Routing Control-Data plane interaction

What are the functions of a control plane and data plane of a router?/How the router creates the routing table?
The Router consists of a control plane and data plane, the control plane is used to exchange the routing updates of routing protocols like RIP,OSPF,IS-IS,BGP. Each protocol when enabled on a router initiates it process to build its tables in RIB, am not going in detail about each routing protocol how they work, as our main focus is working of control and data planes. Once the routing databases exchanged over the control plane the router puts the best routes of the router databases into routing table and a copy of it is sent to the Forwarding Information Base(FIB) in the data plane, the below figure illustrates the control plane and date plane functions of the router.

Once the FIB is created by the router, the data is routed with the help of forwarding information base(FIB). Whenever there is a topology change the routers updates their RIB which updates the Route table in control plane and again a copy of Route table is sent to FIB.

How a packet is routed?
When the data packet is received by the router it checks the IP header of the packet to find the destination IP, then checks its routing table for the longest prefix match, if a match is found the router sends that packet over the outgoing interface of the entry present in the routing table.

TCP 3-WAY HANDSHAKE

TCP the transport control protocol, its a reliable communication protocol and provides end-to-end services.
The applications HTTP,FTP,TELNET,SMTP,IMAP uses the TCP because these protocols need the connection oriented services and TCP provides the Flow control and Congestion control.
UDP is less overhead when comparing with TCP, TCP header has many fields and these are used for the accurate data delivery without a packet loss. Have a look at the TCP and UDP headers.

                                                                 TCP Header

UDP Header

As TCP is connection oriented protocol it has to keep track of the established connections and carries all the required fields.

UDP is simple and less overhead protocol which is used by applications like DNS,DHCP,RTP,SNMP

3-way handshake:
Before any data is transferred by TCP first it establishes the connection which is called as 3-way handshake.The TCP connection is established with 3 packets [SYN],[SYN,ACK],[ACK].

lets see how the Telnet connection is established between the two routers,

Telnet from 10.0.0.2 to 10.0.0.1

First packet from node 10.0.0.2 to 10.0.0.1, seq no=0,Des port is 23 telnet application ,sync bit is set ,window size is 4128

Now 10.0.0.1 replies to this packet with SYN,ACK bit set,with its own seq number and window size

The 10.0.0.2 replies with ACK to 10.0.0.2 with seq=1

Connection is established between the two nodes once the 3 packets are exchanged, the node 10.0.0.2 can execute the commands in the telnet session established to 10.0.0.1 node. Once the user exit the telnet session the 10.0.0.1 sends a packet to 10.0.0.2 to tear off the connection with FIN bit set

IP Subnetting

Before i talk about subnetting we just talk about IP-internet protocol, as we all know that "ip" represents name of the node or system in the network, which the device responds when user calls it by its name (IP) and the call can be made with protocols(PING,TELNET,FTP,HTTP,etc) so here's the question, Does any device can reach any device in the world? you think traffic can be controlled ? it will be a chaos if that happens.

whats the solution? so they introduced a concept called segmenting,with this we can limit the traffic pass from one network to other network.

whats is a network?

Example: 10.0.0.0/8 is called one network , you might have already got an idea and thinks its a Class A network.

i explain you about classes later just after this, first look at this address 10.0.0.0/8 

10.0.0.0--------network address(cannot be assigned to any host)

host address starts from 10.0.0.1 to 10.255.255.254(so how many address for hosts? (2^24)-1(minus one for broadcast address))

10.255.255.255----broadcast address(cannot be assigned to any host,used for ARP)

If you observe the above calculation i took a cutoff of first 8 bits because its /8 subnet mask so i counted host address from 10.0.0.1 to 10.255.255.254 without touching 10(first octet)

lets just take the 10.0.0.0/9 network. we can tell that there are 2^23-1 host addresses but from where does the host addresses starts?

It starts at 10.0.0.1 to 10.127.255.254 

Now if you have 10.0.0.0/8 network we can subnet it into two /9 network. agree?

 if we subnet 10.0.0.0/8 to /9 then we will have 10.0.0.0/9 and 10.128.0.0/9(two networks with (2^23)-1 hosts each)

so instead of having all the (2^24)-1 host addresses in single network we subnetted into two networks with (2^23)-1 host addresses each.

As you observe one single broadcast domain is divided into two broadcast domains.

Now the same /9 networks can be further subnetted into /10 and soon which can give us more networks with limited hosts.

So the /8 turned to /9 with less number of hosts with more number of subnets, if we further subnet, the increase in number of networks decrease the number of hosts per each subnet network.

Classes?

what are the classes? when the internet started the designers followed the class mechanism to differentiate the networks which called as Class A,Class B,Class C,D and E because at that time the devices in that network are very less as the internet grows more devices added to the network which led to subnetting of these Classes.

You can find enough information about these classes on web.

when the big network is subnetted into small small networks, we introduced routing to route the traffic from one network to other network.

you try subnetting the following and let me know the number of hosts in the each network and to which subnet the following networks belongs to.

192.0.0.0/23,

120.0.0.0/17,

10.0.0.0/24,

11.0.0.0/16,

134.0.0.0/15

first try yourself and post your answers, i will let u know the formula to calculate easily

So how do we calculate?

lets take the subnet 10.1.0.0/23

Network address 10.1.0.0 subnet mask 255.255.254.0

Now the take the third octet and subtract it from 256 .i.e 256-254=2

10.1.0.0/23 ----10.1.0.1 to 10.1.1.254
10.1.2.0/23 ----10.1.2.1 to 10.1.3.254
10.1.4.0/23 ----10.1.4.1 to 10.1.5.254
|
|
|
|
10.1.254.0/23 ---- 10.1.255.254

so total 128 subnets with /23 mask and each subnet has 2^9-1 hosts

As given address is 10.1.0.0/23 it has 2^9-1 hosts starting from 10.1.0.1 to 10.1.1.254

OSPF over FRAME RELAY

Hi,
 i would to explain the OSPF over frame relay.OSPF can be configured over frame relay in three different ways.
1)Default multipoint
2)Point-to-multipoint
3)Point-to-multipoint non-broadcast.

1)Default multipoint

consider the above topology which R1 is hub,R2 and R3 are spokes,R1 having two PVC's to both R2 and R3.As it is a default network type no need to define OSPF network type on framerelay connected interfaces.

lets check the configuration part.

First let me show you the R1 configuration.
R1#

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!

interface Serial0/0.1 multipoint
 ip address 10.0.0.1 255.255.255.248
 frame-relay interface-dlci 101
 frame-relay interface-dlci 102
!

router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 10.0.0.1 0.0.0.0 area 0

the same way the configuration on R2 would be

R2:

interface Serial0/0

 ip address 10.0.0.2 255.255.255.248

 encapsulation frame-relay

 serial restart-delay 0

 frame-relay interface-dlci 201

!

router ospf 1

 log-adjacency-changes

 network 10.0.0.2 0.0.0.0 area 0

so now lets see the neighbors of R1,

R1#sh ip os nei

Neighbor ID     Pri   State           DeadTime   Address         Interface

N/A               0   ATTEMPT/DROTHER 00:01:54    10.0.0.2        Serial0/0.1

All the framerelay and ospf configuration has been done still you see that the state is ATTEMPT/DROTHER ,In the default network type the ospf neighbor discovery is not automatically done so, to fix this we need to manually add the neighbors on the routers.

R1(config)#router os 1

R1(config-router)#neighbor 10.0.0.2

R2(config)#router os 1

R2(config-router)#neighbor 10.0.0.1

once we add the above commands on both the routers the both routers will become neighbors and routes are exchanged.

R2#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface

10.0.0.1          1   FULL/BDR        00:01:45    10.0.0.1        Serial0/0

From the above output as you can observe R1 became BDR and R2 elected as DR being highest ip address than R1, this is not good why because R2 is spoke so to make R1 as DR set the priority on R2 spoke.


Before that lets check the routing table of R2

And if we check the routing table of router R2

R2#sh ip rou

R2#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

O       1.1.1.1 [110/65] via 10.0.0.1, 00:01:58, Serial0/0

     10.0.0.0/29 is subnetted, 1 subnets

C       10.0.0.0 is directly connected, Serial0/0

R2#

To make the R2 state from DR change the priority

R2(config-if)#ip ospf priority 0

R2(config-if)#end

R2#ship

*Mar  1 00:46:04.059: %SYS-5-CONFIG_I: Configured from console by console

R2#sh ip os nei

Neighbor ID     Pri   State           Dead Time   Address         Interface

10.0.0.1          1   FULL/DR         00:01:56    10.0.0.1        Serial0/0

R2#

As i changed the priority on R2, it let the R1 to become DR and also check the neighbor table of R1

R1#sh ip os nei

Neighbor ID     Pri   State           Dead Time   Address         Interface

10.0.0.2          0   FULL/DROTHER    00:01:45    10.0.0.2        Serial0/0.1

R1#

you may think about BDR, here on framerelay its not necessary.

so this is all about OSPF over framerelay default multipoint,here i showed configuration only of R1 and R2, if we want spoke to spoke communication as you already aware we need framerelay mapping between the spokes.

final in this type let me show you the default network type it has taken.

R1#sh ip os interface s0/0.1

Serial0/0.1 is up, line protocol is up

  Internet Address 10.0.0.1/29, Area 0

  Process ID 1, Router ID 10.0.0.1, Network Type NON_BROADCAST, Cost: 64

  Transmit Delay is 1 sec, State DR, Priority 1

  Designated Router (ID) 10.0.0.1, Interface address 10.0.0.1

  No backup designated router on this network

  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5

    oob-resync timeout 120

    Hello due in 00:00:08

  Supports Link-local Signaling (LLS)

  Index 1/1, flood queue length 0

  Next 0x0(0)/0x0(0)

  Last flood scan length is 1, maximum is 1

  Last flood scan time is 0 msec, maximum is 4 msec

  Neighbor Count is 1, Adjacent neighbor count is 1

    Adjacent with neighbor 10.0.0.2

  Suppress hello for 0 neighbor(s)

R1#

you can see as i highlighted the default network type.

2)Point-to-multipoint

So i erased the ospf configuration except the framerelay.

In this network type the routers do not elect DR and BDR to dynamically discover neighbors.The only configuration requirement on both the routers is to define network type on that framerelay connected interface.

R1#

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

!

interface Serial0/0.1 multipoint

 ip address 10.0.0.1 255.255.255.248

 ip ospf network point-to-multipoint

 frame-relay interface-dlci 101

 frame-relay interface-dlci 102

!

router ospf 1

 log-adjacency-changes

 network 1.1.1.1 0.0.0.0 area 0

 network 10.0.0.1 0.0.0.0 area 0

R2#

interface Serial0/0

 ip address 10.0.0.2 255.255.255.248

 encapsulation frame-relay

 ip ospf network point-to-multipoint

 serial restart-delay 0

 frame-relay interface-dlci 201

!

router ospf 1

 log-adjacency-changes

 network 10.0.0.2 0.0.0.0 area 0

as you can see there are no manually configured neighbors,and on the interfaces of both the routers i configured network type as "point-to-multipoint".This completes the configuration and lets check the neighbor table.

R1#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface

10.0.0.3          0   FULL/  -        00:01:45    10.0.0.3        Serial0/0.1

10.0.0.2          0   FULL/  -        00:01:54    10.0.0.2        Serial0/0.1

R1#

you remember when i said earlier there are no DR and BDR on this network type.

lets check the final command.

R1#sh ip ospf interface s0/0.1

Serial0/0.1 is up, line protocol is up

  Internet Address 10.0.0.1/29, Area 0

  Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_MULTIPOINT, Cost: 64

  Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,

  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5

    oob-resync timeout 120

    Hello due in 00:00:09

  Supports Link-local Signaling (LLS)

  Index 1/1, flood queue length 0

  Next 0x0(0)/0x0(0)

  Last flood scan length is 1, maximum is 1

  Last flood scan time is 4 msec, maximum is 4 msec

  Neighbor Count is 2, Adjacent neighbor count is 2

    Adjacent with neighbor 10.0.0.3

    Adjacent with neighbor 10.0.0.2

  Suppress hello for 0 neighbor(s)

R1#

now you see the network type changed to POINT_TO_MULTIPOINT.

3)Point-to-multipoint nonbraodcast
This network type acts similarly to the point-to-multipoint network type but the "nonbroadcast" implies routers cannot broadcast or multicast neighbors to discover neighbors.
so we need to manually add the neighbors on the routers.

R1#

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0.1 multipoint
 ip address 10.0.0.1 255.255.255.248
 ip ospf network point-to-multipoint non-broadcast
 frame-relay interface-dlci 101
 frame-relay interface-dlci 102
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 10.0.0.1 0.0.0.0 area 0
 neighbor 10.0.0.2


R2#

interface Serial0/0
 ip address 10.0.0.2 255.255.255.248
 encapsulation frame-relay
 ip ospf network point-to-multipoint non-broadcast
 serial restart-delay 0
 frame-relay interface-dlci 201

!

router ospf 1

 log-adjacency-changes

 network 10.0.0.2 0.0.0.0 area 0

 neighbor 10.0.0.1

now the neighbor table of R1 is

R1#sh ip ospf neighbor


Neighbor ID     Pri   State           Dead Time   Address         Interface
10.0.0.2          0   FULL/  -        00:01:47    10.0.0.2        Serial0/0.1
10.0.0.3          0   FULL/  -        00:01:38    10.0.0.3        Serial0/0.1
R1#


thats all guys...ospf over frame relay


i hope this is helpful and thank you.

Route filtering with BGP

Route filtering can be done with "ACL","prefix-list" and "offset-list" with a  combination of "route-map",here i am using the BGP as a routing protocol between different autonomous systems.i apply the route filtering at router R2 which it going to effect the R4 routing table.This filtering can be applied any where depends up on our requirement.

let me show you the BGP routing table of R4 without a route filtering configured at R2
i shutdown the interface between the R0 and R4 to make R4 to reach the other networks via R2, so when we see the routing table of R4 with "show ip  bgp" command.

2.2.2.2 is the R2's loopback address and 4.4.4.4 is the R4's loopback address.As we observe R4 can reach all the networks of 10.2.0.0/30,119.227.0.0/30,128.0.0.0/30 via 2.2.2.2 and 10.0.0.0/30 is a local network to R4

Now i will the configure the route filtering on R2.Here my policy is to prevent R4 to learn about 10.2.0.0/30 network.so my configuration on R2 as follows.

First create an access-list in global configuration mode which should match 10.2.0.0/30 network

access-list 1 permit 10.2.0.0 0.0.0.3

Then create an route-map with name "DENY" with "deny" clause and sequence number "10" which deny's the 10.2.0.0/30 network.

route-map DENY deny 10

match ip address 1

now to accept the remaining routes, create a permit clause with same name with different sequence number

route-map DENY permit 15


Apply this route-map in R2's BGP configuration as

 neighbor 4.4.4.4 route-map DENY out

i configured the route-map for neighbor 4.4.4.4 as "out" because the routes are advertising by R2 to R4

now most important command when applying route filtering in BGP  is
clear ip bgp 4.4.4.4 if we don't clear the bgp process for R4 the route filtering configuration wont take effect in BGP

If we observe the routing table of R4

the route for 10.2.0.0/30 is filtered and remaining are allowed.

This can be done with prefix-list also so i am going to post that in other post with explanation of route redistribution when different routing protocols are used in the network.

Policy based routing

In this post im going to explain policy based routing with "ospf" as a protocol in the below topology,i configured ospf on all the routers to get the full reachability between all the routers, Generally routing decisions by router is based on the routing table but when we configure the policy based routing then the decisions are taken based on the policy based routing configuration.when a packet arrives at particular interface of a router,the incoming packet actually arrives encapsulated inside a data link layer frame then the router strips of the frame and looks into the L3 packet. considering the information in the packet the router thus takes the forwarding decisions by comparing with the routing table.

when the PBR is configured,it intercepts the router's natural destination based forwarding address logic.PBR takes decision by using the matching logic defined through a route map,which in turn refers to the IP ACL.


The router "5.5.5.5" can reach the "12.0.1.0 network" via two routers "4.4.4.4" and "12.12.12.12", take a look at the routing table of "5.5.5.5"



now if we see the R6 path to reach the destination of "12.0.1.1" using traceroute.





the path is via "5.5.5.5" to "12.12.12.12" and to the "12.0.1.1" , now think that we want the traffic to be routed via 4.4.4.4 instead via 12.12.12.12  then configure the policy on 5.5.5.5 router , first create the "route-map" with "ACL" and apply that route-map on the interface.The packets from R6 reach to s0/1 of 5.5.5.5 ,apply the policy on this incoming interface.

interface Serial0/1
 ip address 11.2.0.6 255.255.255.252
 ip policy route-map ROUTE

now create the route-map with name as "ROUTE" with permit clause and set the next hop as follows

route-map ROUTE permit 10
 match ip address 110
 set ip next-hop 11.1.0.1

In the above command 110 refers to the access-list that i created, create the access-list as

access-list 110 permit ip host 11.2.0.5 12.0.1.0 0.0.0.3

the above configuration exactly matches the frames coming from source 11.2.0.5 to the destination 12.0.1.0/30 network so all the traffic will route through 11.1.0.1

Observe the Result,all the traffic from 11.2.0.5 routed via 11.1.0.1

Result: