OSPF, EIGRP, RIP, IS-IS, BGP

The purpose of routing protocols is to enable end-to-end network layer connectivity between endpoints. There is always a forward and reverse path selected between endpoints for each session. The routing table is comprised of multiple routes to different destination subnets that are learned from different route sources. The distinction is in how the local router learns of the route. Dynamic routing protocols such as OSPF, EIGRP, RIP, IS-IS, and BGP advertise and learn routes automatically.

Open Shortest Path First (OSPF)

Open Shortest Path First (OSPF) is a link-state routing protocol that routes IP-only. It is a scalable, open standard interior gateway protocol (IGP) that supports multivendor network devices. OSPF routers build and maintains a global topology database with the exchange of link-state advertisements (LSA). The purpose of LSAs are to advertise topology and routing information between OSPF enabled routers. There are event-triggered updates that are sent only when a topology change occurs (link failure) to conserve bandwidth.

Areas

OSPF is a hierarchical layered architecture that is defined with single or multiple areas. The single area design is often implemented with smaller network domains to enable faster convergence when a link failure occurs. The advantage of multiple areas is primarily within larger network domains. There are smaller routing tables on each router per area. Route summarization can be enabled at an area border router (ABR) to reduce the size of routing tables and amount of LSA flooding. Routing issues such as flapping are limited to each area with multi-area OSPF design.

Figure 5 OSPF Multi-Area Design

There is a mandatory common backbone area 0 only for multi-area OSPF. All other areas must connect to the OSPF backbone area. That is required to advertise routes between areas and prevent routing loops. The exception is when a virtual link is configured to tunnel through a normal area to the backbone area. OSPFv2 refers to the version of OSPF that only supports IPv4 addressing on network interfaces. It is the most widely deployed version of OSPF. The area number for single-area OSPF does not have to be numbered area 0.

Figure 6 OSPF Area Types

OSPF supports a variety of area types that are configured to advertise specific routes. The most common are normal areas and the backbone area where most LSAs are permitted. Stub areas are often implemented at remote and branch offices for default routing to a data center. OSPF not-so-stubby-area (NSSA) forwards redistributed routes from an external routing domain such as EIGRP.

OSPF router types are classified based on function and location. There are backbone routers, normal routers, area border routers (ABR), and autonomous system border router (ASBR). OSPF ABR routers have interfaces configured in more than one area. They are responsible for advertising routes between areas. OSPF ASBR is a redistribution point between OSPF and an external routing domain such as EIGRP or BGP.

OSPF LSA route types denote the route topology information and where it originated. Type 1 identifies a single router and referred to as Intra-Area (O). Type 2 is a network LSA since it is associated with a network segment (DR/BDR) and designated as Intra-Area (O) as well. Type 3 is a summary LSA generated only by an ABR and referred to as Inter-Area (IA). Type 4 LSA is a summary ASBR advertised only from an ABR, that advertises a route to the ASBR. Type 7 is an NSSA LSA that originates from an ASBR and is converted to Type 5 LSA at an ABR. They provide routes to external routing domains for OSPF routers.

Table 3 OSPF Areas and LSA Types

Route Convergence

The primary characteristic of a link-state protocol is a global topology database created when link states are exchanged between all neighbors within an area. There are link states advertised between all areas as well, and routes are installed in the routing table.

OSPF runs Dijkstra SPF algorithm for shortest path (lowest cost) computation to each destination from the link state database and populates the routing table. This makes link state protocols extremely scalable, with optimized routing and fast convergence. After convergence when all OSPF tables are updated, there are only event-triggered routing updates that are sent to neighbors.

The correct order of operation for OSPF convergence initially starts with OSPF neighbors exchanging hello packets to form neighbor adjacency. Next all OSPF connected neighbors exchange LSA packets. OSPF neighbors then exchange database descriptor packets (DBD) to build the topology database. OSPF runs SPF algorithm for shortest path computation to all destinations, and that is used to build the routing table.

Neighbor Adjacency > Exchange LSAs > Build Topology Table > SPF Algorithm > Build Routing Table

Path Selection

OSPF link-state advertisements (LSA) are comprised of topology and route information. SPF calculates shortest (best) path to each destination based on route type and metric. Any router with an OSPF only deployment does not consider administrative distance unless there are static routes configured.

As a result, routes are installed based on route type first when there are multiple OSPF routes to the same destination. OSPF installs the route with lowest metric when there are multiple OSPF routes of the same route type. Finally, routes of the same route type with equal cost metric are installed and up to six equal cost paths are load balanced by default.

The order of preference starts with OSPF Intra-Area (O) route type. They represent any OSPF route that originates from within the same area and have the highest preference. OSPF Inter-Area (IA) routes are exchanged between areas and preferred next after Intra-Area (O) routes. Finally there are NSSA and external routes that originate from a different routing protocol through an OSPF ASBR redistribution router.

NSSA and external routes have a lower preference than other previously mentioned route types. LSA Type 7 originate from an ASBR and include NSSA Type 1 route (N1) and NSSA Type 2 route (N2). N1 and N2 routes are advertised from an ASBR and transit not-so-stubby-area (NSSA). They are converted to Type 5 LSA at an ABR and flooded throughout the OSPF domain. The cost assigned to N1 is a default metric cost (20) + internal path cost from ASBR to destination. The cost assigned to N2 is a default metric cost (20) only and added at ASBR router redistribution point.

LSA Type 5 originate from an ABR and include External Type 1 route (E1) and External Type 2 route (E2). They are flooded from an ABR throughout the OSPF routing domain. The cost assigned to E1 route is a default metric cost (20) + internal path cost from ASBR to destination. The cost assigned to E2 route is a default metric cost (20) only and does not include internal path cost from ASBR to destination. It is the least preferred route based on order of route type preference shown here.

Intra-Area (O) > Inter-Area (IA) > NSSA (N1) > External (E1) > NSSA (N2) > External (E2)

Metric Calculation

Each routing protocol has a unique method for calculating route metric. OSPF calculates a cost metric based on interface bandwidth. The default cost of an OSPF enabled interface = 1.

cost = 100 Mbps / interface bandwidth

Each network link is comprised of the local interface and a neighbor interface. The lowest cost assignable to an interface is 1 even though calculation could arrive at a lower number. The reference bandwidth of OSPF is configurable to account for faster interfaces that start at Gigabit (1000 Mbps) speed today. The reference bandwidth is a global configuration command that must match for all routers in the same OSPF routing domain.

router ospf 1
auto-cost reference-bandwidth 1000

The alternative to reference bandwidth method is ip ospf cost command. It allows you to configure the cost metric directly on a network interface. The third option is to manually configure interface speed with the IOS interface bandwidth command. That affects how OSPF calculates metric for that specific link only, and not the interface physical speed. You would have to configure the bandwidth command on both local and neighbor interface. It is not recommended however since it could affect how other routing protocols calculate metric. OSPFv2 is an important topic and covered in CCNA 200-301 Full Certification Prep Course.

Characteristics

  • Link-state routing protocol
  • Interior Gateway Protocol (IGP)
  • Administrative distance: 110
  • IP only routing
  • IPv6 support (OSPFv3)
  • Open standard
  • Layer 3 (IP protocol 89)
  • Metric = interface cost (bandwidth)
  • Reference bandwidth = 100 Mbps
  • Classless routing
  • Hierarchical topology
  • Global database topology (LSA) table
  • SPF algorithm: shortest path to destination calculated from LSA table
  • Event-triggered routing updates
  • Router types: Normal, Backbone, ABR, ASBR
  • Area types: Normal, Backbone, Stub, Totally Stubby, NSSA, Totally NSSA
  • Route types: Intra-Area (O), Inter-Area (IA), NSSA Type 1 (N1), NSSA Type 2 (N2), External Type 1 (E1), External Type 2 (E2)
  • LSA types: Router (Type 1), Network (Type 2), Summary (Type 3), Summary ASBR (Type 4), External (Type 5), NSSA (Type 7)
  • OSPF LSA refresh every 30 minutes
  • Multicast address: 224.0.0.5 (All OSPF routers)
  • Multicast address: 224.0.0.6 (updates to DR/BDR only)
  • Network types: broadcast, non-broadcast, point-to-point, point-to-multipoint, point-to-multipoint non-broadcast)
  • Hello timer = 10 seconds, Dead timer = 40 seconds (broadcast / point-to-point)
  • Hello timer = 30 seconds, Dead timer = 120 seconds (non-broadcast, point-to-multipoint non-broadcast)
  • Hop count = unlimited
  • Loop prevention: native (SPF)
  • Wildcard masks only
  • Message authentication: none / text password / MD5
  • Route auto-summarization: disabled (default)
  • Scalable to large enterprise domains
  • Load balancing = 4 equal cost paths (default)

Enhanced Interior Gateway Routing Protocol (EIGRP)

EIGRP is a Cisco proprietary routing protocol developed to route a variety of network layer protocols. More recently, there has been a shift to monolithic IP-only network architecture, with open standards for internet and cloud connectivity. OSPF has started to replace EIGRP since it is proprietary and less scalable. EIGRP is a complex routing protocol that is non-hierarchical and often difficult to troubleshoot.

EIGRP is classified as an advanced distance vector protocol with characteristics of both distance vector and link state protocols. For example, EIGRP only has a neighbor topology table instead of a complete network map. Similar to link state protocols, EIGRP does form neighbor adjacency and sends event-triggered updates instead of periodic full routing table updates. It is a classless protocol similar to OSPF, where subnet information is included in routing updates. That is an advantage since variable length subnet masks (VLSM) enable classless subnetting and route summarization on any bit boundary. Contrast that with distance vector protocols that support only classful subnetting. There is unequal cost path load balancing as well that is unique to EIGRP with the variance feature.

Autonomous Systems

There is a flat topology architecture with EIGRP and no hierarchical levels as with OSFP or IS-IS. Instead you assign a router interface to an autonomous system (AS). EIGRP routes must be redistributed between different AS numbers. The advantage of multiple AS design is that query updates for a new route are not flooded outside the local autonomous systems. The smaller network domain size enables faster convergence time and less route flapping.

Figure 7 EIGRP Autonomous Systems

Route Convergence

EIGRP routers first sends multicast hello packets to all neighbors on startup and builds a neighbor topology table. Then full routing tables are exchanged with each neighbor as unicast update packets to build a topology table. Routing updates are sent with Reliable Transport Protocol (RTP) for connection-oriented guaranteed delivery of packets. Neighbor adjacency occurs when neighbor routers have exchanged hello messages and update packets are sent to neighbors with full routing table.

DUAL algorithm calculates best path route to each destination from the topology table and populates EIGRP routing table with successor (best available) route for each destination. That is based on routes advertised from directly connected neighbors. The successor route is next hop to a destination with lowest feasible distance (FD). The feasible distance of a route is computed based on the reported distance (RD) + local distance to the advertising neighbor router. The reported distance is the path metric to a destination that a neighbor advertises with a route. The local distance is the metric from the local router querying for a route to the neighbor router. It represents the lowest (best path) metric to a destination and assigned to an EIGRP route.

Figure 8 EIGRP Feasible Distance Computation

The feasible successor is a backup route in the EIGRP topology table while the successor route is best route in routing table. EIGRP moves the feasible successor from topology table to routing table when successor route is not available. EIGRP routers will respond to a neighbor query, and notify them when there is no route to a destination. The first step is a query sent to neighbor/s with infinity metric set for a particular route. Next, there is a local lookup in the topology database for a feasible successor. The last step is marking the unavailable route as active.

EIGRP hold down timer affects how fast the network converges when there is a link failure. Each router interface enabled with EIGRP sends hello packets to its EIGRP neighbors. The default hold down timer value is equivalent to three hello packets not sent from a neighbor. That is the time interval that EIGRP waits before declaring the neighbor unreachable, sends a goodbye message, and EIGRP neighbor adjacency is dropped.

Metrics

EIGRP selects the path between source and destination based on lowest metric when there are multiple routes to the same destination. The bandwidth and delay are the defaults used to calculate metric value. The delay is a fixed value based on interface speed, and cumulative from source to destination on outbound interfaces. Link bandwidth is not cumulative with EIGRP. Each path between source and destination is comprised of multiple individual links. EIGRP examines the links and determines the lowest bandwidth link for each path.

The path that has the highest bandwidth (lowest metric) from among all lowest bandwidth links is selected. That minimum bandwidth is used along with cumulative delay on forwarding path to calculate metric and assign to route. EIGRP adds reported distance and local distance to calculate feasible distance for each path when multiple paths exist to a destination. It is the route with lowest feasible distance that is installed in the routing table.

EIGRP does support unequal cost load balancing across multiple links to the same destination with variance feature. The default for EIGRP is load balancing across four equal cost paths when available. Additional metrics include MTU, load, and reliability that can be configured with K values for granular metric calculation.

Characteristics

  • Advanced distance vector routing protocol
  • Interior Gateway Protocol (IGP)
  • Administrative distance: internal 90, external 170, summary 5
  • Multiprotocol routing
  • IPv6 support
  • Cisco proprietary
  • Layer 3 (IP protocol 88)
  • Metric = bandwidth and delay (default)
  • Classless routing
  • Flat topology with autonomous systems
  • Neighbor topology view only
  • DUAL algorithm for best path: successor + feasible successor routes
  • Event-triggered routing updates
  • Periodic routing table refresh: none
  • Multicast address: 224.0.0.10 (All EIGRP neighbors)
  • Hello timer = 10 seconds, Dead timer = 40 seconds
  • Reliable Transport Protocol (RTP) track replies for routing updates
  • Hop count = 255
  • Loop prevention: feasibility condition / split horizon / route poisoning
  • Standard and wildcard masks
  • Message authentication: none / text password / MD5
  • Route auto-summarization: disabled (default)
  • Scalable to medium and large enterprise domains
  • Load balancing = 4 equal cost paths or multiple unequal cost paths

Routing Information Protocol (RIP)

Routing Information Protocol (RIP) is an older routing protocol that pre-dates the internet era. It was designed for smaller network domains with basic routing and no subnetting. RIP is a distance vector protocol that is not scalable, with slow convergence, and classful addressing only. The advantages are ease of deployment and troubleshooting. As a purely distance vector protocol, the route metric is hop count. That is the number of hops (distance) from source to destination. The route with lowest number of router hops is selected as best path. There is no message authentication supported with RIPv1 making it less suitable to internet connectivity. Load balancing as with most interior gateway protocols except EIGRP, is equal cost paths only.

Table 4 RIPv1 vs RIPv2 Comparison

RIPv2 is an enhancement to the protocol standard that was designed to fix some of the problems with RIPv1. The primary difference is that RIPv2 is a classless protocol that includes subnet mask information with routing updates. That enables the same classless subnetting that OSPF, EIGRP, IS-IS and BGP support. There is also support for authentication of messages between RIPv2 neighbors via text password or MD5 hash. That provides a minimum level of security across modern network domains.

Figure 9 RIP Routing Domain

RIPv2 sends routing updates to multicast 224.0.0.9 instead of the older 255.255.255.255 broadcast method where all routers would have to process messages. There is an option for RIPv2 routers to send broadcasts to RIPv1 routers for backward compatibility. The problem is that RIPv1 will summarize any classless routes on a classful boundary.

Characteristics

  • Distance vector routing protocol
  • Interior Gateway Protocol (IGP)
  • Administrative distance: 120
  • IP only routing
  • IPv6 support (RIPng)
  • Open standard
  • Application layer (UDP port 520)
  • Metric = hop count
  • Best path = least number of hops to destination
  • Maximum hop count = 15
  • Classless routing (RIPv2)
  • Standard subnet masks
  • Flat topology
  • Neighbor topology view only
  • Full routing updates every 30 seconds
  • Multicast address: 224.0.0.9 (RIPv2)
  • Update timer = 30 seconds, Hold down timer = 180 seconds
  • Loop prevention: split horizon / route poisoning
  • RIPv2 message authentication: text password / MD5
  • Route auto-summarization: enabled (default)
  • Small and medium network domains only
  • Load balancing = 6 equal cost paths (default)

Intermediate System to Intermediate System (IS-IS)

Intermediate System to Intermediate System (IS-IS) is a link state routing protocol with similarities to OSPF. It is an interior gateway protocol (IGP) that is implemented primarily for routing within large service provider network domains. Any routing across the public internet would require an exterior gateway protocol (BGP). Some of the advantages include scalability, fastest convergence and security. IS-IS packets are not vulnerable to IP spoofing and DDOS attacks since it is an OSI Layer 2 protocol and not IP-based. CLNS is the transport that supports any multiprotocol payload including IP packets.

IS-IS creates a complete topology database and calculates shortest path to each destination using Dijkstra algorithm. There are LSPs advertised that are similar to OSPF LSAs for building a topology table. IS-IS is a classless addressing protocol and calculates best path metric based on interface cost (bandwidth). The metric assigned to a route is cumulative of all costs between source and destination. IS-IS classifies all nodes as either end systems (ES) or intermediate systems (routers).

There is a two-level hierarchy with Level 1 routers (intra-area), Level 1/Level 2 routers (ABR), and Level 2 routers (backbone). In contrast to OSPF, each router can only be assigned to a single area, so the router is the boundary between areas and not an interface. There is no concept of an OSPF style backbone where all areas must connect. There are however Level 2 routers that can connect areas via L1/L2 routers based on routing design.

Figure 10 IS-IS Hierarchical Levels

Characteristics

  • Link-state routing protocol
  • Interior Gateway Protocol (IGP)
  • Administrative distance: 115
  • Multiprotocol routing (CLNS)
  • IPv6 support
  • Open standard
  • Layer 2
  • Metric = interface cost (bandwidth)
  • Default cost metric = 10 (assigned to interface)
  • Classless routing
  • Hierarchical topology
  • Global database topology (LSP) table
  • SPF algorithm calculates shortest path to destination from LSP table
  • Event-triggered routing updates
  • Periodic routing table refresh: none
  • Hello timer = 10 sec, hello multiplier = 40 sec (broadcast / point-to-point)
  • Hop count = unlimited
  • Loop prevention: native (SPF)
  • Wildcard masks only
  • Authentication: none / text password / MD5
  • Route auto-summarization: disabled (default)
  • Scalable to large enterprise and ISP domains
  • Load balancing = 6 equal cost paths (default)

Border Gateway Protocol (BGP)

Border Gateway Protocol (BGP) is the de facto internet routing protocol responsible for interdomain routing between private IGP routing domains. It is an exterior gateway protocol (EGP) that is considered a path vector protocol. BGP is essentially a distance vector protocol that advertises AS path information to neighbors with all routing updates.

Figure 11 BGP Private Range Autonomous Systems (ASN)

Load balancing is not supported, however load sharing is an option via path attribute policies. As a classless routing protocol, routes advertised are not automatically summarized by default. The architecture is non-hierarchical with autonomous system numbers (ASN) assigned to internal BGP (iBGP) or external (eBGP) connections. eBGP neighbor peers are assigned to different autonomous systems while iBGP peers are assigned to the same ASN.

BGP autonomous system numbers (ASN) are either private or public. Internet connectivity require assignment of public range ASN from a service provider. The designated public range is from 1 to 64511 for BGP internet routable connections. Private AS number range from 64512 to 65535 is for iBGP and/or eBGP network usage. There are some larger enterprise network domains that implement iBGP and/or eBGP autonomous systems.

Path Attributes

There is a path selection algorithm that selects the best route based on path attribute policies. Each path attribute also has a default setting that is used when no policy is configured. BGP has a neighbor table that is created when adjacency is formed with BGP neighbors. There is a topology table as well that stores all BGP routes advertised from neighbors. Finally, the router builds the BGP routing table with only best path routes installed from the topology table. For example, when multiple paths exist to a destination, the path with highest weight is selected first. The route with highest local preference is selected if weight attributes are equal.

Table 5 BGP Best Path Selection Algorithm

Characteristics

  • Path vector routing protocol
  • Exterior Gateway Protocol (EGP)
  • Administrative distance: eBGP 20, iBGP 200
  • IP only routing
  • IPv6 support (MP-BGP)
  • Open standard
  • Application layer (TCP port 179)
  • Metric = path attributes
  • Best path selection algorithm
  • Classless routing
  • Flat topology with autonomous systems
  • Neighbor topology view only
  • Full routing updates every 30 seconds (eBGP), 5 seconds (iBGP)
  • Keepalive timer = 60 seconds, Hold timer = 180 seconds
  • Loop prevention: AS-path attribute (eBGP), split horizon (iBGP)
  • Standard subnet masks
  • Message authentication: none / text password / MD5
  • Route auto-summarization: disabled (default)
  • Scalable to global enterprise and internet domains
  • Load balancing: none
Please share on social media