LXC Networking(Part 2)(Routing 101)

LXC Networking(Part 2)(Routing 101)

Ahnaf Shahriar Ahnaf Shahriar

Ahnaf Shahriar

Senior Solutions Architect

发布日期: 2018年6月11日
+ 关注

If you have gotten up to this point, then you must have wondered what were we going to try achieve with LXC and networking? The answer is that we are going to perform routing between containers using the IS-IS!

Introduction to IS-IS

IS-IS stands for Intermediate System to Intermediate System and it is not one of those routing protocols that a network engineer would run into every day. To quickly recapitulate, a routing protocol enables routers to dynamically learn about the locations of networks. A routers main functionality is to connect 2 or more networks together. So if you wondered, what enabled routers to know how to send your data(packets) from Canada to China then the answer was the usage of routing protocols.

So if we took this example, a routing protocol could be used to inform node A on the best path to take to reach node K. In real life each of these nodes would represent a router.

This technology is mainly used by Service Providers(SP) inside of their network and outside of this use case, most enterprises would not have this running in their infrastructure. Most engineers would have the OSPF(Open Shortest Path First) routing protocol run inside of their network. Let us compare both of these protocols to see how they resemble/differ so that we can gain a better understanding of it.

Comparison of OSPF and IS-IS

To start off, let us see what makes both of these technologies so similar. They both happen to be link state protocols which means that every router knows the topology of the entire network and they keep all of the relevant information in a Database(DB) known as the Link State Database(LSDB). To compute the distance between routers on a network, the usage of the Dijsktra algorithm is was used to perform this computation.

When a routing protocol learns about multiple routes to get to the same destination they use a metric to select the best possible route. In the case of both of these technologies, cost is used to select the most optimal path. The route with the smallest cost will be the one inserted in the routing table so that it can be used. The routing table, is a database used to store the routes utilize by a router to reach a certain network.

Another concept found in both of these protocols, is the usage of areas in order to subdivide the network topology. By breaking down ones network into smaller chunks, one is able to better scale the network and to isolate a network issue to only a portion of the entire infrastructure.

Another important similarity is that routers running IS-IS and OSPF do not exchange routes with one another, until they have established an adjacency. By adjacency we mean that they must exchanged packets known as Hello packets in order to agree with one another on the usage of common parameters(Authentication).

Now let us look at some notable differences between these protocols. OSPF only supports the Internet Protocol(IP), but IS-IS supports both IP and CLNS. CLNS stands for Connection-Less Network Services and it is an old protocol that was greatly in the past when configuring large complex networks. CLNS and CLNP(Connection-Less Network Protocol) put together would be the equivalent of IP.

In OSPF, a router would could have its interfaces located in different areas. In other words, one interface could be in area 1 and another one in area 0. However, the same concept is not the case for IS-IS by default. In IS-IS, the entire router belongs to a specific area.

IS-IS also tends to be more efficient and it can better optimized than OSPF. I spoke to a man that had multiple CCIE which is the highest designation that a Cisco Network Engineer could have and according to him OSPF could support at the very most 200 routers in an area compared to 500 for IS-IS before experiencing performance issues. These numbers speak for themselves and explains why large enterprises like ISP would decide to stick to this protocol.

OSPF has the concept of the backbone area which is area 0 and all inter-area traffic must pass through the backbone. This is a fundamental principle of this protocol. IS-IS has a backbone area, but it composed of Level 2 routers which we will explain later in this article.

OSPF is a Layer 3 protocol which means that it runs at the network layer of the OSI model and IS-IS runs at Layer 2 of the same model. The Spanning Tree Protocol(STP) is used heavily in enterprises to avoid layer 2 loops which are caused by ethernet frames that stay in the network and keep looping over and over. Cisco has developed a technology known as Fabricpath and it is used to remove the usage of STP. Fabricpath uses IS-IS to find the best path between nodes while avoiding Layer 2 loops and this is simply one of those marvelous wonders of engineering! Speed is what we wanted in the data center and that role was wonderfully filled by IS-IS.

There are more differences and similarities but those mentioned here are good enough for our purpose.

Concepts/Terminology of IS-IS

In later articles, we will look into the configuration of IS-IS, but before we get there we must first explain some important concepts in the world of this protocol.

In IS-IS parlance, hosts are known as End Systems(ES) and routers are referred to as Intermediate Systems(IS). There is a specific addressing scheme used by technology and it is known as an NSAP(Network Service Access Point) address. An NSAP address is composed of a few components and let us use the NSAP address of 49.0015.0000.0000.0011.00 to better understand the different parts of it:

  • AFI which stands for Authority and Format ID. For use in a private network it is set to 49.
  • Area ID uses to Hexadecimal digit which totals 1 byte. In our example, the area is 15(0015).
  • System ID which is a 6 byte value and is used to uniquely identify a router in the network. Our router will have a System ID of 11(0000.0000.0011).
  • NSEL which stands for Network Selector and it is always set to 00. This is the last component of the address.

Another important point that we need to discuss about is the different IS-IS router levels that can be found in a network. There are 3 of them:

  • Level 1: These are routers that are located in the same area and these types of routers can only form an adjacency with other peers running as Level 1 or Level 1/2. In other words, these are routers that forward traffic withing an area.
  • Level 2: These are routers that can connect two areas and if they keep the relevant link state information of its area and other areas. Level 2 routers can form adjacency with other Level 2 and Level 1/2 routers.
  • Level 1/2: When configuring IS-IS, Cisco routers will default to Level 1/2 routers. These are routers that can exchange routes with its similar level routers and with all of the other ones(Level 1 and 2). This category of router will keep track of two distinct link state databases. One for Level 1 information and the other for Level 2. The usage of two 2 DB is not always necessary so this can be tuned to improve the network performance.

Keep an eye on the objective

Now that we have explained the intricacies of IS-IS and the basics of containers, let us analyze what we will try to build together. This is the network map that we will try to construct bit by bit:

It is not an extremely complex network, but there are couple of things that need to be mentioned. Each router(R1,R2,...,R9) in this diagram is actually a container that is running a routing daemon which in our case is FRRouting. On every router, there is a loopback interface with an IP address with a specific format. A loopback interface is a virtual interface that is created in software and not hardware. It cannot go down due to physical issues unless the whole router crashes. For R1, the loopback would be all 1's(1.1.1.1), for R2 it would be 2.2.2.2 and so on. So whatever number follows the R is the number that will be repeated in each of the 4 octects. Also all physical interfaces are labeled as ethXX. So if that physical interface connects R1 to R3 it will be named eth13. All of R1's interfaces will end with a 1. R1's interfaces will be like the following: 10.0.13.1, 10.0.12.1 . The other routers will also follow the same nomenclature(R8: 10.0.78.8, 10.0.89.8).

The links connecting the routers will be created using bridge interfaces. We will discuss more about this concept in later articles. These links also follow a specific nomenclature. The bridges connecting R1 to R3 be named b13. The ones attaching R8 to R9 is named b89.

References

https://computer.howstuffworks.com/routing-algorithm5.htm https://ccie4all.wordpress.com/2013/01/06/ospf-lsas-and-area-types/ https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_isis/configuration/xe-3s/irs-xe-3s-book/irs-ovrvw-cf.html

https://theculturetrip.com/north-america/usa/new-york/articles/nyc-s-most-beautiful-bridges/



要查看或添加评论,请登录

Ahnaf Shahriar的更多文章

社区洞察

其他会员也浏览了