Configuring Routing Protocols in Windows Server 2003

Objective:

Manage TCP/IP routing.

• Manage routing protocols.

Up to this point, the chapter discusses the theory behind different routing protocol types, how they work, and some of the mechanisms that are used to resolve problems that arise with the different types of routing protocols. In the following sections, the discussion focuses on the actual routing protocols supported by Windows Server 2003: RIP and OSPF.

Working with RIP

RIP is a distance-vector protocol that uses hop count as its metric for measuring the number of routers that must be crossed to reach the desired network. RIP is widely used for routing traffic in the global Internet and is an interior gateway protocol (IGP), which means that it performs routing within a single autonomous system (AS). There are two versions of RIP: RIPv1 and RIPv2. Windows Server 2003 uses RIPv2, although it can be configured to communicate with RIPv1 if needed.

RIPv1

In RIPv1, all route announcements are addressed to the IP subnet (that is, all host bits are set to 1), and a MAC-level broadcast is initiated. As a result, non-RIP hosts and RIP hosts receive RIP announcements. For large or very large RIP internetworks, the amount of broadcast traffic on each subnet can become significant.

Note: RIP Storms

If you are working on a network that uses RIP, you may encounter RIP storms. A RIP storm occurs when there are so many RIP broadcasts on a subnet that there is no room left on the network for dataall the network space is being used for RIP broadcasts. RIP storms occur more commonly with RIPv1 than with RIPv2, and they usually occur during a time when the network is changing.

Note: What's Wrong with RIPv1?

One of the largest drawbacks of RIPv1 is the fact that it cannot support variable-length subnet masks (VLSMs). The concepts of IP routing and subnetting are covered in detail in Chapter 1, but at this point, it is important that you understand that RIPv1 is unable to understand any networks other than the standard Class A, Class B, or Class C networks defined by the TCP/IP RFCs. Supernetted or subnetted network routes are not broadcast by RIPv1.

To add RIP to a Windows Server 2003 host, follow the instructions in Step by Step 7.4.

Step By Step

7.4. Adding RIP to RRAS

1.	Open the Routing and Remote Access console by selecting Start, Control Panel, Administrative Tools, Routing and Remote Access.
2.	In the left pane of the console, expand the list under IP Routing and right-click General. From the context menu, select New Routing Protocol. The New Routing Protocol dialog box, as seen in Figure 7.7, appears. Figure 7.7. The New Routing Protocol dialog box can be used to add protocols to a Windows Server 2003 server.
3.	Select RIP Version 2 for Internet Protocol and click OK. RIP then appears under the IP Routing entry, as seen in Figure 7.8, and is installed on the Windows Server 2003 server. Figure 7.8. RIP appears under the IP Routing heading in the Routing and Remote Access console.

After RIPv2 is installed, you need to understand how to configure it to communicate with other routers on the network. To configure RIP on an RRAS server, follow the procedure outlined in Step by Step 7.5.

Step By Step

7.5. Configuring RIP on Windows Server 2003

Caution: Don't Play with Routing on a Production Network

Working with any protocols on a live network is a risky proposition; it should be avoided at all costs. At one company, an engineer was convinced he understood how routing worked, and he also believed he was a Windows expert.

During one of his experiments with routing on a Windows NT 4.0 server, this engineer bridged the corporate production network with a customer network in the same building. This was a large customer network, and due to the fact that this "expert" had routing enabled, he created a RIP storm that overwhelmed seven of the remote office routers, which promptly went into a constant reboot.

This is generally not considered an excellent career move in large companies. If you are going to experiment with routing, you should be sure to do it on an isolated network.

Earlier in the chapter we discussed configuring a host to support the RIP Listener service, which allows a host to build a routing table by listening to the RIP broadcasts on the network while not broadcasting any updates to the network. The equivalent service on a Windows Server 2003 server with routing enabled is known as silent RIP. A silent RIP router processes RIP announcements but does not announce its own routes.

To enable silent RIP on a Windows Server 2003 router, follow the procedure described in Step by Step 7.6.

Step By Step

7.6. Enabling Silent RIP on Windows Server 2003

1.	Open the Routing and Remote Access console by selecting Start, Control Panel, Administrative Tools, Routing and Remote Access.
2.	Expand the console tree and select RIP. The list of available interfaces running RIP appears in the right pane of the console, as seen in Figure 7.11. Figure 7.11. You can find the complete list of interfaces supporting a particular protocol by looking in the right pane of the console.
3.	Right-click the interface that you want to configure for silent RIP mode, and from the context menu, select Properties. The Local Area Connection Properties dialog box, seen previously in Figure 7.10, appears.
4.	On the General tab, in the Outgoing Packet Protocol drop-down list box, select Silent RIP. Click OK to return to the Routing and Remote Access console. The changes are applied.

So far we have looked at two simple RIP configuration options. The following sections discuss some of the specific features of RIP.

RIPv1 Routing Characteristics

RIPv1 was designed for class-based IP internetworks in which the network ID can be determined from the values of the first three bits of the IP address in the RIP route. Because the subnet mask is not included or announced with the route, the RIP router must determine the network ID based on a limited set of information. For each route in a RIPv1 message, the RIPv1 router does one of the following:

• If the network ID fits the address class (Class A, Class B, or Class C), the default class-based subnet mask is assumed.

• If the network ID does not fit the address class and the network ID fits the subnet mask of the interface on which it is received, the subnet mask of the interface on which it was received is assumed. If the network ID does not fit the subnet mask of the interface on which it is received, the network ID is assumed to be a host route with the subnet mask 255.255.255.255.

The problem with this mechanism is that a supernetted route might be interpreted as a single network ID rather than as the range of network IDs that it is designed to represent. This means that subnet routes being advertised outside the network ID that is being supernetted might be interpreted as host routes.

RIPv1 routers do not advertise the subnets of a subnetted class-based network ID outside the subnetted region of the IP internetwork. However, because only the class-based network ID is being advertised outside the subnetted environment, subnets of a network ID in a RIPv1 environment must be contiguous. If subnets of an IP network ID are noncontiguous, known as disjointed subnets, the class-based network ID is announced by separate RIPv1 routers in different parts of the internetwork. As a result, IP traffic can be forwarded to the wrong network.

Finally, RIPv1 does not provide any protection from a rogue RIP router starting up on a network and announcing false or inaccurate routes. RIPv1 announcements are processed regardless of their source. A malicious user could use this lack of protection to overwhelm RIP routers with hundreds or thousands of false or inaccurate routes. That's why you should always try to use RIPv2 if you will be using RIP at all.

RIPv2 Routing Characteristics

RIPv2 seeks to address some of the problems associated with RIPv1. The goals in the development of RIPv2 were to minimize broadcast traffic, use variable-length subnetting to conserve IP addresses, and secure routing environments against misconfigured or malicious routers. To meet these goals, several new features were added to RIPv2, including the following:

• Rather than broadcasting RIP announcements, RIPv2 supports sending RIP announcements to the IP multicast address 224.0.0.9. Non-RIP nodes are not disturbed by RIP router announcement traffic. The disadvantage of this new feature is that silent RIP nodes must also be listening for multicast traffic sent to 224.0.0.9. If you use silent RIP, you should verify that the silent RIP nodes can listen for multicast RIPv2 announcements before you deploy multicast RIPv2. The use of multicast announcements is optional. The broadcasting of RIPv2 announcements is also supported.

• RIPv2 announcements send the subnet mask (also known as a network mask) along with the network ID. RIPv2 can be used in subnetted, supernetted, and VLSM environments. Subnets of a network ID do not have to be contiguous (that is, they can be disjointed subnets).

• RIPv2 supports the use of authentication mechanisms to verify the origin of incoming RIP announcements. Simple password authentication is defined in RFC 1723, but newer authentication mechanisms, such as Message Digest 5 (MD5), are available.

RIP Updates

RIP sends routing update messages at regular intervals and when the network topology changes. When a router receives a routing update that includes changes to an entry, it updates its routing table to reflect the new route. The metric value for the path is increased by 1, and the sender is told what the next hop is. A RIP router maintains only the best route (that is, the route with the lowest metric value) to a destination. After updating its routing table, the router immediately begins transmitting routing updates to inform other network routers of the change. These updates are sent independently of the regularly scheduled updates that RIP routers send. As discussed earlier in this chapter, these updates are sent in the form of the entire routing table.

When RIP is being used on a large network, the routing table can grow very large. Because only 25 routes can be sent in a single RIP packet, large routing tables have to be sent as multiple RIP packets.

RIP routers advertise the contents of their routing tables every 30 seconds on all attached networks through an IP subnet and a MAC-level broadcast. (RIPv2 routers can be configured to multicast RIP announcements.) In large networks, this can add significant overhead, which can be especially problematic on WAN links, where it is possible that significant portions of the WAN link bandwidth can end up being devoted to the passing of RIP traffic. As a result, RIP-based routing does not scale well to large internetworks or WAN implementations.

The RIP Routing Metric

RIP uses a single routing metric, hop count, to measure the distance between the source and a destination network. Each hop in a path from source to destination is assigned a hop count value, which is typically 1. (The hop count value can be configured on a Windows Server 2003 router.) When a router receives a routing update that contains a new or changed destination network entry, the router adds 1 to the metric value indicated in the update and enters the network in the routing table. The IP address of the sender is used as the next hop.

RIP prevents routing loops from continuing indefinitely by enforcing a limit on the number of hops allowed in a path from the source to a destination. The maximum number of hops in a path is 15; therefore, there can be only 15 routers between any two hosts. If a router receives a routing update that contains a new or changed entry, and if increasing the metric value by 1 causes the metric to be infinity (that is, 16), the network destination is considered unreachable.

Step by Step 7.7 shows you how to view some of the other RIP settings you might need to set.

Step By Step

7.7. Viewing Additional RIP Configuration Options with Windows Server 2003

We have dealt with RIP in some detail. Now let's look at OSPF, which is commonly thought of as RIP's successor in the IP routing arena.

Working with OSPF

Note: OSPF and 64-Bit Versions of Windows Server 2003

OSPF is not available on 64-bit versions of Windows Server 2003.

OSPF is a link-state routing protocol. It functions by sending LSAs to all the other routers within the same hierarchical area. (Don't worry if you don't understand what we mean by hierarchical area. It is discussed later in this chapter, in the section "Routing Hierarchies.") An LSA for a router consists of a router, its attached networks, and their configured costs. As OSPF routers accumulate link-state information into a database called the Link State Database (LSDB), they use the Shortest Path First (SPF) algorithm to calculate the shortest path to each node.

OSPF has the following benefits:

• Better convergence than RIP because routing changes are propagated immediately and do not have to wait for periodic updates.

• The routes OSPF calculates are always loop free. There is no possibility of loops occurring.

• Updates are sent only when routing changes rather than sending routing updates periodically. This ensures better use of bandwidth.

• Allows for logical definition of networks where routers can be divided into areas. This provides a mechanism for aggregating routes and cutting down on the unnecessary propagation of subnet information.

• It was designed to advertise the subnet mask with the network. OSPF supports VLSMs, disjointed subnets, and supernetting.

• It allows for routing authentication using different methods of password authentication.

• It routes outside an OSPF. ASs are advertised within the AS so that OSPF routers can calculate the least-cost route to external networks. This keeps track of external routes injected by exterior protocols.

To configure OSPF on an RRAS server, follow the procedure described in Step by Step 7.8.

Step By Step

7.8. Installing and Configuring OSPF on Windows Server 2003

1.	Open the Routing and Remote Access console by selecting Start, Control Panel, Administrative Tools, Routing and Remote Access.
2.	Expand the console tree, and under IP Routing, right-click General. From the context menu, select New Routing Protocol. The New Routing Protocol dialog box appears, as seen in Figure 7.15. Figure 7.15. The New Routing Protocol dialog box can be used to add protocols to a Windows Server 2003 server.
3.	Select Open Shortest Path First and click OK to install it. It now appears under IP Routing in the Routing and Remote Access console, as seen in Figure 7.16. Figure 7.16. OSPF appears under IP Routing in the Routing and Remote Access console.
4.	Right-click the newly installed OSPF protocol. From the context menu, select New Interface. The New Interface for Open Shortest Path First (OSPF) dialog box appears, as seen in Figure 7.17. Figure 7.17. OSPF can be tied to a single interface or to multiple interfaces.
Select Local Area Connection and click OK. The OSPF Properties dialog box appears, as seen in Figure 7.18. Figure 7.18. In the OSPF Properties dialog box, you can complete the configuration of the OSPF protocol.
6.	On the General tab, select the Enable OSPF for This Address check box. In the Area ID drop-down list box, select the ID of the area to which the interface belongs (in this case, it should be 0.0.0.0, which is the default route since we have no other route to an external destination configured or available). In the Router Priority list box, click the arrows to set the priority of the router over the interface to 1 as there are no other OSPF routers configured yet. In the Cost field, set the cost of sending a packet over the interface to 2 (or any value) since you have only the default route available currently. If you have multiple OSPF routers in your environment supporting multiple routes, you would be able to configure these options accordingly to reflect your actual environment instead of a lab environment. In the Password field, type a password. In the Network Type group box, set the type of OSPF interface as Broadcast. Click OK to complete the installation of the interface. You are returned to the Routing and Remote Access console.

Now that you have successfully installed and configured OSPF, let's look a little more closely at how OSPF routing hierarchies work.

Routing Hierarchies

Unlike RIP, OSPF operates within a hierarchy. The basic structure of this hierarchy includes areas, ASs, and the OSPF backbone. The largest entity within the hierarchy is the AS. An AS is a collection of networks and routers that are under common administration and that share a common routing protocol.

Exam Alert: When Do I Need More Than One Area?

A good rule of thumb for when to start creating a multiple-area OSPF network is when you reach 50 routers. If you have 50 routers on a network, the network is probably complex enough to warrant creating additional areas.

Exam Alert: OSPF Is a Complex Routing Protocol

If it seems like OSPF is a really complex routing protocol, it's because it is. Engineers who architect OSPF networks for large companies usually have extensive training and experience. For the exam, you should have a general understanding of the concepts associated with OSPF. You will not be asked to design a complex OSPF network as part of the exam.

Areas

An AS can be divided into areas. Each area is identified by an area ID. This identifier has no relationship to an IP address or IP network ID, although it uses the same dotted-decimal format. Area IDs are not used to reflect routing data; they are actually convenient labels to simplify the management of the area. Although the area ID does not signify any IP routing information, if all the networks within an area correspond to a single subnetted network ID, the area ID can be set to the network ID. This can be convenient for administration of the areas. For example, if an area contains all the subnets of the IP network 10.1.0.0, the area ID can be set to 10.1.0.0. The reason for defining areas within an AS is to reduce the size of an LSDB.

Note: The LSDB

The LSDB provides the overall picture of networks in relationship to routers within an area. The LSDB contains the collection of LSAs received from all routers in the same area. In an AS that has a large number of networks, each OSPF router must keep the LSA of every other router in its topological database.

To keep the size of LSDBs to a minimum, LSAs for an area's networks and routers are flooded within the area, but not to routers outside the area. Each area becomes its own link-state domain with its own topological database.

Routers with multiple interfaces can participate in multiple areas. These routers, which are called area border routers, maintain separate LSDBs for each area. The routing tables within these routers are a combination of the routing table entries of all the SPF trees for each topological database and static routes, Simple Network Management Protocol (SNMP) configured routes, and routes learned from other routing protocols. To reduce the number of entries in the routing table, the networks inside the area can be advertised outside the area by using summary route advertisements. By keeping area topologies separate, OSPF passes less routing traffic than it would if the AS were not partitioned.

The Default Route

Each area within an OSPF network can be configured with a default route. A default route has a destination address of 0.0.0.0 and a subnet mask of 0.0.0.0. The default route is used to route any packets that are destined for an address not explicitly listed in the routing table. Default routes are typically used to reduce the size of routing tables because they can be used to summarize all routes external to the area into a single route. Default routes typically point to the OSPF backbone.

OSPF Backbone

Every OSPF network must have at least one area. In an OSPF network that has more than one area, there must be a backbone area to interconnect all the other areas within the network. The backbone area will always have an area ID of 0.0.0.0, and it acts as the hub for all the other areas on the network. All other areas must communicate their routing information to the backbone area so that it can distribute the information to all other areas. Figure 7.19 shows an example of an internetwork that has several areas and a backbone.

Backbone routers not only route host traffic between areas, but also provide summary routes within areas to other routers on the backbone. These in turn provide summaries to the other routers within their areas. This ensures that any host within an area can reach any host in another area. This ensures that no area's routing tables contain detailed information about another area's topology, which minimizes the size of routing tables and ensures that the backbone handles all interarea traffic.

Area Routing

Area partitioning creates two types of OSPF routing, depending on whether the source and destination are in the same area or in different areas:

• Intra-area routing Intra-area routing occurs when the source and destination are in the same area. With intra-area routing, the source routes the packet to its default gateway (an internal area router). The internal area router then makes use of the explicit routes (as calculated by the SPF algorithm) maintained in the area routers and routes the packet through the appropriate interface to the destination internal area router. The destination internal area router then forwards the packet to the destination host.

• Interarea routing Interarea routing occurs when the source and destination are in different areas. When routing between areas, the source routes the packet to its default gateway (an internal area router), and the area router then forwards the packet to an area border router using the shortest path. The area border router then forwards the packets through backbone routers, using the shortest path to the area border router for the destination host. The area border router for the destination host then forwards the packets through internal area routers by using the shortest path, until the packets reach their destination.

Step by Step 7.9 shows how to create additional OSPF areas.

Step By Step

7.9. Creating an OSPF Area with Windows Server 2003 and RRAS

Note: Stub Areas

A stub area is an OSPF area that doesn't advertise individual network routes from external areas. Instead, it relies on a default route (0.0.0.0, with a subnet mask of 0.0.0.0) to route all traffic out of the area. This is done to reduce the amount of memory required on the routers located in the stub areathey don't need to maintain a topology database.

Virtual Links

In rare cases it is possible that an area cannot have direct physical access to the backbone. In this instance, it is necessary to configure a connection from the new area to the backbone through a connection called a virtual link. A virtual link gives the disconnected area a logical path to the backbone. The virtual link has to be established between two area border routers that have a common area, with one area border router connected to the backbone. Virtual links are configured over a nonbackbone area known as a transit area.

Step by Step 7.10 shows how to configure a virtual link within RRAS. You need at least two OSPF areas in order to configure this interface.

Step By Step

7.10. Configuring a Virtual Routing Link for Windows Server 2003

AS Routing

Routing does not occur only within areas that use OSPF. When internetworks are connected to other internetworks that are under different administrative control, routing must be established. This type of routing between ASs is established by using external routes. AS border routers that run OSPF learn about exterior routes through other routing protocols, such as Interior Gateway Routing Protocol (IGRP), RIP, and BGP. AS border routers are similar to area border routers except that they route between different ASs.

Exam Alert: Supported Protocols

Some of the most common border protocols, such as IGRP and BGP, are not supported by Windows Server 2003. They are important to know about because they are commonly used in production networks, but they will not be on the exam.

By default, an AS border router advertises all external routes within its AS. This allows all areas and networks within an area to reach destination networks that may lie outside the AS. As a network manager, you might find it necessary to restrict the external routes that are advertised within the AS. Using Windows Server 2003 RRAS, you can configure the AS border router to accept or ignore the routes of certain external sources, such as routing protocols (for example, RIPv2) or other sources (for example, static routes, SNMP). You can also configure the AS border router to accept or discard specific routes by configuring one or multiple destination/network mask pairs. To enable AS border routing, follow the procedure described in Step by Step 7.11.

Step By Step

7.11. Configuring AS Border Routing in Windows Server 2003 RRAS

OSPF Operation

The SPF routing algorithm is the basis for OSPF operations. When an SPF router is powered up, it initializes its routing protocol data structures and then waits for indications from lower-layer protocols that its interfaces are functional.

After a router has verified that its interfaces are functioning, it uses the OSPF Hello protocol to acquire neighbors. Neighbors are routers that have interfaces sharing a common network. The router sends hello packets to its neighbors and receives their hello packets. In addition to identifying neighboring routers, hello packets also act as keepalives to let routers know that other routers are still available.

Designated Routers

On multiaccess networks (that is, networks that support more than two routers), the Hello protocol elects a designated router and a backup designated router. Because the designated router is adjacent to all other routers, it acts as a hub for the distribution of link-state information, maintaining the synchronization of the topological database and controlling adjacencies between routers within the network. (The relationship between neighboring routers for the purposes of synchronizing the topological database is called an adjacency; adjacencies are discussed in more detail later in this chapter in the section "Adjacencies.")

As an example of why a designated router is required, think about a broadcast network that has six OSPF routers. If you didn't control the adjacency behavior, each router could establish an adjacency with each of the other routers, for a total of 15 adjacency relationships. On a broadcast network with n routers, a total of nx(n-1)/2 adjacencies would be formed. This could result in unneeded flooding traffic as routers attempt to synchronize with all their adjacent routers. Designated routers allow a reduction in network traffic and in the size of the topological database.

The designated router is elected via the hello protocol. Hello packets are exchanged via IP multicast packets on each segment. The router with the highest OSPF priority on a segment becomes the designated router for that segment. In the case of a tie, the router with the highest router ID wins. The default for the interface OSPF priority is 1. A router priority of 0 means that the router cannot become a designated router.

In addition to electing a designated router, a backup designated router is also elected for each multiaccess network to prevent the loss in connectivity associated with the loss of a designated router. Like the designated router, the backup designated router is adjacent to all routers on the network. When the designated router fails, the backup designated router immediately becomes the designated router by sending LSAs to all its adjacent routers, announcing its new role. There is a short period of time when transit traffic can be impaired as the backup designated router takes over the role of the designated router.

Like the designated router, the backup designated router is elected through the exchange of hello packets. Each hello packet contains a field for the backup designated router of the network. If the backup designated router is not specified, the router with the highest router priority that is not already the designated router becomes the backup designated router. If multiple routers have the highest router priority, the router with the highest router ID is elected the backup designated router.

Adjacencies

When the topological databases of two neighboring routers are synchronized, the routers are said to be adjacent. On multiaccess networks, the designated router determines which routers should become adjacent. Topological databases are synchronized between pairs of adjacent routers. Adjacencies control the distribution of routing protocol packets, which are sent and received only on adjacencies.

Adjacencies are first developed when an OSPF router initializes; it sends out a periodic OSPF hello packet. The OSPF hello packet contains configuration information such as the router's router ID and the list of neighboring routers for which the router has received hello packets. Initially, the neighbor list in the OSPF hello packet does not contain any neighbors.

The initializing OSPF router also listens for neighboring routers' hello packets. From the incoming hello packets, the initializing router determines the specific router or routers with which an adjacency is to be established. Adjacencies are formed with the designated router and backup designated router, which are identified in the incoming hello packets. Designated routers and backup designated routers were discussed in more detail earlier in this chapter in the section "Designated Routers."

To begin the adjacency, the routers forming the adjacency describe the contents of their topological databases through a sequence of database description packets. This is known as the database exchange process, during which the two neighboring routers form a master/slave relationship. The contents of each router's topological database are acknowledged by its neighboring router.

Each router compares its LSAs with the LSAs of its neighbor and notes which LSAs need to be requested from the neighbor to synchronize the topological database. The missing or more recent LSAs are then requested through link-state request packets. Link-state update packets are sent in response to the link-state request packets, and their receipt is acknowledged. When all link-state requests of both routers have been satisfied, the topological databases of the neighboring routers are fully synchronized, and an adjacency is formed.

After an adjacency is formed, each neighboring router sends a periodic hello packet to inform its neighbor that the router is still active on the network. The lack of hello packets from a neighbor is used to detect a downed router.

If an event occurs, such as a downed link or router or the addition of a new network that changes the topological database of one router, the topological databases of adjacent routers are no longer synchronized. The router whose topological database has changed sends link-state update packets to its adjacent neighbor. The receipt of the link-state update packets is acknowledged. After the exchange, the topological databases of the adjacent routers are again synchronized.

Note

Distance-vector based routing protocols have the following drawbacks associated with them:

• High overhead

• Not scalable

• Network bandwidth intensive

• Long convergence time

• Routing loops

• Count-to-infinity problems

Distance-vector routing protocols have mechanisms that allow them to avoid the count-to-infinity problems as well as to improve convergence. They include the following:

• Split horizon

• Split horizon with poison reverse

• Triggered updates

There are a number of advantages to link-state protocols, especially when compared to the distance vector-based routing protocols. These advantages include the following:

• Smaller routing tables

• Highly scalable

• More efficient use of network bandwidth

• Faster convergence

One disadvantage of link-state protocols is that they are more complex to understand and configure than distance-vector protocols. They also require additional processing power on the router due to the need to calculate the routing tree.