Archive

Category Archives for "ORHAN ERGUN"

BGP AS Override Feature Explained in 2022

BGP AS Override needs to be understood well in order to understand the BGP loop prevention behavior, But why BGP AS Override might create a dangerous situation, and what are the alternatives of BGP AS Override will be explained in this post.

What is BGP AS Override

BGP AS Override feature is used to change the AS number or numbers in the AS Path attribute. Without BGP AS-Override, let’s see what would happen.

BGP AS Override

In this topology, Customer BGP AS is AS 100. The customer has two locations.

Service Provider, in the middle, let’s say providing MPLS VPN service for the customer.

As you can understand from the topology, Service Provider is running EBGP with the Customer, because they have different BGP Autonomous Systems.

The service provider in the above topology has BGP AS 200.

Left customer router, when it advertises BGP update message to the R2, R2 sends to R3 and when R3 sends to R4, R4 wouldn’t accept the BGP update,

When R4 receives that update, it will check the AS-Path attribute and would see its own BGP AS number in the AS Path.

Thus is by default rejected, due to EBGP loop prevention.

If the router sees its Continue reading

BGP Route Reflector vs Confederation

BGP Route Reflector – RR vs Confederation is one of the first things Network Engineers would like to understand when they learn both of these Internal BGP scalability mechanisms. For those who don’t know the basics of these mechanisms, please read BGP Route Reflector in Plain English and BGP Confederation Blog posts from the website first.

BGP Route Reflector vs BGP Confederation

There are many differences when we compare Confederation vs Route Reflector and in this post, some of the items in the comparison chart will be explained.

 

bgp route reflector vs confederation

BGP Route Reflector vs Confederation Scalability

Both of these techniques are used in Internal BGP for scalability purposes. But BGP RR changes the Full Mesh IBGP topologies to the Hub and Spoke. BGP confederation divides the Autonomous System into the sub-ASes but inside every Sub-AS, IBGP rules are applied.

Inside BGP Sub Autonomous System, full Mesh IBGP or Route Reflector is used. So, we consider BGP RR compare to Confederation to be more scalable because inside Sub-AS still full-mesh IBGP might be used.

If RR inside Sub-AS is deployed, then configuration complexity would increase.

BGP Route Reflector vs Confederation Loop Prevention

BGP Route Reflector in order to prevent the routing loop Continue reading

BGP vs EIGRP 10 Important differences between them!

In this post, we will compare BGP and EIGRP. We will look at some of the important aspects when we compare BGP vs EIGRP. Although EIGRP is used as an IGP and BGP is used mainly as an External routing protocol, we will compare from many different design aspects. Also, BGP can be used as an Internal IGP protocol as well and we will take that into consideration as well.

bgp vs eigrp

 

We prepared the above comparison chart for BGP vs EIGRP comparison. We will look at some of those important Comparison criteria from a design point of view.

BGP vs EIGRP Scalability

One of the biggest reasons we choose BGP, not EIGRP is Scalability. BGP is used as a Global Internet routing protocol and as of 2022, the Global routing table size for IPv4 unicast prefixes is around 900 000. So almost a million prefixes we carry over BGP on the Internet.

So, proven scalability for BGP we can say. EIGRP usually can carry only a couple of thousands of prefixes, this is one of the reasons, EIGRPrp is used as an Internal dynamic routing protocol, not over the Internet.

BGP vs EIGRP in Full Mesh, Ring and Hub and Continue reading

AWS SAA vs. CLF – Can I skip one?

AWS are known for their famous highly demanded Solutions Architect Associate (SAA) Certificate, and many thinks that it is the first step with AWS and Cloud Computing, the question now is it?, or is there any step that should be taken before, like the AWS Cloud Practitioner CLF exam?.

in this blog post we will discover and compare the agenda and the main pillars each exam teach you, and see if it worth skipping CLF and start directly with SAA.

Cloud Concepts

Your very first chapter to start studying AWS CLF with will be the cloud concepts, this will give a general overview of what is the idea and concept of cloud computing, what would AWS provide regarding that, and are you about to experience.

Luckily this part is shared between both the exams of AWS CLF and SAA, and we’ll find a share for it here and there, to understand what we are about to start with such exams.

that makes them equal here, 1-1.

Security and Compliance

Having zero knowledge about cloud computing and the restrictions and differentiations that might occur with it, upon implementing a new network on the cloud for the first time will require Continue reading

OSPF Administrative Distance – How preferred is it

OSPF Administrative Distance, or OSPF AD, is the key of electing OSPF among other routing protocols (if existed) leading to the same target within the same routing table, in this blog post we will discover the basics and types of Administrative Distances for OSPF across multiple different platform.

Administrative Distance

For Cisco systems operating systems, regardless of their platforms, all the IOS-XE, IOS-XR, and NX-OS OS’s treats OSPF based on the “AD” which has the value of “110”.

Now the most important thing is not just to know the numerical value which will be useless without knowing its order of preference among the other routing protocol Administrative Distances.

OSPF AD with Cisco OS’s

The values will be as follows regarding the Static and Dynamic Routing Protocols:

  • Direct = 0
  • Static = 1
  • eBGP = 20
  • EIGRP = 90
  • OSPF 110
  • IS-IS = 115
  • RIP = 120
  • iBGP = 200

This Shows that OSPF routes to a specific target can be hidden if one of the dynamics (EIGRP or eBGP) routes was installed in the routing table, that also includes the Direct and Static as well.

Route Preference

Dealing with devices/platforms from Juniper Networks will get you to face and Continue reading

DMVPN vs MPLS VPN

DMVPN – Dynamic Multipoint VPN and MPLS VPN are two of the most popular VPN mechanisms. In this post, we will look at DMVPN vs MPLS VPN comparison, from many different aspects. At the end of this post, you will be more comfortable positioning these private VPN mechanisms.

DMVPN vs MPLS VPN

When we compare the two protocols, we look at many different aspects. For this comparison, I think very first we should say that DMVPN is a Cisco preparatory tunnel-based VPN mechanism but MPLS VPN is standard-based, RFC 2547, non-tunnel based VPN mechanism. Although, whether MPLS LSP is a tunnel or not is an open discussion in the networking community, we won’t start that discussion here again.

DMVPN and MPLS VPN over the Internet

Another important consideration for MPLS VPN vs DMVPN is, that DMVPN can be set up over the Internet but MPLS VPN works over private networks, Layer 2 or Layer 3 based private networks. DMVPN tunnels can come up over the Internet and inside the tunnels routing protocols can run to advertise the Local Area Networks subnets.

But MPLS requires Private network underlay.

DMVPNN vs MPLS

Figure – DMVPN Networks can run over Internet or Private Networks 

 

Continue reading

IS-IS Routing Ptrotocol

IS-IS is a link-state routing protocol, similar to OSPF. If you are looking for Service Provider grade, MPLS Traffic Engineering support, and extendible routing protocol for easier future migration then the only choice is IS-IS.

Commonly used in Service Providers, Datacenter (as an underlay), and some large Enterprise networks.

IS-IS Routing Protocol in Networking

IS-IS works based on TLV format. TLVs provide extensibility to the IS-IS protocol.

IS-IS TLV Codes – Specified in RFC 1195

IS-IS TLV format

 

You don’t need totally different protocol to support new extensions. In IS-IS IPv6, MTR and many other protocols just can be used with additional TLVs.

1. IPv6 Address Family support (RFC 2308)
2. Multi-Topology support (RFC 5120)
3. MPLS Traffic Engineering (RFC 3316)
IS-IS is a Layer 2 protocol and is not encapsulated in IP, thus it is hard if not impossible to attack Layer2 networks remotely, IS-IS is considered more secure than OSPF.
is-is dataplane

IS-IS uses a NET (Network Entity Title) address similar to OSPF Router ID.

IP support to IS-IS is added by the IETF after ISO invented it for the CLNS. If IS-IS is used together with IP, it is called Integrated IS-IS.

IS-IS doesn’t require an IP address for the neighborship.

Continue reading

OSPF Configuration – A sample template on multi-vendor routers

There are commons and differences to the time when it comes to configuring an OSPF routing protocol on a router you manage, based on the router’s manufacturer.

We will take a look at the basic sample of configuring OSPF on Cisco IOS-XE and Juniper’s JunOS operation systems.

OSPF on Cisco IOS-XE

With ios-xe we start configuring OSPF by mentioning the numerical value of the:

OSPF Process ID

And what that does mean is just a number to isolate some hierarchical designs of the OSPF process on the router of cisco.

Does it have to be matched on both the peering ends?, the answer is NO

Does it affect some priorities in some OSPF election processes?, the answer is also NO

Is it that mandatory?, well based on that “OS” it is, but it is not a general OSPF concept?

As it is missing with the other vendors!!

That makes the first line of configuration look like this:

        OERouter1(config)#router OSPF [Process ID]

i.e. “OERouter1(config)#router ospf 10

OSPF Network Advertisement

the later step after getting into the hierarchical mode of OSPF, specifying the process ID as well, is to advertise the networks.

these networks Continue reading

OSPF Protocol Basic Overview

What is OSPF

Language-wise it stands for Open Shortest Path First, and Family wise it belongs to the Link-State Interior Gateway Dynamic Routing Protocols.

done with the CV yet?, OSPF is an open standard internal routing protocol that is supported across all the different vendors manufacturing networking platforms.

In this article, we will review the basics and specs of this protocol, and see its own unique features.

OSPF Neighbor States

As a start, the OSPF routing protocol uses a multicast hello message that is destined to the OSPF Multicast address of 244.0.0.5 seeking any possible other OSPF routers in the area.

This message keeps repeating every 10 seconds by default, and that will be out of the interfaces that announced an OSPF configuration, which depends on how you configured it + the vendor-specific configuration template.

Upon receiving a multicast hello message from another router we already sent it a hello message earlier, and that should be within the dead timer of 40 seconds maximum (by default).

An OSPF neighbor process will start by:

  • Init:

    • at the moment of confirmation that a bidirectional multicast hello has initiated
  • 2-Way:

    • communication from the 2 parts has successfully occurred
  • ExStart:

Introduction to MPLS – Fundamentals of MPLS

MPLS Multiprotocol Label Switching is one of the most popular and commonly used technologies in today’s Service Provider and Enterprise networks. In this post, we will explain the most fundamental topics about MPLS. After reading this post, you will learn a lot about MPLS, why we should use MPLS to MPLS packet formats, USA cases of MPLS to MPLS advantages and MPLS disadvantages, some recommendations about MPLS books, MPLS training, some basics MPLS questions, and many other things will be covered. Sit tight and let’s enjoy!.

What is MPLS in Networking?

Multiprotocol Label Switching – MPLS, is a networking technology that switch the network traffic using the shortest path based on “labels,” rather than IP destination addresses, to handle forwarding over a private Wide Area Network.

MPLS is a scalable and protocol-independent solution, that can carry Layer 3 IP and Non-IP and Layer 2 traffic, PPP, HDLC, Frame-Relay, Ethernet, all are possible.

MPLS provides transport and can be considered one of the tunneling mechanisms.

MPLS transport protocols as of 2022, are LDP, RSVP, Segment Routing and BGP LU.

An MPLS network is Layer 2.5, meaning it falls between Layer 2 (Data Link) and Layer 3 (Network) of the OSI Continue reading

Multicast PIM SSM – Source Specific Multicast

Multicast PIM SSM – Source Specific Multicast from a design point of view will be explained in this post. The Shortest Path Tree concept, Advantages, and disadvantages of Multicast PIM SSM will be covered as well.

What is Source Specific Multicast – PIM SSM?

PIM is a Multicast Routing Protocol. There are two categories of PIM protocol. PIM Dense mode and PIM Sparse Mode.

PIM Sparse Mode has 3 different modes of deployment. PIM SSM – Source Specific Multicast, PIM ASM – Any Source Multicast, and PIM Bidir – Bidirectional Multicast.

In this post, we will only cover PIM SSM but for the other PIM Sparse mode and PIM Dense mode design and deployment posts, place check Multicast category.

PIM SSM is called Source-Specific because Multicast receivers not only specify the Multicast Group that they are interested in but also they can signal to the network which course they are interested in or they are not interested in.

PIM SSM in the Routing Table

In the routers, we have multicast routing tables. SSM Multicast routing entries in the routers are seen as S, G.

S stands for multicast Source and G is used for multicast Group.

Source information has to Continue reading

BGP Private and Public AS Range

BGP Private and Public AS Range: On the internet, we have 2byte AS Numbers and 4 Byte AS Numbers. In this post, we will explain what are the BGP Private and Public AS Range for 2 byte AS and 4 byte AS numbers. Where Private BGP AS number is used and should be used and where Public AS Numbers in BGP is used and should be used. Not just where they should be used but also we will discuss where they shouldn’t be used too.

BGP Private AS Range for 2 Byte AS Numbers

A 2 byte AS number is a 16-bit number. This format provides for 65536 ASNs (0 to 65535). From these ASNs, the Internet Assigned Numbers Authority (IANA) reserved 1,023 of them (64512 to 65534) for private/internal usage.

BGP Private AS Range for 2-byte AS Number is between 64512 to 65535.

So we have 1023 BGP AS Numbers to use in a 2-byte ASN schema. Private AS numbers, similar to the Private IP address range (RFC 1918), should be used internally in the networks.

Not, external networks, such as the Internet. On Internet, in the Global Routing table, which is also known as Default Free Continue reading

BGP LU – Labeled Unicast – RFC 3107

BGP LU – BGP Labeled Unicast was defined in RFC 3107. BGP LU is used so commonly in many different network architectures and frameworks. In this post, BGP LU is explained with its use cases.

BGP LU – Labeled Unicast allows BGP to advertise an MPLS Label for the IPv4 and IPv6 Unicast prefixes.

Those who know MPLS may know but let me remind you if an IP prefix is learned via IGP routing protocols such as OSPF and IS-IS, then LDP, RSVP, and Segment Routing can assign an MPLS Label. But if the prefix is learned via BGP, only BGP can assign an MPLS Label. Assigning a label by BGP for the IPv4 or IPv6 Unicast prefix is known as BGP Labeled Unicast.

It is quite easy to understand what is BGP LU but at the beginning of the post, as I said, let’s have a look at its use cases.

BGP LU – RFC 3107 in Inter-AS MPLS VPN

It is used in Inter-AS MPLS VPN Option C, between the ASBRs (Autonomous System Boundary Routers).

In Inter-AS Option C, infrastructure prefixes of ASes are exchanged and for those prefixes, MPLS Label is assigned by BGP. Inter-AS MPLS Continue reading

Unicast Multicast Broadcast Anycast and Incast Traffic Types

Unicast Multicast Broadcast Anycast and Incast Traffic Types will be explained in this post. Traffic flow/traffic types are important information that needs to be considered in Network Design, thus understanding each one of them by every IT Engineer is critical and Important for Application requirements, Security, and Performance of the overall system.

unicast vs multicast vs broadcast vs any cast

In this blog post, Unicast, Multicast, Broadcast, and Anycast traffic types/patterns will be explained with examples and the topologies.

Unicast Traffic Flow

Unicast traffic type is a point-to-point communication type. Usually from a scalability perspective, Unicast is not the desired traffic type. But if there are only two points that communicate with each other, Unicast is an optimal choice.

Multicast Traffic Flow

Point to Multipoint or Multi-Point to Multi-Point Traffic type. If the communication is targeted to a group of recipients, then the Multicast traffic type is more suitable. Multicast source/sender, receivers, and multicast groups are the components of Multicast communication. A classical example is IPTV – IP Television.

One multicast group is assigned for each IPTV channel and only interested receivers get the stream.

Broadcast Traffic Flow

If traffic is sent to everyone, regardless of considering if there is an uninterested receiver, then it is a broadcast Continue reading

MPLS Benefits 4 Very important things to understand!

MPLS Benefits and Advantages, Network Engineers should understand MPLS. In this post, we will look at what are the benefits of deploying MPLS in the Network, and the advantages of having MPLS-enabled infrastructure.

MPLS is Multi-Protocol Label Switching as you might know already. Multi-Protocol because we can carry many different types of traffic over MPLS.

MPLS is Multi-Protocol Technology

Layer 2 and Layer 3 network traffic Ethernet, Frame Frame-Relay, ATM, TDM different types of traffic was carried over MPLS. Because it provides an abstraction layer for the protocols, it is possible to carry many different types of traffic that couldn’t be possible with other technologies easily.

MPLS is a Scalable Protocol

If we talk about MPLS benefits, probably one of the most important ones would be MPLS Scalability. There is a popular belief that MPLS was invented because the packet processing resource requirement and lookup speed are faster with MPLS, compare to IP destination-based lookup.

Because MPLS is just a switching operation on the Mid-Label Switch Routers – LSR, and MPLS Label is 20 bits long, compared to IP which is 32 bits long with IPv4 and 128 bits long with IPv6, MPLS was considered a better performance protocol, Continue reading

IGP vs BGP Explained – 3 Most important things to know!

IGP vs BGP is one of the topics every Network Engineer want to learn in their career. In this post, without going into each IGP protocol detail, where and why IGP or BGP is used and should be used will discuss. As usual, we will look at it from a design aspect and understand the reasons for the protocol selection.

IGP vs BGP comparison from a design perspective using a comparison chart

IGP vs BGP

Although I will not explain the above chart in this blog post in detail, I would like to share it for completeness. Also, please note that we compared BGP with each IGP protocol from a design point of view on the website in different blog posts already.

IGP vs. BGP – BGP is the most scalable routing protocol!

When igp vs BGP is compared, the first thing we should understand is that BGP is the most scalable routing protocol and it is used for the Global Internet.

Global Internet, as of 2022, carries almost a million IPv4 Unicast prefixes.

When we talk about IGP scaling, OSPF, IS-IS, or EIGRP, can carry couple of tens of thousand prefixes, and after that, we may start seeing meltdowns, even in well-designed Continue reading

OSPF LSA Types Explained 11 Types of LSA in OSPF!

OSPF LSA Types is the first topic you need to understand if you are trying to understand OSPF routing protocol. There are 11 different types of LSA in OSPF and we will look at each one of them, why do we have many different LSA in OSPF, we will discuss the topologies and the examples to make it more clear for everyone.

What is LSA in OSPF?

We should start asking the most fundamental question first about OSPF. What is LSA?. LSA stands for Link State Advertisement and it carries, prefix information, interface cost, if advanced technologies such as Traffic Engineering are enabled, can carry link color information, used bandwidth, available bandwidth, and so on.

When a router receives an LSA, it is stored in the Link State Database (LSDB) of OSPF. Once the LSDBs between the routers are synchronized, OSPF uses the SPF/Dijkstra algorithm to calculate the best path for each destination network.

OSPF LSAs are information about a route that is transported inside OSPF Link State Update (LSU) packets.

We can only have scalable, resilient, fast-converged OSPF design when we understand OSPF LSAs and Area types and their restrictions

OSPF LSA Types

Figure -11 Different LSA Types is OSPF v2

 

OSPF LSA Type Continue reading

New Routing Protocol to replace BGP

New routing protocol to replace BGP is one of the most common questions every good Network Engineer in their career at least a few times encounter. In this post, we will look at some of those thoughts and we will discuss aims to replace BGP were real or not.

LISP as a new routing protocol aims to replace BGP?

Locator and Identity Separation Protocol, RFC 6830, as an experimental RFC, was one of those technologies, many Network Engineers thought of as a replacement for BGP, especially over the Internet.

This was probably one of the biggest myths we have been discussing for years when we discuss Routing protocol to replace BGP, but first thing is, LSIP is not a Routing protocol!.

It is an IP in the IP Encapsulation mechanism, or in other words, a tunneling mechanism, which is mainly used to hide the Internal prefixes from the network core to avoid the control plane state. So, LISP helps for Routing protocol scalability but LISP was never aimed to replace BGP.

In fact, I discussed exactly this point in the below video with Dino Farinacci, who is the inventor of the LISP protocol. Dino runs, www.lispers.net, Continue reading

OSPF Load Balancing

OSPF Load Balancing is to place multiple next-hops into the Routing and Forwarding table for a given IP destination prefix. In this post, we will look at OSPF Load Balancing, OSPF Load Sharing, OSPF ECMP, OSPF UCMP, where we should use it, where we shouldn’t use it, and what can be dangerous if we have OSPF Load balancing will be explained.

OSPF Equal Cost Load Balancing – OSPF ECMP

What is OSPF Equal Cost Load Balancing let’s have a look at the below topology and let’s try to understand?

OSPF ECMP

In the above topology, the 192.168.0.0/24 network is connected to Router D.

As a link-state routing protocol, OSPF routers in the network would know that the 192.168.0.0/24 subnet is connected to Router D.

And they would run SPF/Dijkstra algorithm to calculate the shortest path to this destination.

In the above topology, Interface costs are shown.

When we look at Router A to 192.168.0.0/24 subnet, we have two paths. A-B-D and A-C-D.

Both of the paths’ total cost is 10+10 = 20.

Thus, Router A can do load balancing for that destination prefix.

When OSPF has two paths, we don’t need to Continue reading

BGP AS Path Prepending

BGP AS Path Prepending or BGP prepend is a common technique for incoming path manipulating. When we want to engineer the traffic coming from another BGP AS to our BGP AS, BGP AS prepending is one of the most common mechanisms. There are cases BGP AS Prepend doesn’t work and shouldn’t be used as well, and in this post, we will look at them too by using the below topology.

bgp as path prepending

In the above topology, we have two BGP Autonomous Systems. AS 200 is Customer BGP AS, and AS 100 is Provider BGP AS.

As a customer, AS 200 wants AS100 to send the traffic over the left path as a Primary path and the right path as a backup path as is depicted in the above topology.

BGP AS Path Prepend

When we want to have Primary and Backup Paths as it is depicted in the above topology. BGP AS Path Prepending technique is used to influence upstream BGP Autonomous Systems’ decision.

BGP Prepend means, adding our BGP AS to the AS-path multiple times. In the above topology, 10.0.10.0/24 network’s BGP AS 200 is advertised with 3 AS prepend. By default when the prefix is advertised to Continue reading

1 2 3 28