Fortinet white logo
Fortinet white logo

Handbook

6.0.0

Dynamic routing

Dynamic routing

Dynamic routing uses a dynamic routing protocol to automatically select the best route to put into the routing table. Instead of having to manually enter static routes in the routing table, dynamic routing automatically receives routing updates and dynamically decides which routes are best to go into the routing table. It's this intelligent and hands-off approach that makes dynamic routing so useful.

Dynamic routing protocols vary in many ways and this is reflected in the various administrative distances assigned to routes learned from dynamic routing. These variations take into account differences in reliability, speed of convergence, and other similar factors. For more information about these administrative distances, see Advanced static routing.

Overview

Comparing static and dynamic routing

A common term used to describe dynamic routing is convergence. Convergence is the ability to work around network problems and outages, for the routing to come together despite obstacles. For example, if the main router between two endpoints goes down, convergence is the ability to find a way around that failed router and reach the destination. Static routing has zero convergence beyond trying the next route in its limited local routing table. If a network administrator doesn't fix a routing problem manually, it may never be fixed and may result in a downed network. Dynamic routing solves this problem by involving routers along the route in the decision-making process about the optimal route, and using the routing tables of these routers to find potential routes around the outage. In general, dynamic routing has better scalability, robustness, and convergence. However, the cost of these added benefits includes more complexity and some overhead. For example, the routing protocol uses some bandwidth for its own administration.

Comparing static and dynamic routing

Feature

Static routing

Dynamic routing

Hardware support

Supported by all routing hardware

May require special, more expensive routers

Router memory required

Minimal

Can require considerable memory for larger tables

Complexity

Simple

Complex

Overhead

None

Varying amounts of bandwidth used for routing protocol updates

Scalability

Limited to small networks

Very scalable, better for larger networks

Robustness

None: if a route fails, it has to be fixed manually

Robust: traffic routed around failures automatically

Convergence

None

Varies from good to excellent

Dynamic routing protocols

A dynamic routing protocol is an agreed-on method of routing that the sender, receiver, and all routers along the path (route), support. Typically, the routing protocol involves a process running on all computers and routers along that route to enable each router to handle routes in the same way as the others. The routing protocol determines how the routing tables are populated along that route, how the data is formatted for transmission, and what information about a route is included with that route. For example, RIP and BGP use distance vector algorithms and OSPF uses a shortest path first algorithm. Each routing protocol has different strengths and weaknesses. One protocol may have fast convergence, while another may be very reliable, and a third may be very popular for certain businesses like Internet Service Providers (ISPs).

Dynamic routing protocols are different from each other in a number of ways, such as:

Classful versus classless routing protocols

Classful and classless routing refers to how the routing protocol handles the IP addresses. In classful addresses, there's the specific address and the host address of the server that address is connected to. Classless addresses use a combination of IP address and netmask.

Classless Inter-Domain Routing (CIDR) was introduced in 1993 (originally with RFC 1519 and most recently with RFC 4632) to keep routing tables from getting too large. With classful routing, each IP address requires its own entry in the routing table. With classless routing, a series of addresses can be combined into one entry, potentially saving vast amounts of space in routing tables.

Current routing protocols that support classless routing, out of necessity, include RIPv2, BGP, IS-IS, and OSPF. Older protocols, such as RIPv1, do not support CIDR addresses.

Interior versus exterior routing protocols

The names interior and exterior and are very descriptive. Interior routing protocols are designed for use within a contained network of limited size, whereas exterior routing protocols are designed to link multiple networks together. They can be used in combination in order to simplify network administration. For example, a network can be built with only border routers of a network running the exterior routing protocol, while all the routers on the network run the interior protocol. This prevents them from connecting outside the network without passing through the border. Exterior routers in such a configuration must have both exterior and interior protocols to communicate with the interior routers and outside the network.

Nearly all routing protocols are interior routing protocols. Only BGP is commonly used as an exterior routing protocol.

You may see interior gateway protocol (IGP) used to refer to interior routing protocols and exterior gateway protocol (EGP) used to refer to interior routing protocols.

Distance vector versus link-state protocols

Every routing protocol determines the best route between two addresses using a different method. However, there are two main algorithms for determining the best route: distance vector and link-state.

Distance vector protocols

In distance vector protocols, routers are told about remote networks through neighboring routers. The distance part refers to the number of hops to the destination and, in more advanced routing protocols, these hops can be weighted by factors such as available bandwidth and delay. The vector part determines which router is the next step along the path for this route. This information is passed along from neighboring routers with routing update packets that keep the routing tables up to date. Using this method, an outage along a route is reported back along to the start of that route, ideally before the outage is encountered.

On distance vector protocols, RFC 1058, which defines RIP v1, states the following:

Distance vector algorithms are based on the exchange of only a small amount of information. Each entity (gateway or host) that participates in the routing protocol is assumed to keep information about all of the destinations within the system. Generally, information about all entities connected to one network is summarized by a single entry, which describes the route to all destinations on that network.

There are four main weaknesses inherent in the distance vector method. Firstly, the routing information isn't discovered by the router itself, but is instead reported information that must be relied on to be accurate and up-to-date. The second weakness is that it can take a while for the information to make its way to all the routers who need the information; in other words, it can have slow convergence. The third weakness is the amount of overhead involved in passing these updates all the time. The number of updates between routers in a larger network can significantly reduce the available bandwidth. The fourth weakness is that distance vector protocols can end up with routing-loops. Routing loops are when packets are routed forever around a network, and often occur with slow convergence. The bandwidth required by these infinite loops will slow your network to a halt. There are methods of preventing these loops, however, so this weakness isn't as serious as it may first appear.

Link-state protocols

Link-state protocols are also known as shortest path first protocols. Where distance vector uses information passed along that may or may not be current and accurate, in link-state protocols each router passes along information only about the networks and devices that are directly connected to it. This results in a more accurate picture of the network topology around your router, allowing it to make better routing decisions. This information is passed between routers using link-state advertisements (LSAs). To reduce the overhead, LSAs are only sent out when information changes, compared to distance vector sending updates at regular intervals even if no information has changed. The more accurate network picture in link-state protocols greatly speed up convergence and avoid problems such as routing-loops.

Minimum configuration for dynamic routing

Dynamic routing protocols don't pay attention to routing updates from other sources, unless you specifically configure them to do so using CLI redistribute commands within each routing protocol.

The minimum configuration for any dynamic routing to function is to have dynamic routing configured on one interface on a FortiGate, and one other router configured as well. Some protocols require larger networks to function as designed.

Minimum configuration based on dynamic protocol

BGP

RIP

OSPF / IS-IS

Interface

Yes

Yes

Yes

Network

Yes

Yes

Yes

AS

Local and neighbor

No

Yes

Neighbors

At least one

At least one

At least one

Version

No

Yes

No

Router ID

No

No

Yes

Dynamic routing

Dynamic routing

Dynamic routing uses a dynamic routing protocol to automatically select the best route to put into the routing table. Instead of having to manually enter static routes in the routing table, dynamic routing automatically receives routing updates and dynamically decides which routes are best to go into the routing table. It's this intelligent and hands-off approach that makes dynamic routing so useful.

Dynamic routing protocols vary in many ways and this is reflected in the various administrative distances assigned to routes learned from dynamic routing. These variations take into account differences in reliability, speed of convergence, and other similar factors. For more information about these administrative distances, see Advanced static routing.

Overview

Comparing static and dynamic routing

A common term used to describe dynamic routing is convergence. Convergence is the ability to work around network problems and outages, for the routing to come together despite obstacles. For example, if the main router between two endpoints goes down, convergence is the ability to find a way around that failed router and reach the destination. Static routing has zero convergence beyond trying the next route in its limited local routing table. If a network administrator doesn't fix a routing problem manually, it may never be fixed and may result in a downed network. Dynamic routing solves this problem by involving routers along the route in the decision-making process about the optimal route, and using the routing tables of these routers to find potential routes around the outage. In general, dynamic routing has better scalability, robustness, and convergence. However, the cost of these added benefits includes more complexity and some overhead. For example, the routing protocol uses some bandwidth for its own administration.

Comparing static and dynamic routing

Feature

Static routing

Dynamic routing

Hardware support

Supported by all routing hardware

May require special, more expensive routers

Router memory required

Minimal

Can require considerable memory for larger tables

Complexity

Simple

Complex

Overhead

None

Varying amounts of bandwidth used for routing protocol updates

Scalability

Limited to small networks

Very scalable, better for larger networks

Robustness

None: if a route fails, it has to be fixed manually

Robust: traffic routed around failures automatically

Convergence

None

Varies from good to excellent

Dynamic routing protocols

A dynamic routing protocol is an agreed-on method of routing that the sender, receiver, and all routers along the path (route), support. Typically, the routing protocol involves a process running on all computers and routers along that route to enable each router to handle routes in the same way as the others. The routing protocol determines how the routing tables are populated along that route, how the data is formatted for transmission, and what information about a route is included with that route. For example, RIP and BGP use distance vector algorithms and OSPF uses a shortest path first algorithm. Each routing protocol has different strengths and weaknesses. One protocol may have fast convergence, while another may be very reliable, and a third may be very popular for certain businesses like Internet Service Providers (ISPs).

Dynamic routing protocols are different from each other in a number of ways, such as:

Classful versus classless routing protocols

Classful and classless routing refers to how the routing protocol handles the IP addresses. In classful addresses, there's the specific address and the host address of the server that address is connected to. Classless addresses use a combination of IP address and netmask.

Classless Inter-Domain Routing (CIDR) was introduced in 1993 (originally with RFC 1519 and most recently with RFC 4632) to keep routing tables from getting too large. With classful routing, each IP address requires its own entry in the routing table. With classless routing, a series of addresses can be combined into one entry, potentially saving vast amounts of space in routing tables.

Current routing protocols that support classless routing, out of necessity, include RIPv2, BGP, IS-IS, and OSPF. Older protocols, such as RIPv1, do not support CIDR addresses.

Interior versus exterior routing protocols

The names interior and exterior and are very descriptive. Interior routing protocols are designed for use within a contained network of limited size, whereas exterior routing protocols are designed to link multiple networks together. They can be used in combination in order to simplify network administration. For example, a network can be built with only border routers of a network running the exterior routing protocol, while all the routers on the network run the interior protocol. This prevents them from connecting outside the network without passing through the border. Exterior routers in such a configuration must have both exterior and interior protocols to communicate with the interior routers and outside the network.

Nearly all routing protocols are interior routing protocols. Only BGP is commonly used as an exterior routing protocol.

You may see interior gateway protocol (IGP) used to refer to interior routing protocols and exterior gateway protocol (EGP) used to refer to interior routing protocols.

Distance vector versus link-state protocols

Every routing protocol determines the best route between two addresses using a different method. However, there are two main algorithms for determining the best route: distance vector and link-state.

Distance vector protocols

In distance vector protocols, routers are told about remote networks through neighboring routers. The distance part refers to the number of hops to the destination and, in more advanced routing protocols, these hops can be weighted by factors such as available bandwidth and delay. The vector part determines which router is the next step along the path for this route. This information is passed along from neighboring routers with routing update packets that keep the routing tables up to date. Using this method, an outage along a route is reported back along to the start of that route, ideally before the outage is encountered.

On distance vector protocols, RFC 1058, which defines RIP v1, states the following:

Distance vector algorithms are based on the exchange of only a small amount of information. Each entity (gateway or host) that participates in the routing protocol is assumed to keep information about all of the destinations within the system. Generally, information about all entities connected to one network is summarized by a single entry, which describes the route to all destinations on that network.

There are four main weaknesses inherent in the distance vector method. Firstly, the routing information isn't discovered by the router itself, but is instead reported information that must be relied on to be accurate and up-to-date. The second weakness is that it can take a while for the information to make its way to all the routers who need the information; in other words, it can have slow convergence. The third weakness is the amount of overhead involved in passing these updates all the time. The number of updates between routers in a larger network can significantly reduce the available bandwidth. The fourth weakness is that distance vector protocols can end up with routing-loops. Routing loops are when packets are routed forever around a network, and often occur with slow convergence. The bandwidth required by these infinite loops will slow your network to a halt. There are methods of preventing these loops, however, so this weakness isn't as serious as it may first appear.

Link-state protocols

Link-state protocols are also known as shortest path first protocols. Where distance vector uses information passed along that may or may not be current and accurate, in link-state protocols each router passes along information only about the networks and devices that are directly connected to it. This results in a more accurate picture of the network topology around your router, allowing it to make better routing decisions. This information is passed between routers using link-state advertisements (LSAs). To reduce the overhead, LSAs are only sent out when information changes, compared to distance vector sending updates at regular intervals even if no information has changed. The more accurate network picture in link-state protocols greatly speed up convergence and avoid problems such as routing-loops.

Minimum configuration for dynamic routing

Dynamic routing protocols don't pay attention to routing updates from other sources, unless you specifically configure them to do so using CLI redistribute commands within each routing protocol.

The minimum configuration for any dynamic routing to function is to have dynamic routing configured on one interface on a FortiGate, and one other router configured as well. Some protocols require larger networks to function as designed.

Minimum configuration based on dynamic protocol

BGP

RIP

OSPF / IS-IS

Interface

Yes

Yes

Yes

Network

Yes

Yes

Yes

AS

Local and neighbor

No

Yes

Neighbors

At least one

At least one

At least one

Version

No

Yes

No

Router ID

No

No

Yes