Common routing

  1. Static route
  2. Policy-based routing (PBR)
  3. VRF
  4. Summarization
  5. IP route profile

Static route

  • if next-hop = bcast interface, then next-hop – directly connected (sends ARP)
  • CEF updates ARP entry immediately on route creation
    • if there is no ARP reply, route is still used (incomplete ≡ drop)
  • if both next-hop and interface are specified, next-hop must be reachable via interface for entry to be valid
  • permanent:
    • remains in RIB after next-hop gets unreachable
    • next-hop must reply to ARP/NDP for entry to be initially created
(config)# ip route [<INTF>] <NEXTHOP> [permanent]

; 60s default, CPU intensive, interval for next-hop reachability check for static routes
(config)# ip route static adjust-time <sec>

Policy-based routing (PBR)

  • override routing logic, ingress packets only
  • requires corresponding SDM template for CEF
  • CPU intensive on older HW
  • set interface
    • IPv4 P2P only
    • IPv4 multi-access is awkward
    • IPv6 supported only if there is a route in RIB
(config-route-map)# match ip address <ACL>

; packet length
(config-route-map)# match length <MIN> <MAX>

; egress interface according to RIB
(config-route-map)# match interface <INTF>
; IP has to be connected, first address via up/up interface is used
(config-route-map)# set ip next-hop <IP1> <IP2> ...

; first – route with RIB, if match on 0.0.0.0/0 – run PBR
(config-route-map)# set ip default next-hop <IP1> <IP2> ...

; P2P interface, sends ARP for next-hop, if reachable via another interface – magic
(config-route-map)# set interface <INTF>

; P2P interface, sends ARP for destination, drops proxy ARP because of sanity check
(config-route-map)# set default interface <INTF>
; for locally generated packets
(config)# ip local policy route-map <MAP>
(config-if)# ip policy route-map <MAP>
; interfaces with PBR and corresponding route-map
# show ip policy

VRF

  • by default endpoint for tunnel are searched in global RIB
  • NAT
    • VRF → global
    • VRF → VRF (same)
    • global →× VRF: PBR is required to switch RIB
; change global VRF for NAME in route search for tunnel endpoint
(config-if)# tunnel vrf <NAME>

Summarization

  • reduce impact of subordinate route flapping
  • accelerate restoration after failure
  • cost (IGP) or attributes (BGP) should be set manually to avoid subordinate route change to cause summary update

IP route profile

  • tracks number of RIB changes during 5s
  • can detect control plane churn: counter increase for higher counts
(config)# ip route profile
# show ip route profile