols, DHCP, and NAT

Routing by the Network

Internet Network Protocols IPv4/ IPv6

Planning for Information Network

Back to basics J. Addressing is the key! Application (HTTP, DNS, FTP) Application (HTTP, DNS, FTP) Transport. Transport (TCP/UDP) Internet (IPv4/IPv6)

BGP Best Current Practices. ISP/IXP Workshops

internet technologies and standards

Chapter 4: Advanced Internetworking. Networking CS 3470, Section 1

BGP101. Howard C. Berkowitz. (703)

shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

Introduction to BGP. ISP Workshops. Last updated 30 October 2013

Campus Networking Workshop CIS 399. Core Network Design

ISO 9001:2008. Pankaj Kumar Dir, TEC, DOT

Chapter 7: IP Addressing CCENT Routing and Switching Introduction to Networks v6.0

Introduction to IP Routing

Connecting to a Service Provider Using External BGP

RIP Version 2. The Classless Brother

Transitioning to IPv6

Chapter 7 Routing Protocols

IPv4/IPv6 BGP Routing Workshop. Organized by:

Chapter 18 and 22. IPv4 Address. Data Communications and Networking

Introduction to Dynamic Routing Protocols

Why dynamic route? (1)

A few notes. The following slides are NOT from the online curriculum. However, they do cover the same topics using different examples.

Part II. Chapter 3. Determining IP Routes

APNIC Internet Resource Management (IRM) Cyber Security & Network Security March, 2017 Dhaka, Bangladesh

This appendix contains supplementary Border Gateway Protocol (BGP) information and covers the following topics:

IP Routing Volume Organization

Introduction to Local and Wide Area Networks

Internet Routing Protocols Tuba Saltürk

Networking 101 ISP/IXP Workshops

Information About Routing

Operation Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

BGP Best Current Practices. ISP/IXP Workshops

EE 122: Inter-domain routing Border Gateway Protocol (BGP)

Two types of routing protocols are used in internetworks: interior gateway protocols (IGPs) and exterior gateway protocols (EGPs).

Symbols. Numerics I N D E X

Routing Overview. Information About Routing CHAPTER

Draft Manuscript Draft M. Manuscript Draft Ma. t Manuscript Draft Manu. ipt Draft Manuscript Dra. anuscript Draft Manuscri

SEMESTER 2 Chapter 3 Introduction to Dynamic Routing Protocols V 4.0

Chapter 5. RIP Version 1 (RIPv1) CCNA2-1 Chapter 5

Welcome! 31 August 2004, Nadi, Fiji APNIC 18 Open Policy Meeting. Introduction Presenters. Objectives. APNIC Members Training Course

Routing Protocols and

CCNP 1: Advanced Routing

IP Addressing & Interdomain Routing. Next Topic

APNIC elearning: BGP Basics. 30 September :00 PM AEST Brisbane (UTC+10) Revision: 2.0

CCNA 3 (v v6.0) Chapter 5 Exam Answers % Full

Introduction to OSPF

Transcription:

APNIC Routing Workshop Surabaya, Indonesia 13-15 November, 2013 Proudly Supported by:

Presenter Champika Wijayatunga Training Unit Manager, APNIC Champika is responsible for managing its training activities in the Asia Pacific region and brings several years of experience, having worked in a number of countries in the IT industry, academia, research, and training environments. Areas of interests: Internet Resource Management, IPv6, DNS/DNSSEC, Network Security Contact: champika@apnic.net

Presenters Wita Laksono Internet Resource Analyst, APNIC Wita is responsible for analyzing IP address and AS number requests from APNIC members. He also supports APNIC helpdesk and skilled in Network Engineering aspects. Areas of interests: Internet Resource Management, IPv6 Contact: wita@apnic.net

Agenda Managing Internet Resources Routing Fundamentals IPv6 Overview Network Design and Address Planning Interior Gateway Protocol (IGP) OSPF (Case Study) Exterior Gateway Protocol (EGP) BGP (Case Study) 4

Managing Internet Resources 5

Internet Resource Management Conservation Efficient use of resources Based on demonstrated need Aggregation Limit routing table growth Support provider-based routing Registration Ensure uniqueness Facilitate troubleshooting Uniqueness, fairness and consistency

IPv4 Address Space Source: NRO

APNIC IPv4 Distribution

IPv6 Address Space Source - NRO

Allocation and Assignment Allocation A block of address space held by an IR (or downstream ISP) for subsequent allocation or assignment Not yet used to address any networks Assignment A block of address space used to address an operational network May be provided to ISP customers, or used for an ISP s infrastructure ( selfassignment ) 10

Allocation and Assignment APNIC Allocates to APNIC Member /8 (IPv4) /12 (IPv6) APNIC Allocation APNIC Member Allocates to downstream Downstream Assigns to end-user Assigns to end-user Customer / End User /24 (IPv4) /40 (IPv6) Sub- Allocation /27 /26 /25, /48 /22 (IPv4) /32 (IPv6) Member Allocation Customer Assignments /26, /56 /27, /64

Portable and Non-Portable Portable Assignments Customer addresses independent from ISP Keeps addresses when changing ISP Bad for size of routing tables Bad for QoS: routes may be filtered, flap-dampened Non-portable Assignments Customer uses ISP s address space Must renumber if changing ISP Only way to effectively scale the Internet Portable allocations Allocations made by APNIC/NIRs ISP Allocation ISP Customer assignments Customer assignments 12

Address Management Hierarchy /12 APNIC Allocation /12 APNIC Allocation Member Allocation Portable /32 Sub-allocation /40 Non-Portable Assignment Portable /48 Assignment Non-Portable /64 - /48 /64 - /48 Assignment Non-Portable Describes portability of the address space 13

Global Routing Table IPv4 http://bgp.potaroo.net/as1221/bgp-active.html 481809 prefixes As of 16 Oct 2013 Sustainable growth? Projected routing table growth without CIDR CIDR deployment Dot-Com boom

Global Routing Table IPv6 Source: http://bgp.potaroo.net/v6/as2.0/

Questions?

Routing Fundamentals

Graphics / Symbols Used Router (layer 3, IP datagram forwarding) Network Access Server (layer 3, IP datagram forwarding ) Ethernet switch (layer 2, packet forwarding)

What is a Routing Protocol? A set of rules defined to facilitate the exchanges of routing information between routers (Layer 3 device) inside networks Builds routing tables dynamically based on updates from its neighbours Allows the router to find the best path in a network that has more than one path to a remote network. Maintains connectivity between devices within the network.

Routing Protocol Behaviour Updates Layer 3 routing devices, to route the data across the best path Learns participating routers advertised routes to discover their neighbors Learned routes are stored inside the routing table

What is Routing? Routing is the method of delivering an item from one location to another Example Post Mail = delivery is being done via Post Office In a router network environment, it forwards traffic to a logical device destination interface. Routers perform two functions to deliver the packets to their destination: 1. Routing: Learning the logical topology of the network to store the path inside the routing table to where the traffic should flow 2. Switching: Forwarding the packets from an inbound interface to the outbound interface within the router

Distinction between Routed and Routing Protocols Routed protocols Layer3 datagram that carry the information required in transporting the data across the network Routing protocols Handles the updating requirement of the routers within the network for determining the path of the datagram across the network

Routing and Routed Protocols Routed protocol Routing protocol AppleTalk IPX Vines DecNet IV IP RTMP, AURP, EIGRP RIP, NLSP, EIGRP RTP DecNet RIPv2, OSPF, IS-IS, BGP and (Cisco Systems proprietary) EIGRP,

Routing Requirements Activation of the protocol suite from such devices participating in the network Knowledge of the network destination Must have an available entry in the routing table Must have a valid and current route entry Interface presenting the best route path Outbound interface with the lowest metric path

Routing Information A routing table entry must contain the following information: Network field Outgoing interface Metric field Next-hop field

Network Field Contains information of entries Networks learned (destination logical network or subnets) Manually (static or default routes) Dynamically (learned from routing protocol as dynamic routes) Information recorded is the entry on where to forward traffic to its destination when the datagram is received.

Outgoing Interface Field Interface to where the router sends the datagram Informs the administrator of interface where the update came through

Metric Field Used to determine which path to use if there are multiple paths to the remote network Provides the value to select the best path But take note of the administrative distance selection process J

Routing Protocol Metrics Routing protocol Metric RIPv2 Hop count EIGRP Bandwidth, delay, load, reliability, MTU OSPF IS-IS Cost (the higher the bandwidth indicates a lowest cost) Cost

Administrative Distance The method used for selection of route priority of IP routing protocol. The lowest administrative distance is preferred. Manually entered routes are preferred over dynamically learned routes Static routes Default routes Dynamically learned routes depend on the routing protocol metric calculation algorithm. For default metric values, the smallest metric value is preferred.

Administrative Distance Chart (Cisco) Route sources Default distance Connected interface 0 Static route out an interface 0 Static route to a next hop 1 External BGP 20 IGRP 100 OSPF 110 IS-IS 115 RIP v1, v2 120 EGP 140 Internal BGP 200 Unknown 255

Next Hop Field Contains the destination address of the next forwarding router Address of the next hop (outgoing interface) usually within the same subnet ibgp (exemption to the rule) Identifies the next hop so that the router can create the Layer2 frame with the destination address

Routing Table Sample (Cisco) Cisco-router#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set????????????? 202.41.143.0/24 is variably subnetted, 2 subnets, 2 masks S 202.41.143.0/24 is directly connected, Null0 C 202.41.143.17/32 is directly connected, Loopback0 O E2 10.110.0.0 [110/5] via 10.119.254.6, 0:01:00, Ethernet2 O 10.67.10.0 [110/128] via 10.119.254.244, 0:02:22, Ethernet2 B 217.170.115.0/24 [20/0] via 12.123.29.249, 5d16h Sample only

Routing Table Updates Routing table entry accuracy is required to make sure of the following: Table entries are current and correct New networks are inserted into the table Best path is available to reach the destination network Alternative routes are available to reach the destination network Networks that is no longer available should not be seen in the routing table Depends on the routing protocol

Routing Decisions The main goal of the routing decision is to maintain a path that is valid and free from routing loops to the destination network, regardless of whether it is single hop or a multiple hop path The decision is made based on the metric value in the routing table Using the sum of the metrics associated with the default routing protocol value and the intermediate connections

Router Traffic Forwarding Forwards traffic to the out-bound interface Routing table entry ensures that the network topology is learnt Routing table entries that contain the information of the routes learned from other routers

Classful and Classless Distinction

Types of Routing Protocols Routing protocols are essentially applications inside the router designed to ensure correct and timely exchange of information within the network The IP routing protocol has several distinctions which can be divided into different groups The first is the group is how the routing protocol handles the subnet mask sent during the routing update The early routing protocols don t support this but the newer one s like RIP2, OSPF, ISIS, BGP4 support it. The distinctions are called classful and classless

Classful routing protocol (obsolete) Periodic updates are done by the routing protocol does not carry out subnet or routing masks because the assumption is always based on network bit boundaries does not support VLSM which makes it inefficient for addressing the network This has been obsolete for a long time but for knowledge purposes there are two protocols designed for it. RIPv1 IGRP It has created constraints to IP network design due to its limitations

Classless Routing Protocol Classless routing protocol was designed to overcome the constraints from classful routing OSPF IS-IS EIGRP (Cisco) BGP lead also to the development of RIP2

Characteristics of Classless Routing Support for different subnet mask values Routers can be configured to have different subnet masks (VLSM) Supports route summarisation Manual configuration Supports Classless Interdomain Routing (CIDR) architecture

Distance Vector

Distance Vector Routing Protocol Another distinction based on the behavior of learning the path to the destination network Distance vector and Link-State protocols Distance vector routing protocol Early technology of IP routing protocols (RIPv2) Concept design was for small networks

Distance Vector Operation Maintains its own table by sending its own modified table for updates Sends updates to directly connected neighbors is done in a periodic manner. This is commonly known as the (routing by rumor) the timer needs to reach the expiration stage before the next update will be sent NOTE: Updating of the tables affects the entire routing table, except those networks learned from interfaces where update is sent

Link-state

Link-State Routing Protocol Link-state routing protocol was designed to overcome the limitation of Distance Vector routing protocol. The main goal is to achieve the following: Maintain a loop-free and accurate table Utilises multicast address and make updated based on incremental Fast convergence of the network Reduce the network overhead during updates Selection of best path based on link status Routing protocols that support link-state are: OSPF IS-IS

Link-state Operation Link state operates through its main concern focusing on the link connected to the router (not the routes) Changes in the link state is propagated to its neighboring routers to maintain the same image of the network topology among each neighbors Uses the router s CPU resources instead of bandwidth like Distance Vector When there is a state change the incremental update is sent to neighboring routers immediately, remains silent if there s no change in the link state.

Link-state Operation Maintains the topology map of the network for easy local network table updates via incremental updates OSPF = Link State Advertisement (LSA) Dijkstra algorithm used to compute the new topology map of the network Metric used in Link-state is stated as cost Equipment vendors default value setting can be overridden in manual configuration

Link-State Comparison Chart Characteristic OSPF IS-IS Hierarchical topology X X Retains knowledge of all possible routes X X Routes summarisation - manual X X Event-triggered announcement X X Load balancing equal path X X VLSM support X X Routing algorithm Dijkstra IS-IS Metric Cost Cost Hop Count limit Unlimited 1024 Scalability Large Vry-Lrg

Interior and Exterior Routing Protocols Other group distinctions with routing protocols are simplified as the protocols used for internal or external networks Interior Routing protocol used to maintain routes within the organisation Routing protocols that support it are: RIPv2, OSPF, IS-IS, EIGRP (Cisco) Exterior Routing protocol used to maintain routes connecting to different organisations Exchange routing information between organisations Using Exterior Gateway Protocol (EGP) Border Gateway Protocol version 4 (BGP-4)

Addressing Issues and Solutions

IP Addressing Issues Exhaustion of IPv4 addresses Wasted address space in traditional subnetting Limited availability of /8 subnet addresses Internet routing table growth Size of the routing table due to higher number prefix announcement Tremendous growth of the Internet

IP Addressing Solutions Subnet masking and summarisation Variable-length subnet mask definition Hierarchical addressing Classless InterDomain Routing (CIDR) Routes summarisation (RFC 1518) Private address usage (RFC 1918) Network address translation (NAT) Development of IPv6 addresses

Subnetting Overview Allows the creation of additional sub-networks by simply moving the network boundary to the right When the contiguous 1s are added, it indicates by how many bits the network portion will be extended The sub-network is calculated by the 2 n where n is the number of extended bits.

Addressing Hierarchy Support for easy troubleshooting, upgrades and manageability of networks Performance optimisation Scalable and more stable Less network resources overhead (CPU, memory, buffers, bandwidth) Faster routing convergence

Addressing Hierarchy Example Upstream A Upstream B Border Core IXP A Distribution IXP B POP Access Access POP

Addressing Hierarchical (cont.) Network Number 192.168.0.0/16 Core 192.168.32.0/19 Upstream A Upstream B Border Core IXP A Distribution IXP B Distribution/Core 192.168.32.0/21 Access/Distribution 192.168.48.0/21 POP Access Access POP

Variable Length Subnet Mask Allows the ability to have more than one subnet mask within a network Allows re-subnetting create sub-subnet network addresses Increase the route capabilities Addressing hierarchy Summarisation

Calculating VLSM Example Subnet 192.168.0.0/24 into smaller subnet Subnet mask with /27 and /30 (point-to-point) 192.168.1.0/24 192.168.0.0/16 192.168.0.1/30 192.168.0.32/27 192.168.2.0/24 192.168.0.5/30 192.168.0.64/27 192.168.0.9/30 192.168.0.96/27

Calculating VLSM Example (cont.) Subnet 192.168.0.0/24 into smaller subnets Subnet mask with /30 (point-to-point) Description Decimal Binary Network Address 192.168.0.0/30 x.x.x.00000000 1 st valid IP 192.168.0.1/30 x.x.x.00000001 2 nd valid IP 192.168.0.2/30 x.x.x.00000010 Broadcast address 192.168.0.3/30 x.x.x.00000011

Calculating VLSM Example (cont.) Subnet 192.168.0.0/24 into smaller subnets Subnet mask with /27 Description Decimal Binary Network Address Valid IP range 192.168.0.33-192.168.0.62 192.168.0.32/27 x.x.x.00000000 x.x.x.00000001 x.x.x.00000010 Broadcast address 192.168.0.63/30 x.x.x.00011111

Calculating VLSM Example (cont.) Subnet 192.168.0.0/24 into smaller subnets Subnet mask with /27 Description Decimal VSLM Host Host range 1 st subnet 192.168.0.0/27 x.x.x.000 0-31 2 nd subnet 192.168.0.32/2 7 3 rd subnet 192.168.0.64/2 7 4 th subnet 192.168.0.96/2 7 x.x.x.001 31-63 00000 x.x.x.010 64-95 x.x.x.011 96-127 n = 5 (n is the remaining subnet bits ) 2n 5 = 30 host per subnet

Summarisation of Routes

Route Summarisation Allows the presentation of a series of networks in a single summary address. Advantages of summarisation Faster convergence Reducing the size of the routing table Simplification Hiding Network Changes Isolate topology changes

Summarisation Example Router C summarises its networks (2 x/24) before announcing to its neighbors (routers B and D) Router A combined the networks received from B, C, D and announce it as single /16 routing to Internet 192.168.128.0/20 192.168.128.0/20 B 192.168.0.0/24 192.168.1.0/24 C 192.168.0.0/23 192.168.0.0/16 A Internet 192.168.64.0/20 192.168.64.0/20 D

Route summarisation Subnet 192.168.0.0/24 and 192.168.1.0/24 combining then to become a bigger block of address /23 Network Subnet Mask Binary 192.168.0.0 255.255.255.0 x.x.00000000.x 192.168.1.0 255.255.255.0 x.x.00000001.x Summary 192.168.0.0/23 x.x.00000010.x 192.168.0.0 255.255.252.0 x.x.00000010.x

Discontiguous Networks A network not using routing protocols that support VLSM creates problems Router will not know where to send the traffic Creates routing loops or duplication Summarisation is not advisable for networks that are discontiguous Turn off summarisation Alternative solution but understand the scaling limitation Find ways to re-address the network Can create disastrous situation

CIDR Solution Advantage CIDR offers the advantage of reducing the routing table size of the network by summarising the ISP announcement into a single /21 advertisement 192.168.1.0/24 B 192.168.1.0/24 192.168.2.0/24 192.168.2.0/24 192.168.0.0/21 192.168.3.0/24 C 192.168.3.0/20 A Internet 192.168.4.0/24 192.168.4.0/24 D

A day in a life of a router find path forward packet, forward packet, forward packet, forward packet... find alternate path forward packet, forward packet, forward packet, forward packet repeat until powered off

Routing versus Forwarding Routing = building maps and giving directions Forwarding = moving packets between interfaces according to the directions

IP Routing finding the path Path derived from information received from a routing protocol Several alternative paths may exist best path stored in forwarding table Decisions are updated periodically or as topology changes (event driven) Decisions are based on: topology, policies and metrics (hop count, filtering, delay, bandwidth, etc.)

IP route lookup Based on destination IP address longest match routing More specific prefix preferred over less specific prefix Example: packet with destination of 10.1.1.1/32 is sent to the router announcing 10.1/16 rather than the router announcing 10/8.

IP route lookup Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 R2 10/8 R3 10.1/16 R4 20/8 R5 30/8 R6.. R2 s IP routing table R4 10.1/16 announced from here

IP route lookup: Longest match routing Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 R2 10/8 R3 10.1.1.1 && FF.0.0.0 10.1/16 R4 vs. 20/8 R5 10.0.0.0 && FF.0.0.0 30/8 R6.. R2 s IP routing table Match! R4 10.1/16 announced from here

IP route lookup: Longest match routing Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 R2 10/8 R3 10.1/16 R4 20/8 R5 30/8 R6.. R2 s IP routing table 10.1.1.1 && FF.FF.0.0 vs. 10.1.0.0 && FF.FF.0.0 R4 10.1/16 announced Match as well! from here

IP route lookup: Longest match routing Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 R2 10/8 R3 10.1/16 R4 20/8 R5 30/8 R6.. R2 s IP routing table 10.1.1.1 && FF.0.0.0 vs. 20.0.0.0 && FF.0.0.0 R4 Does not match! 10.1/16 announced from here

IP route lookup: Longest match routing Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 R2 10/8 R3 10.1/16 R4 20/8 R5 10.1.1.1 && FF.0.0.0 30/8 R6 vs... 30.0.0.0 && FF.0.0.0 R2 s IP routing table R4 Does not match! 10.1/16 announced from here

IP route lookup: Longest match routing Based on destination IP address Packet: Destination IP address: 10.1.1.1 R3 10/8 announced from here R1 10/8 R3 10.1/16 R4 20/8 R5 30/8 R6.. R2 s IP routing table R2 Longest match, 16 bit netmask R4 10.1/16 announced from here

FYI: Cisco IOS Default Administrative Distances Route Source Default Distance Connected Interface 0 Static Route 1 Enhanced IGRP Summary Route 5 External BGP 20 Internal Enhanced IGRP 90 IGRP 100 OSPF 110 IS-IS 115 RIP 120 EGP 140 External Enhanced IGRP 170 Internal BGP 200 Unknown 255

Questions?

The Internet Routing Registry (IRR) 81

What is a Routing Registry? A repository (database) of Internet routing policy information Autonomous Systems exchanges routing information via BGP Exterior routing decisions are based on policy based rules However BGP does not provides a mechanism to publish/ communicate the policies themselves RR provides this functionality Routing policy information is expressed in a series of objects Stability and consistency of routing Network operators share information

What is a Routing Registry? RIPE ARIN, ArcStar, FGC, Verio, Bconnex, Optus, Telstra,... RADB CW APNIC Connect IRR = APNIC RR + RIPE DB + RADB + C&W + ARIN +

What is Routing Policy? Description of the routing relationship between autonomous systems Who are my BGP peers? Customer, peers, upstream What routes are: Originated by each neighbour? Imported from each neighbour? Exported to each neighbour? Preferred when multiple routes exist? What to do if no route exists? What routes to aggregate?

Representation of Routing Policy AS1 AS2 NET1 NET2 In order for traffic to flow from NET2 to NET1 between AS1 and AS2: AS1 has to announce NET1 to AS2 via BGP And AS2 has to accept this information and use it Resulting in packet flow from NET2 to NET1

Representation of Routing Policy AS1 AS2 NET1 NET2 In order for traffic to flow towards from NET1 to NET2: AS2 must announce NET2 to AS1 And AS1 has to accept this information and use it Resulting in packet flow from NET 1 to NET2

RPSL Routing Policy Specification Language Object oriented language Based on RIPE-181 Structured whois objects Higher level of abstraction than access lists RFC 2622 RFC 2725 Describes things interesting to routing policy: Routes, AS Numbers Relationships between BGP peers Management responsibility RFC 2650

Routing Policy Examples Basic concept AS 1 AS 2 action pref the lower the value, the preferred the route aut-num: AS1 import: from AS2 action pref= 100; accept AS2 export: to AS2 announce AS1 aut-num: AS2 import: from AS1 action pref=100; accept AS1 export: to AS1 announce AS2

Routing Policy Examples AS 123 AS4 AS5 AS5 More complex example: AS10 AS4 gives transit to AS5, AS10 AS4 gives local routes to AS123

Routing Policy Examples AS 123 AS4 AS5 AS5 aut-num: AS4 import: from AS123 action pref=100; accept AS123 import: from AS5 action pref=100; accept AS5 import: from AS10 action pref=100; accept AS10 export: to AS123 announce AS4 export: to AS5 announce AS4 AS10 export: to AS10 announce AS4 AS5 Not a path AS10

Routing Policy Examples AS123 transit traffic over link2 AS4 AS6 link3 private link1 More complex example AS4 and AS6 private link1 AS4 and AS123 main transit link2 backup all traffic over link1 and link3 in event of link2 failure

Routing Policy Examples AS123 transit traffic over link2 AS4 AS representation AS6 link3 private link1 aut-num: AS4 import: from AS123 action pref=100; accept ANY Full routing received import: from AS6 action pref=50; accept AS6 High preference for AS6 import: from AS6 action pref=200; accept ANY export: to AS6 announce AS4 Lower preference for backup route export: to AS123 announce AS4

Inter-related IRR Objects aut-num: AS1 tech-c: mnt-by: KX17-AP MAINT-EX route: origin: 202.0.16.0/24 AS1 mnt-by: MAINT-EX inetnum: 202.0.16.0-202.0.16.255 tech-c: KX17-AP mnt-by: MAINT-EX person: nic-hdl: KX17-AP mntner: MAINT-EX

Hierarchical Authorisation mnt-routes authenticates creation of route objects creation of route objects must pass authentication of mntner referenced in the mntroutes attribute Format: mnt-routes: <mntner> In: inetnum aut-num route

Authorisation Mechanism inetnum: 202.137.181.0 202.137.196.255 netname: SPARKYNET-TC descr: SparkyNet Service Provider mnt-by: APNIC-HM mnt-lower: MAINT-SPARKYNET1-TC mnt-routes: MAINT-SPARKYNET2-TC This object can only be modified by APNIC Creation of more specific objects (assignments) within this range has to pass the authentication of MAINT-SPARKYNET Creation of route objects matching/within this range has to pass the authentication of MAINT-SPARKYNET-WF

Creating Route Objects Multiple authentication checks: Originating ASN mntner in the mnt-routes is checked If no mnt-routes, mnt-lower is checked If no mnt-lower, mnt-by is checked AND the address space Exact match & less specific route mnt-routes etc Exact match & less specific inetnum mnt-routes etc AND the route object mntner itself The mntner in the mnt-by attribute aut-num inetnum route route

Creating Route Objects 4 route route: 202.137.240/20 origin: AS1 1 2 IP address range inetnum: 202.137.240.0 202.137.255.255 mnt-routes: MAINT-WF-EXNET AS number aut-num: AS1 mnt-routes: MAINT-WF-EXNET 5 maintainer mntner: MAINT-WF-EXNET auth: CRYPT-PW klsdfji9234 3 1. Create route object and submit to APNIC RR database 2. DB checks aut-num obj corresponding to the ASN in route obj 3. Route obj creation must pass auth of mntner specified in aut-num mnt-routes attribute. 4. DB checks inetnum obj matching/encompassing IP range in route obj 5. Route obj creation must pass auth of mntner specified in inetnum mnt-routes attribute.

Using Routing Registry

IRRToolSet Set of tools developed for using the Internet Routing Registry (IRR) Work with Internet routing policies These policies are stored in IRR in the Routing Policy Specification Language (RPSL) The goal of the IRRToolSet is to make routing information more convenient and useful for network engineers Tools for automated router configuration, Routing policy analysis On-going maintenance etc.

Use of RPSL RtConfig RtConfig part of IRRToolSet Reads policy from IRR (aut-num, route & -set objects) and generates router configuration vendor specific: Cisco, Bay's BCC, Juniper's Junos and Gated/RSd Creates route-map and AS path filters Can also create ingress / egress filters

Why use IRR and RtConfig? Benefits of RtConfig Avoid filter errors (typos) Expertise encoded in the tools that generate the policy rather than engineer configuring peering session Filters consistent with documented policy (need to get policy correct though)

Using the Routing Registry Define your routing policy Enter policy in IRR Run RtConfig Apply config to routers router Costs config Upstream Upstream no access-list Requires 101 some initial access-list 101 permit ip 10.4.200.0 0.0.4.0 routing 255.255.252.0 0.0.0.0 access-list 101 permit ip 10.4.208.0 0.0.0.0 255.255.252.0 0.0.0.0 access-list 101 permit ip 10.20.0.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list planning 101 permit ip 10.187.65.0 0.0.0.0 255.255.255.0 policy 0.0.0.0 access-list 101 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255! no route-map AS3001-EXPORT! Takes some time to route-map AS3001-EXPORT permit 1 match ip address 101! peer AS1 router define bgp 4003 & register policy neighbor 10.3.15.4 route-map AS3001-EXPORT out cust cust IRR Need to maintain data in cust cust RR peer Benefits router config You have a clear idea routing of no access-list 101 policy IRR access-list 101 permit ip 10.4.200.0 0.0.4.0 255.255.252.0 0.0.0.0 your routing access-list 101 permit ip 10.4.208.0 policy 0.0.0.0 255.255.252.0 0.0.0.0 access-list 101 permit ip 10.20.0.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 101 permit ip 10.187.65.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 101 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 RtConfig! Consistent no route-map AS3001-EXPORT config over! route-map AS3001-EXPORT permit 1 match ip address 101 the whole! network router bgp 4003 neighbor 10.3.15.4 route-map AS3001-EXPORT out Less manual maintenance in the long run

APNIC RR integrated in Whois DB Facilitates network troubleshooting Registration of routing policies Generation of router configurations Provides global view of routing

Questions?

IPv6 Overview 105

IPv6 Addressing An IPv6 address is 128 bits long So the number of addresses are 2^128 = 340282366920938463463374607431768211455 In hex, 4 bits (also called a nibble ) is represented by a hex digit 2001:DC0:A910:: nibbles 1010 1001 0001 0000

IPv6 Address Representation RFC 5952 Hexadecimal values of eight 16 bit fields X:X:X:X:X:X:X:X (X=16 bit number, ex: A2FE) 16 bit number is converted to a 4 digit hexadecimal number Case insensitive Example: FE38:DCE3:124C:C1A2:BA03:6735:EF1C:683D Abbreviated form of address FE80:0023:0000:0000:0000:036E:1250:2B00 FE80:23:0:0:0:36E:1250:2B00 FE80:23::36E:1250:2B00 (Null value can be used only once) Leading zeroes Groups of zeroes Double colons

IPv6 Address Representation (2) Double colons (::) representation RFC5952 recommends that the rightmost set of :0: be replaced with :: for consistency 2001:db8:0:2f::5 rather than 2001:db8::2f:0:0:0:5 In a URL, it is enclosed in brackets (RFC3986) http://[2001:db8:4f3a::206:ae14]:8080/index.html Cumbersome for users, mostly for diagnostic purposes Use fully qualified domain names (FQDN) Prefix Representation Representation of prefix is just like IPv4 CIDR In this representation, you attach the prefix length IPv6 address is represented as: 2001:db8:12::/40

IPv6 Addressing 2001:0DB8:DEAD:BEEF:1AB6:503F:A804:71D9 0010 0000 0000 0001 0000 1101 1011 1000 1101 1110 1010 1101 1011 1110 1110 1111 0001 1010 1011 0110 1001 0000 0011 1111 1010 1000 0000 0100 0111 0001 1101 1001 128 bits is reduced down to 32 hex digits

Exercise 1. 2001:0db8:0000:0000:0000:0000:0000:0000 2. 2001:0db8:0000:0000:d170:0000:1000:0ba8 3. 2001:0db8:0000:0000:00a0:0000:0000:10bc 4. 2001:0db8:0fc5:007b:ab70:0210:0000:00bb

Unicast address Address given to interface for communication between host and router Global unicast address currently delegated by IANA 001 FP Global routing prefix Subnet ID Interface ID 3bits 45 bits 16 bits 64 bits Local use unicast address Link-local address (starting with FE80::) 1111111010 000.0000 Interface ID 10 bits 54 bits 64 bits

Global Addresses With Network Prefix IPV6 Global Unicast Address Global Unicast Range: 0010 2000::/3 0011 3000::/3 All five RIRs are given a /12 from the /3 to further distribute within the RIR region APNIC 2400:0000::/12 ARIN 2600:0000::/12 AfriNIC 2C00:0000::/12 LACNIC 2800:0000::/12 Ripe NCC 2A00:0000::/12 112

Global Addresses With Network Prefix 6to4 Addresses 2002::/16 Designed for a special tunneling mechanism [RFC 3056] to connect IPv6 Domains via IPv4 Clouds Automatic tunnel transition Mechanisms for IPv6 Hosts and Routers Need 6to4 relay routers in ISP network

Local Addresses With Network Prefix Link Local Address A special address used to communicate within the local link of an interface (i.e. anyone on the link as host or router) The address in the packet destination would never pass through a router (local scope) Mandatory address - automatically assigned as soon as IPv6 is enabled fe80::/10

Local Addresses With Network Prefix 128 Bits Remaining 54 Bits Interface ID 1111 1110 10 FE80::/10 10 Bits Remaining 54 bits could be Zero or any manual configured value

Examples and Documentation Prefix Two address ranges are reserved for examples and documentation purpose by RFC 3849 For example 3fff:ffff::/32 For documentation 2001:0DB8::/32 116

Special addresses The unspecified address A value of 0:0:0:0:0:0:0:0 (::) It is comparable to 0.0.0.0 in IPv4 The loopback address It is represented as 0:0:0:0:0:0:0:1 (::1) Similar to 127.0.0.1 in IPv4

Interface ID The lowest-order 64-bit field addresses may be assigned in several different ways: auto-configured from a 48-bit MAC address expanded into a 64-bit EUI-64 assigned via DHCP manually configured auto-generated pseudo-random number possibly other methods in the future

EUI-64 Mac Address 0 0 2 6 B 0 E 5 8 3 3 C EUI-64 Address 0 0 2 6 B 0 E 5 8 3 3 C 0 0 0 0 0 0 0 0 U/L bit F F F E 0 0 0 0 0 0 1 0 Interface Identifier 0 2 2 6 B 0 F F F E E 5 8 3 3 C

Initial IPv6 Allocation To qualify for an initial allocation of IPv6 address space, an organization must: Not be an end site (must provide downstream services) Plan to provide IPv6 connectivity to organizations to which it will make assignments Meet one of the two following criteria: Have a plan for making at least 200 assignments to other organizations within two years OR Be an existing ISP with IPv4 allocations from an APNIC or an NIR, which will make IPv6 assignments or sub-allocations to other organizations and announce the allocation in the inter-domain routing system within two years

One Click IPv6 Policy Members with IPv4 holdings can click the button in MyAPNIC to instantly receive their IPv6 block No forms to fill out! Get your IPv6 addresses icon in the main landing page at MyAPNIC A Member that has an IPv4 allocation is eligible for a /32 A Member that has an IPv4 assignment is eligible for a /48

IPv6 addressing structure 128 bits 1 64 65 Network Prefix Interface ID 128 32 16 16 64 ISP /32 Customer Site /48 End Site Subnet /64 Device 128 Bit Address

IPv6 Assignment Policy Assignment address space size Minimum of /64 (only 1 subnet), Normal maximum of /48, Larger end-site assignment can be justified In typical deployments today Several ISPs gives small customers a /56 or a /60 and Single LAN end sites a /64, e.g., /64 if end-site will ever only be a LAN /60 for small end-sites (e.g. consumer) /56 for medium end-sites (e.g. small business) /48 for large end-sites Assignment of multiple /48s to a single end site Documentation must be provided Will be reviewed at the RIR/NIR level Assignment to operator s infrastructure /48 per PoP as the service infrastructure of an IPv6 service operator

Subnetting Network engineers must have a solid understanding of subnetting Important for address planning IPv6 subnetting is similar (if not exactly the same) as IPv4 subnetting Note that you are working on hexadecimal digits rather than binary 0 in hex = 0000 in binary 1 in hex = 0001 in binary

Subnetting (Example) Provider A has been allocated an IPv6 block 2001:DB8::/32 Provider A will delegate /48 blocks to its customers Find the blocks provided to the first 4 customers

Subnetting (Example) Original block: Rewrite as a /48 block: 2001:0DB8::/32 2001:0DB8:0000:/48 This is your network prefix! How many /48 blocks are there in a /32? /32 /48 = 2128 32 2 Find only the first 4 /48 blocks 2 296 = = 216 128 48 80

Subnetting (Example) 2001:0DB8:0000::/48 Start by manipulating the LSB of your network prefix write in BITS In bits 2001:0DB8: 0000 0000 0000 0000 ::/48 2001:0DB8: 0000 0000 0000 0001 ::/48 2001:0DB8: 0000 0000 0000 0010 ::/48 2001:0DB8: 0000 0000 0000 0011 ::/48 2001:0DB8:0000::/48 2001:0DB8:0001::/48 2001:0DB8:0002::/48 2001:0DB8:0003::/48 Then write back into hex digits

Exercise 1.1: IPv6 subnetting Identify the first four /64 address blocks out of 2001:DB8:0::/48 1. 2. 3. 4.

Exercise 1.2: IPv6 subnetting Identify the first four /36 address blocks out of 2406:6400::/32 1. 2. 3. 4.

Exercise 1.3: IPv6 subnetting Identify the first six /35 address blocks out of 2406:6400::/32 1. 2. 3. 4. 5. 6.

Configuration of IPv6 Nodes There are 3 ways to configure IPv6 address on an IPv6 node: Static address configuration DHCPv6 assigned node address Autoconfiguration (New feature in IPv6)

Configuration of IPv6 Nodes Stateless mechanism For a site not concerned with the exact addresses No manual configuration required Minimal configuration of routers No additional servers Stateful mechanism For a site that requires tighter control over exact address assignments Needs a DHCPv6 server

IPv6 Autoconfiguration RFC 4862 IPv6 Stateless Address Autoconfiguration (SLACC) Allow a host to obtain or create unique addresses for its interface/s Manual configuration should not be required Even if no servers/routers exist to assign an IP address to a device, the device can still auto-generate an IP address Small sites should not require DHCPv6 server to communicate Plug and play Allows interfaces on the same link to communicate with each other Facilitate the renumbering of a site s machines

Interface ID The lowest-order 64-bit field addresses May be assigned in several different ways: auto-configured from a 48-bit MAC address expanded into a 64-bit EUI-64 assigned via DHCP manually configured auto-generated pseudo-random number possibly other methods in the future

EUI-64 Mac Address 3 4 5 6 7 8 9 A B C D E EUI-64 Address 3 4 5 6 7 8 9 A B C D E 0 0 1 1 0 1 0 0 U/L bit F F F E 0 0 1 1 0 1 1 0 Interface Identifier 36 5 6 7 8 F F F E 9 A B C D E EUI-64 address is formed by inserting FFFE and OR ing a bit identifying the uniqueness of the MAC address

IPv6 Addressing Examples LAN: 2001:db8:213:1::/64 Ethernet0 interface Ethernet0 ipv6 address 2001:db8:213:1::/64 eui-64 MAC address: 0060.3e47.1530 router# show ipv6 interface Ethernet0 Ethernet0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::260:3EFF:FE47:1530 Global unicast address(es): 2001:db8:213:1:260:3EFF:FE47:1530, subnet is 2001:db8:213:1::/64 Joined group address(es): FF02::1:FF47:1530 FF02::1 FF02::2 MTU is 1500 bytes

Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback