Chapter 3

ROUTING PROTOCOLS
CONFIGURATION
 Introduction

Routing

a process accomplished by router

process during which data packets are forwarded from

one machine or device

Selecting the minimum cost, distance, and/or time path

from several alternatives to deliver a message.

Routing encapsulates two tasks:

deciding the paths for data transferred (use protocols-

metrics, bandwidth, delay, reliability and algorithms),

and
sending the packets on these paths
 How routing works
PC2 want to send data to PC3
PC2 forward the packet to router 5 fa0/0
interface
Router5 determine the best path(next hop) by
referring its routing table
Router5 transfer the packet to next hop(router)
The next hop router encapsulate the message ,
see the destination address and to determine
the best path for forwarding the message
 Routing Table
A type of data table that acts as a map, often
installed on a router, network computer or other
hardware
It is where data about the neighboring
routers(next hop) is stored and used to
calculate and decide where to send the packet.
It contains list of IP addresses and subnet
masks which identifies directly connected and
remote routers
Home networks: utilize a very small routing
table because the simply forward all outbound
traffic to ISP gateway (10 or fewer)
Largest routers at the core of the internet
backbone must contain the full Internet routing
table (>100000)
 Routing Table designing
challenges
Fixed memory
Issue of working with ARP cache & correctly
maintaining list of available routs for data
Black holes causes ineffective delivery
Structures of Routing table
Destination Subnet mask Interface
 128.75.43.0 255.255.255.0 Eth0
 128.75.43.0 255.255.255.128 Eth1
 192.12.17.5 255.255.255.255 Eth3
 default Eth2
 Types of routing

Static Routing
Routing table is created maintained and updated
by Network Administrator
Does not use routing protocol
Dynamic Routing
Information in routing table is changed
dynamically by router itself using routing
protocols
 Advantage and Disadvantages of
Static routing
Advantages
Minimal cpu/memory overhead-do not calculate best
path
No bandwidth overhead-updates are not shared
between routers
Adds security-granular control on how traffic is
routed
Disadvantage
Infrastructure changes must be manually adjusted
No “dynamic” fault tolerance-if a link goes down the
admin is responsible
Impractical in large networks
Configuration syntax
ip route [destination_network] [mask] [next-
hop_address or exit interface]
 Default Route
When the router is unable to find a matching
address to the packets destination address in
its routing table, it forwards the packet to its
exit interface or next hop address configured
with a default route 0.0.0.0/0.
Syntax
ip route 0.0.0.0 0.0.0.0 [next-hop_address
or exit interface]
 Dynamic Routing
Use routing protocol: software & routing algorithms
to determine best path and construct routing table
Routers dynamically learn destinations and how to
get them & advertize those destinations to other
routers (if they use the same routing protocol)
Advantages
Simpler to configure on large networks
Dynamically choose a different route if a link goes
down
Ability to load balance b/n multiple links
Disadvantage
Updates are shared b/n routers, thus consuming
bandwidth
Routing protocols put additional load on routers
CPU/RAM
 Types of Dynamic routing
1. Distance Vector Routing Protocols (DVRP)
2. Link State Routing Protocol (LSRP)
Distance Vector Routing Protocol
 find the best path to a remote network by judging
distance
 route with the least number of hops to the network
is determined to be the best route.
 They send the entire routing table to directly
connected neighbors.
key characteristics:
Periodic updates of the full routing table are sent to routing
neighbors. Example RIP (every 30 seconds),IGRP(every 90
seconds)
Distance-vector protocols suffer from slow convergence, and
are highly susceptible to loops.
Some form of distance is used to calculate a route’s metric.
The Bellman-Ford algorithm is used to determine the shortest
path.
 Link State Routing Protocol
 Called shortest-path-first protocols
 each router create three separate tables
(utilize more RAM and CPU)
Neighbor table – contains a list of all neighbors, and the
interface each neighbor is connected. Neighbors are
formed by sending Hello packets.
Topology table – also known as the “link-state” table
contains a map of all links within an area, including each
link’s status.
Shortest-Path table – contains the best routes to each
particular destination (also known as the “routing” table”)
All routers within an area have identical topology
tables.
Examples are:
Intermediate System-to-Intermediate System (IS-IS) and
Open Shortest Path First (OSPF)
The state of a link changes, such as a router
interface failing, an advertisement containing only
this link-state change will be sent to all routers
within that area. Each router will adjust its topology
table accordingly, and will calculate a new best
route if required.
Because updates are sent only during a link-state
change, and contain only the change (and not the
full table), link-state protocols are less bandwidth
intensive than distance-vector protocols
Link-state protocols utilize some form of cost,
usually based on bandwidth, to calculate a route’s
metric.
The Dijkstra formula is used to determine the
shortest path.

Static VS Dynamic routing

 Administrative distances, metric and wild mask
Administrative Distance
 the metric used by routers to choose the best path when
there are two or more routes to the same destination
from two different routing protocols
 Each routing protocol is prioritized in order of most to least
reliable using an administrative distance value.
 A router prefers a static route to a dynamic route because the
router considers a route with a low number to be the shortest
 To override the AD of static route, change the default AD
during configuration to >120
 An AD is an integer from 0 to 255, where 0 is the most
trusted and 255 means no traffic will be passed via this route.
 If a router receives two updates listing the same remote
network, then the route with the lowest AD will be placed in
the routing table. If the AD is the same, then routing protocol
metrics (such as hop count or bandwidth of the lines) will be
used to find the best path to the remote network
 Default Administrative Distances

Metric
is a value used by routing protocols to assign costs
to reach remote networks.
 Each routing protocol uses its own metric. For
example, RIP uses hop count, EIGRP uses
bandwidth and delay, and OSPF uses bandwidth.
 Wild Card Mask
 A wildcard mask can be thought of as a subnet mask,
with ones and zeros inverted;
 for example, a wildcard mask of 0.0.0.255
corresponds to a subnet mask of 255.255.255.0.
Used in OSPF,ACL to indicate the size of a network or
subnet and what IP addresses should be permitted or
denied respectively
To calculate wildcard mask
 Simply subtract your mask from 255.255.255.255 to get
your wildcard mask.
Example:
The wildcard mask of /26 is:
255.255.255.255 - 255.255.255.192 = 0.0.0.63
The wildcard mask of /19 is:
255.255.255.255 - 255.255.224.0 = 0.0.31.255
The wildcard mask of /12 is:
255.255.255.255 - 255.240.0.0 = 0.15.255.255
 Routing Information Protocol (RIP)
 distance-vector, interior gateway protocol (IGP) used
by routers to exchange routing information
 uses hop count to determine the best path
 maximum allowable number of hops are 15 hops
 Hop Count = routers and also Firewall that are Routers
 router broadcasts (RIP v1) its entire RIP table to its
neighboring routers every 30 seconds
 Administrative distance of 120
 Suitable for small network
RIPv1
 It is a classful protocol .Because it doesn’t send updates with
subnet mask information.
 RIP supports up to six equal-cost paths to a single
destination and use them for load-balancing. (default four
paths)
 Use broadcast
 Outdated
 RIPv2
RIPv2 uses multicasts (only to neighbor routers

configure with RIPv2)

RIPv2 supports triggered updates—when a

change occurs, a RIPv2 router will immediately

propagate its routing information to its connected
neighbors.
RIPv2 is a classless protocol. (supports VLSM)

RIPv2 supports authentication. You can restrict

what routers you want to participate in RIPv2. This

is accomplished using a hashed password value
Cont.
Plain Text Authentication

R1(config)#interface serial 1/0

R1(config-if)#ip rip authentication mode text

R1(config-if)#ip rip authentication key yourkey

MD5 Authentication

R1(config)#interface s1/0

R1(config-if)#ip rip authentication mode MD5

R1(config-if)#ip rip authentication key-chain yourkey

 RIP Timers
 uses four different kinds of timers to regulate its
performance
 Route update timer: routing updates are updated
periodically in every 30 seconds.
 Hold-down timer: Routes will enter into the hold-down
state when an update packet is received that indicated
the route is unreachable. The default is 180 seconds.
 Route invalid timer: the length of time that must elapse
(180 seconds) before a router determines that a route has
become invalid.
 Route flush timer: the time between a route becoming
invalid and its removal from the routing table (240 seconds).
 RIP Configuration

RIPv1 RIPv2
router rip router rip
network Network_Address version 2
network Network_Address

Use no auto-summary command to disable

automatic summarization feature
show ip protocols and show ip route commands
are important for verification and troubleshooting on
any routing protocol.
show ip rip database: Lists all the routes known by
RIP
debug ip rip or debug ip rip {events}: Displays
RIP routing updates as sent and received in real time
 Next-Interior Gateway Routing
Protocol (IGRP)
is a dynamic class routing protocol used by
autonomous system (AS) routers running on
TCP/IP hosts
overcomes RIP network limitations and
supports multiple routing metrics, including
delay, bandwidth, load and reliability
updates are broadcast every 90 seconds
(by default).
Uses composite metrics
Uses multipath routing
Supports unequal-cost load balancing
the administrative distance of IGRP is 100
 Enhanced Interior Gateway Routing Protocol (EIGRP)
 owned by Cisco and operate only on their devices.
 advanced distance vector routing protocol & supports link
state/hybrid.
 Its’s goals are to provide a loop-free routing environment
and rapid convergence.
 A classless routing protocol
 use a composite metric (bandwidth and delay).
Bandwidth
 The bandwidth metric (1544 Kbps) is a static value used by
some routing protocols such as EIGRP and OSPF to calculate their
routing metric.
Kilobits per second (Kbps).
Most serial interfaces use the default bandwidth value of 1544
Kbps or 1,544,000 bps (1.544 Mbps).
Delay
 Delay is a measure of the time it takes for a packet to
traverse a interface
R1# show route. serial 0/0/0
Based on omitted>
<output the type of link, the interface
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
Expressed in microseconds (millionths of a second).
 use Reliable Transport Protocol (RTP- capable of
transmitting both multicast and unicast) updates
 uses a diffusing update algorithm (DUAL) to avoid loops
and send occasional hello packets to check the status
of neighbor routers
 Supports discontinuous(alternating) network
Supports all layer 3 protocols (IPv4, IPX, and IPv6)
 the administrative distance of EIGRP is 90
 It uses neighbor table, topology table and route
tables for route discovery
EIGRP Configuration
router eigrp AS_No
network Network_Address | network Network_Address Wildcard mask

 AS_No(Autonomous System number) can be any number

in the range from 1 to 65535 both inclusive.
 debug eigrp packet: displays transmission and receipt
of all EIGRP packets
 Open Shortest Path First (OSPF)
 Is a Classless Interior Gateway Routing Protocol that routes IP
packets within a single routing network domain only (area)
 A link state routing protocol that do not send frequent
periodic updates of the entire routing table
 it sends an update only when a change in the topology occurs
(multicasting)
 OSPF performs a full update every 30 minutes.
 uses the SPF (Dijkstra's algorithm) to calculate the shortest
connection path. For example, a person in city A wants to
travel to city M and is given two options:
Travel via cities B and C. The route would be ABCM. And the
distance (or bandwidth cost in the networking case) for A-
B is 10 miles, B-C is 5 miles and C-M is 10 miles.
Travel via city F. The route would be AFM. And the distance
for A-F is 20 miles and F-M is 10 miles.
ABCM with metric of (10+5+10=25) considered as best
path than AFM (20+10=30)
.
OSPF uses bandwidth to determine the cost of a
link. A link with higher bandwidth results in a
lower cost. The lowest cost route to a
destination is the most desirable path
AD value is 110
has unlimited hop counts
OSPF maintains a two layer hierarchy
consisting of:
Backbone area(area 0)
Off backbone area
( area 1 -65, 535)
OSPF Configuration
router ospf process-id.
network Network_Address Wildcard_mask area
0
The process ID is chosen by the administrator
and can be any number from 1 to 65535. It is
only
Name Class locally significant
Type AD andClassful/
Metric does not haveTransport
Algorithm to type
match the ID of other OSPF less routers.

RIPv1 Distance Vector IGP 120 Hop count Classful Bellman-Fold UDP/520

RIPv2 Distance Vector IGP 120 Hop count Classless Bellman-Fold UDP/520

IGRP Distance Vector IGP 100 Composite Classful Dijkstra(SPF) IP Protocol 9

(BW+DLY)

EIGRP Advanced IGP 90 (internal) Composite Classless DUAL EIGRP Protocol 88

Distance Vector (BW+DLY)
170(external)
OSPF Link State IGP 110 Cost Classless Dijkstra(SPF) OSPF Protocol 89
 Access Control List(ACL)

 ACLs are lists of conditions used to test network traffic that

tries to travel across a router interface. These lists tell the
router what types of packets to accept or deny.
 The router examines each packet and will
forward or discard it based on the
`
conditions specified in the ACL.
 An ACL used to
 filter traffic i.e. permit/deny traffic
 Identify traffic i.e. include/exclude traffic

Primary reasons
 Limit network traffic and increase network
performance.
 Provide traffic flow control. ACLs can restrict the
delivery of routing updates.
 Provide a basic level of security for network access.
 Decide which types of traffic are forwarded or
blocked at the router interfaces.
Like: e-mail traffic to be routed, but block all Telnet
traffic.
 inbound and outbound
interfaces
S 0/0 OUT In S 0/1

F0/0 In OUT F0/0

 How ACL work?
 ACL statements operate in sequential, logical order.
 If a condition match is true, the packet is permitted or
denied and
the rest of the ACL statements are not checked.
 If all the ACL statements are unmatched, an implicit deny
any statement is placed at the end of the list by
default.

Type of ACL’s
 Standard ACLs
 VTY ACLs
 Extended ACLs
 Named ACLs
 Standard ACLs

Syntax:
access-list [1-99] [permit | deny] [source address] [wildcard mask] [log]

Example:
Block network 172.18.0.0 from accessing the
172.16.0.0 network
Router(config)# access-list 10 deny 172.18.0.0 0.0.255.255
Router(config)# access-list 10 permit any
To apply this access list, we would configure the following on Router A:
Router(config)# int fa4/0
Router(config-if)# ip access-group 10 out
 Verifying ACLs on the router
– show ip interface
– show access-lists
– Show running-config
Extended ACL

Syntax:
access-list [100-199] [permit | deny] [protocol] [source
address] [wildcard mask] [destination address]
Example: block network 172.18.0.0 from
accessing anything on the 172.17.0.0
network, EXCEPT for the HTTP port on the web
server
RB(config)# access-list 101 permit tcp
172.18.0.0 0.0.255.255 host 172.17.0.10 eq 80
RB(config)# access-list 101 deny ip 172.18.0.0
0.0.255.255 172.17.0.0 0.0.0.3
RB(config)# access-list 101 permit ip any any
We could have identified the web server in one
of two ways:
RB(config)# access-list 101 permit tcp
172.18.0.0 0.0.255.255 host 172.17.0.10 eq 80
RB(config)# access-list 101 permit tcp
172.18.0.0 0.0.255.255 172.17.0.10 0.0.0.0 eq
80
RB(config)# int fa1/0
RB(config-if)# ip access-group 101 in
 Named ACL
 Synatx: ip access-list {standard | extended} name
 Apply a Named ACL to an interface in the same manner as
applying a Standard or Extended ACL.
 Example:
RB(config)#ip access-list extended web-only
RB(config-ext-nacl)#permit tcp 172.18.0.0 0.0.255.255 host
172.17.0.10 eq 80
RB(config-ext-nacl)#deny ip 172.18.0.0 0.0.255.255
172.17.0.0 0.0.0.3
RB(config-ext-nacl)#permit ip any any
We could have identified the web server in one of two ways:
RB(config-ext-nacl)# permit tcp 172.18.0.0 0.0.255.255 host
172.17.0.10 eq 80
RB(config-ext-nacl)# permit tcp 172.18.0.0 0.0.255.255
172.17.0.10 0.0.0.0 eq 80
RB(config)# int fa1/0
RB(config-if)# ip access-group web-only in
 Network Addressing
• IANA-Internet Assigned Numbers Authority
Scheme
• RIR-Regional Internet Registry (5)
• ISP and End User Org.

Problems with IPv4

Shortage of IPv4 addresses
Allocation of the last IPv4 addresses was for the year 2005
Address classes were replaced by usage of CIDR, but this is not sufficient

Short term solution

NAT: Network Address Translator

Long term solution

IPv6 = IPng (IP next generation)
Provides an extended address range
NAT: Network Address Translator

NAT
Translates between local addresses and public ones
Many private hosts share few global addresses

Private Network Public Network

Uses private address range Uses public addresses
(local addresses)
Local addresses may not Public addresses are
be used externally globally unique
Types Of NAT
 Static NAT
 Dynamic NAT
 Dynamic NAT with Overload or PAT
 Static NAT –
 Mapping an unregistered IP address to a registered
IP address on a one-to-one basis. Particularly useful
when a device needs to be accessible from outside
the network.
 the computer with the IP address of 192.168.32.10
will always translate to 213.18.123.110.
 NAT Addressing Terms
 Inside Local
 an address used for a host inside an enterprise.
 actual IP address assigned to a host in the private network.
 Inside Global
 NAT uses an inside global address to represent the inside
host as the packet is sent through the outside network,
typically the Internet.
 A NAT router changes the source IP address of a packet
sent by an inside host from an inside local address to
an inside global address as the packet goes from the inside
to the outside network.
 Outside Global
 an address used for a host outside an enterprise, the
Internet.
 the actual IP address assigned to a host that resides in the
outside network, typically the Internet.
 Outside Local
 NAT uses an outside local address to represent the
outside host as the packet is sent through the private
network.
Static NAT Configuration
Specify the inside interface:
Router(config)#interface fast eth0/0 (private
side interface)
Router(config-if)# ip nat inside
Specify the outside interface:
Router(config)#interface fast ethernet0/1
(Public side interface)
Router(config-if)# ip nat outside
Enter static translation entry :
Router(config)# ip nat inside source
static 192.168.0.1 206.245.160.1
To see IP address translations:
Router#show ip nat translation
Dynamic NAT
Maps an unregistered IP address to a registered
IP address from a group of registered IP
addresses.
the computer with the IP address 192.168.32.10
will translate to the first available address in the
range from 213.18.123.100 to 213.18.123.150.

43
Dynamic NAT Configuration
Specify the inside interface:
Router(config)#interface fast ethernet0/0
Router(config-if)# ip nat inside
Specify the outside interface:
Router(config)#interface serial0/0
Router(config-if)# ip nat outside
Define an Access List to permit the inside local
addresses to be translated:
Router(config)#access-list 1 permit 10.0.0.0
0.0.0.255
Define a pool of global addresses :
Router(config)# ip nat pool DNAT1 179.2.2.65
179.2.2.90 netmask 255.255.255.224
Enter dynamic translation entry :
Router(config)# ip nat inside source list 1 pool DNAT1
Overloading NAT with PAT (NAPT)
 Overloading - A form of dynamic NAT that maps multiple
unregistered IP addresses to a single registered IP address by
using different ports. This is known also as PAT (Port Address
Translation), single address NAT or port-level multiplexed NAT.
 each computer on the private network is translated to the
same IP address (213.18.123.100), but with a different port
number assignment..
PAT Configuration
 Set the fast eth 0/0 and se2/0 interface as the inside and outside
interface:
R1# configure terminal
R1(config)# interface fastethernet0/0
R1(config-if)# ip nat inside
R1(config-if)# interface serial2/0
R1(config-if)# ip nat outside
 allow the 192.168.0.0/24 network to reach any destination.
R1(config)# access-list 100 permit ip 192.168.0.0 0.0.0.255 any
 enable NAT overload and bind it to the outside interface previously
selected:
 R1(config)# ip nat inside source list 100 interface serial 2/0
overload
Tha
n k Yo
u!