Sunday, May 19, 2013

Summary Routes To Null0 & The Protocols That Love Them

Introduction



OK, so the title of this blog sounds like a really geeky version of “The Jerry Springer Show” but it’s all in good fun!  When doing route summarization with some of our different routing protocols, you may have noticed that some of them will always add the summary route they are advertising downstream to the local routing table.  What is confusing at first to some is that this local summary route is given a next-hop of null0, also known as the bit bucket.  For example, if you are running EIGRP on a router and you configure a summary route like ip summary-address eigrp 1 10.10.0.0 255.255.0.0 on an interface of that router you will see a route inserted into the routing table for 10.10.0.0/16 pointing to null0.
Understanding that this behavior happens is one thing — we have all seen it.  Understanding WHY it happens is the important thing and that is what we will explore here today.  After we understand why this works the way it does, we will look at how this works (or doesn’t work) with RIP, EIGRP, OSPF and BGP.

Understanding The Feature


We can sum up why this particular feature exists in two words:  Loop prevention.  Unfortunately, that is where many people stop caring.  They never ask the question “why”.  Let’s look at our diagram for today


Here we have a fairly simple setup.  R1 is advertising a default-route to R2.  R2 has 6 loopback addresses.  Instead of sending 6 individual routes, we will configure R2 for summarization.  The best summary route we can use that covers all these loopback addresses is 2.2.2.0/29.  What routing protocol we are running is irrelevant to the basic theory here, but we will show how it works with all the routing protocols mentioned earlier.
Ok then, so why do some routing protocols insert a summary route to null0 on the local router when doing route summarization?  Imagine what happens if R1 wants to send a packet to 2.2.2.7.  The summary route advertised from R2 is 2.2.2.0/29, which means that the summary covers the range 2.2.2.1 – 2.2.2.7.  However, R2 does not have a route for 2.2.2.7.  It does have a default-route it learned from R1 though.  What you have there is a recipe for disaster in the form of a routing loop.  R1 will send the packet to R2.  R2 won’t have a route for 2.2.2.7 and will default route it back to R1.  This will continue until the IP TTL expires.
If we were running a routing protocol that implements the summary route to null0 feature, our problem would be solved.  What would happen in that case is that when R2 generated the summary to 2.2.2.0/29 it would also add a route that looks something like this to it’s routing table: 2.2.2.0/29 via NULL0.  Now think about the same process.  R1 wants to reach 2.2.2.7.  It has a summary route for 2.2.2.0/29 it learned from R2 so it sends the packet to R2.  R2 still doesn’t have a specific route for 2.2.2.7, but it DOES have a more general route for 2.2.2.0/29 that matches.  Because of that, R2 routes the packet to a black hole we call null0 and the packet is stopped instead of causing a routing loop!  Nice!
Now, let’s dig into the specifics of this feature in each of our routing protocols…

Summary Routes To Null0 With EIGRP


EIGRP definitely supports this feature.  Let’s configure the network from the above diagram with EIGRP on R2 and take a look
R1(config)#router eigrp 1
R1(config-router)#no auto-summary
R1(config-router)#passive-interface default
R1(config-router)#no passive-interface fa0/0
R1(config-router)#network 12.0.0.0
R2(config)#router eigrp 1
R2(config-router)#no auto-summary
R2(config-router)#passive-interface default
R2(config-router)#no passive-interface fa0/0
R2(config-router)#network 12.0.0.0
R2(config-router)#exit

R2(config)#interface fa0/0
R2(config-if)#ip summary-address eigrp 1 2.2.2.0 255.255.255.248
R2 is sending out a summary address to R1 of 2.2.2.0/29. If we look at the routing table of R2 we can see that R2 added an EIGRP route to null0 for 2.2.2.0/29. By default, EIGRP adds this with an administrative distance of 5. Note that the AD of 5 is only relevant on the router doing the summarization. We can see on R1 that the AD of the received summary route is still 90 like any other EIGRP route
R2#sh ip route eigrp
     2.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
D 2.2.2.0/29 is a summary, 00:03:20, Null0

R1#sh ip route eigrp
     2.0.0.0/29 is subnetted, 1 subnets
D       2.2.2.0 [90/156160] via 12.12.12.2, 00:03:49, FastEthernet0/0
What if we don’t want the summary address added by EIGRP? Why would you want to do that you ask? Fun? Amusement? Entertainment? Because we can? CCIE lab requirement?….shrug Well, when you add the summary at the interface level with the ip summary-address eigrp command you can actually specify the AD that will be given to the summary route. What if we made that AD 255? Routes with an AD of 255 do not get added to the routing table. Let’s try it.
R2(config-if)#int fa0/0
R2(config-if)#no ip summary-address eigrp 1 2.2.2.0 255.255.255.248 5
*Jul 20 15:53:24.099: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 12.12.12.1 (FastEthernet0/0) is resync: summary configured

R2(config-if)#ip summary-address eigrp 1 2.2.2.0 255.255.255.248 255
*Jul 20 15:53:35.583: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 12.12.12.1 (FastEthernet0/0) is resync: summary configured

R2(config-if)#do sh ip route eigrp
It’s gone! We still have the summary route received on R1 of course…
R1#sh ip route eigrp
     2.0.0.0/29 is subnetted, 1 subnets
D       2.2.2.0 [90/156160] via 12.12.12.2, 00:01:17, FastEthernet0/0
One other thing to be aware about with EIGRP and this feature.  If you have auto-summary enabled (the default), EIGRP will go ahead and automatically create the summary route to null0 for any automatically summarized routes.  You can disable that feature by disabling auto-summary via the no auto-summary EIGRP command.  In modern day networks, that is usually a given anyways.  Note, disabling auto-summary will NOT get rid of your summary routes to null0 generated as a result of manual summarizations via the ip summary-address eigrp interface command!

Summary Routes To Null0 With OSPF


Let’s blow out our EIGRP design and see how OSPF handles this feature…since we can only summarize on an ABR or ASBR in OSPF we will go ahead and make R2 and ABR with all the loopbacks in a different area then the backbone.
R1(config)#no router eigrp 1

*Jul 20 15:45:35.419: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 12.12.12.2 (FastEthernet0/0) is down: interface down
R1(config)#router ospf 1
R1(config-router)#passive-interface default
R1(config-router)#no passive-interface fa0/0
R1(config-router)#network 12.12.12.1 0.0.0.0 area 0
R2(config)#no router eigrp 1
R2(config)#router ospf 1
R2(config-router)#passive-interface default
R2(config-router)#no passive-interface fa0/0
R2(config-router)#network 12.12.12.2 0.0.0.0 area 0
R2(config-router)#network 2.2.2.0 0.0.0.255 area 1
R2(config-router)#area 1 range 2.2.2.0 255.255.255.248
Let’s see how we did and do some verification
R1#sh ip route ospf
     2.0.0.0/29 is subnetted, 1 subnets
O IA    2.2.2.0 [110/2] via 12.12.12.2, 00:00:40, FastEthernet0/0
R2#sh ip route ospf

     2.0.0.0/8 is variably subnetted, 7 subnets, 2 masks

O 2.2.2.0/29 is a summary, 00:00:32, Null0
Again, we see that R2 has added a summary route to null0. So, OSPF supports this feature as well. However, there is no special administrative distance here…it is 110 just like any other normal OSPF route. OSPF has a much more intuitive way to stop this from happening if we so choose. We can simply use the no discard-route command under the OSPF process. If we are summarizing on an ABR as is the case here we would use no discard-route internal. If we were summarizing external routes on an ASBR we could useno discard-route external. Finally, if we simply want to change the AD of the discard route to null0 we can do that with discard-route [internal|external] [AD]. The last option gives us the ability to use the same tactic we did in EIGRP to get rid of the null0 route if we want by hiking the AD up to 255.

Summary Routes To Null0 With BGP


Now, let’s see what’s going on with BGP.  We will blow out our OSPF configuration and configure iBGP between our two routers.
R1(config)#no router ospf 1

R1(config)#router bgp 1
R1(config-router)#no auto
R1(config-router)#no sync
R1(config-router)#neighbor 12.12.12.2 remote-as 1
R2(config)#no router ospf 1

R2(config)#router bgp 1
R2(config-router)#no auto
R2(config-router)#no sync
R2(config-router)#neighbor 12.12.12.1 remote-as 1
R2(config-router)#network 2.2.2.1
R2(config-router)#network 2.2.2.1 mask 255.255.255.255
R2(config-router)#aggregate-address 2.2.2.0 255.255.255.248 summary-only
Let’s see how we did…
R1#sh ip route bgp
     2.0.0.0/29 is subnetted, 1 subnets
B       2.2.2.0 [200/0] via 12.12.12.2, 00:00:14
R2#sh ip route bgp
     2.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
B       2.2.2.0/29 [200/0] via 0.0.0.0, 00:00:36, Null0
Very similar situation as OSPF! R2 added the summary route to null0 for the 2.2.2.0/29. Note the AD is 200. It just so happens to be 200 (the same as iBGP) because that is the default. In BGP, the discard route that gets added is actually called a “local route” and it has a default AD of 200. We can see that in the output of show ip protocols
R2#sh ip proto
Routing Protocol is "bgp 1"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  IGP synchronization is disabled
  Automatic route summarization is disabled
  Unicast Aggregate Generation:
    2.2.2.0/29         summary-only
  Neighbor(s):
    Address          FiltIn FiltOut DistIn DistOut Weight RouteMap
    12.12.12.1
  Maximum path: 1
  Routing Information Sources:
    Gateway         Distance      Last Update
    (this router)        200      00:03:06
  Distance: external 20 internal 200 local 200
That is the key to hacking it out of our routing table on R2 if we so choose…let’s give it a try
R2(config)#router bgp 1
R2(config-router)#distance bgp ?
    Distance for routes external to the AS

R2(config-router)#distance bgp 20 ?
    Distance for routes internal to the AS

R2(config-router)#distance bgp 20 200 ?
    Distance for local routes

R2(config-router)#distance bgp 20 200 255

R2(config-router)#do sh ip route bgp
     2.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
B 2.2.2.0/29 [200/0] via 0.0.0.0, 00:05:08, Null0
What?! Our plan has been foiled…the route is still there! What’s going on? Not too big of a deal, we just need to remove and re-add the aggregate route
R2(config-router)#no aggregate-address 2.2.2.0 255.255.255.248 summary-only
R2(config-router)#do sh ip route bgp
R2(config-router)#aggregate-address 2.2.2.0 255.255.255.248 summary-only
R2(config-router)#do sh ip route bgp

Summary Routes To Null0 With RIP

Well, I have some good news for you… RIP does not implement this feature at all!  Why?  Well, because RIP just generally sucks as a routing protocol? shrug…oh well at least we don’t have to know how to disable it if need be.  But, what if we actually want RIP to behave nicely and prevent the routing loop scenario?  Well, I guess we’ll just have to do it ourselves!  We could simply add our own summary route on R2 like this:
ip route 2.2.2.0 255.255.255.248 null0

Summary

When doing manual summarization in many routing protocols, the router doing the summarization will add a local summary route to null 0 (also called a discard route).  This feature is in place to prevent routing loops as outlined above.  Each routing protocol that implements the feature does so similarly, but each has some unique ways of preventing the discard route from entering the routing table if that is the desire of the person configuring it.
Related Posts Plugin for WordPress, Blogger...