Optimal routing design

Techniques for optimizing large-scale IP routing operation and managing network growth Understand the goals of scalable network design, including tradeoffs between network scaling, convergence speed, and resiliency Learn basic techniques applicable to any network design, including hierarchy, addressing, summarization, and information hiding Examine the deployment and operation of EIGRP, OSPF, and IS-IS protocols on large-scale networks Understand when and how to use a BGP core in a large-scale network and how to use BGP to connect to external networks Apply high availability and fast convergence to achieve 99.999 percent, or "five 9s" network uptime Secure routing systems with the latest routing protocol security best practices Understand the various techniques used for carrying routing information through a VPN Optimal Routing Design provides the tools and techniques, learned through years of experience with network design and deployment, to build a large-scale or scalable IP-routed network. The book takes an easy-to-read approach that is accessible to novice network designers while presenting invaluable, hard-to-find insight that appeals to more advanced-level professionals as well. Written by experts in the design and deployment of routing protocols, Optimal Routing Design leverages the authors' extensive experience with thousands of customer cases and network designs. Boiling down years of experience into best practices for building scalable networks, this book presents valuable information on the most common problems network operators face when seeking to turn best effort IP networks into networks that can support Public Switched Telephone Network (PSTN)-type availability and reliability. Beginning with an overview of design fundamentals, the authors discuss the tradeoffs between various competing points of network design, the concepts of hierarchical network design, redistribution, and addressing and summarization. This first part provides specific techniques, usable in all routing protocols, to work around real-world problems. The next part of the book details specific information on deploying each interior gateway protocol (IGP)-including EIGRP, OSPF, and IS-IS-in real-world network environments. Part III covers advanced topics in network design, including border gateway protocol (BGP), high-availability, routing protocol security, and virtual private networks (VPN). Appendixes cover the fundamentals of each routing protocol discussed in the book; include a checklist of questions and design goals that provides network engineers with a useful tool when evaluating a network design; and compare routing protocols strengths and weaknesses to help you decide when to choose one protocol over another or when to switch between protocols. "The complexity associated with overlaying voice and video onto an IP network involves thinking through latency, jitter, availability, and recovery issues. This text offers keen insights into the fundamentals of network architecture for these converged environments." -John Cavanaugh, Distinguished Services Engineer, Cisco Systems (R) This book is part of the Networking Technology Series from Cisco Press' which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Contents Foreword Introduction Part I Network Design Overview Chapter 1 Network Design Goals and Techniques Goals for Network Design Reliability Packet Delivery Reliability Packet Delivery Times Delay and Jitter Budgets The Impact of Network Design on Delay and Jitter Budgets Reliability and Resiliency Defining Network Failure Network Recovery Time Manageability Day-to-Day Operational Maintenance Taking a Network Baseline Network Documentation Emergency Management Scalability Redundancy How Redundancy Increases Resiliency Statistical Analysis How Redundancy Can Increase Management Complexity How Redundancy Can Reduce Scalability Layering Hiding Information Hiding Topology Information Hiding Reachability Information Separate Functionality Summary Review Questions Chapter 2 Applying the Fundamentals Hierarchical Design Abstraction Through Layering Horizontal Layers in a Network Layer Functions Forwarding Traffic Aggregation of Routing Information Definition and Implementation of Routing Policies User Attachment Controlling Traffic Admittance into the Network Network Hierarchies Two-Layer Hierarchy Three-Layer Hierarchy Determining How Many Layers to Use in Network Design Hiding Layers Within Layers Creating Layers Creating Choke Points Separating Complexity from Complexity Addressing and Summarization Assigning Addresses in a Network Working Around Addressing Leaking More Specifics Smaller Summary Blocks Change the Logical Layout Summary Issues Summarization Black Holes Summary Suboptimal Routing Summary Metrics Redistribution Alternatives to IGP to IGP Redistribution Single Point of Redistribution Multiple Points of Redistribution Filters Tags Review Questions Part II Interior Gateway Protocols Chapter 3 EIGRP Network Design Deploying EIGRP on a Large-Scale Three-Layer Hierarchical Network Analyzing the Network Core for Summarization Summarizing from the Core to the Distribution Layer Summarizing into the Core at Its Edge Analyzing the Network Distribution Layer for Summarization Summarizing Toward the Network Core Summarizing Toward the Remote Sites Analyzing Routing in the Network Access Layer Single-Homed Sites Dual-Homed Remotes Analyzing Use of the Stub Feature in Access Routers Analyzing Routes to External Connections Analyzing Routes to the Common Services Area Analyzing Routes to Dial-In Clients Host Routes Bandwidth Issues Deploying EIGRP on a Two-Layer Hierarchical Network Summarization in the Core Summarization in the Aggregation Layer Summary of EIGRP Network Design New Features in EIGRP Third-Party Next Hop NBMA Hub-and-Spoke Network Redistributed Next Hop Enhanced Route Map Support Before Enhanced Route Map Support Route Map Enhancements Enhanced EIGRP Active Process Case Study: Summarization Methods IP Summary Addresses Distribute Lists Case Study: Controlling Query Propagation Case Study: A Plethora of Topology Table Entries Case Study: Troubleshooting EIGRP Neighbor Relationships EIGRP Neighbor Relationships: Common Problem 1 EIGRP Neighbor Relationships: Common Problem 2 Case Study: Troubleshooting SIA Routes Case Study: Redistribution Using Distribute Lists to Prevent Redistribution Routing Loops Using Route Maps to Prevent Redistribution Routing Loops Using Prefix Lists to Prevent Redistribution Routing Loops Setting the Administrative Distance to Troubleshoot Redistribution Routing Loops Using External Flags to Prevent Redistribution Routing Loops Case Study: Retransmissions and SIA The Hold Timer SIA Timer Interaction Between the Hold Timer and the SIA Timer Case Study: Multiple EIGRP Autonomous Systems Review Questions Chapter 4 OSPF Network Design Summarization and Aggregation Deploying OSPF on a Three-Layer Hierarchy The Core Routers as ABRs The Distribution Layer Routers as ABRs Mixing ABR Locations Deploying OSPF on a Two-Layer Hierarchy Reducing Flooding Through Stub Areas Stub Areas Totally Stubby Areas Not-So-Stubby Areas Totally NSSA Totally Stubby Not Really Full Areas When to Use Stub Areas Aggregating Routes in OSPF Filtering Routes in OSPF Deploying OSPF on Specific Topologies Redistribution into OSPF External Route Metrics External Route Selection at ABRs Route Selection Between Processes Full Mesh Topologies Hub-and-Spoke Topologies Treating the NBMA Interface as a Broadcast Interface Treating the NBMA Interface as a Set of Point-to-Point Interfaces Treating an NBMA Interface as a Broadcast Point-to-Multipoint Interface Treating an NBMA Interface as a Nonbroadcast Point-to-Multipoint Interface Summary of Interface and OSPF Link-Type Options Reducing Flooding to the Spokes Links Parallel to Area Boundaries Dial Links Point-to-point Broadcast Links Case Study: OSPF Externals and the Next Hop Case Study: Troubleshooting OSPF Neighbor Adjacencies Review Questions Chapter 5 IS-IS Network Design Deploying IS-IS on a Three-Layer Hierarchy The Entire Network as a Single Routing Domain The Core as the L2 Domain Merging the Core and Distribution Layers into Level 2 Mixing and Overlapping the Level 1/Level 2 Border Deploying IS-IS on a Two-Layer Hierarchy Working with IS-IS Routing Areas Leaking Routes into an L1 Routing Domain Aggregating Routes in IS-IS Deploying IS-IS on Specific Topologies Redistribution Full Mesh Topologies Hub-and-Spoke Topologies Point-to-Point Links Broadcast Interfaces Point-to-Point Broadcast Links Links Parallel to Area Boundaries Other Considerations in IS-IS Scaling Metrics Excessive Link-State Flooding LSP Corruption Maximum Number of Pseudonodes Prefix-Driven Routing Table Installation Hello Padding Suppression Case Study: Troubleshooting IS-IS Neighbor Relationships Review Questions Part II Advanced Network Design Chapter 6 BGP Cores and Network Scalability Case Study: Troubleshooting BGP Neighbor Relationships No IP Connectivity eBGP Multihop Other BGP Neighbor Problems Logging Neighbor Changes BGP in the Core Case Study: Sample Migration Scaling Beyond the Core Dividing the Network into Pieces Regional IGPs BGP Network Growing Pains BGP Update Generation Issues Reducing the Number of Updates Generated Case Study: Route Reflectors as Route Servers External Connections Case Study: Dual-Homed Connections to the Internet Load Sharing on the Outbound Side Load Sharing on the Inbound Side Being a Transit AS Case Study: Conditional Advertisement Case Study: Route Dampening Review Questions Chapter 7 High Availability and Fast Convergence Considerations in Fast Convergence Network Meltdowns Solving the Meltdown Designing Routing Protocols Not to Melt Do Not Report Everything You See Non-Stop Forwarding Graceful Restart EIGRP Graceful Restart OSPF Graceful Restart IS-IS Graceful Restart BGP Graceful Restart Fast Down Detection Detecting a Link or Adjacency Failure Using Polling Bidirectional Forwarding Detection Detecting a Link or Adjacency Failure Using Event-Driven Link Failure Notification SONET Frame Relay Ethernet Slowing Down When the Network Speeds Up Link-State Exponential Backoff Configuring OSPF Exponential Backoff for LSA Generation Configuring OSPF Exponential Backoff for Running SPF Configuring IS-IS Exponential Backoff IP Event Dampening Configuring IP Event Dampening Calculating the Route Faster EIGRP Feasible Successors Link-State Partial SPF Link-State Incremental SPF Deploying GR and Fast Convergence Technologies Graceful Restart Versus Fast Down Detection How Fast Can GR Work? Balancing Between GR and Fast Down Detection Deploying Graceful Restart with BGP and an Interior Gateway Protocol (IGP) Deploying Exponential Backoff for Fast Convergence Setting SPF Exponential Backoff Timers Review Questions Chapter 8 Routing Protocol Security Fundamentals of Routing and Security Understanding What a Routing System Is Thoughts on Authorization and Authentication Defining Authentication and Authorization Transiting Authentication and Authorization Transiting Authorization in a Routing System Trust and Security Determining the Reasons for an Attack on the Routing System Types of Attacks Against Routing Systems Disrupting Peering Transport-Level Attacks Against OSPF and IS-IS Transport-Level Attacks Against EIGRP Transport-Level Attacks Against Border Gateway Protocol (BGP) Protocol-Layer Attacks Falsifying Routing Information Disrupting Routing Domain Stability Protecting Routing Domain Legitimacy Protecting Routers from Being Compromised Use Passwords Filter Access to Routers Protecting Against Illegitimate Devices Joining the Routing Domain MD5 Authentication Issues with MD5 Peer Authentication IPSec Protecting Routers from Denial-of-Service Attacks Edge Filters The Generalized TTL Security Mechanism Protecting Routing Information Extranet Connections Use an Exterior Gateway Protocol for All Extranet Connections Filter Routes Aggressively at the Extranet Edge Dampen Prefixes Aggressively at the Extranet Edge Limiting Route Count at the Extranet Edge Connections to the Internet Route Filtering Protecting Against Transit Route Dampening Future Directions in Routing Protocol Security Protecting Against Illegitimate Devices Joining the Routing Domain Secure Origin BGP (soBGP) Begin at the Beginning: Who Are You? The First Goal: Are You Authorized? The Second Goal: Do You Really Have a Path? Review Questions References Chapter 9 Virtual Private Networks MPLS MPLS Basics Overlay Routing over MPLS VPNs Peer-to-Peer (Redistributed) Routing over MPLS VPNs BGP/MPLS VPNs EIGRP OSPF IPSec GRE NHRP Case Study: NHRP in an ATM Network Dynamic Multipoint IPSec VPNs Review Questions References Part II Appendixes Appendix A EIGRP for IP Basics of Operation Appendix B OSPF Basics of Operation Appendix C Integrated IS-IS Basics of Operation Appendix D Border Gateway Protocol 4 Basics of Operation Appendix E IP Network Design Checklist Appendix F Answers to Review Questions Appendix G Which Routing Protocol? Index