* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download TDC 563-98-301/302, Spring 2002 2-14 TDC 563-98
Survey
Document related concepts
Wireless security wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Computer network wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Serial digital interface wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Transcript
Unit 2: Interior Routing Protocols: RIP and OSPF • Introduction to Cisco Router Configuration • RIP – RIP-1 v.s. RIP-2 – RIP for IPv6 • OSPF – Review of link state routing – Modified Dijkstra’s algorithm for finding multiple paths – Packet types • LSA (Link state advertisements) • Lollipop Sequence number • OSPF for IPv6 (Section 6.7. Read on your own) TDC 563-98-301/302, Spring 2002 2-1 Cisco Router Configuration Glossary Of Terms And Acronyms Cisco IOS - Cisco Internetworking Operating System CLI - Command Line Interface EXEC - Command line session to the router (could be console, modem, or telnet) Flash - Non-Volatile Memory used to store IOS software image NVRAM- Non-Volatile RAM used to store router configuration RAM - Random Access Memory TDC 563-98-301/302, Spring 2002 2-2 CLI Architecture • CLI can be accessed through one of the following • console connection • modem connection, or • a telnet session. • referred to as an EXEC session • user EXEC level – limited amount of basic monitoring • privileged EXEC level – access all router commands, including critical commands such as configuration and management. Router> enable Password: [enable password] Router# disable Router> TDC 563-98-301/302, Spring 2002 2-3 Global Command: A single-line command that affects the function of the whole unit Configuration mode Major Command: A command that indicates a particular interface or process that is being configured. It must be followed by subcommands. TDC 563-98-301/302, Spring 2002 Subcommand: used after a major command to configure a process or interface 2-4 CLI Editor Features Context Sensitive Help • question mark (?) to get help • Word help - obtain a list of commands that begin with a particular character sequence. Example: Router# co? configure connect copy • Command syntax help - obtain a list of command, keyword, or argument options that are available based on the syntax the user has already entered. Enter a question mark (?) in the place of a keyword or argument. Example: Router# configure ? memory Configure network Configure overwrite-network Overwrite terminal Configure <cr> TDC 563-98-301/302, Spring 2002 from NV memory from a TFTP network host NV memory from TFTP network host from the terminal 2-5 Command Syntax Check • router will inform the user and indicate where the syntax error has occurred. A caret symbol (^) will appear underneath the incorrect command, keyword, or argument. Example: Router(config)#interface ethernat ^% Invalid input detected at '^' marker. Command Abbreviation Commands and keywords can be abbreviated to the minimum number of characters that identifies a unique selection. For example, you can abbreviate the "configure" command to "conf" because "configure" is the only command that begins with "conf". You could not abbreviate the command to "con" because more than one command could fit this criteria. The router will issue the following error message if you do not supply enough characters. cisco(config)#I % Incomplete command TDC 563-98-301/302, Spring 2002 2-6 Hot Keys (See more on page 13 in the text) Backspace - Removes one character to the left of the cursor. TAB - Finishes a partial command. Ctrl-A - Moves the cursor to the beginning of the current line. Ctrl-R - Redisplays a line. Ctrl-U - Erases a line. Ctrl-W - Erases a word. Ctrl-Z - Ends configuration mode and returns to the EXEC. Up Arrow - Allows user to scroll forward through former commands. - Allows user to scroll backward through former commands. Down Arrow TDC 563-98-301/302, Spring 2002 2-7 Router Configuration Entering Configurations: An example Router> enable - switches to privileged EXEC level Router# configure terminal - switches to global configuration level Router(config)# enable secret cisco - configures router with an enable secret (global) Router(config)# ip route 0.0.0.0 0.0.0.0 20.2.2.3 - configures a static IP route (global) Router(config)# interface ethernet0 - switches to configure the ethernet0 interface Router(config-if)# ip address 10.1.1.1 255.0.0.0 - configures an IP address on ethernet0 (interface) Router(config-if)# no shutdown - activates ethernet0 (interface) Router(config-if)# exit - exits back to global configuration level Router(config)# interface serial0 - switches to configure the serial0 interface Router(config-if)# ip address 20.2.2.2 255.0.0.0 - configures an IP address on serial0 (interface) Router(config-if)# no shutdown - activates serial0 (interface) Router(config-if)# exit - exits back to global configuration level Router(config)# router rip - switches to configure RIP routing engine Router(config-router)# network 10.0.0.0 - adds network 10.0.0.0 to RIP engine (routing engine) Router(config-router)# network 20.0.0.0 - adds network 20.0.0.0 to RIP engine (routing engine) Router(config-router)# exit - exits back to global configuration level Router(config)# exit - exits out of configuration level Router# copy running-config startup-config - saves configuration into NVRAM Router# disable - disables privileged EXEC level Router> - indicates user is back to user EXEC level TDC 563-98-301/302, Spring 2002 2-8 Table 3.1 in text Command Description Configure terminal Executes configuration commands from the terminal. Use this command to make changes to the configuration file from the console port or a telnet session. Once changes are entered, press <Ctrl-Z> to end the update mode session. Configure memory Executes configuration commands stored in NVRAM Configure network Retrieves configuration commands are stored in a network server and load that configuration into memory. You will be prompted for the IP address of the TFTP (Trivial FTP) server to connect to, as well as the configuration filename. TDC 563-98-301/302, Spring 2002 2-9 Removing Commands / Resetting Default Values navigate to the proper location and type "no" followed by the command to be removed. Router> enable Router# configure terminal Router(config)# interface ethernet0 Router(config-if)# no ip address Router(config-if)# exit Router(config)# exit Router# disable Router> - switches to privileged EXEC level - switches to global configuration level - switches to configure the ethernet0 interface - removes IP address - exits back to global configuration level - exits out of configuration level - disables privileged EXEC level - prompt indicates user is back to user EXEC level Some configuration commands in IOS are enabled by default and assigned a certain default value. When left at the default value, these commands will not be displayed when the configuration is listed. If the value is altered from the default setting, issuing a "no" form of the command will restore the value to the default setting. TDC 563-98-301/302, Spring 2002 2-10 Saving Configurations •configurations in two locations - RAM and NVRAM. •The running configuration is stored in RAM. •Any configuration changes to the router are made to the running-configuration and take effect immediately after the command is entered. •The startup-configuration is saved in NVRAM and is loaded into the router's runningconfiguration when the router boots up. • To save the running-configuration to the startup configuration, type the following from privileged EXEC mode (i.e. at the "Router#" prompt.) Router# write mem TDC 563-98-301/302, Spring 2002 2-11 Router Management Some common commands for displaying information. Displaying Configurations Router#sh conf - show NVRAM configuration Router#wri term - Display running configuration Displaying Software Version And More Software Version - IOS software version (stored in flash) Bootstrap Version - Bootstrap version (stored in Boot ROM) System up-time - Time since last reboot System restart info - Method of restart (e.g. power cycle, crash) Software image name - IOS filename stored in flash Router Type and Processor type - Model number and processor type Memory type and allocation (Shared/Main) - Main = Processor RAM - Shared = Packet I/O buffering Software Features - Supported protocols / feature sets Hardware Interfaces - Interfaces available on router Configuration Register - Bootup specifications, console speed setting, etc. TDC 563-98-301/302, Spring 2002 2-12 Example output of Router#wri TDC 563-98-301/302, Spring 2002 term 2-13 TDC 563-98-301/302, Spring 2002 2-14 Displaying Interface States To view information about a particular interface, use the show interface command. The show interface command provides the following list of important information: Interface State (e.g. UP, DOWN, LOOPED) Protocol addresses Bandwidth Reliability and Load Encapsulation type Packet Rates Error Rates Signaling Status (i.e. DCD,DSR,DTR,RTS,CTS) TDC 563-98-301/302, Spring 2002 2-15 TDC 563-98-301/302, Spring 2002 2-16 RIP1 (RFC 1058) and (RFC 1388) RIP2 distance-vector protocol using hop-count as metric infinity value is 16 hops announces (distance vectors) sent to neighbors every 30 seconds; time out in 180 sec every split horizon with poisoned reverse encapsulated in UDP: Well known port 520 Included in RIP-maintained routing table: - address of (net/subnet/host) destination - metric associated with destination 2 - address of next hop router - recently-updated flag-updated flag - several timers several timers FC TDC 563-98-301/302, Spring 2002 2-17 RIP-1 Message Format Supposed to support a variety of protocols. But in practice only TCP/IP uses it. Figure 13-8 Response message TDC 563-98-301/302, Spring 2002 2-18 RIP-2 •compatible upgrade to RIP v1 including subnet routing, authentication, CIDR aggregation, route tags and multicast transmission t •RFC 2453 includes background and protocol definition Subnet Support •RIP-1 supports subnet routes only within the subnetted network (suing single subnet mask) •RIP-2 includes subnet mask in the messages. This allows for subnet knowledge outside subnet Distinguish •More convenient partitioning using variable-length subnets TDC 563-98-301/302, Spring 2002 multiple domains running on the same wire/subnet 2-19 Routing per subnet 10.1.0.0 (255.255.0.0) A B 10.0.0.0 (255.0.0.0) E F 10.0.0.0 (255.0.0.0) C D 10.2.0.0 (255.255.0.0) TDC 563-98-301/302, Spring 2002 2-20 Next Hop Authentication RIP-1 is completely not secure; anyone can act as a router just by sending RIP-1 messages (e.g. advertise cost 0 and everyone will use that route) RIP-2 supports generic notion of authentication, but only “password” is defined so far. Still not very secure. At least prevents some “accidents” reasonably well TDC 563-98-301/302, Spring 2002 2-21 Authentication TDC 563-98-301/302, Spring 2002 2-22 Variable-length subnetting TDC 563-98-301/302, Spring 2002 2-23 Multicasting Broadcast on a local link will be sent to all nodes including hosts RIP-2 uses 224.0.0.9 – Multicast address to routers only 3 modes: oSend RIP-1 packets in broadcast mode - When most routers are not yet upgraded) oSend RIP-2 packets in broadcast mode - When some routers are still RIP-1) oSend RIP-2 packets in multicast mode – When all routers are upgraded to RIP-2 RIPng for IPv6 Almost the same as IPv6 except The use of Ipv6 security instead of RIPv2 authentication entries Change in the packet formats in order to carry the longer Ipv6 addresses (Skip section 5.6) TDC 563-98-301/302, Spring 2002 2-24 Some Cisco commands related to configuration of RIP • router1 (config)# router rip enable rip routing process router1 (config-router) network A.B.C.D • router1 (config-router)# passive interface S0 stop router sending updates through this interface • router1 (config-router)#neighbor W.X.Y.Z allow updates to be sent to a neighbor connected by a non-broadcast network • router1# show ip route • router1# show ip protocol TDC 563-98-301/302, Spring 2002 2-25 Link State Routing • Dynamic • Sharing knowledge about the neighborhood- link states: who I am directly connected to and the distance (based on minimum delay, maximum throughput, cost, hop counts etc.) • Sharing with every other router – broadcast by flooding • Sharing when there is a change • OSPF (Open Shortest Path First), the newer Internet routing protocol is an example. • General steps – – – – – Hello: discovering reachability Build link state packets (advertisements) Broadcast the link state packets: initially and when there are changes Build a map from the received link state packets From the map calculate the shortest path TDC 563-98-301/302, Spring 2002 2-26 Multiple metrics Can support fine-grained metrics (vs. RIP) Multiple metrics oThroughput, Delay, Cost, Reliability Can computer a different routing table for each metric. OSPFv2 supports an extension that allows the metric to be used specified in the packet. OSPF: Areas within an AS •Backbone router: connect only to the backbone area (Area 0) •Area border router: attaches to multiple areas. •Internal router: all interfaces connected to the same area. •AS boundary router: connect to other ASes TDC 563-98-301/302, Spring 2002 2-27 Area 0 Example Cisco configuration: Router1 e0/0 120.1.1.1 Router2 e0/0 120.1.1.2 Router2 e0/1 150.1.1.1 Area 1 Router3 e0/0 150.1.1.2 OSPF process ID Router1: Router1(config)# router ospf 10 Router1(config-router)# network 120.0.0.0 0.255.255.255 area 0 Wildcard mask: like an inverse subnet mask Router2: Router2(config)# router ospf 10 Router2(config-router)# network 120.0.0.0 0.255.255.255 area 0 Router2(config-router)# network 150.1.0.0 0.0.255.255 area 1 Router3: Router3(config)# router ospf 10 Router3(config-router)# network 150.1.0.0 0.0.255.255 area 1 TDC 563-98-301/302, Spring 2002 2-28 Point-to-point link TDC 563-98-301/302, Spring 2002 2-29 Transient link Stub link Virtual link: When the link between two routers is broken, a virtual link can be created to go through other routers (usually more than one). TDC 563-98-301/302, Spring 2002 2-30 An Example Internet Graphical representation of the internet 5 TDC 563-98-301/302, Spring 2002 5 2-31 Dijkstra’s Algorithm 1. Initialize the set E to contain only the source node S and R to contain all other nodes. Initialize the list of paths O to contain the one segment paths starting from S. Each of these paths has a cost equal to the corresponding link’s metric. Sort list O by increasing metrics. 2. If list O is empty, or if the first path in O has an infinite metric, mark all nodes left in R as unreachable. The algorithm has terminated. 3. First examine P. the shortest path in list O. Remove P from O. Let V be the last node in P. If V is already in set E, continue at step 2. Otherwise, P is the shortest path to V. Move V from R to E. 4. Build a set of new candidate paths by concatenating P and each of the links starting from V. The cost of these paths is the sum of the cost of P and the metric of the link appended to P. Insert the new links in the ordered list O, each at the rank corresponding to its cost. Continue at step 2. TDC 563-98-301/302, Spring 2002 2-32 Permanent (E) (each cell includes the entries in the previous rows) A Tentative (R) Paths (O) N1 [A N1 (5)] B, C, D, E, F, N1, N2, N3, N4, N5 B, C, D, E, F, N2, N3, N4, N5 B [A N1B (5)] C, D, E, F, N2, N3, N4, N5 C [A N1C (5)] D, E, F, N2, N3, N4, N5 N2 [AN1CN2 (7)] D, E, F, N3, N4, N5 D [AD (8)] E, F, N3, N4, N5 E [AN1BE (10)] F, N3, N4, N5 N3 [ADN3 (10)] F, N4, N5 Shortest path already exists to E F, N4, N5 F [ADN3F (10)] N4, N5 N4 [AN1BEN4 (12)] N5 Shortest path already exists to N3 N5[ADN3FN5 (15)] N5 A N1 (5) A D (8) AN1B (5) AN1C (5) AD (8) AN1C (5) AD (8) AN1BE (10) AN1CN2 (7) AD (8) AN1BE (10) AD (8) AN1BE (10) AN1BE (10) ADN3 (10) ADN3 (10) AN1BEN4 (12) AN1BEN3 (15) ADN3E (10) ADN3F (10) AN1BEN4 (12) AN1BEN3 (15) ADN3F (10) AN1BEN4 (12) AN1BEN3 (15) AN1BEN4 (12) AN1BEN3 (15) ADN3FN5 (15) AN1BEN3 (15) ADN3FN5 (15) ADN3FN5 (15) TDC 563-98-301/302, Spring 2002 2-33 Multiple paths using a modification of Dijkstra’s Algorithm (Equal Cost) 1. Initialize the set E to contain only the source node S and R to contain all other nodes. Initialize the list of paths O to contain the one segment paths starting from S. Each of these paths has a cost equal to the corresponding link’s metric. Sort list O by increasing metrics. 2. If list O is empty, the algorithm has terminated. 3. First examine P. the shortest path in list O. Remove P from O. Let V be the last node in P. If V is already in set E, check continue at step 4. Otherwise, P is the shortest path to V. Move V from R to E. Continue at step 5. 4. If the metric of path P between S and V is equal to the previously computed distance between S and V, we have found an “equal cost path” to V. If it is larger, we should ignore P. In all cases, continue at step 2. 5. Build a set of new candidate paths by concatenating P and each of the links starting from V. The cost of these paths is the sum of the cost of P and the metric of the link appended to P. Insert the new links in the ordered list O, each at the rank corresponding to its cost. Continue at step 2. TDC 563-98-301/302, Spring 2002 2-34 Permanent (E) (each cell includes the entries in the previous rows) A Tentative (R) Paths (O) N1 [A N1 (5)] B, C, D, E, F, N1, N2, N3, N4, N5 B, C, D, E, F, N2, N3, N4, N5 B [A N1B (5)] C, D, E, F, N2, N3, N4, N5 C [A N1C (5)] D, E, F, N2, N3, N4, N5 N2 [AN1CN2 (7)] D, E, F, N3, N4, N5 D [AD (8)] E, F, N3, N4, N5 E [AN1BE (10)] F, N3, N4, N5 A N1 (5) A D (8) AN1B (5) AN1C (5) AD (8) AN1C (5) AD (8) AN1BE (10) AN1CN2 (7) AD (8) AN1BE (10) AD (8) AN1BE (10) AN1BE (10) ADN3 (10) ADN3 (10) AN1BEN4 AN1BEN3 ADN3E (10) ADN3F (10) AN1BEN4 AN1BEN3 ADN3F (10) AN1BEN4 AN1BEN3 AN1BEN4 AN1BEN3 ADN3FN5 AN1BEN3 ADN3FN5 ADN3FN5 N3 [ADN3 (10)] F, N4, N5 E [ADN3E (10)] (An additional shortest path. Do not expand) F [ADN3F (10)] F, N4, N5 N4 [AN1BEN4 (12)] N5 The above path to N3 is longer than the existing shortest path ignore N5[ADN3FN5 (15)] N5 TDC 563-98-301/302, Spring 2002 N4, N5 (12) (15) (12) (15) (12) (15) (12) (15) (15) (15) (15) (15) 2-35 OSPF Packet Types •Hello: Establishes and maintains neighbor relationships. •Database Description: When a router just came up, it cannot wait for all link state packets. Neighbors will send it a database description (not the full database but like an outline). From this, the router can then ask for information it does not have. Describes the contents of the topological database. •Link-state Request: Requests pieces of the topological database from neighbor routers. These messages are exchanged after a router discovers (by examining database-description packets) that parts of its topological database are out of date. •Link-state Update: Responds to a link-state request packet. These messages also are used for the regular dispersal of LSAs. Several LSAs can be included within a single link-state update packet. •Link-state Acknowledgment: Acknowledges link-state update packets. TDC 563-98-301/302, Spring 2002 2-36 Link-state advertisement types •Router Links (RL) are generated by all routers. These links describe the state of the router interfaces inside a particular area. These links are only flooded inside the router's area. •Network Links (NL) are generated by a DR (Designated Router) of a particular segment; these are an indication of the routers connected to that segment. •Summary Links (SL) are the inter-area links (type 3); these links will list the networks inside other areas but still belonging to the autonomous system. Summary links are injected by the ABR (Area Border Router) from the backbone into other areas and from other areas into the backbone. These links are used for aggregation between areas. •Asbr-summary links are type 4 links that point to the ASBR (Autonomous System Boundary Router). This is to make sure that all routers know the way to exit the autonomous system. •External Links (EL), these are injected by the ASBR into the domain. TDC 563-98-301/302, Spring 2002 2-37 Router Link – defines the links of a true router Router Link LSA (6.5.2 in text) = 1 ExternalRoutingCapability (eg. Non-stop area, backbone etc.) = 1 Border Router (Details later) (Depends on type of link) (Depends on type of link) (Default) (Type of Service) TDC 563-98-301/302, Spring 2002 2-38 Link Type Type 1: Pointto-point connection to another router Type 2: Connection to any-to-any network Type 3: Connection to stub network Type 4: Virtual link TDC 563-98-301/302, Spring 2002 Link Identification Address of neighbor router Link Data Interface number Address of designated router Router address Network address Network mask Address of neighbor router Router address 2-39 Network link – defines the links of a network. Network links (6.5.3 in text) (All attached routers) TDC 563-98-301/302, Spring 2002 2-40 Summary link to network Summary link to AS boundary router TDC 563-98-301/302, Spring 2002 2-41 Summary links (6.5.4 in text) to network or to AS boundary router or Type: 4 (All 0’s for type 4) External link TDC 563-98-301/302, Spring 2002 2-42 External links (6.5.5 in text) (May provide a better route) (Used by other protocols) Multiple Areas: Example TDC 563-98-301/302, Spring 2002 2-43 LSA (Link State Advertisement) header Link state age: # of sec since the message is generated E flag: set to 0 for a stub area. E stands for external capability T flag: set if the router can handle multiple types of service Link state ID: Depends on the link state type. Usually an IP address of a router or network. Advertising router: IP address of the advertising router Link state checksum: cover the entire packet except for the age field Length: Length of the whole packet in bytes TDC 563-98-301/302, Spring 2002 2-44 Problem: router failure • A failed router and comes up but does not remember the last sequence number it used before it crashed • New LSPs may be ignored if they have lower sequence number (sequence number wraps around) One solution: LSP Aging • Nodes periodically decrement age of stored LSPs • LSPs expire when TTL reaches 0 – LSP is re-flooded once TTL = 0 • Rebooted router waits until all LSPs have expired • Trade-off between frequency of LSPs and router wait after reboot – Age too small frequent updates – Age too large router wait long time on rebooting TDC 563-98-301/302, Spring 2002 2-45 A better solution: Lollipop sequence space Let N = 232/2 = 231. Divide sequence space into 3 spaces: – -N + 1 to 0 (negative space) – 0 to N-2 (positive space) – -N and N-1 (illegal) • Router comes up and starts with –N+1, then –N+2 etc. • When seq number becomes positive, wrap around and stay in the positive space • Suppose a < b: a is older than b if: –a<0 – a > 0 and b - a < (N-1)/2, (i.e., smaller than a half circle) a is newer otherwise TDC 563-98-301/302, Spring 2002 2-46 Lollipop cont. • Newly booted router always starts with oldest seq num (-N + 1) • New rule: – if router R1 gets older LSP from router R2, R1 informs R2 of the seq number in R1’s LSP • Newly booted router discovers its seq number before it crashed and resumes • Aging still needed to flush out old states: – suppose a router is down but not detected – net partitions and then heals TDC 563-98-301/302, Spring 2002 2-47