Sunday, October 20, 2013

The Side Effects Of Route Summarization

Most of Network Engineers are well aware about benefits of using Route Summarization. It's one of those tools which plays an important role in any modern network design specially EIGRP based large scale networks which are prone to old Evil known as Stuck In Active (SIA).

Now there are couple of benefits that Summarization offers like:

> Hiding More Specific Routes - Which Means If one or more networks becomes unreachable or are not stable, The Devices beyond summarization point won't notice this and hence will not cause network convergence

> Also the devices beyond summary point will have only summary route in their Routing Tables instead of more specific routes. Which means less memory utilization and less calculation over head on CPU.

Now what most documents and books doesn't talk about usually are side effects of summarization. 

Pick EIGRP for instance.

Let's first understand how EIGRP chose it's metric that it should advertise to EIGRP Peers for given summary route.

The metric of a summary is based on the metrics of its components where EIGRP chooses the metric of the lowest cost component route as the metric of the summary. When EIGRP creates a summary route, it has to determine the metric to include with the route advertisement—EIGRP examines every entry in the database (topology table) looking for components of the summary that will be suppressed (thus represented by) the summary; EIGRP finds the component with the best composite metric and then copies the metric details from it (bandwidth, delay, etc.) into the summary topology table entry.

Now this technique works well for most of the time except if the component the metric was derived from flaps, the summary flaps as well.

Though we are using the summary to hide reachability information, yet changes to the metric information causes the routers beyond the summary to perform work to keep up with the metric changes. Also there is processing overhead for EIGRP to recalculate the summary metric each time a component changes.

Another Issue With Summarization is as shown below:

It's a typical Hub and Spoke Network where Spokes (R4/R5) are advertising specific subnets to Hub Routers (R2/R3) which are summarizing the Spoke Networks and advertising summary towards the Core Network.

Now as we know that CEF decisions are flow based usually. Which means although R1 will have two Next Hops in routing table for any given spoke subnet. It will still use one particular next hop to specific flow based on CEF Hash. Let's assume it chose R2 for that flow as shown below:

Now everything works well until the Link Between R2-R4 goes down.

Now from R1's prospective nothing has changed since it was receiving summary route from R2 and R3. Since it's just a specific route that has failed, nothing will change from summary standpoint. So our friend R1 never notice any network change and keep forwarding . Where as R2 has no physical connectivity to R4 any longer and effectively black hole the traffic.

Though this design can be fixed easily by introducing a link between R2 & R3:

But this remind us important role of Network Testing Phase as part of your network design and understanding Network Failure Domains well.

Further Readings:

Load Balancing With CEF

EIGRP for IP: Basic Operation and Configuration (The Addison-Wesley Networking Basics Series)

Deepak Arora

Saturday, October 12, 2013

Network Designer/Architect Vs Network Engineer...Theory Vs Real Life - Part 2

Now let's proceed further with our discussion from where we left it last time. I strongly believe that in Network Engineering field lots of gaps can be filled out with study. There might be a network engineer which could have spent 10 years into industry working on a flat network. If I compare his skill set to a fresher CCIE Lab certified person, our CCIE is most likely a way ahead in terms of skills. Of course people may argue about Experience and all, which I am not saying isn't important. But similarly something like CCIE not only teaches candidates in depth look at technologies but also prepare them to handle mental & physical stress along with importance of strategy.

Now one important thing that also CCIE taught me was - "In the end of day it's just a Technology and as long as we can break it into different pieces , you can see simplicity within complexity".

I remember couple of years back someone during an interview asked me " How much MPLS do you know ? " And I started explaining that I know MPLS quite a bit and have good understanding about how Layer 3 Intra AS MPLS VPNs works but of course since I mostly work for Enterprise customers. So CE is pretty much that defines my reach into SP-MPLS. 

The guy immediately replied back - "Knowing MPLS is far different from working on MPLS"


I asked him back if MPLS in real life works much differently from what I know from theory and practice and if he knows something about MPLS which is not documented in any good MPLS book. Also if there is any voodoo magic about MPLS ?

of course I didn't get that job as a result :) hehehe...

But that was necessary to ask. Because when I am interviewing anyone, I always try to find how good he/she is with fundamentals about that particular technology (Of course not expecting bits and bytes info) and if he is good than how much willing that person really is to play the role we are offering. Of course that doesn't mean that I am gonna offer Level 3 Engineer position to him but still perhaps recommend him for Level 2 to give him chance to learn and explore.

Now coming back to idea of using Learning as technique to fill technology understanding gaps. If we talk about CCDE recommended books list (More accurate version), I don't think it's fair that none of those is actually available in India and I must buy US editions. US edition is always a choice and perhaps only choice but one must understand the economical differences we have. 

BGP Design & Implementation - Not Available in India
End To End QOS Network Design - Not Available in India
Definitive MPLS Network Designs - Not Available in India
Optimal Routing Design - Not Available in India
CCDE Quick Reference - Not Available in India
EIGRP For IP - Not Available in India
Comparing, Designing & Deploying VPNs - Not Available in India

CCDE Bootcamp Status:

Vendor - INE - Only run CCDE bootcamps in US
Vendor - Jeremy Filliben - Don't run bootcamps in India

So this is first reason I wanted to highlight in this series to Cisco CCDE Program Manager and CCDE Community.


Deepak Arora

Thursday, October 10, 2013

EIGRP Is Distance Vector or Hybrid Routing Protocol ? - Let's get rid of an old myth

It’s been a while since I am asking this question in interviews to Routing & Switching candidates that comes from different background like Enterprise and Service Provider and certification level like CCNP, CCIP, CCIE etc.

Yet again I asked same question to couple of people I was interviewing today that had same thoughts as well of EIGRP being Hybrid.
Okay let’s forget the word “Interview” :) and focus on flip side which is that many of our own customers runs EIGRP as IGP in their networks and probably they may ask you similar questions or might have same thought process

Usually when I ask this question the answers comes as “Hybrid”. And of course then I ask people how is it “Hybrid ?”  and people start explaining that It has some features of Distance Vector Protocol and some it borrow from Link state.

And then I ask them again – What are those features that you think it borrows from Link state ?

And usually people replies back as – Hey , It has Topology Table, Routing updates are triggered , neighbor discovery and bla bla bla which comes from Link State background

Now of course one must first understand the differences in terms of EIGRP topology table Vs OSPF Topology Table per say to begin with.

EIGRP has no clue what’s there beyond its connected neighbor. Where in OSPF every router knows about entire topology.

Similarly EIGRP updates don’t go beyond immediate neighbor whereas in Link State (OSPF) every router in area gets the same copy of LSAs and pass them to neighbors without any modification.

Each router in ospf within same area has same LSDB and runs independent SPF calculation whereas EIGRP router just passes the best routes to its neighbor which that neighbor further stores into Topology table and run DUAL to figure out best path.

So perhaps we can call EIGRP as advance distance vector but definitely not Hybrid. And one reason that myth might have become popular because of is many Cisco Press Routing focused books using “Hybrid” terminology for EIGRP.

Deepak Arora