Tag Archives: routing

Tools for TE with EIGRP

In response to my article about what would cause a directly connected route to be overridden, Matt Love (@showflogi) made a good observation:

What Matt is saying is that longest prefix match (LPM) is a mechanism that can be used to steer traffic around the network in order to meet a technical or business need. This type of traffic steering is called traffic engineering (TE). Continue reading Tools for TE with EIGRP

When is a Connected Route Not Used?

I ran into this situation on a recent project and thought it would make an excellent question on an exam. It could be worded something like this:

What is the behavior of a router or Layer 3 switch when a dynamic route is learned that partially overlaps with a directly connected network?

a. The router reboots
b. The network reboots
c. That’s um-possible
d. None of the above

Continue reading When is a Connected Route Not Used?

Five Functional Facts About OSPF

It’s funny, in my experience, OSPF is the most widely used interior gateway protocol because it “just works” and it’s an IETF standard which means it inter-ops between different vendors and platforms. However, if you really start to look at how OSPF works, you realize it’s actually a highly complex protocol. So on the one hand you get a protocol that likely works across your whole environment, regardless of vendor/platform, but on the other you’re implementing a lot of complexity in your control plane which may not be intuitive to troubleshoot.

This post isn’t a judgement about OSPF or link-state protocols in general. Instead it will detail five functional aspects of OSPF in order to reveal–at least in part–how this protocol works, and indirectly, some of the complexity lying under the hood.

Continue reading Five Functional Facts About OSPF

L3 vPC Support on Nexus 5k

So… I’m a little embarrased to admit this but I only very recently found out that there are significant differences in how Virtual Port Channels (vPC) behave on the Nexus 5k vs the Nexus 7k when it comes to forming routing adjacencies over the vPC.

Take the title literally!
Take the title literally!

I’ve read the vPC Best Practice whitepaper and have often referred
others to it and also referred back to it myself from time to time. What I failed to realize is that I should’ve been taking the title of this paper more literally: it is 100% specific to the Nexus 7k. The behaviors the paper describes, particularly around the data plane loop prevention protections for packets crossing the vPC peer-link, are specific to the n7k and are not necessarily repeated on the n5k.

Continue reading L3 vPC Support on Nexus 5k

NSF and GR on Nexus 5000

NSF and GR are two features in Layer 3 network elements (NEs) that allows two adjacent elements to work together when one of them undergoes a control plane switchover or control plane restart.

The benefit is that when a control plane switchover/restart occurs, the impact to network traffic is kept to a minimum and in most cases, to zero.

Continue reading NSF and GR on Nexus 5000

Random Notes From My Third CPOC

I was lucky enough (volunteering for very challenging work is luck, right? 😁) to finish my third tour through Cisco CPOC last wcpoceek. CPOC is Cisco’s Customer Proof of Concept facility where customer’s can bring their network design, build it in Cisco’s lab, and beat the hell out of it. CPOC has tons of network and compute gear, all the right testing tools and processes, and excellent work areas that cater to collaborative work and information sharing. It’s also staffed by very senior and experienced engineers.

I know it’s cliche and I know I’m biased because I have an @cisco.com email address, but I’ve truthfully never seen anything like CPOC before. And the customer’s I’ve worked with at CPOC haven’t either. It’s extremely gratifying to take something you built “on paper” and prove that it works; to take it to the next level and work those final kinks out that the paper design just didn’t account for.

If you want more information about CPOC, get in touch with me or leave a comment below. Or ask your Cisco SE (and if they don’t know, have them get in touch with me).

Anyways, on to the point of this post. When I was building the topology for the customer, I kept notes about random things I ran into that I wanted to remember later or those “oh duh!” moments that I probably should’ve known the answer to but had forgotten or overlooked at the time. This post is just a tidy-up of those notes, in no particular order.

Continue reading Random Notes From My Third CPOC

OSPF vs EIGRP for DMVPN

In this post I’m going to look at the characteristics of OSPF and EIGRP when used in a Dynamic Multipoint VPN (DMVPN). I will do my best not to play favorites and instead stick to the facts (yes, I do have a preference :-). To that end I will back everything up with data from my lab. The focus areas of the comparison will be:

  • Scalability of the hub router’s control plane
  • Overall control plane stability
  • Traffic engineering

This post won’t go into any background on how DMVPN works. If you’re not yet familiar with DMVPN, I recommend watching these introductory videos by Brian McGahan. This post also does not do a deep dive on OSPF or EIGRP. I’m making the assumption that you’re already familiar with the different LSA types in OSPF and general functions of EIGRP.

After reading this post you should be able to describe the pros and cons of OSPF and EIGRP in the three areas listed above and incorporate this knowlege into a DMVPN design.

Continue reading OSPF vs EIGRP for DMVPN

When a Port Channel Member Link Goes Down

Mohamed Anwar asked the following question on my post “4 Types of Port Channels and When They’re Used“.

“I need a clarification, where if a member link fails, what will happen to the traffic already sent over that link ? Is there any mechanism to notify the upper layer about the loss and ask it to resend ? How this link failure will be handled for data traffic and control traffic ?”
–Mohamed Anwar

I think his questions are really important because he hits on two really key aspects of a failure event: what happens in the data plane and what happens in the control plane.

A network designer needs to bear both of these aspects in mind as part of their design. Overlooking either aspect will almost always open the network up to additional risk.

I think it’s well understood that port channels add resiliency in the data plane (I cover some of that in the previous article). What may not be well understood is that port channels also contribute to a stable control plane! I’ll talk about that below. I’ll also address Mohamed’s question about what happens to traffic on the failed link.

Continue reading When a Port Channel Member Link Goes Down

Lab: iBGP and OSPF Traffic Engineering

Click to enlarge
Click to enlarge

Here’s the scenario: An enterprise network with an MPLS core and two branch locations connected to their own Provider Edge (PE) router. In addition to the MPLS link, the PEs are also connected via a DMVPN tunnel. The PEs are peering via iBGP (of course) and are also OSPF neighbors on the DMVPN. Both Customer Edge (CE) routers at the branch are OSPF neighbors with their local PE.

Task: Use the high speed MPLS network as the primary path between the CE routers and only use the DMVPN network if the MPLS network becomes unavailable.

Question: Is the solution as simple as adjusting the Admin Distance (AD) so that the iBGP routes are more preferred? Continue reading Lab: iBGP and OSPF Traffic Engineering