Routing Information Protocol (RIPv2), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP) can be enabled on your gateway to automate routing if your LAN is divided into multiple subnets and you would like more than one of these subnets to participate in your Corente Services application network.
RIPv2, OSPF, and BGP are useful in environments where routes to these different subnets are changing dynamically. If you enable RIPv2, OSPF, and BGP, you do not need to add static routes for the subnets on the Routes tab of this Location’s Location form. However, you must have entries on the User Group screen for these subnets so that the machines on the subnets can participate in the application network. You must also make sure that there are routers on your local network that know about these subnets and you must configure the routers to respond to RIPv2, OSPF, and BGP.
RIPv2
RIPv2 is a protocol widely used for routing traffic. It is an interior gateway protocol (IGP), which means that it performs routing within a single autonomous system, such as the local area network (LAN). RIPv2 works by sending routing-update messages to computers on the LAN at regular intervals and whenever the network topology changes. RIPv2 identifies how routing on a network has changed by measuring the hop of a RIPv2 packet from its source to its destination. Each hop in a path from source to destination is noted and distributed. When a computer receives a RIPv2 routing-update that includes changes to an entry, it updates its routing table to reflect the new route.
The Corente Services Gateway will support RIPv2 multicast and unicast messages without authentication. The Corente Services Gateway does not support RIPv1 broadcast messages.
To enable RIPv2 on a gateway;, the RIP section on the Network Tab of the Location form must be completed as follows:
Enable Routing Information Protocol (RIPv2) on LAN: When this option is selected, the Corente Services Gateway will use RIPv2 to announce routes on the LAN that can used to reach remote application network subnets.
Use non-standard default weight for RIP: To use a non-standard default weight for RIPv2, select this option and enter the weight in the field provided. The default weight is 1. Valid values for this option are 1 to 16. All RIP routes will be assigned this weight.
The Corente Services Gateway implementation of RIPv2 complies with RFC 2453.
OSPF
Open Shortest Path First (OSPF) is a protocol that, like RIPv2, is used for routing IP traffic. It is a link-state protocol. A link can be considered an interface on the router, and the state of the link is a description of that interface and of its relationship to its neighboring routers. The collection of all these link-states forms a link-state database. OSPF uses a link-state algorithm in order to build and calculate the shortest path to all known destinations.
The Corente Services Gateway will support OSPF multicast messages. The Corente Services Gateway can accept unicast messages from routers, but will multicast the responses.
To enable OSPF on a gateway, the OSPF section on the Network Tab of the Location form must be completed as follows:
Enable OSPF on LAN: When this option is selected, the Location gateway will use OSPF to announce routes on the LAN that can used to reach remote application network subnets.
Route Cost: To change the cost of routes advertised by OSPF on the gateway, enter a new value in this field. The default cost is 1.
ASN Number: The default ASN number is 0. If you would like, you can enter a new value in this field.
The Corente Services Gateway implementation of OSPF complies with RFC 2328.
BGP
Like RIP and OSPF, Border Gateway Protocol (BGP) is a protocol that is widely used for routing IP traffic. BGP is especially useful in very large private IP networks where routes to these different subnets are changing dynamically. In general, it is more secure than RIP or OSPF, as it reduces the risk of middle man attacks by requiring that you specifically identify routing neighbors of the Corente Services Gateway rather than relying on them to announce themselves.
Enable BGP on LAN: When this option is selected, the Corente Services Gateway will use BGP to announce routes on the LAN that can used to reach remote application network subnets.
AS Number: Enter the AS number of the LAN on which this Location gateway is installed.
Password: Enter the password that the Corente Services Gateway will use when receiving BGP packets from its neighbors.
Neighbors: This Corente Services Gateway's current BGP routing neighbors are listed in this table. When you enable BGP, you must add at least one neighbor in this table. Click Add to add a new neighbor, Edit to edit an existing neighbor, or Delete to remove an existing neighbor.
On the screen that is displayed, enter the IP address of the BGP neighbor on the Corente Services Gateway's LAN, the AS number of the other network it routes to, and, if applicable, the password to be used by the Location when sending packets to this neighbor. When you are finished, click OK to store this neighbor. Note that you can enter duplicate neighbor IP addresses in this table if they have different AS Numbers.
Using RIP, OSPF, and BGP on your Corente Services Gateway
RIPv2, OSPF, and BGP can be used simultaneously on the same network, and can both be enabled on your Corente Services Gateway at the same time. They are enabled individually for each Corente Services Gateway.
If RIPv2 and OSPF are enabled, when a tunnel is successfully established to a remote gateway partner, the local gateway will send RIPv2 and OSPF packets to routers on its LAN interface only that announce the most appropriate routes to the tunnel. All computers on a subnet within the LAN will use the same route to access the tunnel and the appropriate subnet on the other side. When tunnels are brought down, the local gateway will send RIPv2 and OSPF packets to routers on its LAN announcing that the routes are no longer valid.
BGP differs from the other protocols in that, when a tunnel is successfully established to a remote Location partner, the local Corente Services Gateway will send BGP packets only to the routers on its LAN interface that are explicitly listed as neighbors, announcing the most appropriate routes to the tunnel. Like RIPv2 and OSPF, all computers on a subnet within the LAN that has a router with BGP enabled and which is also listed as a neighbor of the Corente Services Gateway will use the same route to access the tunnel and the appropriate subnet on the other side. When tunnels are brought down, the local Location gateway will send BGP packets to its neighbors announcing that the routes are no longer valid.
The Corente Services Gateway will use its LAN interface only to send and honor RIPv2, OSPF, and BGP messages from local routers. RIPv2, OSPF, and BGP will not be sent from or honored by the Corente Services Gateway's WAN interface, and will not be sent over or received from application network tunnels and the Internet.
Additionally, the Corente Services Gateway will only advertise routes that can be used to reach remote application network subnets. RIPv2, OSPF, and BGP will not be used to advertise routes from one local subnet to another local subnet. Normally, the Corente Services Gateway will not use RIPv2, OSPF, or BGP to advertise routes that can be used to reach Corente Clients, unless the client is using a private non world-routable IP address. For example, if the gateway connects to the application network from a LAN. The gateway will never advertise routes for a subnet if the reachable address of the Corente Services Gateway falls into that subnet.
Routes advertised from the Corente Services Gateway with RIPv2, OSPF, or BGP will override routes that you have entered on the Routes tab if the weight of the dynamic route is equal to or less than the weight of the static route. If the weight of the dynamic route is greater than the weight of the static route, the static route will be used first. A lower weight gives greater precedence to routes.
If you enable RIPv2, OSPF, and BGP, you do not need to add routes to the subnets on the Routes tab. However, you must have an entry on the User Groups tab for these subnets so that the machines on the subnets can participate in the application network. You must also make sure that there are routers on your local network that know about these subnets and you must configure these routers to respond to RIPv2, OSPF, or BGP messages.
Turning on RIPv2, OSPF, and BGP on your Network Routers
If you plan to use RIPv2, OSPF, and BGP to advertise routes on your multiple subnet LAN, you must turn on RIPv2, OSPF, and BGP on the appropriate network routers. For more information about turning on RIPv2, OSPF, and BGP, refer to the documentation provided with your router.