IP Fast Reroute , LFA (Loop Free Alternate) , Remote LFA and in general recovery and protection discussion. In this post, I will share the discussion with one of my slack group member, Driss Jabbar. He is a CCDE and highly skilled network engineer and also author of some posts in this website. You can contact him on Linkedin. Read more
IS-IS Overload Bit – Why IS-IS Overload bit is used ? What are the use cases ? In this post, I will explain the Overload bit which is an important feature of IS-IS routing protocol.
This is a case study which provides a detailed design steps for IGP protocol on hypothetical Internet Service Provider, called Ausnet.
Is Inter-AS MPLS VPNs commonly deployed ? In real-life deployment which Inter-AS MPLS VPN Option is most common ? What are the use cases of Inter-AS MPLS VPNs ? This is not a theory post , I will share practical information with you. Read more
OSPF Prefix Suppression helps to company to use 200 routers in their network without any problem. You can think that, some companies use more than 200 routers in their OSPF network, why this post is special? You will understand why in 10 minutes. Read more
What is KISS Principle ? Okay it stands for Keep it Simple and Stupid but what does really it mean in networking ?
Flat OSPF network, or single area OSPF networks are real. In fact most of the OSPF network today deployed, is flat OSPF networks. But how many routers can be placed safely in an OSPF area ? Any number from the real world OSPF deployment ? I will share in this post.
Fast Convergence and the Fast Reroute Network reliability is an important design aspect for deployability of time and loss sensitive applications. When a link, node or SRLG failure occurs in a routed network, there is inevitably a period of disruption to the delivery of traffic until the network reconverges on the new topology.
Fast reaction is essential for the failed element for some applications. There are two approaches for the fast reaction in case of failure:
Fast convergence and fast reroute. Although people use these terms interchangeably, they are not the same thing.
In this post I will explain the definitions and high level design considerations for fast convergence and the fast reroute.
Fast Reroute mechanisms in IP and MPLS , design considerations and pros and cons of each one of them will be explained in a separate post.
When a local failure occur four steps are necessary for the convergence. These steps are completed before traffic continues on the backup/alternate link.
1. Failure detection (Protocol Hello Timers , Carrier Delay and Debounce Timers, BFD and so on)
2. Failure propagation (LSA and LSP Throttling timers)
3. New information process (Backup/Alternate path calculation) (SPF Wait and Run times)
4. Update new route into RIB/FIB (After this step, traffic can continue to flow through backup link)
For fast convergence, these steps are tuned. Tuning the timers mean generally lowering them as most vendors use higher timers to be on the safe side. Because as you will see later in this post, lowering these timers can create stability issue in the network.
When you tune the timers for failure detection, propagation and the new path calculation, it is called fast convergence. Because traffic can continue towards alternate link faster than regular convergence since you use lower timers. (Instead of 30seconds hello timer, you can use 1 second hello , or instead of 5 seconds SPF wait time, you can make it 10 ms and so on.)
Although the RIB/FIB update is hardware dependent, the network operator can configure all the other steps.
One thing always needs to be kept in mind; Fast convergence and fast reroute can affect network stability. If you configure the timers very low, you might see false-positives.
Unlike fast convergence, for the fast reroute, backup path is pre-computed and pre-programmed into the router RIB/FIB. This increases the memory utilization on the devices.
There are many Fast Reroute mechanisms available today. Most known ones are; Loop Free Alternate (LFA), Remote Loop Free Alternate (rLFA), MPLS Traffic Engineering Fast Reroute and Segment Routing Fast Reroute.
Loop Free Alternate and the Remote Loop Free Alternate if also known as IP or IGP Fast Reroute Mechanisms. Main difference between MPLS Traffic Engineering Fast Reroute and the IP Fast Reroute mechanisms are the coverage.
MPLS TE FRR can protect the any traffic in any topology. IP FRR mechanisms need the physical topology of the networks to be highly connected.
Ring and square topologies are hard for the IP FRR topologies but not a problem for MPLS TE FRR at all. In other words, finding a backup path is not always possible with IP FRR mechanisms if the physical topology is ring or square. Best physical topologies from this aspect is full mesh.
OSPF Best Practices
Understanding and using best practices is very important though may not be feasible in all networks due to budget , political or other technical constraints.
In this post I will explain the best practices on OSPF networks. This best practices come from my real life design and deployment experience , knowledge and lessons learned of 15 years of Enterprise, Service Provider and Mobile Operator networking background.
Before we start, I want to touch briefly on Topology and Reachability information in OSPF as I will use these terms many times throughout this post and you’ll see whenever you study network design.
Reachability information means, IP address and subnets on the devices and the links. Router loopbacks, and the links between the routers have an IP address and these information are exchanged between the routers in OSPF. This process is known as control plane learning.
Topology information means, connection between the routers, metric information , which router is connected to which one. With this information, routers find a shortest path tree in OSPF. Note that IS-IS uses the same process to find a shortest path for each destination but there is no topology information in EIGRP. In other words, EIGRP neighbors don’t send topology information to each other.
Another term which I will use throughout this post is single area design.
Single area OSPF design is also known as Flat OSPF design. Generally we refer OSPF Area 0 only (Backbone area) deployment. There is no second area, all the nodes are in the backbone area.
- Stub, Totally Stub, NSSA and Totally NSSA Areas can create sub optimal routing in the network.Because these are types prevent some information into an area. Whenever there is specific information in the routing table, optimal path can be found , whenever there is summarization (less reachability information in the routing table) suboptimal routing might occur.
- OSPF Areas are used for scalability. If you don’t have valid reason such as 100s of routers, or resource problems on the routers, don’t use multiple areas.
- OSPF Multi area design increases the network complexity. Complexity sometimes is necessary and not the bad thing but just aware that multi area design compare to single/flat OSPF area design is more complex as you need to place ABR in the correct place, dealing with the multi area design related problems such as MPLS Traffic Engineering and MPLS LSP issues.
- Two is company, three is crowded in design. Having two OSPF ABR provides high availability but three ABR is not a good idea. Unless you have a capacity requirement , I don’t recommend to have three links , nodes , logical entity and so on in the networks.
- ABR slows down the network convergence. Knowing this important, without ABR in single/flat OSPF design, there is no Type 1, Type 2 to Type 3 LSA generation, similarly Type 4 LSAs also regenerated from the Type 1 LSAs.
- Having separate OSPF area per router is generally considered as bad. You should monitor the routers resources carefully and placed as much routers as you can in one OSPF area.
- Not every router has powerful CPU and Memory, you can split up the router based on their resource availability. Low end devices can be placed in a separate OSPF area and that area type can be changed as Stub, Totally Stub, NSSA or Totally NSSA.
- Always look for the summarization opportunity, but know that summarization can create sub optimal routing. Sub optimal routing may not be a problem for some applications but some applications require very low delay , jitter and packet loss. Sub optimal routing increases a chance of delay (latency).
- Good IP addressing plan is important for OSPF Multi Area design. It allows OSPF summarization (Reachability) thus faster convergence and smaller routing table.
- Having smaller routing table provides easier troubleshooting. Dealing with less information decreases mean time to repair. Identifying the problem and fixing would be faster. Because there will be less routing prefixes in the routing table and the routing protocol databases so troubleshooting would be much easier and it would be probably manageable by the average skilled engineers.
- Having smaller routing table increases convergence time as well. Summarization reduces the routing table size that’s why provides faster network convergence.
- OSPF NSSA area in general is used at the Internet Edge of the network since on the Internet routers where you don’t need to have all the OSPF LSAs yet still redistribution of selected BGP prefixes are common.
- Topology information is not sent between different OSPF areas, this reduces the flooding domain and allows large scale OSPF deployment. If you have 100s of routers in your network, you can consider splitting the OSPF domain into Multiple OSPF areas. But there are other considerations for Multi Area design and will be explained in this chapter.
- Use passive interface as much as you can. Passive interface should be enabled if you don’t want to setup an OSPF neighborship.
- For very large scale OSPF design, transit subnets can be removed from the OSPF topology. This has been defined in RFC 6860. This feature is known as ‘ prefix suppression ‘ on Cisco routers. Removing these links reduces the routing table size thus increases the network convergence and makes troubleshooting easier.
- If there will be maintenance on the router which runs OSPF , ‘ max-metric router lsa ‘ should be enabled to remove the router from the topology without having packet loss. Actually router still stays in the OSPF topology but since it will advertise maximum metric in Type 1 LSA (Router LSA), traffic is not forwarded to it, if there is an alternate path. If there is no alternate path, even with the ‘ max-metric router lsa ‘ router receives network traffic.
Packet loss with Fast Reroute
Do we still lose packet with fast reroute? One of my students asked me this question. And I would like to share the answer with everyone.
Before we discuss whether or not we lose packet with fast reroute mechanisms, let’s remember what fast reroute is. Read more
OSPFv2 by default setup only one adjacency over a single link. But this can be an issue some time and as a network designer you should understand the consequences and know the available solutions.
Placing a link in wrong OSPF area can create an OSPF sub optimal routing especially in hub and spoke topology.
In IS-IS or OSPFv3, this wouldn’t be an issue because IS-IS and OSPFv3 allow link to be placed in more than area or level. (In IS-IS, area is assigned to the router, not to the link. Thus I use level keyword)
Let’s look at the below network to understand what is the issue and how OSPF multi-area adjacency can solve the sub optimal routing problem. Read more
IS-IS Design considerations on MPLS backbone
Using IS-IS with MPLS require some important design considerations. IS-IS as a scalable link state routing protocol has been used in the Service Provider networks for decades.
In fact, eight of the largest nine Service Providers use IS-IS routing protocol on their network as of today. Read more
What is IS-IS Level 1 ? Why IS-IS level 1 is used ? What are the IS-IS levels ? What is the corresponding Area type in OSPF ?
IS-IS Level 1 is also called as IS-IS Level 1 sub domain. IS-IS is a link state routing protocol, similar to OSPF. You can read detail comparison of OSPF vs. IS-IS from here.
There is an Area concept in IS-IS as well but the purpose of IS-IS Areas are different than OSPF Areas.
In IS-IS Areas are used to create IS-IS Levels and IS-IS Levels are the similar logical concepts with OSPF Areas.
Two create IS-IS Level 1 adjacency between two routers, same IS-IS area number should be used. Otherwise only IS-IS Level 2 adjacency can be created. This is the first rule of IS-IS adjacency relationship.
Which OSPF Area type is similar to IS-IS Level 1 Sub domain ?
Finally, informational EIGRP RFC 7868 has been published.It is not anymore Cisco’s EIGRP, it is an open standard. Without a most critical feature of EIGRP,can we really say that? Why Cisco doesn’t share the most important feature which can help in large scale EIGRP design although industry has been asking from them for a long time ?
EIGRP RFC 7868 specifies EIGRP Dual Algorithm, EIGRP Packets such as Update, Query and Reply, EIGRP Operation, and EIGRP Metrics (K1,K2,….K6).
And since EIGP is RFC anymore, other vendors can legally implement EIGRP. There was couple of open source EIGRP implementations already,but with the RFC status, seeing new implementations among the big vendors would not be a big deal.
In addition to EIGRP packet types and metric values, there are a couple of important things to understand about EIGRP. Read more
Why are dynamic routing protocols used is usually asked by newbies in the networking field, especially after they have heard about routing protocols. Besides that, they often asked this question: What is the difference between static routing and the dynamic routing protocols?
And the common answer is that dynamic routing protocols are scalable.
In other words, there is no need to configure a manual entry for each destination as well as specifying the next hop IP address or interface with the dynamic routing protocols.
These are good reasons. But do we really have only such benefits? In very small networks, scalability is reasonable and correct. But for more sophisticated networks, there are other important reasons.
Before I explain the other reasons, let me clarify why static routing requires lots of manual configurations and why it is not scalable, compared to dynamic routing protocols.
Figure- 1 Why are dynamic routing protocols used?
One of the advantages of EIGRP Feasible Successor is that it speeds up the EIGRP. In fact, if there is a Feasible Successor in the EIGRP network, such network converges faster than OSPF or IS-IS.
But what is EIGRP Feasible Successor and how can we find EIGRP Feasible Successor?
Or, if there is EIGRP Feasible Successor, how does EIGRP converges faster than OSPF or ISIS?
In this post, I will explain the answers to the above questions.
EIGRP Feasible Successor is a backup node that can satisfy the EIGRP feasibility condition.
Feasibility condition simply means that the backup router should be loop-free.
Let’s examine the topology shown below (Figure-1) to understand how EIGRP finds loop-free alternate/backup node.
OSPF Area Types – Different Areas in OSPF are used to create smaller fault domains. There are two OSPF area types in total.
OSPF Backbone area and OSPF non-backbone area
Backbone area in OSPF is Area 0. OSPF prevents loop by using backbone area concept.All the non-backbone areas should be connected to the Backbone area.
There are many Non-Backbone OSPF Area types. These are; Normal Area, Stub, Totally Stub, NSSA and Totally NSSA Areas.
In this article I will explain the non-backbone OSPF areas from the design point of view and share some caveats about the OSPF design.
OSPF LSA (link state advertisements) are used to create a logical network topology. But Why we have 11 different LSAs ? What are their purposes ? Most important questions many time is not asked by the engineers thus you can’t find many places on the Internet which provides these answers.
The reason of having 11 Type of OSPF LSA packet is Scalability. If the network only consist of small amount of routers ( routers, link and the physical topology is important to define the size ) then you would have maximum two type of LSA.
Let me explain the ospf lsa types and why we would only have maximum two type of LSA will be understood.
Note : In this article only OSPFv2 LSA Types explained.
EIGRP vs OSPF – Below comparison table is your primary resource for the OSPF and EIGRP routing protocols when you compare them from the design point of view.
Knowing and understanding these design practices will not only help you for the real life network design but also will help for the any design certification exams.
If you have any question regarding the parameters in the comparison chart, please share in the comment so I can provide more information.
IS-IS, a link state routing protocol, requires careful attention during network design in order to avoid traffic blackholing. In the topology below, IS-IS routing protocol is used.
Flooding in full-mesh topology is a big concern for network-design experts, especially in large-scale OSPF deployments. When the link or node fails in an OSPF network, failure information is flooded everywhere in the same area. If Flat OSPF network design is used, then the problem gets bigger. Each router receives at least one copy of the new information from each neighbor.
EIGRP Hub and Spoke – EIGRP is the best protocol in Hub and Spoke topologies because of many reasons. In this article, I will explain the design consideration for EIGRP in a Hub and Spoke topology, also known as star topologies.
Figure – 1 EIGRP Hub and Spoke
If you design multi level IS-IS network and if you have more than one exit (L1-L2 routers) from the Level 1 domain, you will likely create a suboptimal routing. Multi-level IS-IS design is for large-scale network. What’s more, most of the real life networks use only flat Level 2 IS-IS as their interior gateway protocol (IGP).
I implore all my readers to always remember this topic: IGP LDP synchronization. It is important to use IGP LDP synchronization to avoid blackholing, especially when MPLS networks fails to function effectively.