Summary of routing loop knowledge point
Human creativity is as powerful as a destructive power."
Network interoperability has also spawned complicated routing protocols and various Internet services.
That's why all of today's network traffic that 80 % of the resources are wasted and only 20% is used for efficient data transmission.
The anti-ring mechanism is generated under such a large background.
Loops appear at all levels of the Internet and the causes and solutions of different loops are different.
Usually, the network loop is divided into a second layer loop and the three-layer loop. The formation of all loops is caused by the confusion of the destination path.
The second layer loop is mainly a vicious circle of the switch broadcast stream.
The three-layer loop is much more complicated and usually caused by various network failures. It is also focused on this paper.
This article divides the three-layer loop into three: Single link loop, cross-node loop, area/AS loop.
Switch layer broadcast stream and spanning tree
As we all know, the switching network is a small local access network (LAN) so the Layer 2 switch allows forwarding of broadcast streams by default (the router drops by default).
In addition to broadcast streaming, when the mac address table is invalid and exchange, the data frame will be sent out from all interfaces except the receiving interface.
So initially, when three switches are connected in pairs, a data frame will loop indefinitely.
Spanning trees are created to make anti-rings in the switching network.
Due to the specific spanner, the principle is too complicated to be written separately and only the introduction is not explained here.
The original version of the spanning tree is 802.1d which is the STP (Spanning Tree Protocol). However, the standard of this version is that all VLANs share a spanning tree so it is also called CST (Common Spanning Tree). Cisco has enhanced this. Published PVST+ (Per Vlan Spanning Tree).
The next version of 802.1d is 802.1w which is RSTP (Rapid). STP). However, it still shares the spanning tree and does not understand the IEEE is not long-term memory. So Cisco made another move and released PVRST+.
IEEE has also released 802.1s (MSTP) based on Cisco's MISTP solution. This is stronger, but it is bigger. MSTP is used to change networks, and it is also the mainstream now.
Five anti-ring mechanisms of RIP
Rip as an old routing protocol, although it is gradually being phased out, it is necessary to understand some to understand the evolutionary history of routing protocols.
First talk about an easy to understand programmer logic.The router connection A route entry. A received by the F0 interface should not be sent back from F0 (horizontal split) but the route update of the distance vector routing protocol should send out the complete routing table, so the metric of the route A is sent before the F0 is sent. Change to 15 so that the metric of A received by the other party is 16 unreachable (count maximum hop & poison reverse).
When router R1 detects a network failure on a certain network segment (such as receiving an icmp error), it will do two things.
First, tell other routers: "You can't get this subnet from me";
Second, look for other paths to reach this subnet.
At this point, R1 will suppress the timer. The route sent by the neighbor about the subnet is not received within the specified time. Imagine if there is no suppression timer, then the neighbor just sends the route of the subnet and this path happens to pass R1, then the consequences will be unimaginable.
What is R1 doing during the suppression time?
Of course, waiting for the rip network. All routers correct this routing table after receiving this 16-hop route so the update needs to be triggered and it is not necessary to wait for the time to expire before sending the routing table.
In addition, when the metric value of an interface is changed, the update will also be triggered and the anti-loop principle is the same.
It can be seen that among the five anti-ring mechanisms of rip, the most Jumping is the ultimate weapon. It cooperates with the suppression timer to not only solve the "single link loop" but also prevent the "cross-node loop".
EIGRP and DUAL algorithm
Perspective: Peripheral visual/local perspective.
Eigrp's advancement is that there are two more tables: the neighbor table and the topology table. The establishment of the neighbor table directly avoids the single link loop: when the next hop is seen in the received route update, it is not necessary to say that this update is from my, rejected.
Eigrp's core algorithm is called DUAL (diffusion update) and there is a formula specifically designed to prevent cross-node loops. : When the reported distance (RD) of a neighbor to a network is shorter than the feasible distance (FD) of the local router to the same destination network, the feasibility condition (FC) is met and the path is written into the topology table.
However, such an algorithm can be imagined to be flawed. Many high-cost feasible backup paths are also rejected as "loops".
There is a special case: the loop caused by manual summarization.
In fact, the summary itself is "defective". When the router transmits the summarized main class network routing update to the peer, it is equivalent to let the peer generate some sub-network routes to those that do not exist.
This is unreasonable if the route there is a default route pointing to the peer, the loop is formed. A malicious packet with the destination address of the non-existing subnet ip will loop indefinitely between the two routers until the end of the lifetime.
The solution (by default) is to use the null0 interface.
The locally generated summary route points to this logical empty interface. Here is a list of routing queries: the received data packet first looks at the normal unicast routing entry. Then, the local summary routing entry and finally the default route. As shown, this will identify those packets that are malicious and will be dropped from the null0 port.
Link State routing protocol and SPF algorithm
Perspective: Global (whole area) perspective / God perspective.
In addition to having a neighbor table, Ospf has a very powerful table called LSDB (Link State Database) (same as is-is).
In each ospf area, by mutual Isa (link advertisement transmitted across network segments), each router can learn the topology and link status of the entire area.
In this way, routing in the area can lock the optimal path from a global perspective, and there is no loop, no matter whether it is a single link loop or a cross-node loop can be avoided. Innovations in link state routing protocols.
Which way is the avoidance of routing loops between OSPF areas?
The answer is: the topology implementation of the hierarchical structure.
Ospf stipulates that all regular areas are linked to the backbone layer, even if physically separated from the backbone layer, there must be a logic The road (virtual link) is connected to the backbone area. This tree structure fundamentally abandons the loop.
Therefore, ospf is also naturally acyclic.
IS-IS similar to ospf does not require the L1 layer to be connected to the L2 layer, so there are two unique anti-ring mechanisms: first, non-L2 area The communication must be advertised in the L2 area. Second, the L2 area route does not enter L1 by default (except for route leakage).
Thus, an anti-ring is achieved.
BGP high-level anti-ring mechanism
When it comes to Bgp, it is necessary to be related to the AS autonomous system. The anti-ring of bgp is mainly divided into the AS internal anti-ring and the AS anti-ring (can be analogous to the intra- and inter-regional ospf).
Between AS: The as-path field of the route update contains all the AS numbers that have passed. When the bgp router sees its own AS number in the routing update, it will decisively abandon this update (but in special cases you can use the command to cancel this feature).
This is the difference between the distance vector and the distance vector: the distance vector routing protocol (such as rip) only records how many steps have been reached at the destination. The distance vector router records the path that passes on the way.
It seems that learning Cisco has to bite the word.
The principle of horizontal partitioning of Ibgp is that routing information received from IBGP neighbors is not passed to other IBGP neighbors but it can be passed to EBGP neighbors.
note It is not the same as the horizontal split of rip.
Horizontal split is to prevent 3 or more ibgp . The peer surrounds the loop, causing a cross-node loop inside the autonomous system.
In addition to routing loops caused by network failures, unreasonable network planning can also cause loops.
For example, in BGP, if the transit path router between ibgp is in another AS, it will cause a loop. However, this is just one example. It is intended to illustrate that artificial loops are difficult to avoid, but Cisco is really thoughtful and provides the next-hop-unchange command to handle the loop above.
Note that the route reflector (RR) is usually used to solve the problem of routing non-learning caused by horizontal splitting, but the interesting thing is that horizontal splitting is used for anti-ring, and route reflector is used to prevent horizontal splitting, so the reflector is generated again. Later RR was improved and added a feature called Insert Cluster ID and Source ID.
By default, RR adds its own router-id to the route update and the router-id of the originating router of the route update. This is also a path vector mechanism.
How about the passing score of the AWS certification exam?
Start the discussion...