Upload
roman
View
218
Download
4
Embed Size (px)
Citation preview
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
1/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
2/96
222 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Agenda
Campus Network Designs
Routed Access Design
EIGRP Design Details OSPF Design Details
PIM Design Details
Summary
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
3/96
333 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Hierarchical Campus DesignBuilding Blocks
Data CenterWAN Internet
SiSi SiSi SiSi SiSi SiSi SiSi
SiSi SiSi
SiSi SiSiSiSi SiSi
SiSi SiSi
Access
Distribution
Core
Distribution
Access
Offers hierarchyeach layer hasspecific role
Modular topologybuilding blocks
Easy to grow, understand, and
troubleshoot Creates small fault domainsclear
demarcations and isolation
Promotes load balancing andredundancy
Promotes deterministic traffic patterns
Incorporates balance of both Layer 2 and
Layer 3 technology, leveraging thestrength of both
Can be applied to all campus designs;multilayer L2/L3 and routed accessdesigns
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
4/96
444 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Tried and True: Reference DesignMultilayer L2/L3 Design
Consider fully utilizing uplinks via GLBP
Distribution-to-distribution link required for route summarization
No STP convergence required for uplink failure/recovery
Map L2 VLAN number to L3 subnet for ease of use/management
Can easily extend VLANs across access layer switches if required
10.1.20.010.1.120.0
VLAN 20 DataVLAN 120 Voice
VLAN 40 DataVLAN 140 Voice
10.1.40.010.1.140.0
HSRP or GLBPVLANs 20,120,40,140
HSRP or GLBPVLANs 20,120,40,140
ReferenceModel
Layer 3SiSiSiSi
Layer 2
Access
Distribution
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
5/96
555 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Data Center
SiSi SiSi
SiSi SiSi
SiSi SiSi
Hierarchical Campus DesignMultilayer L2/L3 Building Blocks
Highly available and fastalways on Deploy QoS end-to-end: protect the good and
punish the bad Equal cost core links provide for best
convergence Optimize CEF for best utilization of redundant
L3 paths
Aggregation and policy enforcement Use HSRP or GLBP for default gateway protection Use Rapid PVST+ if you MUST have L2 loops in
your topology Keep your redundancy simple; deterministic
behavior = understanding failure scenarios andwhy each link is needed
Network trust boundary Use Rapid PVST+ on L2 ports to prevent loops in
the topology Use UDLD to protect against 1 way interface UP
connections Avoid daisy chaining access switches Avoid asymmetric routing and unicast flooding,
dont span VLANS across the access layer
Access
Distribution
Core
Distribution
Access
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
6/96
666 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Routing to the EdgeLayer 3 Distribution with Layer 3 Access
Move the Layer 2/3 demarcation to the network edge
Upstream convergence times triggered by hardware detectionof link lost from upstream neighbor
Beneficial for the right environment
10.1.20.0
10.1.120.0
VLAN 20 Data
VLAN 120 Voice
VLAN 40 Data
VLAN 140 Voice
10.1.40.0
10.1.140.0
EIGRP/OSPF EIGRP/OSPF
GLBP Model
SiSiSiSi
Layer 3
Layer 2
Layer 3
Layer 2EIGRP/OSPF EIGRP/OSPF
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
7/96
777 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Data Center
SiSi SiSi
SiSi SiSi
SiSi SiSi
Hierarchical Campus DesignRouted Access Building Blocks
Highly available and fastalways on
Deploy QoS end-to-end: protect the good andpunish the bad
Equal cost core links provide for bestconvergence
Access layer aggregation
Route summarization to the core to minimizerouting events
Route filtering from the core to minimize routingtable size in access
OSPF stub area border (ABR)
Keep your redundancy simple; equal cost loadbalancing between access and core
Vary CEF algorithm to prevent polarization
Network trust boundary
VLANs are contained to the access switch
Use EIGRP or OSPF on interfaces todistribution layer
Use parallel paths for Equal Cost Multi Path(ECMP) routing
Use EIGRP stub routers or OSPF stub areas to
limit scope of convergence events
Access
Distribution
Core
Distribution
Access
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
8/96
888 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
What Is High Availability?
DPMDefects per Million
Availability Downtime Per Year (24x365)
99.000%
99.500%
99.900%
99.950%
99.990%
99.999%
99.9999%
3 Days
1 Day
53 Minutes
5 Minutes
30 Seconds
15 Hours
19 Hours
8 Hours
4 Hours
36 Minutes
48 Minutes
46 Minutes
23 Minutes
DPM
10000
5000
1000
500
100
10
1
HighAvailability
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
9/96
999 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
What If You CouldReduce Cost Through Diminished Risk of Downtime
Costs for downtime are high
One day cost of lost productivity =$1,644 per employee
100 person office = $164Kper day
More than just a datanetwork outage
More than just revenueimpacted
Revenue loss
Productivity loss
Impaired financial performance
Damaged reputation
Recovery expenses Source: Meta Group
999
$ 205$1,010,536Average
$ 107$ 668,586Transportation
$ 244$1,107,274Retail
$ 370$1,202,444Insurance
$1,079$1,495,134Financial Institution
$ 134$1,610,654Manufacturing
$ 186$2,066,245Telecommunications
$ 569$2,817,846Energy
Revenue/Employee-
HourRevenue/HourIndustry Sector
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
10/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
11/96
111111 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
High-Availability Networking in the Campus
Reinforced Network Infrastructure:Infrastructure Security HardeningDevice-Level and Software Resiliency
Real World Network Design:Hierarchical Network DesignStructured Modular Foundation
Network Operations:Best Practices
Real-Time Network Management:
Best Practices
Best-in-Class Support:TAC, CA, Etc.
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
12/96
121212 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Routed Access DesignStructured Design Foundation
EIGRP or OSPF routed links between access and distribution Routed interfaces, not VLAN trunks, between switches
Equal cost multi path to load balance traffic across network
Route summarization at distribution (like L2/L3)
Single (IGP) control plane to configure/manage (no STP, HSRP,)
10.1.20.010.1.120.0
VLAN 20 DataVLAN 120 Voice
VLAN 40 DataVLAN 140 Voice
10.1.40.010.1.140.0
EIGRP or OSPFEqual Cost Multi Path
Layer 2
Layer 3
SiSiSiSi
SiSiSiSi Access
Distribution
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
13/96
131313 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Agenda
Campus Network Designs
Routed Access Design
EIGRP Design Details
OSPF Design Details
PIM Design Details
Summary
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
14/96
141414 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Why Routed Access Campus Design?
Most Catalystssupport L3 switching today
EIGRP/OSPF routing preference over spanning tree Single control plane and well known tool set
Traceroute, show ip route, sho ip eigrp neighbor, etc
IGP enhancements; stub router/area, fast reroute, etc..
It is another design option available to you
Layer 2
Layer 3
SiSiSiSi
SiSiSiSi Access
Distribution
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
15/96
151515 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Ease of Implementation
Less to get right:
No STP feature placement coreto distribution
LoopGuard
RootGuardSTP Root
No default gateway redundancysetup/tuning
No matching of STP/HSRP/GLBPpriority
No L2/L3 multicast topologyinconsistencies
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
16/96
161616 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Ease of Troubleshooting
Routing troubleshooting tools
Show ip route
Traceroute
Ping and extended pings
Extensive protocol debugs
Consistent troubleshooting; access, dist, core
Bridging troubleshooting tools
Show ARP
Show spanning-tree, standby, etcMultiple show CAM dynamics to find a host
Failure differences
Routed topologies fail closedi.e. neighbor loss
Layer 2 topologies fail openi.e. broadcast and unknowns flooded
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
17/96
171717 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Routing to the EdgeAdvantages? Yes, in the Right Environment
EIGRP and OSPF converge in
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
18/96
181818 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Routed Access Considerations
Do you have any Layer 2 VLAN adjacencyrequirements between access switches?
IP addressingdo you have enough addressspace and the allocation plan to support a
routed access design?
Platform requirements;
Catalyst 6500 requires an MSFC with hybrid (CatOS and Cisco IOS) in theaccess to get all the necessary switchport and routing features
Catalyst 4500 requires a SUP4 or higher for EIGRP or OSPF
Catalyst 3500s and 3700s require an enhanced Cisco IOS image forEIGRP and OSPF
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
19/96
191919 2005 Cisco Systems, Inc. All rights reserved.RST-203111207_05_2005_c2
Interior Gateway Protocol OptionsStatic Routing
Benefits
Price; in default Cisco IOS feature set for routers and Layer 3 switches
Considerations
Configuration intensive and prone to error
Potential routing black holes during some failure conditions
Design guidance
Default route from the access to the distribution
Specific route from the distribution to the access
Set next-hop to neighbors adjacent IP interface address to minimize blackholes during failure conditions
Redistribute static routes from distribution to coresummarize accesssubnets when possible
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
20/96
202020 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Interior Gateway Protocol OptionsRIP Routing
Benefits
Widely supported
Price; in default Cisco IOS feature set of Catalyst L3 switches
Considerations
Slow convergence time
Limited network diameter; max hops = 16
Redistributing into an advanced IGP?
Design guidance
Use RIP version two; VLSM
Tune hellos down to one second
Summarize routes from distribution to core
Use routed interfaces vs. VLAN trunks
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
21/96
212121 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Interior Gateway Protocol OptionsEIGRP Routing
Benefits
Simple to configure
Extremely fast convergence without tuning
Scales to large topologies
Flexible topology options
Considerations
Cisco innovation
Summarization to limit query range
Price; requires enhanced IOS image in some Catalysts
Design guidance
Later in the presentation
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
22/96
222222 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Interior Gateway Protocol OptionsOSPF Routing
Benefits
Fast convergence with tuning
Widely deployed industry standard
Considerations
Design and configuration complexity
Price; requires enhanced IOS image in most Catalysts
Topology design restrictions
Design guidance
Later in the presentation
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
23/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
24/96
242424 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
CEF Load BalancingAvoid Underutilizing Redundant Layer 3 Paths
The default CEF hashinput is L3
CEF polarization: In a multi-
hop design, CEF couldselect the same left/left orright/right path
Imbalance/overloadcould occur
Redundant paths areignored/underutilized
RedundantPathsIgnored
SiSiSiSi
SiSi SiSi
SiSi SiSi
L
L
R
R
DistributionDefault L3 Hash
CoreDefault L3 Hash
DistributionDefault L3 Hash
AccessDefault L3 Hash
AccessDefault L3 Hash
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
25/96
252525 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
CEF Load BalancingAvoid Underutilizing Redundant Layer 3 Paths
With defaults, CEF could selectthe same left/left or right/rightpaths and ignore some redundantpaths
Alternating L3/L4 hash and
default L3 hash will give usthe best load balancing results
The default is L3 hashnomodification required in core oraccess
In the distribution switchesuse:
mls ip cef load-sharing full
to achieve better redundant pathutilization
SiSiSiSi
SiSi SiSi
SiSi SiSi
RL
RDistributionL3/L4 Hash
CoreDefault L3 Hash
DistributionL3/L4 Hash
L
RL
Left SideShown
AccessDefault L3 Hash
AccessDefault L3 Hash
L
All PathsUsed
Note: Catalyst 6500 SUP720 does not require CEF tuning
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
26/96
262626 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Routed Access DesignHigh-Speed Campus Convergence
Convergence is the time neededfor traffic to be rerouted to thealternative path after the networkevent
Network convergence requires allaffected routers to process theevent and update the appropriatedata structures used forforwarding
Network convergence is the time
required to:Detect the event
Propagate the event
Process the event
Update the routing table/FIB
SiSiSiSi
SiSiSiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
27/96
272727 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
High-Speed Campus ConvergenceEvent Detection
When physical interface changesstate, the routing process is notified
This should happen in the ms range
Some events are detected by the
routing protocolL2 switch between L3 devices is a typicalexample
Neighbor is lost, but interface is UP/UP
Hello mechanism has to detect the neighborloss
To improve failure detectionUse routed interfaces between L3 switches
Decrease interface carrier-delay to 0s
Decrease IGP hello timersEIGRP: Hellos = 1, Hold-down = 3OSPF: Hellos = 250ms
SiSiSiSi
SiSi
SiSi
SiSi
Hellos
L2 Switch orVLAN Interface
RoutedInterface
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
28/96
282828 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
High-Speed Campus ConvergencePropagate the Event
When an event occurs thatchanges the topology, all routersthat were previously aware of thepath need to be notified about thetopology change
EIGRP uses the query/replyprocess to find alternate paths
OSPF propagates LSAs and allaffected routers recalculate SPF tofind alternate paths
LSA timer tuning can improve OSPFevent propagation performance
SiSiSiSi
SiSiSiSi
SummaryRouteFilter
Summarization and route filtering canbe used to limit the number of routersneeding to participate in a networktopology change event
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
29/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
30/96
303030 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
High-Speed Campus ConvergenceUpdate the Routing Table and FIB
After a new path or topology hasbeen calculated by the protocolalgorithm, the routing table mustbe updated
Routing Information Base (RIB) is the
routing tableForwarding Information Base (FIB) isbased on the RIB and used by thehardware to forward traffic
Projects are under way to make theRIB faster, more scalable and toimprove the FIB info download tothe line-cards
A B
SiSiSiSi
SiSiSiSi
TrafficDroppedUntil
LSAGenerated/
Processedand
RoutingTable/FIB
Updated
Summarization and route filtering canbe used to limit the number of routesneeded in the RIB and FIB
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
31/96
313131 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Agenda
Campus Network Designs
Routed Access Design
EIGRP Design Details
OSPF Design Details
PIM Design Details
Summary
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
32/96
323232 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Strengths of EIGRP
Advanced distance vector
Maps easily to the traditional multilayer design
100% loop free
Fast convergence Easy configuration
Incremental update
Supports VLSM and discontiguous network
Classless routing
Protocol independentIPv6, IPX and AppleTalk
Unequal cost paths load balancing
Flexible topology design options
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
33/96
333333 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Design Rules for HA CampusSimilar to WAN Design, But
EIGRP design for the campusfollows all the same bestpractices as you use in the WANwith a few differences
No BW limitationsLower neighbor counts
Direct fiber interconnects
Lower cost redundancy
HW switching
WAN stability and speed
Campus stability, redundancy,load sharing, and high speed
SiSiSiSi
SiSiSiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
34/96
343434 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP in the CampusConversion to an EIGRP Routed Edge
The greatest advantages ofextending EIGRP to the accessare gained when the networkhas a structured addressingplan that allows for use of
summarization and stub routers EIGRP provides the ability to
implement multiple tiers ofsummarization and routefiltering
Relatively painless to migrate
to a L3 access with EIGRP ifnetwork addressingscheme permits
Able to maintain a deterministicconvergence time in very largeL3 topology
10.10.0.0/1710.10.128.0/17
10.10.0.0/16
SiSi SiSi SiSi SiSi
SiSi SiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
35/96
353535 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Protocol Fundamentals
Metric: Metric = [K1 x BW + (K2 x BW)/(256 - Load) +
K3 x Delay] x [K5/(Reliability + K4)] x 256
By Default: K1 = 1, K2 = 0, K3 = 1, K4 = K5 = 0
Delay is sum of all the delays along the path
Delay = Delay/10
Bandwidth is the lowest bandwidth link along the path
Bandwidth = 10000000/Bandwidth
Packets: Hello: establish neighbor relationships
Update: send routing updates
Query: ask neighbors about routing information
Reply: response to query about routing information
Ack: acknowledgement of a reliable packet
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
36/96
363636 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Protocol Fundamentals (Cont.)
DUAL Algorithm
Diffusing update algorithm
Finite-state-machine
Track all routes advertised by neighbors
Select loop-free path using a successor and remember any feasible successorsIf successor lost
Use feasible successor
If no feasible successorQuery neighbors and recompute new successor
A successor is a neighbor that has met the Feasibility Condition(FC) and has the least cost path towards the destination
Multiple successors are possible (load balancing)
A feasible successor is the neighbor with the next best loop freenext hop towards destination
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
37/96
373737 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Design Rules for HA CampusLimit Query Range to Maximize Performance
EIGRP convergence islargely dependent on queryresponse times
Minimize the number of
queries to speed upconvergence
Summarize distribution blockroutes upstream to the core
Upstream queries are returnedimmediately with infinite cost
Configure all access switchesas EIGRP stub routers
No downstream queries areever sent
SiSiSiSi
SiSiSiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
38/96
383838 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP NeighborsEvent Detection
EIGRP neighbor relationships are createdwhen a link comes up and routing adjacencyis established
When physical interface changes state, therouting process is notified
Carrier-delay should be set as a rule becauseit varies based upon the platform
Some events are detected by therouting protocol
Neighbor is lost, but interface is UP/UP
To improve failure detectionUse Routed Interfaces and not SVIs
Decrease interface carrier-delay to 0Decrease EIGRP hello andhold-down timers
Hello = 1Hold-down = 3
SiSiSiSi
interface GigabitEthernet3/2ip address 10.120.0.50 255.255.255.252ip hello-interval eigrp 100 1ip hold-time eigrp 100 3carrier-delay msec 0
Hellos
RoutedInterface
SiSi
SiSi
SiSi
L2 Switchor VLAN Interface
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
39/96
393939 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Query ProcessQueries Propagate the Event
EIGRP is an advanced distant vector;it relies on its neighbor to providerouting information
If a route is lost and no feasiblesuccessor is available, EIGRPactively queries its neighbors for thelost route(s)
The router will have to get repliesback from ALL queried neighborsbefore the router calculatessuccessor information
If any neighbor failsto reply, the queried routeis stuck in active and therouter resets the neighborthat fails to reply
The fewer routers and routesqueried, the faster EIGRP converges;solution is to limit query range
SiSiSiSi
Query
SiSiSiSi
SiSiSiSi
Query
Query
Query
Query
Query
Query
Query
Query
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
TrafficDr
oppe
dUnti
l
EIGRPCo
nverg
es
Access
Distribution
Core
Distribution
Access
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
40/96
404040 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
A CB130.130.1.0/24
B Summarizes 130.0.0.0/8 to A
130.x.x.x
Reply with Infinity and theQuery Stops Here!
Query for130.130.1.0/24
EIGRP Query Range
Summarization point
Auto or manual summarization bound queries
Requires a good address allocation scheme
Stubs also help to reduce the query range
X129.x.x.x
Query for130.130.1.0/24
8
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
41/96
414141 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP SummarizationSmaller Routing Tables, Smaller Updates, Query Boundary
Auto summarization:On major network boundaries, networks are summarized to themajor networks
Auto summarization is turned on by default
Manual summarizationConfigurable on per interface basis in any router within network
When summarization is configured on an interface, the router immediatelycreates a route pointing to null zero with administrative distance of five (5)
Loop prevention mechanism
When the last specific route of the summary goes away, the summaryis deleted
The minimum metric of the specific routes is used as the metric of thesummary route
192.168.1.x
192.168.1.0
192.168.2.x
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
42/96
424242 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
10.130.0.0/16
Manual EIGRP Summarization
10.130.1.0/24
SiSiSiSi
10.130.2.0/24 10.130.3.0/24 10.130.254.0/24
ip summary-address EIGRP
SiSiSiSi
interface gigabitethernet 3/1
ip address 10.120.10.1 255.255.255.252
ip summary-address eigrp 1 10.130.0.0 255.255.0.0
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
43/96
434343 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
No Queriesto Rest of Network
from Core
EIGRP Query Process with Summarization
SiSiSiSi
SiSiSiSi
Query Query
Query ReplyReply
Reply
Reply8Reply8
interface gigabitethernet 3/1
ip address 10.120.10.1 255.255.255.252
ip summary-address eigrp 1 10.130.0.0 255.255.0.0
SummaryRoute
SummaryRoute
Traffic
Drop
pedU
ntil
EIGRP
Conv
erges
When we summarize fromdistribution to core for thesubnets in the access we canlimit the upstream query/reply process
In a large network this could besignificant because queries willnow stop at the core; noadditional distribution blockswill be involved in theconvergence event
The access layer is still queried
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
44/96
444444 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Stubs
A stub router signals (through thehello protocol) that it is a stub andshould not transit traffic
Queries that would have beengenerated towards the stub routers
are marked as if a No path thisdirection reply had been received
D1 will know that stubs cannot betransit paths, so they will not haveany path to 10.130.1.0/24
D1 simply will not query the stubs,reducing the total number of
queries in this example to 1
These stubs will not pass D1sadvertisement of 10.130.1.0/24 to D2
D2 will only have one path to10.130.1.0/24
D2D1
Distribution
Access
SiSi SiSi
10.130.1.0/24
Hello, Im a
Stub
Im Not Going toSend You AnyQueries SinceYou Said That!
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
45/96
454545 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
EIGRP Stubs
Connected: advertise directly connected networks
Static: advertise redistributed static routes
Summary: advertise locally created summaries Receive-only: dont advertise anything
router(config-router)#EIGRP stub ?
connected Do advertise connected routes
receive-only Set IP-EIGRP as receive only neighbor
static Do advertise static routes
summary Do advertise summary routes
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
46/96
464646 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
No Queriesto Rest of Network
from Core
EIGRP Query ProcessWith Summarization and Stub Routers
When we summarize fromdistribution to core for the subnetsin the access we can limit theupstream query/reply process
In a large network this could be
significant because queries willnow stop at the core; no additionaldistribution blocks will be involvedin the convergence event
When the access switches areEIGRP stubs we can furtherreduce the query diameter
Non-stub routers do not query stubroutersso no queries will be sentto the access nodes
No secondary queriesand onlythree nodes involved inconvergence event
SiSiSiSi
SiSiSiSi
Query Reply
Reply8Reply8
Stub Stub
SummaryRoute
SummaryRoute
Traffic
Drop
pedU
ntil
EIGRP
Conv
erges
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
47/96
474747 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
EIGRP Route Filtering in the CampusControl Route Advertisements
Bandwidth is not a constrainingfactor in the campus but it is stilladvisable to control number ofrouting updates advertised
Remove/filter routes from thecore to the access and inject adefault route with distribute-lists
Smaller routing table in accessis simpler to troubleshoot
Deterministic topologyrouter eigrp 100network 10.0.0.0distribute-list Default out
ip access-list standard Defaultpermit 0.0.0.0
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
48/96
484848 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
EIGRP Routed Access Campus DesignOverview
Detect the event:
Set hello-interval = 1 second andhold-time = 3 seconds to detect softneighbor failures
Set carrier-delay = 0
Propagate the event:
Configure all access layer switchesas stub routers to limit queriesfrom the distribution layer
Summarize the access routes from
the distribution to the core to limitqueries across the campus
Process the event:
Summarize and filter routes tominimize calculating newsuccessors for the RIB and FIB
SummaryRoute
Stub
For More Discussion on EIGRPDesign Best PracticesRST-3220-3222
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
49/96
494949 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Agenda
Campus Network Designs
Routed Access Design
EIGRP Design Details
OSPF Design Details
PIM Design Details
Summary
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
50/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
51/96
515151 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
OSPF MetricCost = Metric
Cost applied on all router link paths
The lower the more desirable
Route decisions made on total cost of path
Derived from bandwidth100000000 bandwidth 56-kbps serial link = 1785
Ethernet = 10 64-kbps serial link = 1562
T1 (1.544-Mbps serial link) = 65 Fast Ethernet = 1
Configured via:
Interface subcommand: bandwidth
Interface subcommand: ip ospf cost
Router subcommand: ospf auto-cost reference bandwidth
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
52/96
525252 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Hierarchical Campus DesignOSPF Areas with Router Types
Data CenterWAN InternetBGP
SiSi SiSi SiSi SiSi SiSi SiSi
SiSi SiSi
SiSi SiSiSiSi SiSi
SiSi SiSi
Area 0
Area 200
Area 20 Area 30Area 10
BackboneBackbone
ABRs ABRs
InternalsInternals
Area 0
ABRs
Area 100
ASBRs
ABRs
ABRsArea 300
Access
Distribution
Core
Distribution
Access
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
53/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
54/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
55/96
555555 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
OSPF in the CampusConversion to an OSPF Routed Edge
Other OSPF area designsmay not permit an easymigration to a layer 3access design
Introduction of anothernetwork tier via BGP maybe required
Extension of areas beyondgood design boundaries willresult in loss of overall
availability
External Network
Area 0Backbone
Area 100Non-Stub
SiSi SiSi SiSiSiSi
SiSiSiSi
RedistributingExternals
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
56/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
57/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
58/96
585858 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
Backbone Area 0
Area 120
Area Border Router
Regular AreaABRs Forward All LSAs from Backbone
An ABR Forwards theFollowing into an AreaSummary LSAs (Type 3)
ASBR Summary (Type 4)
Specific Externals (Type 5)
Access Config:router ospf 100network 10.120.0.0 0.0.255.255 area 120
Distribution Configrouter ospf 100summary-address 10.120.0.0 255.255.0.0network 10.120.0.0 0.0.255.255 area 120network 10.122.0.0 0.0.255.255 area 0
External Routes/LSA Present in Area 120
SiSiSiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
59/96
595959 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
Backbone Area 0
Area 120
Area Border Router
Stub AreaConsolidates Specific External LinksDefault 0.0.0.0
Stub Area ABR ForwardsSummary LSAs
Summary Default to ABR
Access Config:router ospf 100area 120 stubnetwork 10.120.0.0 0.0.255.255 area 120
Distribution Configrouter ospf 100
area 120 stubsummary-address 10.120.0.0 255.255.0.0network 10.120.0.0 0.0.255.255 area 120network 10.122.0.0 0.0.255.255 area 0
Eliminates External Routes/LSA Present inArea (Type 5)
SiSiSiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
60/96
606060 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
Backbone Area 0
Area 120
Area Border Router
A Totally Stubby AreaABR ForwardsSummary Default to ABR
Totally Stubby AreaUse This for StableScalable Internetworks
Access Config:router ospf 100area 120 stub no-summarynetwork 10.120.0.0 0.0.255.255 area 120
Distribution Configrouter ospf 100
area 120 stub no-summarysummary-address 10.120.0.0 255.255.0.0network 10.120.0.0 0.0.255.255 area 120network 10.122.0.0 0.0.255.255 area 0
Minimize the Number of LSAs and the Needfor Any External Area SPF Calculations
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
61/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
62/96
626262 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
Backbone Area 0
Area 120
Area Border Router
ABRs ForwardSummary 10.120.0.0/16
Summarization Distribution to CoreReduce SPF and LSA Load in Area 0
Access Config:router ospf 100area 120 stub no-summarynetwork 10.120.0.0 0.0.255.255 area 120
Distribution Configrouter ospf 100
area 120 stub no-summarysummary-address 10.120.0.0 255.255.0.0network 10.120.0.0 0.0.255.255 area 120network 10.122.0.0 0.0.255.255 area 0
Minimize the Number of LSAs and the Need forAny SPF Recalculations at the Core
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
63/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
64/96
646464 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSi
SiSi
OSPF Timer TuningHigh-Speed Campus Convergence
OSPF by design has a number ofthrottling mechanisms to preventthe network from thrashingduring periods of instability
Campus environments arecandidates to utilize OSPF timerenhancements
Sub-second hellos
Generic IP (interface) dampeningmechanism
Back-off algorithm for LSA generation
Exponential SPF backoff
Configurable packet pacing
Incremental SPF
Reduce SPFInterval
SiSi
SiSi
Reduce HelloInterval
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
65/96
656565 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Subsecond HellosNeighbor Loss DetectionPhysical Link Up
OSPF hello/dead timers detectneighbor loss in the absence ofphysical link loss
Useful in environments where anL2 device separates L3 devices(Layer 2 core designs)
Aggressive timers are needed toquickly detect neighbor failure
Interface dampening is required ifsub-second hello timers areimplemented
Traffic
Drop
pedU
ntil
Neigh
borL
oss
Detec
tionO
ccurs
OSPFProcessing
Failure(Link Up)
A B
SiSi
SiSi
SiSi
SiSi
Access Config:interface GigabitEthernet1/1
dampeningip ospf dead-interval minimal hello-multiplier 4
router ospf 100area 120 stub no-summarytimers throttle spf 10 100 5000timers throttle lsa all 10 100 5000timers lsa arrival 80
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
66/96
666666 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
OSPF LSA Throttling
By default, there is a 500ms delay beforegenerating router and network LSAs; the wait isused to collect changes during a convergenceevent and minimize the number of LSAs sent
Propagation of a new instance of the LSA islimited at the originator
timers throttle lsa all
Acceptance of a new LSAs is limited by thereceiver
timers lsa arrival TrafficD
roppedU
ntil
LSAGene
ratedand
Pro
cessed
Access Config:interface GigabitEthernet1/1ip ospf dead-interval minimalhello-multiplier 4
router ospf 100area 120 stub no-summarytimers throttle spf 10 100 5000timers throttle lsa all 10 100 5000timers lsa arrival 80
A B
SiSi
SiSi
SiSi
SiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
67/96
676767 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
OSPF SPF Throttling
OSPF has an SPF throttling timerdesigned to dampen routerecalculation (preserving CPUresources) when a link bounces
12.2S OSPF enhancements let us tunethis timer to milliseconds; prior to
12.2S one second was the minimum
After a failure, the router waits forthe SPF timer to expire beforerecalculating a new route; SPF timerwas one second
Traffic
Droppe
dUnti
l
SPFTime
r
Expir
es
Access Config:
interface GigabitEthernet1/1ip ospf dead-interval minimalhello-multiplier 4
router ospf 100area 120 stub no-summarytimers throttle spf 10 100 5000timers throttle lsa all 10 100 5000timers lsa arrival 80
A B
SiSi
SiSi
SiSi
SiSi
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
68/96
686868 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
OSPF Routed Access Campus DesignOverviewFast Convergence
Detect the event:
Decrease the hello-interval and dead-interval to detect soft neighbor failures
Enable interface dampening
Set carrier-delay = 0
Propagate the event:
Summarize routes between areasto limit LSA propagation acrossthe campus
Tune LSA timers to minimize LSApropagation delay
Process the event:Tune SPF throttles to decreasecalculation delays
StubArea120
BackboneArea
0
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
69/96
696969 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
SiSiSiSi
SiSiSiSi
OSPF Routed Access Campus DesignOverviewArea Design
Use totally stubby areas to minimizeroutes in Access switches
Summarize area routes to backboneArea 0
These recommendations will reducenumber of LSAs and SPFrecalculations throughout thenetwork and provide a more robustand scalable network infrastructure
Area RoutesSummarized
router ospf 100
area 120 stub no-summarysummary-address 10.120.0.0 255.255.0.0network 10.120.0.0 0.0.255.255 area 120network 10.122.0.0 0.0.255.255 area 0
router ospf 100area 120 stub no-summarynetwork 10.120.0.0 0.0.255.255 area 120
Configured asTotally Stubby
Area
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
70/96
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
71/96
717171 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Agenda
Campus Network Designs
Routed Access Design
EIGRP Design Details
OSPF Design Details
PIM Design Details
Summary
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
72/96
727272 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Unicast vs. Multicast
Expected behavior for
Unicast-based applications Take advantage of multicast-
based applications thatprovide same service
IP WAN
Headquarters
Branch A
Branch B
UnicastMoH
Multiply Times Number ofUnicast Endpoints
UnicastSoftware
Distribution
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
73/96
737373 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Headquarters
Branch A
Branch B
MulticastMoH
Unicast vs. Multicast
One-to-Few Streams Sent toGroup(s) of Receivers
Video/Streaming Media
Multicast Enabled InfrastructureAllows for New Technologies
Less BW Consumed to Provide Same ServiceLess CPU Utilization on Source DevicesLess Overall Impact on Network DevicesReplicating and Forwarding Traffic
MulticastSoftware
Distribution
IP WAN
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
74/96
747474 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
IP Multicast Protocols
Dense-mode protocols
Uses push model
Flood and prune behavior
Sparse-mode protocols
Uses pull model: traffic sent only to where it is requested
Explicit join behavior
Enterprise IPmc protocols
PIM, MOSPF, DVMRP,
PIMProtocol independent multicast
Uses underlying Unicast routing protocol to prevent loops
Two modes: PIM dense mode and PIM sparse mode
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
75/96
757575 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Which PIM ModeSparse or Dense
Sparse mode Good! Densemode Bad!
Source: The Cavemans Guide to IP Multicast, 2000, R. Davis
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
76/96
767676 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
PIM Sparse Mode (RFC 2362)
Assumes no hosts wants multicast traffic unless theyspecifically ask for it
Uses a Rendezvous Point (RP)
Senders and receivers rendezvous at this point to learn of each others
existenceSenders are registered with RP by their first-hop router
Receivers are joined to the shared tree (rooted at the RP) by theirlocal Designated Router (DR)
Appropriate for
Wide scale deployment for both densely and sparsely populatedgroups in the enterprise
Optimal choice for all production networks regardless of size andmembership density
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
77/96
777777 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Anycast RPOverview
PIM RP deployment options
Static, Auto-RP, BSR, and Anycast RP
Anycast RP provides fast failover and load-balancing
Multiple RPs use a single IP address
Two or more routers have same RP address (anycast)
RP address defined as a Loopback Interface
Senders and receivers register/join with closest RP
Closest RP determined from the Unicast routing table
MSDP session(s) run between all RPs
Informs RPs of sources in other parts of network
Facilitates sharing of source information
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
78/96
787878 2005 Cisco Systems, Inc. All rights reserved.
RST-2031
11207_05_2005_c2
Anycast RPOverview
MSDPMSDP
RecRec RecRec
Src Src
SA SAA
RP1
10.1.1.1B
RP2
10.1.1.1
X
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
79/96
797979 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Anycast RPOverview
RecRec RecRec
SrcSrc
A
RP1
10.1.1.1B
RP2
10.1.1.1
X
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
80/96
808080 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Anycast RP Configuration
ip pim rp-address 10.0.0.1 ip pim rp-address 10.0.0.1
Interface loopback 0
ip address 10.0.0.1 255.255.255.255
Interface loopback 1
ip address 10.0.0.2 255.255.255.255
!
ip msdp peer 10.0.0.3 connect-source loopback 1
ip msdp originator-id loopback 1
Interface loopback 0
ip address 10.0.0.1 255.255.255.255
Interface loopback 1
ip address 10.0.0.3 255.255.255.255
!
ip msdp peer 10.0.0.2 connect-source loopback 1
ip msdp originator-id loopback 1
MSDPMSDPB
RP2
A
RP1
C D
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
81/96
818181 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
PIM Design Rules for Routed Campus
Use PIM sparse mode
Enable PIM sparse mode onALL access, distribution andcore layer switches
Enable PIM on ALL interfaces
Use Anycast RPs in the core forRP redundancy and fastconvergence
IGMP-snooping is enabledwhen PIM is enabled on a VLANinterface (SVI)
(Optional) force the multicasttraffic to remain on the shared-tree to reduce (S, G) state
(Optional) use garbage canRP to black-hole unassignedIPmc traffic
IPmc Sources
WAN Internet
SiSi SiSi SiSi SiSi SiSi SiSi
SiSiSiSi
SiSiSiSiSiSi
SiSiSiSi
SiSi
IP/TV ServerCall Managerw/MoH
RP-Left10.122.100.1
RP-Right10.122.100.1
M l i R d A C D i
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
82/96
828282 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Multicast Routed Access Campus DesignThings You Dont Have to Do
Tune PIM query interval for designated routerconvergence
Configure designated router to matchHSRP primary
Configure PIM snooping on L2 switchesbetween L3 switches
Worry about all those L2/L3 flowinconsistency issues
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
83/96
R ti t th Ed
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
84/96
848484 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Routing to the EdgeAdvantages? Yes, with a Good Design
Sub-200 msec convergence for EIGRP and OSPF Ease of implementation; fewer things to get right
Troubleshooting; well known protocols and tools
Simplified IP Multicast deployment
Considerations; spanning VLANs, IP addressing, IGP selection
A B
SiSiSiSi
SiSiSiSi
0
0.2
0.4
0.6
0.8
1
1.2
1.4
1.6
1.8
2
RPVST+ OSPF EIGRP
Upstream
Downstream
Seconds
Routed Access Design
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
85/96
858585 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Routed Access DesignSummary
EIGRP or OSPF routed links between access and distribution
Routed interfaces, not VLAN trunks, between switches
Equal cost multi path to load balance traffic across network
Route summarization at distribution with stub routers/areas
Single (IGP) control plan to configure/manage/troubleshoot
10.1.20.010.1.120.0
VLAN 20 DataVLAN 120 Voice
EIGRP or OSPFEqual Cost Multi Path
Layer 2
Layer 3
SiSiSiSi
SiSiSiSi
VLAN 40 DataVLAN 140 Voice
10.1.40.010.1.140.0
Access
Distribution
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
86/96
868686 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
Recommended Reading
Continue your Networkerslearning experience withfurther reading for thissession from Cisco Press
Check the RecommendedReading flyer forsuggested books
Available Onsite at the Cisco Company Store
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
87/96
878787 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
EIGRP
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
88/96
888888 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
EIGRPCore Layer Configuration
!
router eigrp 100
network 10.0.0.0
no auto-summary
interface TenGigabitEthernet3/1
description 10GigE to Distribution 1
ip address 10.122.0.29 255.255.255.252
ip pim sparse-mode
ip hello-interval eigrp 100 1
ip hold-time eigrp 100
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 eigrp
carrier-delay msec 0
mls qos trust dscp
!
interface TenGigabitEthernet3/2
description 10GigE to Distribution 2
ip address 10.122.0.37 255.255.255.252
ip pim sparse-mode
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 eigrp
carrier-delay msec 0
mls qos trust dscp
6k-core configuration
EIGRP
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
89/96
898989 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
EIGRPDistribution Layer Configuration
interface TenGigabitEthernet4/2description 10 GigE to Core neighborip address 10.122.0.38 255.255.255.252
ip pim sparse-modeip authentication mode eigrp 100 md5ip authentication key-chain eigrp 100 eigrpip summary-address eigrp 100 10.120.0.0
255.255.0.0 5mls qos trust dscp
!
router eigrp 100network 10.0.0.0distribute-list Default out GigabitEthernet3/1
distribute-list Default out GigabitEthernet3/2distribute-list Default out
GigabitEthernet9/15no auto-summary
!
ip access-list standard Defaultpermit 0.0.0.0permit 10.0.0.0
interface GigabitEthernet3/2description typical link to Access neighborip address 10.120.0.50 255.255.255.252
ip pim sparse-modeip hello-interval eigrp 100 1ip hold-time eigrp 100 3ip authentication mode eigrp 100 md5ip authentication key-chain eigrp 100 eigrpcarrier-delay msec 0
mls qos trust dscp!
interface TenGigabitEthernet4/3description 10GigE to Distribution neighbor
ip address 10.120.0.22 255.255.255.252ip pim sparse-modeip hello-interval eigrp 100 1ip hold-time eigrp 100 3ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 eigrpmls qos trust dscp
6k-distribution configuration
EIGRP
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
90/96
909090 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
EIGRPAccess Layer Configuration
interface Vlan4
ip address 10.120.4.1 255.255.255.0
ip helper-address 10.121.0.5
no ip redirects
ip pim sparse-mode
ip igmp snooping fast-leave
!
interface Vlan104
ip address 10.120.104.1 255.255.255.0ip helper-address 10.121.0.5
no ip redirects
ip pim sparse-mode
ip igmp snooping fast-leave
!
router eigrp 100
passive-interface default
no passive-interface GigabitEthernet1/1
no passive-interface GigabitEthernet2/1
network 10.0.0.0
no auto-summary
eigrp stub connected
interface GigabitEthernet2/1description cr3-6500-2 Distributionno switchportip address 10.120.0.53 255.255.255.252
ip hello-interval eigrp 100 1ip hold-time eigrp 100 3ip authentication mode eigrp 100 md5ip authentication key-chain eigrp 100 eigrp
ip pim sparse-modecarrier-delay msec 0
qos trust dscptx-queue 3priority high
!
interface FastEthernet3/5description Host port w/ IP Phoneswitchport access vlan 4switchport mode accessswitchport voice vlan 104qos trust cos
tx-queue 3priority high
spanning-tree portfastspanning-tree bpduguard enable
Catalyst 4507 configuration
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
91/96
OSPF
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
92/96
929292 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
OSPFDistribution Layer Configuration
router ospf 100router-id 10.122.102.1log-adjacency-changesarea 120 stub no-summary
area 120 range 10.120.0.0 255.255.0.0timers throttle spf 10 100 5000timers throttle lsa all 10 100 5000timers lsa arrival 80network 10.120.0.0 0.0.255.255 area 120
network 10.122.0.0 0.0.255.255 area 0
interface GigabitEthernet3/2description 3750 Access Switchdampeningip address 10.120.0.8 255.255.255.254
ip pim sparse-modeip ospf dead-interval minimal hello-multip 4load-interval 30carrier-delay msec 0mls qos trust dscp
!
interface TenGigabitEthernet4/1description 10 GigE to Core 1dampeningip address 10.122.0.26 255.255.255.254
ip pim sparse-modeip ospf dead-interval minimal hello-multip 4load-interval 30carrier-delay msec 0mls qos trust dscp
6k-dist-left configuration
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
93/96
PIM
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
94/96
949494 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
PIMDistribution and Access Layer
ip multicast-routing
ip igmp snooping vlan 4 immediate-leave
ip igmp snooping vlan 104 immediate-leave
no ip igmp snooping
!
interface VlanX
ip address 10.120.X.1 255.255.255.0
ip helper-address 10.121.0.5
no ip redirects
ip pim sparse-mode!
ip pim rp-address 10.122.100.1 GOOD-IPMC
override
ip pim spt-threshold infinity
!
ip access-list standard Default
permit 10.0.0.0
ip access-list standard GOOD-IPMC
permit 224.0.1.39
permit 224.0.1.40
permit 239.192.240.0 0.0.3.255
permit 239.192.248.0 0.0.3.255
ip multicast-routing
!
interface Loopback2
description Garbage-CAN RP
ip address 2.2.2.2 255.255.255.255
!
interface Y
description GigE to Access/Core
ip address 10.122.0.Y 255.255.255.252
ip pim sparse-mode!
!
ip pim rp-address 10.122.100.1 GOOD-IPMC
override
ip pim rp-address 2.2.2.2
ip pim spt-threshold infinity
!
ip access-list standard Default
permit 10.0.0.0
ip access-list standard GOOD-IPMC
permit 224.0.1.39
permit 224.0.1.40
permit 239.192.240.0 0.0.3.255
permit 239.192.248.0 0.0.3.255
4507k-access configuration6k-dist-left configuration
PIM
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
95/96
959595 2005 Cisco Systems, Inc. All rights reserved.
RST-203111207_05_2005_c2
PIMCore Layer RP Configuration1
ip multicast-routing
!
interface Loopback0
description MSDP PEER INT
ip address 10.122.10.2 255.255.255.255
!
interface Loopback1
description ANYCAST RP ADDRESS
ip address 10.122.100.1 255.255.255.255
!interface Loopback2
description Garbage-CAN RP
ip address 2.2.2.2 255.255.255.255
!
interface TenGigabitEthernet M/Z
ip address 10.122.0.X 255.255.255.252
ip pim sparse-mode
!
ip pim rp-address 2.2.2.2
ip pim rp-address 10.122.100.1 GOOD-IPMC
override
ip pim accept-register list PERMIT-SOURCES
ip msdp peer 10.122.10.1 connect-source
Loopback0
ip msdp description 10.122.10.1
ANYCAST-PEER-6k-core-left
ip msdp originator-id Loopback0
ip multicast-routing
!
interface Loopback0
description MSDP PEER INT
ip address 10.122.10.1 255.255.255.255
!
interface Loopback1
description ANYCAST RP ADDRESS
ip address 10.122.100.1 255.255.255.255
!interface Loopback2
description Garbage-CAN RP
ip address 2.2.2.2 255.255.255.255
!
interface TenGigabitEthernet M/Y
ip address 10.122.0.X 255.255.255.252
ip pim sparse-mode
!
ip pim rp-address 2.2.2.2
ip pim rp-address 10.122.100.1 GOOD-IPMC
override
ip pimaccept-register list PERMIT-SOURCES
ip msdp peer 10.122.10.2 connect-source
Loopback0
ip msdp description 10.122.10.2
ANYCAST-PEER-6k-core-right
ip msdp originator-id Loopback0
6k-core Right Anycast-RP configuration6k-core Left Anycast-RP configuration
PIM
8/14/2019 DEPLOYING A FULLY ROUTED ENTERPRISE CAMPUS NETWORK
96/96
PIMCore Layer RP Configuration2
! Continued from previous slide
!
ip access-list standard GOOD-IPMC
permit 224.0.1.39
permit 224.0.1.40
permit 239.192.240.0 0.0.3.255
permit 239.192.248.0 0.0.3.255
!
ip access-list extended PERMIT-SOURCES
permit ip 10.121.0.0 0.0.255.255239.192.240.0 0.0.3.255
permit ip 10.121.0.0 0.0.255.255
239.192.248.0 0.0.3.255
! Continued from previous slide
!
ip access-list standard GOOD-IPMC
permit 224.0.1.39
permit 224.0.1.40
permit 239.192.240.0 0.0.3.255
permit 239.192.248.0 0.0.3.255
!
ip access-list extended PERMIT-SOURCES
permit ip 10.121.0.0 0.0.255.255239.192.240.0 0.0.3.255
permit ip 10.121.0.0 0.0.255.255
239.192.248.0 0.0.3.255
6k-core Right Anycast-RP configuration6k-core Left Anycast-RP configuration