售后职位:高级网络工程师。面试官是三位CCIE,面试过程历时2个多小时,印象非常深刻。现在这个offer基本已经
确定了,事主还在考虑诸如待遇及工作压力等情况再决定是否接这个offer.事主亦在其blog上张贴了面试题目,我故
亦斗胆将其贴出。
1. 现在的6509及7609,SUP720交换带宽去到720G,是不是可以说7609/6509可以取代一部分GSR的地位?
2. isis level1 的路由表包括哪此路由?有多个level-1-2出口时,其它路由它从哪里学到,如何选路?
3. MPLS L3 VPN,如果我想让两个不同的VPN作单向互访,怎做?
4. 跨域的MPLS L3 VPN可以谈谈思路吗?
5. MPLS L3 VPN的一个用户,他有上internet的需求,如何实现?有几种实现方法?特点各是什么?
6. MPLS L3 VPN,如果我想让两个不同的VPN作单向互访,怎做?
7. L3 VPN与L2 VPN各自的特点是怎样?你觉得哪一种模式运营起来比较有前景?
8. ISIS与OSPF的区别谈一谈吧,各个方面。
9. 一个骨干网或城域网选ISIS及OSPF基于什么理由?
10. BGP选路原则常用是哪些?在骨干网与城域网间如何搭配一块使用?
11. 如果BGP加上max path,会在哪个BGP选路属性之前应用这个选项?
12. 为什么骨干网pop及城域网出口要作next-hop-self?
13. 两个AS之间,有四台路由器口字型互联,其中一台路由器上从EBGP学到一个网络,又从IBGP学到同一个网络,
选路哪个?是哪个属性影响?如果我在IBGP过来那个加上MED小于从EBGP过来的,又选哪个?为什么?
14. local-pre与weight的区别是什么?
15. BGP能不能实现负载均衡?如果可以,有哪些方法?
16. 多个AS之间,可不可以比较MED?如可以,需要前提条件吗?如有,前提条件是什么?
17. MED能不能和AS内的IGP度量值结合起来?如可以,如何做?
18. 割接限定回退的时间还有十分钟,割接还未成功,局方已经催你回退了,但你觉得这些问题你再努力5分钟可能
会解决,你的选择是什么?
19. 骨干网的QoS,如何部署?你认为什么骨干网什么情况下是有拥塞发生了?
20. 对于工程及维护来说,你觉得l3网络和l2网络哪个比较好?
21. L3网络与L2网络对环路的处理各是什么样的机制?
22. 一般情况下,L2交换机的生成树有多少数量?
23. 3550的生成树模式是什么?生成树数量是怎样的?
24. 跟据你的经验,GE的端口,当流量达到多少时,你可以认为是有拥塞发生了?2.5G POS口,当流量达到多少
时,你可以认为有拥塞?
此外,中间问了对项目实施上的一些事件的处理方式,问了有没有一些失败的经历及体验,还有问及工作中碰过最棘
手的事件是什么及如何处理等等。当然还有一些互相调戏平和气氛的对话。
感谢整理人:Jackyluo
思科售后高级网络工程师面试题
现在的6509及7609,SUP720交换带宽去到720G,是不是可以说7609/6509 可以取代一部分
GSR的地位?
答:从某一部分功能来说是可以的。6509以前主要定位于公司企业局域网核心交换机,而GSR
定位于广域网高速核心路由设备。7609的SUP720可以提供720G的高速交换能力,MSFC3和
PFC3提供高速路由处理能力和大量FEATURE,再加上现在7600系列上的新的SIP+SPA高速
线速板卡,完全可以胜任核心路由设备的工作,最适合作汇聚和业务提供路由器。而随着技术
的发展,CRS?的出现,GSR逐渐从核心往骨干汇聚发展,作为各种高低速线路的汇聚,在这方
面7609和GSR都可以。但7609和GSR在体系结构上还是有根本不同,7609是从交换机发展而
来,GSR在内部是将数据分解为标准的信元交换,在队列和调度方面也有不同,所以说作为纯
核心路由器来说还是GSR更好,因为它经过多年的考验。从价格来说7609还是比较贵的,而
GSR某些时候还要便宜。
ISIS level1 的路由表包括哪此路由?当有多个level??出口时,其它路由它从哪里学到,如何选
路?
答:ISIS level1和level2 维护LSD和SPF,LEVEL1的路由表是由LEVEL1 LSD通过SPF计算所
得,只包括本地AREA的详细路由和与之连接的LEVEL??通过ATT位发来的缺省路由。当有多个
LEVEL12是,每个 LEVEL12通过对发出的LSP包中的ATT位置1,表示其有到其它AREA的路
由,而当LEVEL1路由器收到此LSP是选择最近的LEVEL12路由器转发流量。
MPLS L3 VPN,如果我想让两个不同的VPN作单向互访,怎么做?
答:如果是两个VPN的互通,可以将两个VPN的路由信息输出到相同的一个RT,并都导入,可
实现互通。如果要单向访问,可建立一个公共VPN,导出两个VPN的RT,两个VPN都可以对公
共VPN实现访问。
跨域的MPLS L3 VPN可以谈谈思路吗?
答:RFC2547bis和最新的rfc4364都对其有定义,主要有三种。Option A B C: Option A:
back to back v** 互连。两个*S间通过VRF 间的背对背的连接,路由可以选择静态或动态路由,
这种方法简单实用,适于不同运营商间的连接。 Option B :MeBGP vpnv4连接两个AS间通过
ASBR间建立MeBGP vpnv4,VPN路由通过MBGP承载,具有较好的可扩展性。 Option C: RR
间多跳MeBGP两个AS间建立MEBGP,但不是在ASBR上,是在两个AS各自的RR间,这样有
较好的可扩展性,灵活性。但较复杂。要解决下一跳问题有标签问题。
MPLS L3 VPN的一个用户,他有上internet的需求,如何实现?有几种实现方法?特点各是什
么?
答:有三种。 1、通过VPN访问internet. 传统做法是:设置一个集中的防火墙通过NAT实现
INTERNET访问,简单易实现,只是不能对INTERNET流量和VPN流量进行区分,安全存在问
题。或者在PE路由器上配置PACK LEAKING 实现。 2、独立的INTERNET访问向每个VPN
SITE 提供独立的INTERNET连接线路,由CE路由器实现NAT到INTERNET。要求PE路由器向
CE提供独立的线路或虚电路,PE路由器要有访问 INTERNE的能力。优点是能将VPN流量和
INTERNET流量分
开。 3、通过单独的VPN实现INTERNET连接,建立一个单独的VPN,将INTERNET缺省路由和
部分路由注入,在需要INTERNET访问SIET相连的PE路由器上实现VPN互通,从而访问
INTERNET。比较复杂,但可支持各种INTERNET访问要求。建议采用这种。
L3 VPN与L2 VPN各自的特点是怎样?你觉得哪一种模式运营起来比较有前景?
答:L3 VPN 的PE路由器需要维护客户VPN的路由信息,要实现各VPN的路由选择和维护,而
L2 VPN只在客户间建立透明的二层通道,不维护三层的信息,相对没有L3 VPN复杂。L3 VPN
已经在现实环境中应用多年,比较成熟,适合多SITE的复杂的用户,MPLS L2 VPN用于替代传
统的二层FR、ATM等技术,适合点到点的互连或少量SITE的连接。L2 VPN由于维护较方便,
性价比高,最近几年应发展迅速,而传统的L3 VPN也不会在短时间淘汰。
ISIS与OSPF的区别谈一谈吧,各个方面。
答:它们有很多共同之处,都是链路状态路由协议,都使用SPF算法,VSLM 快速会聚。从使
用的目的来说没有什么区别。从协议实现来说OSPF其于TCP/ ip协议簇,运行在IP层上,端口
号89;ISIS基于ISO CLNS,设计初是为了实现ISO CLNP路由,在后来加上了对IP路由的支持。
从具体细节来说: 1:区域设计不同,OSPF采用一个骨干AREA0与非骨干区域,非骨干区域必
须与AREAO连接。ISIS由L1 L2 L12路由器组成的层次结构,它使用的LSP要少很多,在同一个
须与AREAO连接。ISIS由L1 L2 L12路由器组成的层次结构,它使用的LSP要少很多,在同一个区域的扩展性要比OSPF好。 2 OSPF有很多种LSA,比较复杂并占用资源,而ISIS的LSP要少很多,所以在CPU占用和处理路由更新方面,ISIS要好一些。 3 isis 的定时器允许比OSPF更细的调节,可以提高收敛速度。华为、Cisco网络技术论坛 4 OSPF数据格式不容易增加新的东西,要加,就需要新的LSA,而ISIS可以很容易的通过增加TLV进行扩展,包括对IPV6等的支持。 5 从选择来说,ISIS更适合运营商级的网络,而OSPF非常适合企业级网络。
一个骨干网或城域网选ISIS及OSPF基于什么理由?
答:从可用性来说,两种IGP协议都可以,但对于具体情况,经过分析,可能得出选哪种协议更
优一些: l 从稳定和可靠性来看:骨干网要求路由协议的高稳定性和可靠性,以及快速收敛。
OSPF协议是基于IP层的,所以其只能支持IP网络,且网络上一些基于IP 的攻击会影响到OSPF
的正常运行。ISIS是直接运行在链路层上的,其可以承载多种网络类型,且在预防网络攻击方面
也有一些天然的优势。 l 从支持的网络规模来看:OSPF、ISIS都有网络分层的概念,也都有区
域的概念,OSPF有骨干区域0和分支区域,ISIS有相应的Level2、 Level1的概念。OSPF有普通
区域、Stub区域、Total Stub区域、NSSA区域等区域类型,而IS㊣S 从功能上看它就是一个
OSPF 的简化版本,只实现了骨干区(LEVEL2) 和STUB 区(LEVEL1),由于其LEVEL1访问
其他区域网络是采用到最近的L1/L2 路由器方式,容易产生路由次优化问题, 这样某些组网时就
需要借助其他的方法来实现某些功能,如:在构建MPLS VPN的过程中就需要采用路由渗透,
造成实现和维护复杂。由于ISIS计算路由的时候采用PRC计算,ip前缀作为最短生成树的叶子节
点,而OSPF是围绕链路建立的,在相同大小的区域,ISIS比OSPF更加稳定且消耗资源少,相
比OSPF支持的网络规模更大。
l 从灵活性来看:OSPF协议比较灵活,协议是基于接口的,支持的网络类型全面,且技术成
熟,在城域网中,使用IGP用来传播用户路由,组网设备杂,关注的是协议的灵活性兼容性,以
及能否满足大量用户复杂路由控制的需求,这些是OSPF 的强项,建议使用OSPF。对于新维护
方面OSPF协议在城域网中得到了广泛的应用,尤其是早期的网络维护人员对OSPF协议相当熟
悉; l 从扩展性来看:ISIS结构严谨,运行稳定,IS㊣S路由器只能属于一个区域,并且不提供
对NBMA、P2MP接口的直接支持。ISIS可扩展性更好:ISIS能支持多种网络层协议( OSPF仅
支持IP协议);ISIS区域能平滑地平移、分割、合并,流量不中断;ISIS是基于TLV的,协议本
身扩展容易。最近几年,在各大运营商的骨干网络中大量使用了ISIS协议,在选取协议时,需要
考虑原有网络中运行的是何种协议,如目前某些运营商在骨干层次采用ISIS,而在城域网内部采
用 OSPF协议,为了保护网络的延续性,在选取协议类型时需要予以考虑。新建的网络,如果
所有设备都支持ISIS,可以考虑ISIS。 9. BGP选路原则常用是哪些?在骨干网与城域网间如何
搭配一块使用?
答:BGP有很多属性,用于路由选择的有9个左右,常用的有LCAL PREFERENCE,AS㏄
ATH,MED,METRIC,COMMUNITY这几个。在骨干网与城域网连接中,骨干网向城域网发送缺省
路由或部分明细路由,城域网将本地路由信息发到骨干网上。接收路由主要通过设置lcoal
preference控制上行流量分担,如果骨干网发过来的明细路由带有MED,也可以通过MED值控
制。发布出去的路由通过MED AS PATH控制回程流量的分担。发布路由可以设置COMMUNITY
表示路由起源。在有多条出口链路时通过BGP实现流量分担。
如果BGP加上max path,会在哪个BGP选路属性之前应用这个选项?
答:在最后一个BGP router id之前。
为什么骨干网pop及城域网出口要作next﹉op﹕elf?
答:骨干网与城域网之间通过EBGP连接,而城域网收到的骨干网路由在发给内部IBGP邻居时
不会改变路由的下一跳,下一跳的地址为骨干网设备地址,而 IBGP内部路由器也没有其路由信
息,所有路由下一跳不可达,只有在城域网RR将路由发给IBGP邻居时要加next﹉op﹕elf,改变路
由的下一跳,路由才可达。
两个AS之间,有四台路由器口字型互联,其中一台路由器上从EBGP学到一个网络,又从IBGP
学到同一个网络,选路哪个?是哪个属性影响?如果我在IBGP过来那个加上MED小于从EBGP
过来的,又选哪个?为什么?
答:选EBGP那一条,如果加了MED,则选MED低的那个。
local﹑re与weight的区别是什么?
答:Weight 是CISCO专有的,LOCAL㏄RE是公认必遵的BGP属性。Weight 只在本地ROUTER
上有用,不可传递;而LOCAL㏄RE用于一个AS内部,可在整个AS内传递。它们都是数值大的
路由选中,而CISCO路由器中 WEIGHT决策在LOCAL㏄RE前。
BGP能不能实现负载均衡?如果可以,有哪些方法?
答:可以。对于EBGP可以通过设置EBGP㎝ULTIHOP,通过相等的IGP METRIC实现。对于
IBGP可以通过配置muximum﹑aths,使其在等值的IGP METRIC链路上实现。
多个AS之间,可不可以比较MED?如可以,需要前提条件吗?如有,前提条件是什么?
答:默认是不比较来自不同AS的路由的MED值,但可设置bgp alwaysヽompare﹎ed使其对来自
不同AS的路由的MED值进行比较。
MED能不能和AS内的IGP度量值结合起来?如可以,如何做?
答:设置Med的route﹎ap 配置set metric internal
割接限定回退的时间还有十分钟,割接还未成功,局方已经催你回退了,但你觉得这些问题你
再努力5分钟可能会解决,你的选择是什么?
答:立即回退
骨干网的QoS,如何部署?你认为什么骨干网什么情况下是有拥塞发生了?
答:对于电信级骨干网,轻载是骨干网上实现QOS的最好方法,保持流量低于带宽的50%,在
需要时增加带宽,并且通过控制接入的流量在稳定的范围内。也可以对流量进行简单的分类,
通过DIFF㏒ERV实现不同流量的QOS,对于复杂的QOS需求,可以使用TE实现。对于企业级骨
干网,WAN链路为较低速率,此时可通过DIFF㏒ERV实现QOS,但如果流量已达到90%以前,
QOS的实施对整个网络质量不能很好的改善。一般而言,在网络设备能全线速和 BUFFER足够
的情况一下,骨干网一般用POS接口,骨干网流量达到50%以上就应规划增加带宽,达到60%
就比较紧张,70%网络质量可能开始下降,80%就有拥塞发生了。可以通过延迟和延迟抖动测
试出来。
对于工程及维护来说,你觉得L3网络和L2网络哪个比较好?
答:对于工程实施来说,L2网络简单。对于网络管理来说,L3要可控一些。
L3网络与L2网络对环路的处理各是什么样的机制?
答:L3网络通过运行的路由协议的算法保证形成一个无环的拓扑。L2是通过STP 实现
一般情况下,L2交换机的生成树有多少数量?
答:2950 支持64个PVST+ instances 16个MST,3550 是128WH pvst+instances 65个MST
3550的生成树模式是什么?生成树数量是怎样的?
答:支持128个PVST+,65个MST,都支持PVST 和MSTP。
跟据你的经验,GE的端口,当流量达到多少时,你可以认为是有拥塞发生了?2.5G POS口,
当流量达到多少时,你可以认为有拥塞?
答:对于GE端口,如果流量达到900M时可视为发生拥塞,而对于POS口,如果硬件板卡都是
线速,并且BUFFER足够,当流量达到达2G左右时可视为发生拥塞.。
Saturday, September 29, 2012
OSPF Database Explanation Guide
Introduction
This guide shows sample configurations of Open Shortest Path First (OSPF) in different network environments. Specifically, the purpose of this guide is to examine the OSPF database in various environments. The examples fall into the following categories:
Network Types
The following sample configuration documents fall under the Network Types category:
- OSPF Routers Connected by an Unnumbered Serial Link
- OSPF Routers Connected by a Numbered Point-to-Point Link
- OSPF Routers Connected by a Point-to-Multipoint Link
- OSPF Routers Connected by a Multi-Access Network
Multiple Area and Types of Areas
The following sample configuration documents fall under the Multiple Area and Types of Areas category:
- OSPF Inter-Area Routing
- How OSPF Propagates External Routes into Multiple Areas
- OSPF Virtual Link
- OSPF Not So Stubby Area Type 7 to Type 5 Link-State Advertisement Conversion
Default Routes into Various Area Types
The following sample configuration documents fall under the Default Routes into Various Area Types category:
Labels:
CCIE RS
OSPF E1 or E2
Hello,
I would like to know if ( as a network admin) one should configure external routes coming from outside the Autonomous system as External Type 1 or 2. I am very well acquainted with the facts and concepts of both i.e ( E1 adds up the cost toward the destination and E2 has a default cost of 20).
What i ought to know is if there is any othe benefit in using E1 than E2 apart from the Cost ? Do we actually use it in Real World scenarios. If so, then (perhaps who has actually implemented it allready) , what is the spark whcih ignites the thought of implementing E1 instead of E2. Does it help in Troubleshooting or selecting a path as in like Multihomed adjacencies ?
Anybody with some practical examples here to clear the need of E1's ?
Thanks
J
Correct Answer by Scott Morris - CCDE/4xCCIE/2xJNCIE on Jan 27, 2010 5:05 AM
E2s have a default metric of 20 and it will never change/increment along a path. While E1s come in with 20 by default as well, they will add metrics at each hop, making them easier to manipulate along with internal routing paths.
Personally, I always do E1s. But in a lab environment (or consulting) you do whatever you are told to do.
Scott
Labels:
CCIE RS
Understanding OSPF External Route Path Selection
Hi Brian,What is the major difference in using an E1 route over an E2 route in OSPF?From what I’ve observed, if you redistribute a route into OSPF either E1 or E2, the upstream router will still use the shortest path to get to the ASBR regardless of what is shown in the routing table.The more I read about this, the more confused I get. Am I missing something?Matt
Hi Matt,
This is actually a very common area of confusion and misunderstanding in OSPF. Part of the problem is that the vast majority of CCNA and CCNP texts teach the theory that for OSPF path selection of E1 vs E2 routes, E1 routes use the redistributed cost plus the cost to the ASBR, while with E2 routes only use the redistributed cost. When I just checked the most recent CCNP ROUTE text from Cisco Press, it specifically says that “[w]hen flooded, OSPF has little work to do to calculate the metric for an E2 route, because by definition, the E2 route’s metric is simply the metric listed in the Type 5 LSA. In other words, the OSPF routers do not add any internal OSPF cost to the metric for an E2 route.” While technically true, this statement is an oversimplification. For CCNP level, this might be fine, but for CCIE level it is not.
The key point that I’ll demonstrate in this post is that while it is true that “OSPF routers do not add any internal OSPF cost to the metric for an E2 route”, both the intra-area and inter-area cost is still considered in the OSPF path selection state machine for these routes.
First, let’s review the order of the OSPF path selection process. Regardless of a route’s metric or administrative distance, OSPF will choose routes in the following order:
Intra-Area (O)
Inter-Area (O IA)
External Type 1 (E1)
External Type 2 (E2)
NSSA Type 1 (N1)
NSSA Type 2 (N2)
Inter-Area (O IA)
External Type 1 (E1)
External Type 2 (E2)
NSSA Type 1 (N1)
NSSA Type 2 (N2)
To demonstrate this, take the following topology:
R1 connects to R2 and R3 via area 0. R2 and R3 connect to R4 and R5 via area 1 respectively. R4 and R5 connect to R6 via another routing domain, which is EIGRP in this case. R6 advertises the prefix 10.1.6.0/24 into EIGRP. R4 and R5 perform mutual redistribution between EIGRP and OSPF with the default parameters, as follows:
R4: router eigrp 10 redistribute ospf 1 metric 100000 100 255 1 1500 ! router ospf 1 redistribute eigrp 10 subnets R5: router eigrp 10 redistribute ospf 1 metric 100000 100 255 1 1500 ! router ospf 1 redistribute eigrp 10 subnets
The result of this is that R1 learns the prefix 10.1.6.0/24 as an OSPF E2 route via both R2 and R3, with a default cost of 20. This can be seen in the routing table output below. The other OSPF learned routes are the transit links between the routers in question.
R1#sh ip route ospf 10.0.0.0/24 is subnetted, 8 subnets O E2 10.1.6.0 [110/20] via 10.1.13.3, 00:09:43, FastEthernet0/0.13 [110/20] via 10.1.12.2, 00:09:43, FastEthernet0/0.12 O IA 10.1.24.0 [110/2] via 10.1.12.2, 00:56:44, FastEthernet0/0.12 O E2 10.1.46.0 [110/20] via 10.1.13.3, 00:09:43, FastEthernet0/0.13 [110/20] via 10.1.12.2, 00:09:43, FastEthernet0/0.12 O IA 10.1.35.0 [110/2] via 10.1.13.3, 00:56:44, FastEthernet0/0.13 O E2 10.1.56.0 [110/20] via 10.1.13.3, 00:09:43, FastEthernet0/0.13 [110/20] via 10.1.12.2, 00:09:43, FastEthernet0/0.12
Note that all the routes redistributed from EIGRP appear on R1 with a default metric of 20. Now let’s examine the details of the route 10.1.6.0/24 on R1.
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2 Last update from 10.1.13.3 on FastEthernet0/0.13, 00:12:03 ago Routing Descriptor Blocks: 10.1.13.3, from 10.1.5.5, 00:12:03 ago, via FastEthernet0/0.13 Route metric is 20, traffic share count is 1 * 10.1.12.2, from 10.1.4.4, 00:12:03 ago, via FastEthernet0/0.12 Route metric is 20, traffic share count is 1
As expected, the metric of both paths via R2 and R3 have a metric of 20. However, there is an additional field in the route’s output called the “forward metric”. This field denotes the cost to the ASBR(s). In this case, the ASBRs are R4 and R5 for the routes via R2 and R3 respectively. Since all interfaces are FastEthernet, with a default OSPF cost of 1, the cost to both R4 and R5 is 2, or essentially 2 hops.
The reason that multiple routes are installed in R1’s routing table is that the route type (E2), the metric (20), and the forward metric (2) are all a tie. If any of these fields were to change, the path selection would change.
To demonstrate this, let’s change the route type to E1 under R4’s OSPF process. This can be accomplished as follows:
R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 1 R4(config-router)#end R4#
The result of this change is that R1 now only installs a single route to 10.1.6.0/24, the E1 route learned via R2.
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 22, type extern 1 Last update from 10.1.12.2 on FastEthernet0/0.12, 00:00:35 ago Routing Descriptor Blocks: * 10.1.12.2, from 10.1.4.4, 00:00:35 ago, via FastEthernet0/0.12 Route metric is 22, traffic share count is 1
Note that the metric and the forward metric seen in the previous E2 route is now collapsed into the single “metric” field of the E1 route. Although the value is technically the same, a cost of 2 to the ASBR, and the cost of 20 the ASBR reports in, the E1 route is preferred over the E2 route due to the OSPF path selection state machine preference. Even if we were to raise the metric of the E1 route so that the cost is higher than the E2 route, the E1 route would be preferred:
R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 1 metric 100 R4(config-router)#end R4#
R1 still installs the E1 route, even though the E1 metric of 102 is higher than the E2 metric of 20 plus a forward metric of 2.
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 102, type extern 1 Last update from 10.1.12.2 on FastEthernet0/0.12, 00:00:15 ago Routing Descriptor Blocks: * 10.1.12.2, from 10.1.4.4, 00:00:15 ago, via FastEthernet0/0.12 Route metric is 102, traffic share count is 1
R1 still knows about both the E1 and the E2 route in the Link-State Database, but the E1 route must always be preferred:
R1#show ip ospf database external 10.1.6.0 OSPF Router with ID (10.1.1.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 64 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.4.4 LS Seq Number: 80000003 Checksum: 0x1C8E Length: 36 Network Mask: /24 Metric Type: 1 (Comparable directly to link state metric) TOS: 0 Metric: 100 Forward Address: 0.0.0.0 External Route Tag: 0 LS age: 1388 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.5.5 LS Seq Number: 80000001 Checksum: 0x7307 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0
This is the behavior we would expect, because E1 routes must always be preferred over E2 routes. Now let’s look at some of the commonly misunderstood cases, where the E2 routes use both the metric and the forward metric for their path selection.
First, R4’s redistribution is modified to return the metric-type to E2, but to use a higher metric of 100 than the default of 20:
R4#conf t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 2 metric 100 R4(config-router)#end R4#
The result on R1 is that the route via R4 is less preferred, since it now has a metric of 100 (and still a forward metric of 2) vs the metric of 20 (and the forward metric of 2) via R5.
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2 Last update from 10.1.13.3 on FastEthernet0/0.13, 00:00:30 ago Routing Descriptor Blocks: * 10.1.13.3, from 10.1.5.5, 00:00:30 ago, via FastEthernet0/0.13 Route metric is 20, traffic share count is 1
The alternate route via R4 can still be seen in the database.
R1#show ip ospf database external 10.1.6.0 OSPF Router with ID (10.1.1.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 34 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.4.4 LS Seq Number: 80000004 Checksum: 0x9D8B Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 0.0.0.0 External Route Tag: 0 Routing Bit Set on this LSA LS age: 1653 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.5.5 LS Seq Number: 80000001 Checksum: 0x7307 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0
This is the path selection that we would ideally want, because the total cost of the path via R4 is 102 (metric of 100 plus a forward metric of 2), while the cost of the path via R5 is 22 (metric of 20 plus a forward metric of 2). The result of this path selection would be the same if we were to change both routes to E1, as seen below.
R4#conf t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 1 metric 100 R4(config-router)#end R4# R5#config t Enter configuration commands, one per line. End with CNTL/Z. R5(config)#router ospf 1 R5(config-router)#redistribute eigrp 10 subnets metric-type 1 R5(config-router)#end R5#
R1 still chooses the route via R5, since this has a cost of 22 vs R4’s cost of 102.
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 22, type extern 1 Last update from 10.1.13.3 on FastEthernet0/0.13, 00:00:41 ago Routing Descriptor Blocks: * 10.1.13.3, from 10.1.5.5, 00:00:41 ago, via FastEthernet0/0.13 Route metric is 22, traffic share count is 1 R1#show ip ospf database external 10.1.6.0 OSPF Router with ID (10.1.1.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 56 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.4.4 LS Seq Number: 80000005 Checksum: 0x1890 Length: 36 Network Mask: /24 Metric Type: 1 (Comparable directly to link state metric) TOS: 0 Metric: 100 Forward Address: 0.0.0.0 External Route Tag: 0 Routing Bit Set on this LSA LS age: 45 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.5.5 LS Seq Number: 80000003 Checksum: 0xEB0D Length: 36 Network Mask: /24 Metric Type: 1 (Comparable directly to link state metric) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 R1#
Note that the E1 route itself in the database does not include the cost to the ASBR. This must be calculated separately either based on the Type-1 LSA or Type-4 LSA, depending on whether the route to the ASBR is Intra-Area or Inter-Area respectively.
So now this begs the question, why does it matter if we use E1 vs E2? Of course as we saw E1 is always preferred over E2, due to the OSPF path selection order, but what is the difference between having *all* E1 routes vs having *all* E2 routes? Now let’s at a case where it *does* matter if you’re using E1 vs E2.
R1’s OSPF cost on the link to R2 is increased as follows:
R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface Fa0/0.12 R1(config-subif)#ip ospf cost 100 R1(config-subif)#end R1#
R4 and R5’s redistribution is modified as follows:
R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 1 metric 99 R4(config-router)#end R4# R5#config t Enter configuration commands, one per line. End with CNTL/Z. R5(config)#router ospf 1 R5(config-router)#redistribute eigrp 10 subnets metric-type 1 metric 198 R5(config-router)#end R5#
Now R1’s routes to the prefix 10.1.6.0/24 are as follows: Path 1 via the link to R2 with a cost of 100, plus the link to R4 with a cost of 1, plus the redistributed metric of 99, making this total path a cost of 200. Next, Path 2 is available via the link to R3 with a cost of 1, plus the link to R5 with a cost of 1, plus the redistributed metric of 198, masking this total path a cost of 200 as well. The result is that R1 installs both paths equally:
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 200, type extern 1 Last update from 10.1.12.2 on FastEthernet0/0.12, 00:02:54 ago Routing Descriptor Blocks: * 10.1.13.3, from 10.1.5.5, 00:02:54 ago, via FastEthernet0/0.13 Route metric is 200, traffic share count is 1 10.1.12.2, from 10.1.4.4, 00:02:54 ago, via FastEthernet0/0.12 Route metric is 200, traffic share count is 1
Note that the database lists the costs of the Type-5 External LSAs as different though:
R1#show ip ospf database external 10.1.6.0 OSPF Router with ID (10.1.1.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 291 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.4.4 LS Seq Number: 80000006 Checksum: 0xC9C Length: 36 Network Mask: /24 Metric Type: 1 (Comparable directly to link state metric) TOS: 0 Metric: 99 Forward Address: 0.0.0.0 External Route Tag: 0 Routing Bit Set on this LSA LS age: 207 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.5.5 LS Seq Number: 80000004 Checksum: 0xE460 Length: 36 Network Mask: /24 Metric Type: 1 (Comparable directly to link state metric) TOS: 0 Metric: 198 Forward Address: 0.0.0.0 External Route Tag: 0
What happens if we were to change the metric-type to 2 on both R4 and R5 now? Let’s see:
R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 2 metric 99 R4(config-router)#end R4# R5#config t Enter configuration commands, one per line. End with CNTL/Z. R5(config)#router ospf 1 R5(config-router)#redistribute eigrp 10 subnets metric-type 2 metric 198 R5(config-router)#end R5#
Even though the end-to-end costs are still the same, R1 should now prefer the path with the lower redistributed metric via R4:
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 99, type extern 2, forward metric 101 Last update from 10.1.12.2 on FastEthernet0/0.12, 00:01:09 ago Routing Descriptor Blocks: * 10.1.12.2, from 10.1.4.4, 00:01:09 ago, via FastEthernet0/0.12 Route metric is 99, traffic share count is 1
The forward metric of this route means that the total cost is still 200 (the metric of 99 plus the forward metric of 101). In this case, even though both paths are technically equal, only the path with the lower redistribution metric is installed. Now let’s see what happens if we do set the redistribution metric the same.
R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#router ospf 1 R4(config-router)#redistribute eigrp 10 subnets metric-type 2 metric 1 R4(config-router)#end R4# R5#config t Enter configuration commands, one per line. End with CNTL/Z. R5(config)#router ospf 1 R5(config-router)#redistribute eigrp 10 subnets metric-type 2 metric 1 R5(config-router)#end R5#
Both routes now have the same metric of 1, so both should be installed in R1’s routing table, right? Let’s check:
R1#show ip route 10.1.6.0 Routing entry for 10.1.6.0/24 Known via "ospf 1", distance 110, metric 1, type extern 2, forward metric 2 Last update from 10.1.13.3 on FastEthernet0/0.13, 00:00:42 ago Routing Descriptor Blocks: * 10.1.13.3, from 10.1.5.5, 00:00:42 ago, via FastEthernet0/0.13 Route metric is 1, traffic share count is 1
This is the result we may not expect. Only the path via R5 is installed, not the path via R4. Let’s look at the database and see why:
R1#show ip ospf database external 10.1.6.0 OSPF Router with ID (10.1.1.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 56 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.4.4 LS Seq Number: 80000008 Checksum: 0xB3D4 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 Routing Bit Set on this LSA LS age: 47 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 10.1.6.0 (External Network Number ) Advertising Router: 10.1.5.5 LS Seq Number: 80000006 Checksum: 0xAADD Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0
Both of these routes show the same cost, as denoted by the “Metric: 1”, so why is one being chosen over the other? The reason is that in reality, OSPF External Type-2 (E2) routes *do* take the cost to the ASBR into account during route calculation. The problem though is that by looking at just the External LSA’s information, we can’t see why we’re choosing one over the other.
Now let’s go through the entire recursion process in the database to figure out why R1 is choosing the path via R5 over the path to R4.
First, as we saw above, R1 finds both routes to the prefix with a metric of 1. Since this is a tie, the next thing R1 does is determine if the route to the ASBR is via an Intra-Area path. This is done by looking up the Type-1 Router LSA for the Advertising Router field found in the Type-5 External LSA.
R1#show ip ospf database router 10.1.4.4 OSPF Router with ID (10.1.1.1) (Process ID 1) R1#show ip ospf database router 10.1.5.5 OSPF Router with ID (10.1.1.1) (Process ID 1) R1#
This output on R1 means that it does not have an Intra-Area path to either of the ASBRs advertising these routes. The next step is to check if there is an Inter-Area path. This is done by examining the Type-4 ASBR Summary LSA.
R1#show ip ospf database asbr-summary 10.1.4.4 OSPF Router with ID (10.1.1.1) (Process ID 1) Summary ASB Link States (Area 0) Routing Bit Set on this LSA LS age: 1889 Options: (No TOS-capability, DC, Upward) LS Type: Summary Links(AS Boundary Router) Link State ID: 10.1.4.4 (AS Boundary Router address) Advertising Router: 10.1.2.2 LS Seq Number: 80000002 Checksum: 0x24F3 Length: 28 Network Mask: /0 TOS: 0 Metric: 1 R1#show ip ospf database asbr-summary 10.1.5.5 OSPF Router with ID (10.1.1.1) (Process ID 1) Summary ASB Link States (Area 0) Routing Bit Set on this LSA LS age: 1871 Options: (No TOS-capability, DC, Upward) LS Type: Summary Links(AS Boundary Router) Link State ID: 10.1.5.5 (AS Boundary Router address) Advertising Router: 10.1.3.3 LS Seq Number: 80000002 Checksum: 0x212 Length: 28 Network Mask: /0 TOS: 0 Metric: 1
This output indicates that R1 does have Inter-Area routes to the ASBRs R4 and R5. The Inter-Area metric to reach them is 1 via ABRs R2 (10.1.2.2) and R3 (10.1.3.3) respectively. Now R1 needs to know which ABR is closer, R2 or R3? This is accomplished by looking up the Type-1 Router LSA to the ABRs that are originating the Type-4 ASBR Summary LSAs.
R1#show ip ospf database router 10.1.2.2 OSPF Router with ID (10.1.1.1) (Process ID 1) Router Link States (Area 0) Routing Bit Set on this LSA LS age: 724 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 10.1.2.2 Advertising Router: 10.1.2.2 LS Seq Number: 8000000D Checksum: 0xA332 Length: 36 Area Border Router Number of Links: 1 Link connected to: a Transit Network (Link ID) Designated Router address: 10.1.12.2 (Link Data) Router Interface address: 10.1.12.2 Number of TOS metrics: 0 TOS 0 Metrics: 1 R1#show ip ospf database router 10.1.3.3 OSPF Router with ID (10.1.1.1) (Process ID 1) Router Link States (Area 0) Routing Bit Set on this LSA LS age: 1217 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 10.1.3.3 Advertising Router: 10.1.3.3 LS Seq Number: 80000010 Checksum: 0x9537 Length: 36 Area Border Router Number of Links: 1 Link connected to: a Transit Network (Link ID) Designated Router address: 10.1.13.1 (Link Data) Router Interface address: 10.1.13.3 Number of TOS metrics: 0 TOS 0 Metrics: 1
This output indicates that R2 and R3 are adjacent with the Designated Routers 10.1.12.2 and 10.1.13.3 respectively. Since R1 is also adjacent with these DRs, the cost from R1 to the DR is now added to the path.
R1#show ip ospf database router 10.1.1.1 OSPF Router with ID (10.1.1.1) (Process ID 1) Router Link States (Area 0) LS age: 948 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 10.1.1.1 Advertising Router: 10.1.1.1 LS Seq Number: 8000000F Checksum: 0x6FA6 Length: 60 Number of Links: 3 Link connected to: a Stub Network (Link ID) Network/subnet number: 10.1.1.1 (Link Data) Network Mask: 255.255.255.255 Number of TOS metrics: 0 TOS 0 Metrics: 1 Link connected to: a Transit Network (Link ID) Designated Router address: 10.1.13.1 (Link Data) Router Interface address: 10.1.13.1 Number of TOS metrics: 0 TOS 0 Metrics: 1 Link connected to: a Transit Network (Link ID) Designated Router address: 10.1.12.2 (Link Data) Router Interface address: 10.1.12.1 Number of TOS metrics: 0 TOS 0 Metrics: 100
R1 now knows that its cost to the DR 10.1.12.2 is 100, who is adjacent with R2, whose cost to R4 is 1, whose redistributed metric is 1. R1 also now knows that its cost to the DR 10.1.13.3 is 1, who is adjacent with R3, whose cost to R5 is 1, whose redistributed metric is 1. This means that the total cost to go to 10.1.6.0 via the R1 -> R2 -> R4 path is 102, while the total cost to go to 10.1.6.0 via the R1 -> R3 -> R5 path is 3.
The final result of this is that R1 chooses the shorter path to the ASBR, which is the R1 -> R3 -> R5 path. Although the other route to the prefix is via an E2 route with the same external cost, one is preferred over another due to the shorter ASBR path.
Based on this we can see that both E1 and E2 routes take both the redistributed cost and the cost to the ASBR into account when making their path selection. The key difference is that E1 is always preferred over E2, followed by the E2 route with the lower redistribution metric. If multiple E2 routes exist with the same redistribution metric, the path with the lower forward metric (metric to the ASBR) is preferred. If there are multiple E2 routes with both the same redistribution metric and forward metric, they can both be installed in the routing table. Why does OSPF do this though? Originally this stems from the design concepts of “hot potato” and “cold potato” routing.
Think of a routing domain learning external routes. Typically those prefixes have some “external” metric associated with them – for example, E2 external metric or the BGP MED attribute value. If the routers in the local domain select the exit point based on the external metric they are said to perform “cold potato” routing. This means that the exit point is selected based on the external metric preference, e.g. distances to the prefix in the bordering routing system. This optimizes link utilization in the external system but may lead to suboptimal path selection in the local domain. Conversely, “hot potato” routing is the model where the exit point selection is performed based on the local metric to the exit point associated with the prefix. In other words, “hot potato” model tries to push packets out of the local system as quick as possible, optimizing internal link utilization.
Now within the scope of OSPF, think of the E2 route selection process: OSPF chooses the best exit point based on the external metric and uses the internal cost to ASBR as a tie breaker. In other words, OSPF performs “cold potato” routing with respect to E2 prefixes. It is easy to turn this process into “hot potato” by ensuring that every exit point uses the same E2 metric value. It is also possible to perform other sorts of traffic engineering by selectively manipulating the external metric associated with the E2 route, allowing for full flexibility of exit point selection.
Finally, we approach E1. This type of routing is a hybrid of hot and cold routing models – external metrics are directly added to the internal metrics. This implicitly assumes that external metrics are “comparable” to the internal metrics. In turn, this means E1 is meant to be used with another OSPF domain that uses a similar metric system. This is commonly found in split/merge scenarios where you have multiple routing processes within the same autonomous system, and want to achieve optimum path selection accounting for both metrics in both systems. This is similar to the way EIGRP performs metric computation for external prefixes.
So there we have it. While it is technically true that “OSPF routers do not add any internal OSPF cost to the metric for an E2 route”, both the intra-area and inter-area cost can still be considered in the OSPF path selection regardless of whether the route is E1 or E2.
Labels:
CCIE RS
Subscribe to:
Posts (Atom)