 |
University of Kansas
Electrical Engineering & Computer Science
EECS 800
Internet Routing Architectures |
Midterm Exam Answers
1. Name three BGP attributes and explain their use.
origin - used to identify the origin of the route
useful for route selection
aspath - sequence of autonomous systems the route has traversed
this is useful for loop detection and route selection
nexthop - used to tell the peer the next hop for the enclosed nlri
localpref - used to assign a degree of preference to a route
med - hint to external neighbors of preferred entry points
others might have included community, atomic_aggregate, or
aggregator.
2. Discuss two reasons why classful addressing had to be changed.
Classful addressing was bad because the boundaries between the
classes were too large - most organization had a need for more
than 256 hosts, but few needed 65k. Because Cs were so small,
organizations were having to allocate Bs, which were running out
fast. Organizations could use multiple Cs, but this filled up the
routing tables. None of the allocations had topological significance.
In short, it was a mess.
3. Break 10.2.0.0/22 into networks supporting 100 hosts each.
List the network address, broadcast address and one host address
for each network.
10.2.0.0/25 10.2.0.127 10.2.0.1-127
10.2.0.128/25 10.2.0.255 10.2.0.129-254
10.2.1.0/25 10.2.1.127 10.2.1.1-127
10.2.1.128/25 10.2.1.255 10.2.1.129-254
10.2.2.0/25 10.2.2.127 10.2.2.1-127
10.2.2.128/25 10.2.2.255 10.2.2.129-254
10.2.3.0/25 10.2.3.127 10.2.3.1-127
10.2.3.128/25 10.2.3.255 10.2.3.129-254
Some of you broke it into 4 networks, which I guess is correct, as
I wasn't clear about how many networks I wanted you to create. This
made the problem relatively trivial. Because I didn't feel like I
could take off points for the people who only did four nets (that was
my fault, not theirs) I tried to go easy on the people who did it
the hard way.
4. Break 10.2.0.0/22 into one network supporting 514 hosts and the
remaining networks supporting 250 hosts. List the network address,
broadcast address and one host address for each network.
A /22 supports 1024-2 hosts, a /23 supports 512-2 hosts. Because
of this, the entire /22 would have to go toward the network supporting
514 hosts with nothing left over for the other nets.
So, the answer would be:
10.2.0.0/22 10.2.3.255 10.2.0.1
Many of you said it couldn't be done, which I guess could be implied
from my asking for the remaining networks (there just happened to
be zero of them.) This was a poor question on my part. I should
have used a /21. I gave you full credit if you said it couldn't
be done.
5. Aggregate the following prefixes. Assume that unlisted prefixes
out of the same blocks are allocated to someone else.
10.1.1.0/24
10.1.2.0/24
10.1.180.0/22
10.1.176.0/22
Show the minimum announcement.
the first two don't aggregate, you need 10.1.0.0/24 to aggregate with
10.1.1.0/24 and you need 10.1.3.0/24 to aggregate with 10.1.2.0/24.
The second two could aggregate to 10.1.176.0/21.
so, the answer would be:
10.1.1.0/24
10.1.2.0/24
10.1.176.0/21
6. Show an access list capable of blocking all announcements with
prefixes longer than a /21 (/21s should be allowed).
mask for a /21: 11111111.11111111.11111000.00000000
x
anything with a one in the bit above the x should be blocked,
therefore I will use a mask of all ones and a wildcard
with a zero in this position:
mask: 11111111.11111111.11111111.11111111
wildcard: 11111111.11111111.11111011.11111111 - ones mean don't care
access-list 101 deny ip any 255.255.255.255 255.255.251.255
access-list 101 permit ip any any
or, I could do it with a permit:
mask for a /21: 11111111.11111111.11111000.00000000
x
anything with a zero in the bit above the x should be permitted,
therefore I will use a mask of all zeros and a wildcard
with a zero in this position:
mask: 00000000.00000000.00000000.00000000
wildcard: 11111111.11111111.11111011.11111111 - ones mean don't care
access-list 101 permit ip any 0.0.0.0 255.255.251.255
Your answers may vary - this was a pain to grade. Many of you did
a deny for the first line but forgot to put in a permit - remember
the explicit deny at the end of the access-list! If you have a
list that looks like:
access-list 101 deny ip [address] ...
access-list 101 deny ip [address] ...
it will block everything.
another popular answer was:
access-list 101 deny ip any 255.255.252.0 0.0.3.255
access-list 101 permit ip any any
7. Show an access list capable of blocking only class A space
(all of the prefixes within class A, regardless of mask length.)
For this problem you need to know what a class A is - a prefix
with the first bit set to be zero. We don't care about the
length, so all we really need is a standard access list:
access-list 1 deny 0.0.0.0 127.255.255.255 ! deny anything with a zero
access-list 1 permit any
or
access-list 1 permit 255.255.255.255 127.255.255.255 ! permit only if it
starts with a 1
Many people chose to block based on mask length, even though I
tried to be explicit by saying "regardless of mask length.
Partial credit was awarded if you did it this way.
8. List 3 criteria used by BGP to select a route.
next hop accessible
largest weight
largest local pref
locally originated
shortest aspath
lowest origin type
lowest med
ebgp->confed->ibgp
closest igp neighbor
lowest router id
note that prefix length isn't part of the bgp selection, as bgp
selection is only comparing identical nlri (ie - same prefix
length.)
9. Explain what unfeasables are in a bgp announcement.
routes that are no longer reachable and are being withdrawn.
10. Show the regexp to match the following:
a) local routes: ^$
b) routes originated on AS 12: _12$
c) routes transiting AS 12: _12space
d) routes touching AS 12: _12_
c was probably the most confusing. You need the space
after the 12 to make sure it isn't at the end of the path, which
would indicate the route was originated by AS 12. This isn't
perfect, as it would match 12 12, but to get around that you would
have to use a two line access list.
Authors
Joseph B. Evans,
evans@ittc.ku.edu
Peter Whiting,
pwhiting@ittc.ku.edu