Shamim Which Routing N49

Which Routing Protocol?
Comparison between OSPF & ISIS Faraz Shamim Khalid Raza
2010 Cisco Systems, Inc. All rights reserved.
OSPF top down view
Issues and Comparison

OSPF is for the most part more optimized (and therefore significantly more complex) Uses complex, multistate process to synchronize databases between neighbors
ISIS top down view
IS-IS was not designed from the start as an IP routing protocol Adjacency is reported once two-way connectivity has been ensured IS-IS essentially uses its regular flooding techniques to synchronize neighbors Coarse database granularity makes this easy (just a few CSNPs)
Intended to minimize transient routing problems by ensuring that a newborn router has nearly complete routing information before it begins carrying traffic Accounts for a significant portion of OSPFs implementation complexity
Partially a side effect of granular database (requires many DBD packets)
Transient routing issues can be reduced (albeit non deterministically) by judicious use of the overload bit
Issues and Comparison

Encapsulation
OSPF runs on top of IP
Encapsulation
Traditional IP routing protocol approach
IS-IS runs directly over L2 (next to IP) Sort of makes sense (ISIS was originally designed for CLNS)
Allows virtual links (if you like them)
Relies on IP fragmentation for large LSAs Subject to spoofing and DoS attacks (use of authentication is strongly advised)
Which Routing Protocol? 2010 Cisco Systems, Inc. All rights reserved.
Partition repair requires tunneling (rarely implemented)
More difficult to spoof or attack
Terminology
Terminology
OSPF:
Host Link Router Packet
End System (ES) Circuit
ISIS:
Intermediate System (IS) Protocol Data Unit (PDU) Designated IS (DIS) N/A (no BDIS is used) Link-state PDU (LSP) IIH PDU
Designated router (DR) Backup DR (BDR) Hello packet Link-state advertisement (LSA) Database Description (DBD)
Complete Sequence Number PDU (CSNP)

5
Terminology (cont.)
OSPF:
LS update Area
ISIS:
LS acknowledgement Non-backbone area Backbone area Virtual link Router ID Area Border Router (ABR)
LSP (ISIS runs over layer-2) Subdomain (area) Level-1 area Level-2 area L1L2 router
Partial Sequence Number PDU (PSNP)
AS Boundary Router (ASBR) any IS Link-state ID

Virtual link (not used though) System ID N/A N/A

6
Advertising router ID
Packets
Packets
OSPF basic header is fixed 20 bytes
Version Type Packet Length
Common header is only 8 bytes

Intradomain Routing Protocol Discriminator Length Indicator Version/Protocol ID Extension R R R ID Length Version Reserved Maximum Area Address Additional Header Fields TLV Fields
8
1 1 1 1 1 1 1 1
Router ID Checksum Area ID Autype
PDU Type
Authentication
Authentication
Packets
Packet Encoding
OSPF is efficiently encoded Holy 32-bit alignment provides tidy packet pictures, but not much else Positional fields
Packet Encoding
IS-IS is mostly TypeLength-Value encoded
Extensible from the start (unknown types ignored but still flooded) All packet types are extensible Nested TLVs provide structure for more granular extension (though base spec does not use them; OSPF is starting to do so)
9
No particular alignment
Only LSAs are extensible (not Hellos, etc.)
Unrecognized LSA types not flooded (though opaque LSAs can suffice, if implemented universally)
Packets OSPF
1. Hello 2. DBD 5 type of basic packets
ISIS
1. Hello (3 types L1 LAN, L2 LAN, Point-to-point) 3. Sequence number packet (CSNP, PSNP) 3 types of basic packets granularity within 2. Link state packet (L1,L2)
3. LS Request 4. LS Request 5. Link State Ack
10
Hello
OSPF:
Fixed format Sent every 10 sec by default.
ISIS:
TLVs (extendable) Sent every 10 secs by default
Intelligent sending on NBMA
DIS sends 3 times faster
Suppressed for demand circuits
11
OSPF LSAs
Type
1 2 3 4 5 6 7 8 911
LSA
Router Network Summary Network Summary ASBR External Group Membership NSSA External Attributes Opaque
Up to 256 LSPs per IS Each LSP is constructed with TLVs: TLV

2 10 22 128 129 130 132 135
ISIS LSPs
Purpose
Neighbor announcement Authentication Extended neighbor info(TE) Internal IP Routing info NLPID announcement (IP) External IP Routing info IP Interface addresses Wide scale metrics
12
Adjacency Establishment
OSPF:
LSDB synchronisation is performed before a neighbor is reported in the router-LSA Adjacency is reported once twoway connectivity has been ensured Point-to-point links are treated the same way as in OSPF
ISIS:
On point-to-point links adjacencies are established between every pair of neighbors that can see each other On LAN segments adjacencies are established with the DR and BDR MTU mismatch is detected
On LAN segments, adjacencies are established with the DIS (no BDIS is elected) MTU mismatch is detected
13
OSPF database node is an LSAdvertisement
Database Granularity
LSAs are mostly numerous and small (one external per LSA, one summary per LSA) Network and Router LSAs can become large
IS-IS database node is an LSPacket
LSAs grouped into LSUpdates during flooding LSUpdates are built individually at each hop
Always flooded intact, unchanged across all flooding hops (so LSP MTU is an architectural constant--it must fit across all links) Small topology changes always yield entire LSPs (though packet size turns out to be much less of an issue than packet count) Implementations can attempt clever packing
LSPs are clumps of topology information organized by the originating router
Small changes can yield small packets (but Router, Network LSAs can be large)
14
Designated Routers
Both protocols elect a designated router on multiaccess networks to remove O(N^2) link problem (by creating a pseudonode) and to reduce flooding traffic (DR ensures flooding reliability)
In IS-IS all routers are adjacent (but adjacency is far less stateful) If DR dies, new DR must be elected, with short connectivity loss (synchronization is fast)
OSPF elects both a DR and a Backup DR, each of which becomes adjacent with all other routers
BDR takes over if DR fails DRship is sticky, not deterministic Complex algorithm
DRship is deterministic (highest priority, highest MAC address always wins) DRship can be made sticky by cool priority hack (DR increases its DR priority)
15
DR Election
Every LAN interface goes through the Waiting state to listen if the DR and BDR are already elected, if so, the new router does not try to pre-empt
OSPF:
Interfaces also go through a delay (3 seconds), but this is just an attempt to collect as much info for DR election as possible
ISIS:
New router attached to a DR/BDR re-election segment may cause DR happens only when current switch-over DR/BDR goes down (stability)
16
LAN Flooding
OSPF uses multicast send, unicast ack from DR Reduces flood traffic by 50% (uninteresting) IS-IS uses multicast LSP from all routers, CSNP from DR Periodic CSNPs ensure databases are synced
Requires per-neighbor state (for retransmissions) Interesting (but complex) acknowledgement suppression Flood traffic grows as O(N)
Flood traffic constant regardless of number of neighbors on LAN
17
Multiple areas
OSPF router can sit in many areas
If backbone is attached, it In ISIS multi-area has is an ABR and attracts been added - multiple inter-area traffic ISIS processes If no backbone is attached, the router is internal to more than one area and does not attract inter-area traffic
Each ISIS router belongs to one area
One of the processes will be L1L2 to advertise all area addresses from all processes into L2 Designed to use for CLNS, not for IP
This is Cisco-specific, OSPF standard says more than one area, youre an ABR See RFC 3509 for more details
18
Links and areas

In OSPF link can be only in one area, and routers must agree on area ID Area borders cross routers in OSPF In ISIS, if routers do not agree on area ID, they form L2 adjacency Area borders cross links in ISIS In ISIS, link can be associated with a L1 and a L2 area simultaneously
19
Area types
OSPF has ordinary, stub, totally-stub, NSSA (with and without summaries)
ISIS originally supported areas with no inter-area routes (NSSA, no-summary), now it allows for route leaking (more like NSSA)
20
Inter-area routing in OSPF

OSPF has an optimal inter-area routing support---endto-end metric is calculated We can prohibit injection of inter-area routes for stub and NSSA areas by using the no-summary keyword on the ABRs Inter-area route filtering (CSCdi43518 )
21
Inter-area routing in OSPF (cont.)

Intra-area routes are announced in type-3 summary-LSAs (possibly aggregated) by ABRs into all attached areas If backbone connection is active, ABRs consider only backbone summaries and re-announce them into non-backbone areas
Standard specifies aggregation to be done only when summaries are created based on intra-area routes Inter-area routes can further be aggregated by ABRs when reannounced from the backbone (CSCXXXX)
22
Inter-area routing in ISIS

ISIS did not have it, all areas were totally-stub, but allowed external info to be injected at any place
Route leaking was added to ISIS to solve the problem--good filtering capability
23
Type-5 LSAs are used to TLV 130 is used to announce announce external routes by external routing information, several externals share the ASBRs, one LSA per one external same LSP fragment route Every L1L2 router re-announces ABRs announce location of it to L2 (and back to L1 if route ASBRs in type-4 LSAs leaking is configured) Only one copy of LSA per domain Remote areas have as many (type-5s are flooded throughout copies of a TLV as many L1L2 the whole domain except for stub routers are leaking it from L2 and NSSA areas) into these areas Administrative tags may be set in OSPF when an external route is injected into the OSPF domain External routes are differentiated with internal ones No administrative tags External routes look just like internal in the routing table, only L1 and L2 are differentiated
External routing
May be aggregated by the ASBRs, and by NSSA ABRs.

May be aggregated by any L1L2 router

24
Number of neighbors
Both protocols can maintain hundreds of neighbors (whether its a good idea is a different question)
ISIS has been deployed with more neighbors in the field (people didnt want areas)
25
Scalability Issues
26
Scalability Issues
Database Size
OSPF topologies limited by Network and Router LSA size (max 64KB) to O(5000) links IS-IS topologies limited by LSP count (256 fragments * 1470 bytes) for all route types
External and Interarea routes are essentially unbounded
Ultimately a non-issue for even slightly sane topologies
27
Scalability Issues
Database Churn
Both protocols have time-limited database entries and therefore require refreshing OSPF age (counts up) has an architectural lifetime limit of 1 hour (80,000 LSAs yield a refresh every 23 milliseconds) Do-not-age LSAs are not backward compatible Dont inject zillions of routes into your IGP IS-IS lifetime field is 16 bits, giving 18.7-hour lifetimes (with refresh times close to this)
28
Scalability Issues
Flooding load--the only serious issue
Link failure: information Full-mesh topologies are worst-case for both
N^2 copies of each update (each of which is O(N) in size) Router failure: information
IS-IS mesh group hack provides backward-compatible way of pruning flooding topology OSPF has interface blocking
29
OSPF v3
30
OSPFv3 addressing v2 issues

Protocol processing per-link, not per-subnet (next slide..) Removal of addressing semantics Addition of Flooding scope
Explicit support for multiple instances per link Use of IPv6 link-local addresses Authentication method changes
Packet format, LSAs header format changes Handling of unknown LSA types
31
OSPFv3 addressing v2 issues

Protocol processing per-link, not per-subnet
Interfaces connect to links
IPv6 uses the term "link" instead of network or subnet to indicate communication Multiple IPv6 subnets can be assigned to a single link, and two nodes can talk directly over a single link, even if they do not share a common IPv6 subnet
Change affects the receiving of OSPF protocol packets, and the contents of Hello Packets and Network-LSAs
32
OSPFv3 and v2 Similarities

Descrption packet type Hello 1 Database Description 2 Link State Request 3 Link State Update 4 Link State Acknowledgment 5
Mechanisms for neighbor discovery and adjacency formation Interface types LSA flooding and aging
P2P, P2MP, Broadcast, NBMA, Virtual
OSPFv3 has the same 5 packet type but some fields have been changed.
Nearly identical LSA types

33
OSPFv3 Flooding Scope

LS age LS age U S2 S1 Options LS type LSA Function Code
The high-order three bits of LS type {1 bit (U) for handling unrecognized LSA and two bits (S2, S1) for flooding scope} encode generic properties of the LSA, while the remainder, (called LSA function code) indicate the LSA's specific functionality OSPFv2 had two flooding scope, AS wide and area wide. OSPFv3 has three flooding scope:
AS scope, LSA is flooded throughout the AS Area scope, LSA is flooded only within an area Link-local scope, LSA is flooded only on the local link.
34
OSPFv3 Flooding Scope

U ( unrecognized ) bit is used to indicate a router how to handle an LSA if it is unrecognized
U-bit 0 1 LSA Handling Treat this LSA as if it has link-local Scope Store and flood this LSA as if type understood
S2 / S1 bit indicates the three flooding scopes

S2 0 0 1 1
S1 0 1 0 1
Flooding scope Link-Local flooding scope Area flodding scope AS flooding scope Reserved
35
ISIS extension
36
IPv6 New TLVs

IPv6 Reachability TLV 236
Metric is still 32 bits U: Up/Down
Defines both IPv6 Internal and External reachability information
X: External origin bit S: Sub-TLV present Prefix length: Length of prefix 8 bits
Prefix: Number of octet is calculated depending on the prefix length

37
IPv6 New TLVs

IPv6 address TLV 232
Modified to carry IPv6 address
For hello PDU interface address must use link local IPv6 address assigned to the interface For LSP non-link local address must be used
38
Single SPF rules

If IS-IS is used for both IPv4 and IPv6 in an area, both protocols must support the same topology within this area. All interfaces configured with IS-ISv6 must support IPv6
Could set no adjacency-check between L2 routers, but must be used with caution
All interfaces configured with IS-IS for both protocols must support both of them
Otherwise, consider Multi-Topology IS-IS (separate SPF)
Cant be configured on MPLS/TE since IS-ISv6 extensions for TE are not yet defined
IPv6 configured tunnel wont work, GRE should be used in this configuration
39
Mechanism that allows IS-IS, used within a single domain, to maintain a set of independent IP topologies
IPv4
Introduction
Multi-Topologies extension can be used to maintain separate topologies for:

IPv6
Topologies need not to be congruent (of course)

Think about QBR
Multicast
Multiple topologies for same address family is allowed

The multicast dimension
IETF draft: draft-ietf-isis-wg-multi-topology

40
The problem
Current IS-IS spec and implementation forces all protocols carried by IS-IS to agree on a common Shortest Path Tree Single SPT means congruent topologies
Single SPF run for all protocols
Single SPT means all links need to understand all address families present in the domain
41
IS-IS Multi-Topologies Architecture

Each router knows on which topologies it will establish adjacencies and build SPTs During adjacency establishment, peers need to agree on topologies
Topologies identifiers are exchanged in IIH packets Through configuration
42
Two methods
Multi-Topology
Single ISIS domain with set of independent IP topologies
Common flooding and resource associated with both router and network Multiple SPF Large Database Multiple instance of protocol on a given link
Multi-instance
Enhances the ability to isolate the resources associated with both router and network
Instance specific prioritization for PDUs and routing calculations

43
Two methods
OSPF currently is based on multi-instance
Adding multi topology is very easy for OSPFv3 Multiple address family support is already there just minor extension for multi-topology needs to be added Multi-topology support has been there for a while Multi-instance draft is there for ISIS now Depends who you talk to
ISIS
Which one is better
Operation (Multi-instance is better)
Development (Multi-Topology is better)

44
Convergence
45
Convergence
Convergence depends on several factors: - failure detection - change propagation - initial wait for SPF computation - time to run SPF
46
Convergence Considerations
The IGPs Will Compete over Processor Cycles Based on Their Relative Tuning If you configure the IPv4 and IPv6 IGPs the same way (aggressively tuned for fast convergence), naturally expect a doubling of their stand alone operation convergence time If the IPv6 IGP is operating under default settings, the convergence time for the optimally tuned IPv4 IGP is not significantly affected
47
OSPFv3 Fast Convergence

Carrier Delays Detect
Following Techniques/tools are available for fast convergence in OSPFv3

Hello/dead timers (Fast Hellos) Detect Bi-Directional Forwarding Detection(BFD) Detect LSA packet pacing Propagate Interface event dampening - Propagate MinLSArrival Interval Process Incremental SPF Process
Exponential throttle timers for LSA & SPF Process
Techniques/tools for Resiliency

Graceful Restart (ONLY RFC 3623)
Cisco NSF (RFC 4811,4812,4813)
Stub router (e.g., max-metric)
48
ISIS Fast Convergence

Carrier Delays Detect
Following Techniques/tools are available for fast convergence in ISIS

Hello/dead timers (Fast Hellos) Detect Bi-Directional Forwarding Detection(BFD) Detect LSP pacing Propagate Interface event dampening - Propagate PRC-interval Process Exponential throttle timers for LSA & SPF Process Incremental SPF Process Cisco NSF
Techniques/tools for Resiliency

Graceful Restart
49
Conclusion
50
Conclusions
OSPF is much more widely understood
Broadly deployed in enterprise market Many books of varying quality available Preserves our investment in terminology
IS-IS is well understood within a niche
Broadly deployed within the large ISP market
Folks who build very large, very visible networks are comfortable with it
51
Conclusions
For all but extreme cases (large full-mesh networks), protocols are pretty much equivalent in scalability and functionality Stability and scalability are largely artifacts of implementation, not protocol design
Familiarity and comfort in both engineering and operations is probably the biggest factor in choosing
52
Conclusions
Does the world really need two protocols?
Nearly complete overlap in functionality means (ironically) that few people are motivated to switch Entrenched constituencies (large ISPs; everyone else) ensure that installed bases will continue to exist
As long as there are two, people will never agree on only one
53
Questions?
54

Shamim Which Routing N49

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Shamim Which Routing N49

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Shamim Which Routing N49

Uploaded by

Copyright:

Available Formats

Which Routing Protocol?

Comparison between OSPF & ISIS Faraz Shamim Khalid Raza

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

OSPF top down view

Issues and Comparison

ISIS top down view

Partially a side effect of granular database (requires many DBD packets)

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Issues and Comparison

Traditional IP routing protocol approach

Allows virtual links (if you like them)

Partition repair requires tunneling (rarely implemented)

More difficult to spoof or attack

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

End System (ES) Circuit

Complete Sequence Number PDU (CSNP)

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Partial Sequence Number PDU (PSNP)

AS Boundary Router (ASBR) any IS Link-state ID

Virtual link (not used though) System ID N/A N/A

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Common header is only 8 bytes

Router ID Checksum Area ID Autype

Which Routing Protocol?

IS-IS is mostly TypeLength-Value encoded

Only LSAs are extensible (not Hellos, etc.)

3. LS Request 4. LS Request 5. Link State Ack

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Intelligent sending on NBMA

DIS sends 3 times faster

Suppressed for demand circuits

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Up to 256 LSPs per IS Each LSP is constructed with TLVs: TLV

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

OSPF database node is an LSAdvertisement

IS-IS database node is an LSPacket

LSPs are clumps of topology information organized by the originating router

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

Flood traffic constant regardless of number of neighbors on LAN

Which Routing Protocol?

2010 Cisco Systems, Inc. All rights reserved.

OSPF router can sit in many areas

Each ISIS router belongs to one area