Intra-domain routing: routing inside a domain/AS

Routing used to scale by throwing more resources at it
But when the internet began to scale, it needed to be smarter
Split the net into parts: domains
Have separate protocols for routing within and between domains

Which Protocol to Choose in an AS?

Considerations:

• Speed of convergance: how quickly are the routes updated after a network change
• Granularity of metrics: how precise can the cost be expressed (the cost which is used to decide which routes get put in the routing table)
• Complexity of configurations

Routing Information Protocol (RIP)

Outdated

Based on Bellman-Ford distance algorithm
Used hop count as primary cost metric

Used as an Interior Gateway Protocol (IGP)
Usable inside homogenous networks with moderate size
Max 15 hops (16 = infinity)
Homogenous allows us to use hop count instead of something more specific

Distance Vector Protocols

Tell your neighbours about the world!

Nodes only communicate with their neighbours
An AS is a set of IP prefixes

Basic Operations

Keep a table of routes to destinations
distance (metric) -> gateway (next hop): IP prefix

Periodically send out a complete table to all neighbours
Send all destination networks with distances, but not the gateways
Neighbours will consider the sender as the next hop (gateway)
Update your table with information received from your neighbours
Distance can only decrease (unless our active route has gets an increased metric, with no better option)
E.g. you are $A$ and have distance $5$ to B and $10$ to $C$
But then $B$ advertises a cost of $1$ to $C$
So we update our entry $6$ to $C$ having $B$ as next hop

Split Horizon with Poisoned Reverse

Do not advertise back routes you learned from your neighbour, to the network you both are on

Do advertise back routes that have failed, but with an infinite distance to it's neighbours to indicate that it is unreachable

Advantage: faster convergence
Disadvantage: larger update packets

Timers

Update timer: how often updates are sent (default 30s)
Invalid timer: how fast routes time out (default 180s), marked as unreachable
Flush timer: how fast routes disappear (default 240s), also called garbage-collection timer
Stays here another 60s after invalid to make sure neighbours also learn this route is no longer valid

Lowering the timers decreases convergence time, but increases network load and resource consumption

Triggered updates
Instead of waiting for the timer, send an update as soon as a route changes (in version 2)
Hold-down timer
Cisco proprietary
Prevent incorporating possible bad routing information which might be present in a network that has not yet converged
Don't accept any information during that time

Packet Transmission

V1:
Broadcasted to 255.255.255.255
Or a directed broadcast address (but rarely used)
Very quickly removed as it creates noise and violates security boundaries
Or to an individual host
V2:
Broadcast to 224.0.0.9
To exclude non-RIP hosts

Works on UDP port 520
Max size of 512 bytes, including 8b header
Room for 25 route updates
Each update is 20 bytes
If you need to send more, just split them into multiple packets

RIPv1 format

Packet format:
Padding came from legacy standards, and for future expansion

Fields:

RIPv2 Fields

When host advertises route to border gateway that does not participate in RIP, then send that route directly instead of going through the sender

Authentication

No auth in V1, so you can spoof and black-hole a network
V2 added authentication, so that only updates from trusted routes will be accepted
Send authentication as first route update
Identified with AFI of 0xFFFF

Type 2 was plaintext, which was easily broken
Type 3 actually gave some security

Extensions

RIPng for IPv6

Still runs on UDP, but now port 521
Packets can be any length that fits on the network unfragmented (lower than MTU)
Supports IPv6 prefix, route tags, next hop (as in V2)
No auth, is done by IPv6's IPSec
Uses FF02::9 broadcast to only target RIP hosts

Next hop is done through ICMPv6

Interior Gateway Routing Protocol (IGRP)

Cisco proprietary protocol
Just like RIP, but
Runs on top of IP
It has a larger max size, from 100-255

Can be divided into independent domains
Confusingly also called ASs
Uses 3 types of routes

• Interior routes, with implicit subnet, like in RIPv1
• System route, which is possibly summarised
• Exterior route, candidate default

Metric is composite based on

• Delay
• Bandwidth
• Reliability
• Load
  As compared to RIPs hop count metric
  Most implementations only used delay and bandwidth
  Hop count is still communicated to see when max distance has been reached
  MTU information is also sent

Enhanced IGRP (EIGRP)

Remembers all paths, not just the best path
Allows for failover
Carries subnet information (VLSM)
Keeps state about its neighbours
Can take MTU into account
Uses Diffusing Update Algorithm (DUAL) for loop free routing and fast convergence

No periodic updates
Only update when table changes
Use partial updates instead of sending the whole table
Use hello multicast to be discovered by neighbours
Forms adjacencies with neighbours
Uses acks for reliable communication
Can summarise on arbitrary bit boundaries (classless)

Open Shortest Path First (OSPF)

Two Choices

OSPF vs IS-IS

OSPF:
De-facto standard for intra-domain in enterprise
Replacement for RIP
IS-IS:
De-facto standard for ISPs

Why Replace RIP

Max of 15 hops means large networks aren't possible
Timers make convergence slow, up to the order of minutes
RIP uses a simplistic cost metric

Link State Protocols

Tell the world about your neighbours

Build a complete table of the network topology in a Link State Database (LSDB)
Use Dijkstra
Replace distance vector protocols in more complex networks
Has faster convergence too

Link State Packets (LSPs)

Represent the state of the router and it's links to the rest of the network

LSP Generation

Period announcements, with a long interval, default 30m
Triggered updates are sent on changes
New neighbour
Node failure
Change in link cost

Cost

In OSPF, cost is an indication of the overhead required to send a packet through said link
Inversely proportional to the bandwidth of the link
Higher bandwidth -> lower cost

LSP Distribution

LSPs are flooded all over the network, not just to its neighbours
Using smart flooding procedure
Recognises identical LSPs

LSP 'problems'

LSPs may arrive out-of-order
Need a mechanism to order them
Use an age/TTL field
Always increase age / decrease TTL when forwarding an LSP packet
LSP ages in the LSDB (1 per second) but does not age during transmission (not every second, only every hop)
Max of 3600
When it reaches max, it gets flushed

OSPF Advantages

Hierarchical routing
But only 2 levels, in contrast to IS-IS
Supports subnets
Uses efficient multicast for flooding
Uses metrics based on cost per interface
Supports virtual links for backbone connectivity
Supports load balancing
Has built-in auth

OSPF Facts

Uses IP instead of UDP
Currently OSPFv2 is in use
Uses Link State Advertisement (LSA) terminology, instead of Link State Packet (LSP)

OSPF Params

These params must be the same for all OSPF neighbours
Otherwise they will not talk at all

• HelloInterval: default 10s
• RouterDeadInterval: default 40s
  • How long a neighbour needs to be silent before being declared dead

LSA and Databases (LSDB)

LSAs must be acknowledged
If not received, send again
LSAs (and their acks) are queued/flagged for transmission
Ensure updates are in-order and not duplicate
LSAs must time out at about the same time
By using triggered re(distribution)
When any instance reaches MaxAge, this is broadcasted to all other routers
In case of database overflow, drop external routes first