OSPF for IPv6 Networks (OSPFv3)

In much the same way that a new version of RIP has been defined for use on IPv6 networks, a new version of OSPF is in the works as well. Referred to as either OSPF for IPv6 or OSPF version 3, this new version is fundamentally very similar to the IPv4 version of the protocol, but which a few changes. The most basic of these is the fact that the addressing portions of an LSA packet have been changed to use IPv6 addresses and prefixes, as you may well have guessed. Other major changes include OSPF running on a per-interface rather than a per-subnet basis, and the removal of all authentication functions from the protocol. The IPv6 authentication header now handles all authentication responsibilities instead.

OSPF version 3 is still only a proposed standard going through the RFC process. However, all signs point to it soon becoming the standard for running OSPF on IPv6 networks.

Open Shortest Path First (OSPF) Routing

OSPF is a scalable, industry standard link state protocol used on IP networks and defined in RFC 2328. Because link state protocols build and maintain a topology database for a network based on first-hand knowledge rather than simply relying on the “hearsay” of neighbors, they tend to be more efficient in determining the most efficient route to a network. OSPF uses what is known as the Dijkstra algorithm to determine the shortest path between a router and a destination network. The metric used by OSPF to determine the best route to a network is interface cost, which is calculated based on bandwidth. For those interested, the actual calculation is 108 divided by the interface bandwidth in bits per second, which you might remember can be found using the show interface command. For example, the cost associated with a T1 line would be 108/1544000, which equals 64.

Like RIPv2, OSPF is also classless, meaning that it supports the use of VLSM addressing. OSPF routers exchange information by flooding link state advertisement (LSA) packets throughout a network. These packets include information on the current state of the router’s links, interfaces, and cost. Ultimately, this information is used by an OSPF router to build its adjacency, topology, and routing tables. Every 10 seconds, on a broadcast network, an OSPF router also sends out a “hello” message, letting adjacent routers know that it is still around.

While a simple distance vector protocol like RIP or IGRP may require little more than being enabled in order to make routing decisions, an OSPF implementation is usually designed according to a hierarchy, where different routers are given different roles. A proper OSPF design also helps to ensure that those LSA packets just mentioned don’t overwhelm routers. Instead, an OSPF network is divided into what are known as areas, with a group of areas forming what is known as an OSPF autonomous system (AS). The figure below shows a network made up of 4 areas, all within autonomous system 100.

OSPF autonomous system including multiple areas, IRs, ABRs, and an ASBR.

It’s easy to get confused by OSPF terms when learning them for the first time. The bullet points below outline all of the key terms that you should be familiar with

Area. An OSPF area is nothing more than a grouping of routers (running OSPF) amongst whom link state advertisements will be flooded. The idea is to try to reduce the number of LSAs that are sent throughout an internetwork by keeping the majority of LSAs within an area.

Backbone Area. The backbone area should be the first area defined in an OSPF network, and is the area to which all other areas usually connect. The backbone area is known as Area 0. The backbone area is used to move OSPF routing information between areas.

Autonomous System. An OSPF autonomous system is nothing more than a collection of OSPF areas amongst which OSPF routing information is shared. An autonomous system is assigned a number, similar to the one we used when looking at IGRP.

External Network. Any networks running other routing protocols, or other OSPF autonomous systems, are considered external networks.

Routers within an Area exchange LSAs with one another to build their link state databases. All OSPF routers in the same area have the same link state database. The LSAs flooded within an area are known as Type 1 or router LSAs – they contain information on the links, interfaces, and costs for routers within an area. Any router whose interfaces only connect to a single area is known as an Internal Router (IR).

Provisioning Frame Relay Service

The process of provisioning Frame Relay services for a corporate network involves a certain amount of pre-planning. Issues to be considered include bandwidth requirements for each PVC, the core bandwidth required at central locations, and the type of hardware that will support your needs. Each of these can vary greatly depending upon the number of sites and business requirements of the implementation. The sections below outlines important considerations in each area.

Choosing Frame Relay CIRs

Choosing CIRs can be difficult, especially if you are not sure of exactly how much data will need to be transferred over a given virtual circuit. In most cases this is accomplished by attempting to define and characterize the types of data traffic that will travel over the PVC between locations. For example, a PVC that will be handling sustained file transfer traffic will likely need a higher CIR than one used primary for the purpose of connecting to corporate email servers. This analysis should be done on a per-virtual circuit basis, as different locations may have different requirements.

Determining Frame Relay Core Bandwidth Requirements

Most Frame Relay networks are designed using a hub-and-spoke model where branch locations connect to a central location. Determining the total bandwidth required at the central location is easy – simply calculate the sum of all CIRs used by all of the virtual circuits that will connect to the central location. For example, a company with 6 branch offices with PVCs that connect to the central location with CIRs of 64Kbps each will require at least a 384Kbps link at the central location.

Choosing Router Models for a Frame Relay Network

Choosing an appropriate central office router model is an important consideration when planning a Frame Relay network. Firstly, you must be sure that the interface used to connect to the provider network is at least as fast as the sum of the CIRs on circuits that will be connecting to it. For example, one standard serial interface (which supports up to 1.544Mbps) could easily handle the 384Kbps bandwidth requirement just discussed, but this doesn’t take router load or utilization into consideration. Conversely, a router with 20 64Kbps PVCs connecting to it would necessitate the use of an additional serial interface (or a higher speed interface) based on bandwidth needs alone. As a general rule, Cisco recommends that no more than 30-50 DLCIs be configured per router interface. By the same token, the router model selected will have a measurable impact on performance – while a 1600 series router might be a great choice for a branch office, a 3600 series would probably be a much better choice for a central or “hub” location.

Router Switching Methods

At the beginning of this chapter we took a look at the process by which a router will accept a frame on one interface, strip away its framing, determine where it should be sent next according to its routing table, reframe the packet, and ultimately forward the frame to the next hop or destination host. The manner is which this process occurs differs based on the switching path method employed by the router. In this case, “switching path” refers to the manner in which a router will accept a packet on one interface, process it, and ultimately forward it out another interface. There are 8 main switching path methods used on Cisco routers that you should be familiar with, as listed below. Note that not all methods are supported on all routers – in fact, some of the faster methods are available only on very high-end models.

Process Switching. With this switching method, incoming packets are copied to the router’s buffers, associated with a destination network according to a routing table entry, encapsulated, and then forwarded out the appropriate interface. The router’s CPU processes every packet in process switching.

Fast Switching. Fast switching handles the first packet in a stream just like process switching, but then creates a fast switching cache against which following packets are compared. Subsequent packets in the same stream have their incoming frame header stripped off and compared to the first packet. When a match is found, the header appended to the first frame is appended to subsequent frames prior to forwarding. This method helps to eliminate the need for routing table lookups for each packet in the same stream, increasing router throughput. Fast switching is the default method on lower-end Cisco routers.

Optimum Switching. Though it works in a manner similar to fast switching, optimum switching is faster due to the optimized cache lookup process that it uses. Optimum switching is the default method use on Cisco 7500 series routers.

Silicon Switching. This method uses a dedicated processor known as a silicon switch processor (SSP) module to cache packet switching information. This method allows the switching process to take place without interrupting the router CPU. Silicon switching is available on Cisco 7000 series routers only.

Autonomous Switching. Another very fast switching method found on Cisco 7000 series routers, autonomous switching allows the ciscoBus (cBus) controller to switch packets without the need for CPU intervention.

Distributed Switching. This switching method allows the switching function to take place locally via a route cache stored on a Versatile Interface Processor (VIP) card. This eliminates the need to use the router CPU to perform switching functions.

NetFlow Switching. This switching method allows you to collect detailed statistics on the traffic switched through the router for the purpose of accounting, planning, and network management. Because of the overhead associated with gathering this data, NetFlow switching is generally the slowest switching method.

Cisco Express Forwarding (CEF). An increasingly popular switching method aimed primarily at high-performance IP backbone switching. Less CPU-intensive than the fast switching method looked at first, CEF uses two main components to make switching decisions – a forwarding information base (FIB) and adjacency table. The FIB contains next-hop information for all IP networks in the routing table, and the adjacency table stores information on associated Layer 2 addresses. With this information, CEF is capable of switches packets faster than through the use of some of the multilayer shortcut switching methods looked at early in this chapter. CEF is no longer limited to Cisco routers; it is also now commonly found in Catalyst multilayer switches.

Layer 4 Switching

Now that you’re familiar with Layer 3 switching, you’re probably curious about what Layer 4 switching represents. Well, the answer isn’t as difficult as you might have imagined. Quite simply, a Layer 4 switch is typically just a Layer 3 switch that is also capable of making decisions based on Layer 4 information. Layer 4 (the Transport Layer) carries information about the source and destination TCP and UDP ports in use, which generally represent unique applications. Because of this, a Layer 4 switch is capable of making forwarding decisions according to the applications in use.

For example, an administrator might choose to prioritize VoIP traffic through the use of Quality of Service (QoS) features, granting VoIP applications more bandwidth. Conversely, the Layer 4 port information could also be used to route the packets from certain applications along a different path than other traffic. Ultimately, a Layer 4 switch gives administrators a higher level of control over how bandwidth is used within a network.

Layer 3 Switching with a Multilayer Switch Feature Card (MSFC)

In the case of a Catalyst 6000 or 6500 series switch, multilayer switching functions in much the same fashion manner as the example illustrated in the NFFC section just considered. However, there are some differences in terms of the hardware used. In the case of a Catalyst 6000 or 6500, three main hardware components are involved, as outlined below.
Catalyst Supervisor. The Catalyst Supervisor contains the CPU and ASICs used to carry out Layer 2 switching functions.

Policy Feature Card (PFC). Much like an NFFC, a Policy Feature Card provides the “shortcut” caching services that allow routed packets to be written without each packet needing to be passed to the route processor. The PFC is typically provided as a daughtercard on the same board as the MSFC.

Multilayer Switch Feature Card (MSFC). The MSFC effectively provides the high-performance routing functions for a multilayer Catalyst 6000 or 6500. The MSFC route processor is another daughtercard on an MSFC module.

Layer 3 Switching with a NetFlow Feature Card (NFFC)

For vastly improved routing performance on a Catalyst 5000 router, another alternative is to install a NetFlow Feature Card (NFFC). The NFFC is a specialized piece of hardware that acts as a pattern-matching engine for the purpose of rewriting the subsequent packets in a routed transmission at Layer 2. This results in vastly improved routing performance suitable for campus environments.

MLS uses three primary components in order to facilitate higher-speed Layer 3 switching performance. These are listed below, along with explanations of their purposes:

MLS Route Processor. In a Layer 3 switch, the MLS Route Processor takes on the role of a router. Ultimately it makes routing decisions for the network, using the information stored in its routing table. Even when a packet is switched using a rewrite process at Layer 2, it is ultimately the Route Processor that made the initial decision on how this should occur.

MLS Switching Engine. The MLS switching engine is simply a switch that includes an NFFC. This switch will build CAM table entries for the various MLS Route Processors that it knows about, and build cache entries for the shortcut switching methods discussed earlier.

Multilayer Switching Protocol. The Multilayer Switching Protocol is a lightweight protocol that runs on an MLS Route Processor, allowing it to communicate with the MLS Switching Engine.

When a multilayer switch boots up, the Multilayer Switch Protocol on MLS Route Processor sends hello packets to the NFFC, identifying VLANs and MAC addresses used by the router. As the NFFC forwards initial packets to the route processor (known as candidate packets) it creates a partial shortcut entry. When the packet it ultimately forwarded back to the NFFC from the router, the NFFC checks its shortcut table, notices a partial entry for the original packet that was forwarded to this router, and creates a full shortcut entry for the flow. In essence, the NFFC has noted that a packet forwarded to the route processor was passed back to it, and it will subsequently handle the inline rewrite of matching packets automatically at Layer 2 until the flow either times out (has not been used for a period of time) or the route processor lets it know of a topology change.

While this is a simplified view of what can be a very detailed process, it helps you to get the picture – an NFFC can significantly speed up the routing process at Layer 2 by rewriting packets, even though the ultimate routing decision is still made by the route processor at Layer 3.

Layer 3 Switching with a Route Switch Module (RSM)

The Cisco Catalyst 5000 series switches have long been a staple of many server rooms and wiring closets in the corporate world. Although originally only a Layer 2 switch, one method that can be used to add routing functionality to these models is the addition of a Route Switch Module (RSM). An RSM is essentially a Cisco router on an add-in module that plugs directly into the backplane of a Catalyst 5000 switch. Just like a Cisco router, an RSM runs Cisco’s IOS software, and is configured in a very similar manner.

The main benefit of using an RSM is that it eliminates the need for an external router, thus speeding up the routing process. However, an RSM is still a router in the traditional sense. Although the fact that packets do not need to be passed to an external device makes the process a little faster, routing is still occurring using the IOS software, using traditional routing methods. As such, a Catalyst 5000 with an RSM installed can still be considered a Layer 3 switch, but will not provide the dramatic increases in speed that other methods listed here do. More than anything, the RSM provides convenience, adding routing capabilities to a Layer 2 switch.

Layer 3 Switching Hardware

In the previous articles, I mentioned that different Catalyst switches perform routing functions in different ways. Before asking why all Catalyst switches don’t use the same techniques, it’s worth noting that different methods evolve over time, and some cost more to implement that others. In some cases, companies may simply wish to add routing capabilities to an existing investment, such as a Catalyst 5000. In others, the company might need the fastest routing performance possible across a campus network. In both cases, a realistic analysis of needs along with budget considerations will dictate the best solution. The next articles in this series outline three different methods commonly used to integrate routing capabilities with different Catalyst switches.

Routing With a Layer 3 Switch

To understand how a typical Layer 3 switch functions, consider the network illustrated in Figure 8-26. Although it looks very similar to the network in the last example, this time the router is replaced by a Layer 3 switch. In this example, Host A is connected to one port on the switch, but is part of VLAN1. Host B is connected to another port on the same switch, but is part of VLAN2.

When the two hosts in this example attempt to communicate, the initial process is very similar. The exception is that the router interfaces that the hosts communicate with are usually virtual, or internal to the switch (in this example, the interfaces are designated using familiar names like E0 and E1). Host A will still forward the packet it has created to the router portion of the Layer 3 switch. The Layer 3 switch will still look in its routing table to determine where the packet should be forwarded next. In this case it will be forwarded out another virtual interface, and ultimately to the port where Host B resides. Note that in this case, the Layer 3 switch has still calculated the CRC, stripped away the framing, calculated the IP header checksum, determined where the packet should be forwarded next, reframed it, and sent it on its way. Some Catalyst switch models (such as a Catalyst 5000 with a Route Switch Module (RSM) installed) still forward all packets in this way. In other words, some Layer 3 switches simply add the traditional functions of a Cisco router within their hardware. The process is a little faster than using an external router, but typically not by much.

However, in other Catalyst switch models, the packet forwarding can occur at speeds closer to traditional Layer 2 switching. For example, some models support a “shortcut” feature, where after routing the first packet in the traditional manner, a Layer 3 switch gets smart and uses pattern matching (via specialized hardware) to speed up the process of forwarding additional packets. In this example, the switch would recognize that it passed a frame up to Layer 3, only to have it forwarded back to itself. Instead of sending all other packets in this session from Host A to Host B up to Layer 3, the switch would instead rewrite the frame header automatically at Layer 2, making it appear as though the packet has passed through the router. In fact, once the process is complete, it is impossible to distinguish a packet that has been forwarded in this manner from one that has been routed traditionally.

After the first packet in the stream between Hosts A and B has been routed the old fashioned way, the switch caches the appropriate information it need to rewrite the packet. In this case, it knows that when it receives packets with the source MAC address of Host A, a destination MAC address of the virtual router interface, and the source and destination IP addresses of Hosts A and B respectively, it can rewrite the header using the shortcut information it has gathered by pattern matching. In this case, it will add new source and destination MAC addresses to the frame, decrement the TTL, recalculate the IP header checksum, and then switch the packet out the port that Host A is attached to – all without sending the packet up to Layer 3. When a Layer 3 switch functions in this manner, routing takes place at speeds closer to traditional Layer 2 switching.