Planning a Routing Strategy

In this section, you discover how to plan a routing strategy. It is imperative that you first cover some basic material to be able to understand what you are planning and why you are planning it that way. As you are planning a routing strategy, you must also identify the routing protocols you will need to use in normal environments, as well as what protocols to implement while using multicast-based traffic.

What Is Routing?

Routing is the process of taking data from one network and moving it to another network. If you recall, in Chapter 2, "Planning, Implementing, and Maintaining a Network Infrastructure," you learned the differences in subnets and how networks are identified by devices, such as by using the subnet mask. We also covered how a routing decision is madefor example, when a packet has a destination address that does not match the network it is currently on and needs to get to the network it is destined for. This is why you need a default gateway , which can be a router or a device acting as a router. It is at the default gateway where the routing process truly takes place.

Chapter 2 also covered the Open System Interface (OSI) and Department of Defense (DoD) models and TCP/IP. You learned how important these items are in today's network environment. You also learned about routing in general. Let's quickly review a simple network diagram showing one user accessing a single Web server. In Figure 4.1, it is clear that a user is accessing a Web page on a remote Web server.

Let's look at the details of the request in Figure 4.1. From this information, you can gain a fundamental understanding of routing and how data is routed from one network to another.

• First, the user on the PC LAN accesses a Web page by opening his Web browser (Internet Explorer) and entering the domain name or IP address of the server on which the page resides. In this case, that would be http://12.1.2.2/index.htm .

• Next , the user's computer, which is on the 10.0.0.0/24 subnet, makes a request to a server on the 12.1.2.0/24 subnet. Because they are two different subnets, the packets need to be sent to the default gateway configured on the client LAN. The default gateway is set to 10.0.0.1, which is where routing takes place.

• The packets enter the router's Ethernet port, which is connected to the local area network (LAN). This interface (the one connected to the LAN) is nothing more than a network interface card (NIC) that gives access to and from the Ethernet-based network. After the packets enter the router, the router strips them down to look inside. This is done to view the destination address, which is 12.1.2.2 on the destination network of 12.1.2.0/24.

• Next, the router (10.0.0.1) looks in its routing table. A routing table is nothing more than a list of networks that the router will service. In this case, the router has been configured with a routing entry to do the following: If a packet comes from the LAN and is destined to go to the 12.1.2.0 network, it sends the traffic out interface 1. This interface is connected to the far-side router, which is labeled 12.1.2.1. As such, after the packets come in, they are forwarded to the 12.1.2.1 router, where the Web server is located.

• After the 12.1.2.1 router receives the packets, it also looks inside the packets to see where the packets need to go. When the router opens and reads the packets, it sees that the packets are destined to go to the 12.1.2.0 network, and it is a host with an IP address of 12.1.2.2. What makes this process even easier is that a router also holds an Address Resolution Protocol (ARP) cache; as long as that router is up and directly connected to the same subnet as the Web server, the packet will more than likely be sent directly to the Web server.

• Finally, the Web server receives the packets (which are a request to see a Web page named index.htm ) and answers that request by producing the Web page to the remote client. The same process happens again, except in reverse order, to return the page to the requesting machine.

In Figure 4.2, the scenario has been expanded to show a routing environment over a larger network.

Based on the previous example, you should be somewhat familiar with the basic process of getting the packets from the source to the destination. Now, however, you have a problem because more than one router separates the two networks that need to interact. So, how are the required routing decisions made in this situation?

As you can see, there is a one-hop connection via Frame Relay to the Web server with 32KB of bandwidth. Also, you can see a two-hop connection from the client to the Web server that is separated by two T1 lines. So, in general, where would the router send the traffic? Over the one-hop connection, which is technically shorter, or over the two-hop connection, which has much more bandwidth? A router also makes decisions that are very complex, including deciding what could be fastera slower link over fewer hops or a multihop link that utilizes high bandwidth links.

Static Versus Dynamic Routing

Now we will look at what actually does the routing for you and what your involvement in the process is. For one, routing is not as simple as it was made to sound. This process can become very complex and, without a proper design, could actually ruin your network. We will describe the problems that can occur throughout the chapter, but you need to understand that you must plan your network for routing before you implement it. Major problems could arise if you don't plan. Following are some planning questions you should consider:

• Will you use a static or dynamic routing environment, and why would you use one over the other?

• Which routing environment is more secure?

A static routing environment is one in which all routing entries in the routing table are entered manually. When static routing is used, the administrator responsible for the router must manually enter information into the router to allow it to perform its function. If you want the router to route packets intended for remote destinations, you need to configure its routing table so the router will forward the packets to the next hop along the path to their destination. This may be simply something such as "all traffic that is not addressed for the local subnet is to be forwarded out of the router on Interface 1" or perhaps something more complex if the router has multiple interfaces connected to different networks.

A dynamic routing table is one that you create with a routing protocol such as Routing Information Protocol ( RIP ) or Open Shortest Path First ( OSPF ) , which we will explore more shortly. When dynamic routing is used, the chosen routing protocol actually builds the routing table on the fly by "learning" about the routes that are available to it and maintaining an accurate status on these routes. Should a route fail when dynamic routing is in use, all nearby routers will adjust their routing tables to prevent sending packets along the failed route. A simple example of a routing table is shown in Table 4.1.

Table 4.1. Sample Routing Table

The router keeps this table in memory so that, when a packet comes in, it can look at the prefix (the first few bits), hop count, and destination network. It's that easy. A routing table tells packets where to go, and it can be created manually or dynamically.

Routing tables compute the next hop for a packet. You must remember that a routing table needs to have two fields to function: the IP prefix and the next hop address (which must be a valid address). The router from which the packet is leaving and going to must be able to reach this valid address; you must be connected, or the route will not work. If you do not have a match (a packet comes in and does not have a routing table entry match), the packet is discarded, and you will most likely get an Internet Control Message Protocol ( ICMP ) notification that the destination host was unreachable.

Following are some key points to consider about static versus dynamic routing:

• Static routing is tedious . You have to know exactly what you want to do because any mistake causes the router to not work properly, resulting in routing errors that can prevent network connectivity.

• You may want to implement static routing if you have only a few routes to maintain. Remember, each time a packet enters the router, the router needs to process it, so tables that are very long can cause the router to take longer to make a routing decision, which in turn could slow down your network. When you use dynamic routing protocols, it is possible to have a router learn as many as hundreds of routes, depending on network size.

• Static routes are more secure because only a few required routes are in the table, so no one can see too much information. In this case, if the router is compromised by an attacker, he or she cannot glean too much information from your compromised router. The attacker may know only a default route back to the core network, for example; whereas if the attacker compromises a core router with 300 networks in the table, he or she can map your whole network from that one router.

• Dynamic routing is easy to configure and, once configured, is easy to maintain. If changes are made to the network, more than likely the routers will learn the changes, and they can quickly establish convergence on the network. Convergence occurs when all routers know all other routers on the network, and the topology is accurate.

• Dynamic routing is becoming more secure as more and more routing protocols provide ways to encrypt and authenticate updates between peers. However, configuring dynamic routes requires that the administrator have a greater level of knowledge and experience than when configuring static routes.

One of the key elements required to design and implement efficient routing solutions is to understand the differences between your available options and then to implement the correct one. You might be wondering whether static and dynamic routing protocols can be used at the same time. The answer to that question is yes.

Distance Vector Versus Link State

Now that you understand dynamic and static routing, let's dig deeper into dynamic routing and the complexities it offers. You need to know this information for the 70-293 exam because Microsoft Windows Server 2003 allows you to configure either static or dynamic routing. If you choose dynamic, you have the option of using either a Link State dynamic routing protocol or a Distance Vector dynamic routing protocol. You need to know the specifics of each and which one to select in a production environment.

Link State

Link State protocols are highly functional routing protocols that allow routers to pass information efficiently . A Link State routing protocol ensures that each router on the network maintains a map of the network. You should also know that any network is prone to have a problem or failure occur at any time. Frame Relay links have problems, Telcos have problems, and all of them affect your networks. For example, assume that one of your T1 lines experiences a failure that separates two routers on a subnet across the Internet. Both would be able to (through the routing protocol) adjust for this loss of the link between them because that is what they are programmed to do. When your router link fails, it is programmed to sense the loss of carrier on the line and then, through the routing protocol, send updates to the other routers adjacent to them so that they all know that the link is down and the IP subnet where they are maintained is no longer available for destination packets on the wire.

When a network link changes state (up to down, or vice versa), a notification, called a link state advertisement (LSA) , is flooded throughout the network. Routers all over the network address this change and make sure that their routing tables are adjusted accordingly . Another configurable option of Link State protocols is that they can use something other than hop count to determine their path through the network. Link State protocols can also determine that going over more routers may be quicker if the available bandwidth is higher instead of choosing the shortest path deemed solely on how many routers away the destination is.

So, what is so great about a Link State routing protocol? It is highly reliable and much less bandwidth intensive than a Distance Vector routing protocol. Also, it is highly configurable. Now, let's look at a Distance Vector protocol.

Distance Vector

Distance Vector protocols are easy to configure and maintain, but not as reliable or efficient as Link State protocols. Distance Vector protocols (such as RIP) allow for simple design and simple maintenance, but your bandwidth may suffer as a result.

A Distance Vector protocol lets every router that is configured to use it inform every other adjacent router of its entire routing table. This means that each router on the network gets a full routing table from each neighboring router. These tables are used to create a metric based on hop count. Each router knows how far it is to another subnet in the network so that when incoming packets (when the router strips the header and reads the destination address) are read, the router will know the quickest way to get the packet there. This simplicity comes at the cost of more bandwidth utilized to keep the routing tables updated as compared to Link State protocols.

Planning the Correct Routing Protocol to Use

Plan a routing strategy.

• Identify routing protocols to use in a specified environment.

With that lengthy but necessary routing introduction behind you, let's move forward now and examine the routing protocols available for use in Windows Server 2003. Windows Server 2003 provides three routing protocols to choose from: RIP , RIPv2 , and OSPF . RIP and RIPv2 are Distance Vector based, and OSPF is Link State based.

RIP

Although not commonly used as a protocol of choice for new network designs, the Routing Information Protocol ( RIP ) is still widely used throughout the world. The reason is that RIP was deployed widely in the past. RIP is not a proprietary protocol either; it is universal between just about every router (or routing device) ever made, so your knowledge and understanding of RIP are critical. RIP is also part of just about every Windows-based server ever created. Consequently, you need to know about RIPhow to design it and how to troubleshoot problems that may occur when using it.

As mentioned previously, RIP is a Distance Vector routing protocol. Remember that RIP is easy to configure and maintain, and should be used for smaller networks; it should not be used for very large enterprise deployments that span several routers. RIP is defined in Request for Comments (RFC) 1058 and updated by RFC 1388. To keep the amount of information you need down to a minimum (you will be asked about RIP on the 70-293 exam), we describe what you need to know for the exam here:

• RIP is limited to 15 router hops, with 16 hops being infinity. What does this mean? Picture a LAN with a PC that needs to communicate with a server on another LAN that is 15 routers away. The routers keep a list of which subnets are no more than 15 routers away, and if you try to expand the network past the 16 ^th router, communications do not happen. Remember, you have a 15-hop maximum between networks, and the 16 ^th is deemed infinity.

• RIP has problems with subnetted networks. In Chapter 2, we briefly covered what subnetted networks would resemble in your design. RIP was created and deployed before networks were subnetted to the degree that they are today, and because they have no direct support for RIP, your networks cannot support it. It really comes down to the information that each router sends to each other and what that packet contains. If the routing update does not contain a field in the packet to allow for subnetted networks, it does not carry over the information you may need it to. In other words, RIP is configured to look at the prefix of the IP address in the routing update and know whether it's either A, B, or C, and nothing more. If you subnet, your subnet will not be supported because RIP understands only that if a packet with an IP address of 10.0.0.1 comes in, it is automatically assigned a subnet of 255.0.0.0, even if you have it subnetted down to 255.255.255.0.

• RIP is bandwidth intensive, and although that isn't a problem on most networks, a smaller network with WAN links that are set small (such as Frame Relay links set with a 32KB committed information rate) could feel the effect of constant broadcasts every 30 seconds, especially if the routing table is large. If the routing table is too large, more than one update could be sent every 30 seconds, making it even more bandwidth intensive. By default, RIP broadcasts to its neighbors every 30 seconds lists of networks and subnets it can reach.

• RIP is not very secure. RIP contains no security features or configurable parameters to make it secure. Other protocols used today have configurable parameters to make them more secure; however, RIP does not contain any solution to make it secure by default.

In sum, RIP is a Distance Vectorbased protocol that is available on Windows Server 2003 for configuration. It is easy to set up and configure for use, but is limited in what it can do for you. For larger networks, therefore, using RIP would not be wise. In real-world production environments, you most likely will not use RIP in a new deployment, but because so much of it still exists today, you would be wise to know it and understand it well, especially for the 70-293 exam.

Some of the most important features of troubleshooting RIP and the reasons it is so important to think about RIP's limitations when considering design are covered in the section "Other Problems with Routing" later in this chapter.

RIPv2

RIP was not the greatest protocol ever designed, but due to its ease of use, it was widely deployed and used. RIPv2, or RIP version 2, was created for RIP users to overcome problems with security. This version adds an option for authentication to the RIP packet as well as support for subnetted networks. RIPv2 allows for variable-length subnetted networks to be passed through routing updates.

RIPv2 offers an opportunity for growth if a company feels that it is either underskilled to deploy a routing protocol such as OSPF or that it will never grow to a larger- sized company that could benefit more from a routing protocol like OSPF. RIPv2 is supported by Windows Server 2003 as well.

OSPF

Open Shortest Path First (OSPF) is a Link Statebased nonproprietary routing protocol. For today's networks growing in size and complexity, OSPF is a wise choice. It is configurable, scalable, and easy to troubleshoot. However, it is not easy to plan, design, and deploy. Understanding OSPF can take some time and effort because half of what you need to know is in the underlying terminology used to explain and use OSPF.

For the 70-293 exam, you need to know how to configure and use OSPF on a Windows Server 2003 system; more importantly, however, you need to know how to design it, know its nomenclature , and know when to use it. You can get a detailed explanation on OSPF by reading RFC 1247. OSPF Version 2 is documented in RFC 1583. As mentioned previously, OSPF is a Link State routing protocol with a complex set of options and features. So, what is so great about OSPF that makes up for its high difficulty level in planning and design? Let's look at it further:

• OSPF is highly scalable. You will be hard pressed to build (or support) a network large enough to outdo OSPF. OSPF was designed to work in very large networks, and it works very well at that. It does not have a hop count restriction as RIP does. With OSPF's use of areas and a subdivided domain, the design possibilities are almost seemingly infinite.

• With RIP, you cannot use subnetted networks; with OSPF, you can.

• With OSPF, your bandwidth is spared. With RIP, an entire routing table is broadcast from every router on the network every 30 seconds. With OSPF (in stable environments that do not suffer from many changes), packets (called hello packets) are sent out intermittently to verify links between adjacent routers. This way, less bandwidth is used, and a major update check is performed only every 30 minutes.

So, now you can see where the trade-off comes in. If you want to use a more configurable and scalable protocol, you should use OSPF, but you need to remember that all its benefits equal added work on your part. You have to put more effort into the design, rollout, and maintenance of an OSPF network.

For the 70-293 exam, you should also remember the disadvantages to using OSPF. It adds complexity, and its demands on memory and computation for the routers that use it can be devastating if you do not have the proper router hardware to maintain it.

What else do you need to know about OSPF? You should know how it is laid out in a design. OSPF divides the network (what it considers a routing domain) into areas. An area is a subdivision of the entire network and is given a label. Area 0 (zero) is considered the backbone of an OSPF network. If your network is small enough, you can set up the entire network to use Area 0, which is very important. For example, if the network becomes more subdivided (say you have three areas, including Area 0), you need to know that if all traffic must travel between areas, the packets are first routed to the backbone, or Area 0. When you plan a network this way, the design keeps subnets consolidated to areas, thus reducing the size of the link state database that is updated on every router in an OSPF network. This keeps your OSPF network running optimally.

With OSPF, you also need to know which class of network you are using. There are three:

• Point-to-point A WAN serial link connecting two routers on a single subnet can be considered a point-to-point link.

• Multiaccess An Ethernet or token-ring segment is a multiaccess link. Because the class is multiaccess (like Ethernet), you need to consider that each router on the connected network wants to know about it; it is not good for this to happen because not every router needs to form an adjacency with every other router. This would diminish the benefits of using a protocol like OSPF. To avoid this problem, OSPF assigns a Designated Router (DR) to manage all the link state advertisements (LSAs) that are sent from router to router. Also, you need to know that there is a Backup DR (called the BDR), which is also selected from the available routers on the network to take over if the DR fails.

• Nonbroadcast multiaccess (NBMA) A Frame Relay or X.25 cloud is classified as NBMA. Nonbroadcast multiaccess networks use DRs just like multiaccess, but you must remember that because broadcasts lack support on a Frame Relay network, for instance, you must manually configure each router with its neighbor. If you do not manually configure the routers, you suffer from loss of connectivity between the routers running OSPF.

Why is this information so important? Again, the focus of the 70-293 exam is planning and design. You must understand how a protocol works entirely before you plan to deploy it. You have to know its nuances , what makes it tick, what makes it run under the hood. Understanding what kinds of networks can be connected to utilize OSPF is just as important as knowing how to configure and maintain it. If you do not design this protocol correctly, no matter how helpful it was programmed to be, you won't reap any benefits from it.

So, now that you understand the Link State routing protocol OSPF, what do you need to remember for the exam? For the 70-293 exam, you need to know the basic design features of OSPF. Most importantly, you need to remember the following points:

• OSPF sends out hello packets to each adjacent router connected to the network. OSPF uses hello packets to verify that the network is always ready to work as advertised. These hellos are sent out of every router interface every 10 seconds but are so small in size that they do not adversely affect your available bandwidth.

• Link state advertisements provide other functionality, such as providing a solution for a scenario in which a router does not hear from its neighboring router for more than 40 seconds. The router then sends out LSAs marking the other router as down so that all the other routers can adjust their tables with the change.

• Hellos can be adjusted. A hello has a timer value that, when configured properly throughout the OSPF network, allows proper and accurate communications to take place. It is important to know that if a hello timer is misconfigured (not all timers are identical), problems can occur. Make sure that when you plan an OSPF network, you ensure that all the hello timers match. They must all be consistent across all routers on a network segment.

• Because LSAs age, it is important to get a refreshed routing table (or database) from a neighboring router just in case anything has changed. If nothing has changed on a particular router for 30 minutes, the router flushes its information and seeks an updated database from its adjacent routers. This means that the network reconverges every 30 minutesa far cry from the forced reconvergence in a RIP network every 30 seconds!

In sum, OSPF is a Link Statebased routing protocol that is difficult to plan, design, manage, and maintain, but is highly configurable and scalable, making it the best choice for large networks.

Now that you are familiar with RIP and OSPF, as well as what routing is and all the other details that surround it, let's discuss how to plan a routed environment, one of the objectives of exam 70-293.

Planning a Routing Environment

Now that you are familiar with what routing is, how it is performed, what a router is, and what different protocols you can choose from, you need to know how to plan a routing environment. This section briefly covers what you can do to plan for your new routing environment. For one, you can plan your network logically. This section briefly describes some of the more common routing topologies, such as ring, mesh and star so that you understand what they mean as they are mentioned in the book as well as on the exam.

The simplest routing topology to consider is the ring, which is also the least efficient and reliable of the common routing topologies. In the ring topology, shown in Figure 4.3, each site is connected to its two closest neighbors with a WAN link; thus, two WAN connections and two routers are needed at each site. The ring topology is fairly easy to install and configure, but is less efficient than the next topology we will explore, the mesh, because no one site can communicate directly with any other site except its neighbor on either side.

In a mesh topology, a shown in Figure 4.4, every site in the network is connected to every other site in the network by a WAN link. This arrangement is costly because it uses a high number of links and may become difficult to manage as the number of sites, and thus the number of links, grows. The benefit to this arrangement is complete redundancy against failure. If you lose a link anywhere in the network, the entire network is always up, no matter what. The drawbacks are cost and maintainability.

The last topology we examine here, the star , as shown in Figure 4.5, is essentially a core location with remote sites linked to it. Remote sites are normally other business units, smaller locations, or business partners and need to access data from the core over the WAN. All communication from one remote site to another occurs via the core location. Having all resources centralized logically in a core location (such as the headquarters) makes the design easy to maintain from a routing perspective because every site, after it is connected, is only one hop away.

When planning a routing environment, other than planning for the topology you will use, you also have to plan your routing protocols, which we discussed previously in great detail. Remember all this information not only for the 70-293 exam, but also for all real-world production deployment scenarios.

Windows Server 2003 Routing Solutions

As far back as Windows NT and its variations, you could always (and still can today) build a router out of a server. Remember that all routers do is connect networks together. So, if you have a switch with 10 PCs connected using the subnet 10.0.0.0/24 and another switch with another 10 PCs connected using the subnet 10.0.1.0/24, all you would need to make them communicate is a router in between the two switches. You can use either a router with two Ethernet interfaces or a Windows server with two NICs installed to connect the two subnets. You could conceivably connect the two subnets, turn on RIP, and be routing in no time.

Windows Server 2003 can act as a fully functional router using static routes or dynamic routing protocols, such as RIP (both versions) and OSPF. Would you use Windows Server 2003 for a router? Of course, you can; the only setback is that most routers today come with specialized hardware that allows them to contain telecom linkbased interfaces such as ISDN, Serial, T1 lines, T3 lines, and so on. If you want to connect two or more Ethernet-based networks and route between them, you could set a Windows Server 2003 system to do that task, but can you connect to the Internet via a T1? Not so easily said and done. Remember, Windows Server 2003 is fully functional as a router, but you also need to remember its weaknesses for the exam.

Before you can configure RIP or OSPF routing to occur, you must first enable the Routing and Remote Access Service on the server, as outlined in Step by Step 4.1.

With your Windows Server 2003 computer now enabled to provide routing, you must decide whether you will use static routing or dynamic routing.

Using the route Command to Configure Static Routes

The route command is primarily used to configure static routes within a network. It can also be used for troubleshooting by listing all the routes that this computer knows about.

The syntax of the route command is as follows :

 route [-f] [-p] [command [destination] [mask subnetmask] [gateway] [metric costmetric]] 

The -f parameter clears the routing tables of all entries. The -p parameter makes the route persistent. When a route is added to the router, by default the entry is not kept across reboots of the system. The -p parameter ensures that the entry is maintained in the routing table across reboots of the system.

The following commands are used to specify what can be done with the route command:

• print Prints the existing entries in the routing table.

• add Adds a new route to the routing table.

• delete Deletes an existing route from the routing table.

• change Modifies an existing route in the routing table.

The destination parameter specifies the destination that you want to reach. The destination parameter can contain the following:

• Host address

• Subnet address

• Network address

• Default gateway

The mask parameter defines what portion of the destination address must match for that route to be used. When the mask is written in binary, a 1 is significant (must match) and a 0 need not match. For example, a 255.255.255.255 mask is used for a host entry. The mask of all 255s (all 1s) means that the destination address of the packet to be routed must exactly match the network address for this route to be used. For another example, the network address 157.57.8.0 has a netmask of 255.255.248.0. This netmask means the first two octets must match exactly, the first 5 bits of the third octet must match (248=11111000), and the last octet does not matter. Thus, any address of 157.57 and the third octet of 8 through 15 (15=00001111) will use this route.

The gateway parameter specifies where the packet needs to be sent. This can be the local network card or a router on the local subnet.

The metric parameter specifies a cost that is to be associated with that route. This cost is used in the decision on how packets should be routed. Packets are routed through the route that has the lowest cost.

Step by Step 4.2 shows how to configure a static route for the network 10.100.10.0.

Implementing RIP Routing

As discussed earlier, static routing is not necessarily a viable solution in today's business network; thus, you should consider implementing one of the available dynamic routing protocols that Windows Server 2003 supports. Step by Step 4.3 shows how to enable RIPv2 for routing.

Implementing Silent RIP

RIP also has a feature known as silent RIP that allows a server running RRAS to build a routing table by listening to the RIP broadcasts on the network, but the host doesn't broadcast any updates to the network. A silent RIP router processes RIP announcements but does not announce its own routes.

To enable silent RIP on your Windows Server 2003 router, perform the steps outlined in Step by Step 4.4.

Additional RIP Configuration Options

Before we move on to implementing and configuring the OSPF protocol, let's look at some of the other RIP settings you might need to set. Step by Step 4.5 shows how to set these options.

Implementing OSPF Routing

If your network is growing or expected to grow, or you want to provide a more robust routing solution, you should consider implementing OSPF routing. Step by Step 4.6 outlines the process to configure OSPF routing on your Windows Server 2003 computer.

Routing Hierarchies

Unlike RIP, OSPF operates within a hierarchy. The basic structure to this hierarchy includes areas, autonomous systems, and the OSPF backbone. The largest entity within the hierarchy is the autonomous system. An autonomous system (AS) is a collection of networks and routers under common administration, sharing a common routing protocol.

Areas

An autonomous system can be further divided into areas . Each area is identified by an area ID. This identifier has no relation to an IP address or IP network ID, although it uses the same dotted decimal formula. Area IDs are not used to reflect routing data, and are actually convenient labels to simplify the management of the area. Although the area ID does not signify any IP routing information, if all the networks within an area correspond to a single subnetted network ID, the area ID can be set to the network ID. This can be convenient for administration of the areas. For example, if an area contains all the subnets of the IP network 10.1.0.0, the area ID can be set to 10.1.0.0. The reason for defining areas within an autonomous system is to reduce the size of a Link State Database.

To keep the size of LSDBs to a minimum, LSAs for an area's networks and routers are flooded within the area, but not to routers outside the area. Each area becomes its own link state domain with its own topological database.

Routers with multiple interfaces can participate in multiple areas. These routers, which are called area border routers , maintain separate LSDBs for each area. The routing tables within these routers are a combination of the routing table entries of all the SPF trees for each topological database, as well as static routes, Simple Network Management Protocol (SNMP) configured routes, and routes learned from other routing protocols. To reduce the number of entries in the routing table, the networks inside the area can be advertised outside the area using summary route advertisements. When you keep area topologies separate, OSPF passes less routing traffic than it would if the autonomous system were not partitioned.

The Default Route

Each area within an OSPF network can be configured with a default route. A default route has a destination address of 0.0.0.0 with a subnet mask of 0.0.0.0. The default route is used to route any packets that are destined for an address not explicitly listed in the routing table. Default routes are typically used to reduce the size of routing tables because they can be used to summarize all routes external to the area into a single route. Default routes typically point to the OSPF backbone.

OSPF Backbone

Every OSPF network must have at least one area. An OSPF network with more than one area must have a backbone area to interconnect all other areas within the network. The backbone area always has an area ID of 0.0.0.0 and acts as the hub for all the other areas on the network. All other areas must communicate their routing information to the backbone area so that it can distribute the information to all other areas. Figure 4.23 shows an example of an internetwork with several areas and a backbone.

Backbone routers not only route host traffic between areas, but can also provide summary routes within areas to other routers on the backbone. They, in turn, provide those summaries to the other routers within their areas. This configuration ensures that any host within an area can reach any host in another area. This capability ensures that no area's routing tables contain detail information about another area's topology. This minimizes the size of routing tables and ensures that the backbone handles all inter-area traffic.

Virtual Links

In rare cases an area may not have direct physical access to the backbone. In this instance, you need to configure a connection from the new area to the backbone through a connection called a virtual link. A virtual link provides the disconnected area a logical path to the backbone. The virtual link has to be established between two area border routers that have a common area, with one area border router connected to the backbone. Virtual links are configured over a non-backbone area known as a transit area.

Step by Step 4.7 shows how to configure a virtual link within RRAS. You need at least two OSPF areas to configure this interface.

Area Routing

Area partitioning creates the following two types of OSPF routing, depending on whether the source and destination are in the same area or in different areas:

• Intra-area Intra-area routing occurs when the source and destination are in the same area. With intra-area routing, the source routes the packet to its default gateway (an internal area router). The internal area router then makes use of the explicit routes (as calculated by the SPF algorithm) maintained in the area routers and routes the packet through the appropriate interface to the destination internal area router. The destination internal area router then forwards the packet to the destination host.

• Inter-area Inter-area routing occurs when the source and destination are in different areas. When routing between areas, the source routes the packet to its default gateway (an internal area router); the area router then forwards the packet to an area border router using the shortest path. The area border router then forwards the packets through backbone routers using the shortest path to the area border router for the destination host. The area border router for the destination host then forwards the packets through internal area routers using the shortest path, until the packets reach their destination.

Step by Step 4.8 allows you to create additional OSPF areas.

Autonomous System Routing

Routing does not occur only within areas using OSPF. When internetworks are connected to other internetworks that are under different administrative control, routing must be established. This type of routing between autonomous systems is established using external routes. Autonomous system border routers running OSPF learn about exterior routes through other routing protocols, such as Interior Gateway Routing Protocol (IGRP), RIP, or Border Gateway Protocol (BGP). Autonomous system border routers are similar to area border routers, except that they route between different autonomous systems.

By default, autonomous system border routers advertise all external routes within their autonomous system. This allows all areas and networks within areas to reach destination networks that may lie outside the autonomous system. As a network manager, you may find it necessary to restrict the external routes that are advertised within the autonomous system. Using Windows Server 2003 Router and Remote Access Services, you can configure the autonomous system border router to accept or ignore the routes of certain external sources, such as routing protocols (RIPv2) or other sources (static routes or Simple Network Management Protocol). You can also configure the autonomous system border router to accept or discard specific routes by configuring one or multiple (Destination, Network Mask) pairs. Step by Step 4.9 shows how to enable autonomous system border routing.

Other Problems with Routing

Our last routing topic addresses problems that may occur and what the protocols themselves can do to fix those problems after they are configured. Here, we cover hop count issues, Split Horizons and Poison Reverse, and convergence problems.

• Hop count limit Hop count limitations restrict the network's scalability. This is a problem in design. If you have to keep building your network outward, and you suddenly can't route to a location, or the network starts experiencing major routing problems, you may have surpassed the maximum hop count limit. RIP permits a maximum hop count of 15, whereas OSPF does not have this hop count limitation. Remember that any packet traveling on a RIP network with a hop count greater than 15 hops is tagged as unreachable.

• Split Horizons Split Horizons is a service that RIP performs to stop two node routing loops; it should prevent routing loops between adjacent routers. Split Horizons does not advertise routing information on the interface in which it was learned.

• Poison Reverse The Poison Reverse service tries to stop routing loops in the larger internetwork, instead of just two nodes, as Split Horizons does. If a routing loop is occurring, Poison Reverse sends updates to adjacent routers to put that route (the one in question) in a hold-down state, which can be set by a timer. If these metrics are not fine- tuned , routing loops can occur. In this case, Poison Reverse is activated, and the network is put in a hold-down state. Depending on the timer, this problem could go on long enough to cause network timeouts that are experienced by the clients your network services.

• Convergence issues If you have a problem with convergence, you need to analyze a topology map of your network as it currently operates and figure out where (and why) the network is having this problem. As stated previously, convergence occurs when all routers on the network know all other routers, and the topology is accurate. If major activity occurs in your network so that it needs to constantly reconverge (perform updates and verify routing information), you may also experience problems in which routes are unknown and data cannot be accessed. In this case, you need to adjust your network settings or redesign the network so that it converges quickly or stays in a state of convergence longer. By using OSPF instead of RIP, you are already ahead of the game because RIP reconverges the entire network every 30 seconds, by default.