2.2 Compare and contrast routing technologies and bandwidth management concepts

  • Routing
    • Dynamic Routing
      • Protocols
        • Routing Internet Protocol (RIP)
        • Open Shortest Path First (OSPF)
        • Enhanced Interior Gateway Routing Protocol (EIGRP)
        • Border Gateway Protocol (BGP)
      • Link State vs Distance Vector vs Hybrid
    • Static Routing
    • Default Route
    • Administrative Distance
    • Exterior vs Interior
    • Time to Live
  • Bandwidth Management
    • Traffic Shaping
    • Quality of Service (QoS)

Okay, now that we know a bit about internal networks, we should learn something about external networks.  Let’s say you need to access Google.com.  How does data from Google.com get to your computer and vice versa?  Remember that we already talked about DNS.

The internet is a bunch of cables, and different sections are owned by different internet service providers.  Thus, your data must pass through many routers controlled by many companies.  The internet is a massive spider web.  It’s like the highway system.  On a long trip, there are many routes you could take and arrive at the same destination.  How does the data packet know which route to take?  It uses a routing protocol.

In other words

  • The router receives a packet

  • It asks, what is the destination for this packet

  • Based on the final destination, where do I send this packet?

There are three types of routes

  • Static. A static route is programmed into the router.  We tell the router that packets addressed to a specific destination (or range of destinations) take this specific route.  We can provide one static route or many.

  • Dynamic. The router figures out routes on its own using one of the routing protocols.

  • Default.  The default route is used when there are no other destinations for the packet.  When the router receives a packet, it first checks the static route table.  If it can transmit the packet via a static route, it does.  If the packet’s destination does not match a static route, then the router sends the packet over a dynamic route.  If the packet does not match a dynamic route, then the router sends the packet over the default route.

There are four main dynamic routing protocols: RIP, OSPF, EGRIP, and BGP.

RIP – Routing Information Protocol.  The router calculates the number of “hops” between the source and the destination.  For example, if you are in Florida, and your data passes through a router in Atlanta, a router in Nebraska, and a router in Nevada before reaching California, that is four hops.

Each router maintains a table, known as a routing table.  The router records the best route for each destination in this table.  For example, google.com has a route, cnn.com has a route, facebook.com has a root, etc. (more accurately, each IP address has a route; the router doesn’t care about or look at domain names). 

The router doesn’t care about the entire route; it only cares about the address of the next router, or the “next hop”.  When a router receives a packet, it asks, “which router should I send this packet to next?” and sends it off.  Each router makes its own decision about the next destination without considering the source of the data.

The problem with RIP is that every router must update its routing table every 30 seconds, and that RIP supports routes with a maximum of 15 hops.  As the internet grew, so did the routing tables, and eventually the system broke down.  There were too many routers per pathway and too many routes per router.

RIP communicates over port 520 via UDP.  A router that just powered on can use RIP to ask a neighboring router to send over its routing table.  A router needs neighboring routers to cooperate so that it can understand the total “hop” length of a route.  The router is constantly asking “how many hops does this data packet need to travel through to reach its destination?”.  Cisco devices used the proprietary IGRP (Internet Gateway Routing Protocol) to communicate and have now switched to the EIGRP (Enhanced Interior Gateway Routing Protocol).

OSPF – Open Shortest Path First.  Unlike RIP, OSPF not only considers the number of “hops”, but also the speed between each hop, known as a link.  Each link can be given a cost that factors the speed of each link.  An administrator can manually set a different priority for each link. 

Each router advertises its link cost to other routers.  It does so by sending a “hello” message.  This information travels through the network because a router will pass on information that it received from one router to its neighboring routers (a router is considered to be a neighbor if it is directly connected).

OSPF works with multiple redundant routers.  It can detect a failed link and create a new link within seconds (remember that because the internet is a spider web, there are usually many pathways to the same destination).

Each router within a network will go through the following phases

  • Down – this is when the router first joins the network.  It hasn’t said or heard anything

  • Attempt – the router is trying to establish a connection with another router

  • Init – the router received a “hello” from a neighboring router

  • 2-Way – the router is communicating with another router

  • ExStart – the routers are establishing that they are adjacent.  This happens right after the 2-Way

  • Exchange – the router sends its link state database to a neighboring router.  It is telling its neighbor about all the routers it knows about.  The Link State Database tells us what routes a router knows about.

  • Loading – the router requests the link state database from a neighboring router.  It is telling its neighbor about all the routers it knows about

  • Full – the routers are fully adjacent

This way, each router can learn about how all the routers are connected, and then each router can decide as to the best pathway to send a packet.

OSPF uses an IP packet to send data.  The following types of data are sent

  • Hello – this is when a router wants to talk to an adjacent router.  The router always sends hello messages to its neighbors.  If it does not receive a reply, it assumes that the neighbor stopped working, and will stop sending traffic through it

  • Database Description (DBD) – this contains the link state database of an adjacent router

  • Link State Request (LSR) – a router sends this to request information so that it can update its link state database

  • Link State Update (LSU) – a router sends this in response to the request

  • Link State Acknowledgement (LSAck) – the requesting router sends this to acknowledge receipt of a Link State Update message

The problem with OSPF is that there are millions of routers.  That means every router will eventually learn all the routes for all the routers.  To make it simple, we can divide the networks into areas. 

All the areas must belong to the same autonomous system (a network that is under the control of a single internet service provider).  This is important because there is another system that determines routes between two or more internet service providers.

  • Backbone area – this forms the core OSPF network.  The backbone distributes routing information between other areas.  This is known as area 0.  All the other areas connect to the backbone directly or through another router.

  • Stub area – the stub area does not receive route advertisements from other routers.  A router in this area must send traffic through a default route.  Thus, the routers here do not have to maintain link state databases.  There are mode advanced types of stub areas, which are proprietary to Cisco

    • Totally stubby area – this is like a stub area.  Traffic can only be routed outside this area through a default route.

    • Not-so-stubby area – this area can import external routes and send them to other locations but can’t receive external routes for itself.

    • NSSA totally stubby area – this area can import some types of external routes and send them to other locations but can’t receive external routes for itself.

  • Transit area – area with at least two border routers.  The transit area passes traffic from one location to another but is not the source or the destination of the traffic.

Types of OSPF Routers

  • Internal router – all the interfaces belong to the same area

  • Area border router – connects an area to the backbone.  That is all its interfaces belong to the area except for one that belongs to the backbone.

  • Backbone router – connects to the backbone (may also be an area router).  A backbone router may connect to other backbone routers and not to any areas.

  • Autonomous system boundary router – this router connects networks from multiple autonomous systems.  Such a router will use another routing protocol to send traffic between itself and another system.

BGP – Border Gateway Protocol.  BGP allows routers to exchange data between two or more autonomous systems.  Unlike OSPF, routers using BGP must be programmed to learn their neighbors, known as “peers” (it is not automatic).  Every minute, a router sends a “keep alive” message to the neighboring routers to ensure that they are still available.  Within an autonomous system, the BGP is known as Internal BGP, otherwise it is known as External BGP.  A router that is exchanging data with another network is known as a border router.  BGP uses TCP to exchange information.

Once programmed, a router can have the following states

  • Idle – the router does not accept any new connections.  The router begins to initiate a connection with its peer.

  • Connect – the router is willing to accept negotiation messages with a peer

  • Active – if the router is unable to connect with the peer, it turns to the active state and tries to start a new session.  If the router is not able to connect, it might switch to the idle state.

  • OpenSent – the router is listening for an open message from its peer.  If the message is valid, then it establishes a connection

  • OpenConfirm – the peer is waiting for a Keepalive message from its peer

  • Established – the connection is established and the routers exchange information about their capabilities

How does the router decide which routes are best?

  • Unlike OSPF, BGP needs to be able to detect loops in the routing.  Thus, it needs to be able to detect the entire pathway between the router and the destination.  It would not be possible to store this much information.  Therefore, the solution is to keep track of the autonomous systems that a packet will travel through to reach its destination.

  • By default, the BGP will choose the route that crosses the least number of Autonomous Systems

  • An administrator can change the weight given to a route. 

    • Since BGP is used to move traffic between different ISPs, one ISP may prefer other ISP networks due to cost or contractual obligations. 

    • An administrator might not want to transport “transit” traffic.  Transit traffic is traffic that did not originate in his network and that has a destination outside of his network.  In other words, it is traffic that does not belong to any of his customers.  Why should he transport it for free?

  • Thus, the router does the following

    • Imports all of the routes

    • Eliminates any routes with loops

    • Gives each route a weight (known as the local preference) based on the number of autonomous systems and administrative rules

    • Picks the best routes based on the distance and other criteria

    • Advertises only the best routes to the neighbors

All the routers using Internal BGP must be configured in a full-mesh (that means that every router must have a connection to every other router).  To reduce the amount of work a router must do

  • One router can be designated as a Route Reflector.  This router stores all the routes, while other routers peer to it.

  • A large Autonomous System can be split into multiple smaller Autonomous Systems.  The group of systems is known as a Confederate.  Routers within each smaller Autonomous System are fully meshed.  Routers in different autonomous systems are not fully meshed.  The entire confederate appears to be a single autonomous system to any external routers.     

Traffic Shaping is a method of throttling different forms of traffic.  Let’s say we have an office and half the people are on YouTube.  They are slowing down the network for employees who are trying to work.  What do we do?  We can block YouTube, but that might be a bad idea because some employees might have a legitimate reason to access it.  Or we can perform traffic shaping.  Each type of traffic follows a pattern.  We use a router to “fingerprint” the different types of traffic – websites, videos, file sharing, VoIP calls, etc..  Then we tell the router how much bandwidth each one can have.  We might say that 10% of our bandwidth can go to web traffic, or 1Mb/s can go towards video streaming.

Traffic shaping is also used by internet service providers.  If the ISP has limited bandwidth and a few customers are streaming Netflix in 4K, forcing others to wait for their e-mail to download, that’s not fair.  The ISP might use traffic shaping to give business-oriented traffic a larger portion of the bandwidth.  Traffic shaping by ISPs is controversial, and the opposition is known as “net neutrality”.

There are several traffic shaping algorithms.  In general, each time a packet reaches the traffic shaping router

  • The router figures out what kind of application it belongs to

  • Based on the intended shape, it decides whether to hold the packet or send it

  • Packets are held in a buffer until they are ready to be sent.  Each type of traffic has its own buffer.  The rate that packets leave the buffer is fixed.  This is known as the “leaky bucket” problem.  Imagine if we made a hole in the bottom of a bucket and pored water into the top.  It doesn’t matter how fast water enters the bucket, it leaves the bottom at the same speed.

  • What happens if the buffer fills up with packets?  No buffer is infinite.  In that case, the buffer drops (ignores) the remaining packets.

To summarise, there are three ideas for choosing the best next hop destination

  • Link State – the router chooses a destination using an algorithm that includes gathering information from the other connected routers

  • Distance Vector – the router chooses a destination based on the shortest pathway to the final destination; this might be the number of routers or the number of autonomous zones that the traffic will pass through

  • Hybrid – the router chooses a destination based on a combination of factors including the link state, the distance, and the local policies of the internet service provider

If our router has multiple routes to the same final destination learned from different sources (OSPF, BGP, static, etc.), how does it decide which one to use?  It assigns each route an administrative distance, also known as a route preference.  The following are some administrative distances are assigned to routes on Cisco routers (smaller distances are preferred)

Directly Connected Interface0
Static Route1
External BGP20
Internal EIGRP90
Internal BGP200

Quality of Service (QoS) is a concept regarding how well a specific network service is performing.  We can measure different things like bandwidth (speed), packet loss (what percentage of data is reaching its destination), jitter (does the data we send show up in the same order or is it all mixed up).

QoS is most important in VoIP and live video applications.  Why?  Remember that TCP follows a three-way handshake?  If I send you a file, you must acknowledge that you received it.  If a computer sends a packet to another computer, the recipient must acknowledge receipt.  If something happens to the packet along the way, it could always be retransmitted.  A small amount of packet loss is a minor annoyance.  Maybe the users don’t even notice.  If the packets don’t arrive in the correct order, the receiving computer puts them back together.

With VoIP and live video however, imagine that each word you say is a packet.  The phone or video screen on the other side must play those packets back to the other party in real time.  It doesn’t have time to correct for errors.  If some packets go missing, then the person on the phone with you doesn’t hear some of the words you said.  If packets arrive in the wrong order, then the words you say are heard in the wrong order on the other side.  Too much of that and the users become frustrated.

What are some things we measure when we say Quality of Service?

  • How much bandwidth are we getting?  This is known as throughput, or Goodput.  Goodput is the useable bandwidth (actual bandwidth minus overhead for protocols).  It’s like the weight of the mail without the envelopes.

  • Packet loss.  What percentage of packets are lost in transmission?

  • Errors.  What percentage of packets arrive without errors?

  • Latency.  How long does a packet take to reach its destination?

  • Out-of-Order delivery.  Are the packets arriving in the same order that they were sent?

A customer and his internet service provider may enter into an agreement to obtain a specific level of service.  How can the ISP meet this obligation?  Over-provision the network so that it has much more capacity then is required.

But a single service provider doesn’t own the entire internet!  Your traffic first reaches your ISP and then it reaches your ISP’s ISP, and then your ISPs ISPs ISP…therefore, the ISPs must negotiate a way to prioritize certain types of traffic so that customers who pay more experience better service.  Otherwise, an ISP’s ISP will turn on the BGP and not allow much of your traffic through their network.

One way to do this is called DiffServ or Differentiated Services.  Remember that each packet has a header with information about its destination, size, etc..  Well, there is also an optional spot for a Differentiated Services Code Point (DSCP) value.  The most common values are

  • Default Forwarding – the data will be delivered with a “best effort”

  • Expedited Forwarding – the data will be given priority

  • Assured Forwarding – the data will be guaranteed to arrive within a specific time

You can think of DiffServ like a courier service.  You can ship something that could arrive within a week.  Or it could be guaranteed by the end of the next business day.  Or it could be guaranteed to arrive by 10:30AM the next morning.  Data that is sent through a slower method might arrive quickly if the network has spare capacity.  But when the network is overwhelmed, more important traffic is given priority.

When an ISP sees a packet marked with Expedited Forwarding or Assured Forwarding, it knows to prioritize it.  How much priority to give a packet is up to each ISP.

CoS or Class of Service is like QoS, but on an internal network.  CoS tags an ethernet frame with a priority from zero to seven.

I could write an entire book on traffic shaping.  It is an art, not a science because every ISP must balance the needs of all its customers.  Giving many customers a lousy experience because a few people are paying more may not be in their best interests.