Monday, July 19, 2010

EIGRP Pacing - What's it ?


I don't know how many of you have ever noticed/queried about eigrp pacing when it comes to EIGRP.  Further questions like
  1. Why do we need it ? In which case it's essential ?
  2. How does it prevent WAN link overload ?
When we do "show ip eigrp interface" we see a column Pacing Time Un/Reliable as shown below
router#show ip eigrp interface
IP-EIGRP interfaces for process 1
                             Xmit Queue                Mean             Pacing Time           Multicast
Interface   Peers     Un/Reliable                SRTT             Un/Reliable           Flow Timer
Se0            3             0/0                           288                  10/380               2832
Se1            0             0/0                            0                       0/10                   0

What's this Pacing time ?
Alright i got it , it means how it paces the hello , update and queries across the links. Right ? (with little grin on my face )

Partially right!! Lets see what it is ?

Why do we need EIGRP pacing ?

EIGRP can easily overload the WAN links in scenarios where several neighbors are connected to the same router using a serial link over a single low speed frame-relay network. Alternatively, the central router with a high speed link can overload the link between the switched WAN network and the access router  with routing updates causing link congestion and packet drops.EIGRP pacing was introduced in IOS maintenance releases 10.3(11), 11.0(8),and 11.1(3) to prevent these phenomena and to guarantee that EIGRP never uses more
than an operator-specified percentage of the WAN link bandwidth.

In which case it's essential ?

EIGRP pacing is really important when we have large number of neighbors are reachable over the same physical interface. Otherwise, inbuilt Transport mechanism in EIGRP prevents congestion because it uses a window size of 1.

How does it prevent WAN link overload ?

-By emitting the EIGRP packets on to the WAN link in predefined time intervals. Ofcourse, you need to configure the correct bandwidth over the interfaces using bandwidth command & the amount of bandwidth available for eigrp using ip bandwidth percentage.

The pacing time intervals vary for Reliable packets(Update,query,reply) and unreliable packets(hello,ack).The pacing intervals are computed from the interface bandwidth.







The minimum value for reliable pacing interval is 10 msec and there is no minimum value for unreliable pacing interval.
It's computed separately for every interface and subinterface so, its very importanct to set appropriate bandwidth over the physical and logical interface otherwise the combined EIGRP traffic sent over a physical interface might overload the WAN link even though the traffic on each subinterface created over the
physical interface is properly paced.
Posted by at No comments:

Tuesday, June 29, 2010

Full & Partial SPF in OSPF

LINK STATE ADVERTISEMENTS
Link - connection between routers
State - UP/Down
Advertisements - info which routers can use to share information about the n/w topology.

A lot of times i read about this term i.e. Partial SPF calculation which forced me to re-think about the SPF algorithm functionality. This post will help you understand this simple yet unknown term easily (well, i hope so :)

The SPF algorithm allows two quicker ways to calculate routes :

1. Full spf
2. Partial spf

The full spf runs when there is a topology change expressed in router lsa's. As , the name suggests, it shouts for the topology change within an area which means all the routers within an area will run SPF to calculate the new routes with the changed metrics(if any). Even a single lsa could thrust SPF to re-run and cause new updates in the network.

What happens in Full SPF ?
Each router processes each LSA it received and keep it in to the Link State Database with the help of LSU(Each LSU may contain one or more lsa's). SPF is based on Djikstra's algorithm which runs on this database to create a TREE. A best route selection process takes over and selects the best route from all the links available in the LSDB ( which follows the order as Longest Prefix match --> AD-->Metric --> Load balance ).

The SPF algorithm is CPU-intensive and is thus heavily throttled: the router will not execute the SPF algorithm until a predefined timeout has expired from the event triggering the SPF (goal: collect as many changes as possible in the topology database to prevent multiple SPF runs) and will not execute subsequent SPF run until the inter-SPF interval expires (goal: minimize CPU utilization in case of severe network instability).

Use the TIMERS THROTTLE SPF router configuration command to adjust OSPF SPF timers and the SPF-INTERVAL router configuration command to adjust IS-IS SPF timers.

Alright! i hear you saying " I understand that! ( i know this tone :)) but when does Partial SPF occur ??

Here is the scoop:
Lets say we have two areas Area 1 and Area 2. Area 1 sends its routes as an Inter-Area Summary routes (LSA Type 3) to Area 2. Any change in Area 1 topology or IP Prefix flap will never cause the Area 2 routers to run full SPF algorithm. Summary LSAs cause partial SPF to run. In OSPF, partial spf relates to Summary and External LSA's only.

Partial SPF will run in AREAS BESIDE THE ONE WHICH HAD A TOPOLOGY CHANGE VIA summary lsa or External lsa's.Full SPF creates an spf tree from the list of all ip prefixes available in the link state database. Best routes are selected by partial spf.

What's Partial SPF ?

The best route selection after the shortest path tree is built is not computationally complex and not as heavily throttled. The best route selection after the SPF tree has been built is called partial SPF in OSPF and partial route calculation (PRC) in IS-IS.

The route selection is a simple distance-vector operation where the router selects the minimum-cost IP prefixes from the set of all advertised IP prefixes
Posted by at No comments:

Monday, May 24, 2010

Frame-Relay Inverse Arp - Unleashed

We all know it all about Arp when it comes to Frame-relay but what is Inverse-Arp ? Huh...Now what on earth is this all about ? Yeah...that's how i grinned when i first saw it while studying for Frame-relay.


But still lets have a recap about Arp :
In a local Lan if a host wants to know about a destination MAC address (to build a L2 frame) it sends an ARP request to the local lan's broadcast address to get the information. For example: lets say we have a n/w 192.168.20.0/24 (See Figure 1) & host 192.168.20.2 wants to know about 192.168.20.3 , it sends an ARP request to FFFF.FFFF.FFFF(broadcast add for this subnet)containing the destination address of x.x.x.x at the layer 3. Post which, it creates a frame and send it across. For more information on ARP , please refer this article http://www.tildefrugal.net/tech/arp.php. It has explained beautifuly how ARP works. Thanks Andrew :)













Figure-1

Hmm...That was easy.

Then, what is Proxy-Arp ?
This concept comes in to play when a host wants to know the mac address of another host which reside in some other network for which there is a layer 3 network boundary in between. Router or a layer 3 switch, in this case, sends it's own mac-address to the host (asking him to create a frame with Router's mac-address as the destination address) directing to forward the packets to the destination for him. If you look above in Figure 1 - R2 sends it's own mac-address to the clients in the network 192.168.20.0/24 to reach the network in vlan 10 i.e. 10.10.10.0/24

Allright ! i know you scooped that too with ease :)

Now, it comes to Inverse-Arp . What is the fuss all about ?
InARP discovers the DLCI to use to reach a particular adjacent IP address. With InARP, routers already know the Data Link address (DLCI), and need to learn the corresponding IP address. Refer to figure-2 below



Here as we enable frame-relay on Interface S0 ,it starts sending Inverse-arp messages across the wire. It creates the map table as shown here.Unlike ARP, a packet doesn't trigger the inverse-arp protocol. Instead, an LMI status message triggers inverse-arp {Local Management Interface (LMI) messages manage the local access link between the router and
the Frame Relay switch. A Frame Relay DTE can send an LMI Status Enquiry message to the
switch; the switch then replies with an LMI Status message to inform the router about the DLCIs of the defined VCs, as well as the status of each VC. By default, the LMI messages flow every 10 seconds}. After receiving an LMI PVC Up message, each router announces its own IP address over the VC as shown below.


If we disable LMI messages over the link, then inverse-arp doesn't work and you need to manually map the dlci's to the neighbor ip's using frame-relay map ip x.x.x.x 200 or whatever dlci u use ( Dlci's are only locally relevant , don't have global acknowlegement).

On Point to point interfaces , Inverse-arp doesn't work. It never sends and ignores the received inverse-arp packets.The reason is that Cisco IOS knows that there is only one VC connected with this interface and any network can be reached via this dlci only. So, any received Inverse-arp information is unnecessary.

However in case of multipoint interfaces, we need to know the mapping which takes place using this inverse-arp packets. You can disable inverse-arp using this command " no frame-relay inverse-arp " under interface configuration mode. This means if you need to know the frame-relay map table, you need to do manual configuration frame-relay map ip x.x.x.x dlci.

Lets take a look at an example here



R1 is using the inverse-arp whereas R2 and R3 don't. The configuration for the devices is listed below :

R1:

interface Serial1/0
ip address 172.16.1.1 255.255.255.0
encapsulation frame-relay

R2:

interface Serial1/0
ip address 172.16.1.2 255.255.255.0
encapsulation frame-relay
frame-relay map ip 172.16.1.3 201
frame-relay map ip 172.16.1.1 201 broadcast (broadcast is needed if you use any routing protocol)
no frame-relay inverse arp

R3:

interface Serial1/0
ip address 172.16.1.3 255.255.255.0
encapsulation frame-relay
frame-relay map ip 172.16.1.1 301 broadcast
frame-relay map ip 172.16.1.2 301
no frame-relay inverse arp

The status of all the three circuits is shown below:

R1#sh frame-relay map
Serial1/0 (up): ip 172.16.1.3 dlci103(0x67,0x1870), dynamic,
broadcast,, status defined, active
Serial1/0 (up): ip 172.16.1.2 dlci102(0x66,0x1860), dynamic,
broadcast,, status defined, active

R2#sh frame-relay map
Serial1/0 (up): ip 172.16.1.3 dlci 201(0xC9,0x3090), static,
CISCO, status defined, active
Serial1/0 (up): ip 172.16.1.1 dlci 201(0xC9,0x3090), static,
broadcast, CISCO, status defined, active

R3#sh frame-relay map
Serial1/0 (up): ip 172.16.1.1 dlci 301(0x12D,0x48D0), static,
broadcast, CISCO, status defined, active
Serial1/0 (up): ip 172.16.1.2 dlci 301(0x12D,0x48D0), static,
CISCO, status defined, active


Posted by at No comments:
Subscribe to: Posts (Atom)