Interior Vs Exterior - Learning Module

Loading content...

0/228

Protocol Selection

Choosing the Right Tool for the Job

A master craftsman's workshop contains many tools—each optimized for specific tasks. A hammer drives nails; a saw cuts wood; a level ensures precision. Using the wrong tool makes work harder, produces inferior results, or even causes damage.

Routing protocols are the network engineer's tools. RIP, OSPF, IS-IS, EIGRP, BGP, static routes—each is designed for specific scenarios, and choosing incorrectly leads to poor performance, unnecessary complexity, or outright failure. Yet this choice is often made without systematic analysis, based on familiarity rather than fit.

This page equips you with a protocol selection framework—a methodology for analyzing network requirements and matching them to the right routing solution.

What You Will Learn

By the end of this page, you will understand how to analyze network requirements for protocol selection, when static routing is sufficient versus when dynamic routing is necessary, how to choose between IGP options based on scale, vendor environment, and features, when BGP is required and when it's overkill, how to design multi-protocol environments with redistribution, and best practices for protocol deployment and migration.

The Protocol Selection Framework

Protocol selection should be systematic, not instinctive. The following framework provides a structured approach to analyzing requirements and selecting protocols.

Step 1: Define the Routing Domain

First, identify what you're routing:

Single site: Campus, data center, branch office
Multiple sites under common management: Enterprise WAN
Multiple organizations: Service provider, Internet connectivity
Hybrid: Mix of internal and external routing requirements

This immediately suggests IGP vs. EGP scope.

Step 2: Analyze Key Requirements

Protocol Selection Requirements Analysis
Requirement	Questions to Ask	Protocol Implications
Scale	How many routers? Networks? Routes?	Small: Any IGP. Large: OSPF areas, IS-IS, route reflectors
Convergence	How fast must routes recover?	Fast: EIGRP, tuned OSPF/IS-IS + BFD. Standard: Default timers
Vendor environment	Single vendor or multi-vendor?	Cisco-only: EIGRP viable. Multi-vendor: OSPF, IS-IS
Existing expertise	What does the team know?	Leverage existing knowledge when appropriate
Traffic engineering	Need path control beyond shortest path?	MPLS-TE: IS-IS/OSPF extensions. BGP for inter-AS TE
Redundancy model	Active-active? Active-passive?	EIGRP variance for unequal load balancing. OSPF equal-cost
Address family	IPv4, IPv6, or dual-stack?	All modern IGPs support both; check deployment specifics
Future growth	How will requirements evolve?	Design for 3-5x growth; choose protocols that scale

Step 3: Consider Operational Factors

Configuration complexity: How much ongoing management overhead?
Troubleshooting difficulty: How easy to diagnose issues?
Automation compatibility: Does protocol support modern automation (NETCONF, gRPC)?
Monitoring and visibility: What tools exist for observability?
Documentation: How well-understood is the protocol internally?

Step 4: Evaluate Trade-offs

No protocol is optimal in all dimensions. Common trade-offs:

Trade-off	Option A	Option B
Simplicity vs. Features	RIP (simple, limited)	OSPF (complex, rich)
Speed vs. Stability	Fast timers (responsive, flappy)	Slow timers (stable, slow)
Vendor lock-in vs. Features	EIGRP (Cisco features)	OSPF (portable)
Flat vs. Hierarchical	Simpler config	Better scaling

Document Your Decision

Protocol selection decisions should be documented with rationale. Future engineers (or future you) will ask 'why is this running EIGRP instead of OSPF?' Having documented reasoning prevents revisiting decided issues and helps new team members understand the architecture. Include: requirements analyzed, options considered, selection rationale, and known limitations.

When Static Routing Is Sufficient

Before selecting a dynamic routing protocol, consider whether static routing meets your needs. Dynamic protocols add complexity; if that complexity isn't justified, static routes are preferable.

Static Routing Advantages:

Zero protocol overhead: No CPU cycles for route calculation, no bandwidth for updates
Predictable behavior: Routes don't change unexpectedly
Simple security: No routing protocol authentication needed
Reduced attack surface: No routing protocol to exploit
Deterministic paths: Traffic always follows the configured path

Use Static Routing When:

•Stub network with single exit — Only one path exists; no routing decision needed
•Small network (< 10 routers) — Manual configuration is manageable
•Stable topology — Links/paths rarely change
•Security requirements — Dynamic protocols are restricted
•Default route only — Single upstream; just need default gateway
•Floating static routes — Backup paths with high administrative distance

Avoid Static Routing When:

•Multiple paths exist — Manual failover is error-prone and slow
•Topology changes frequently — Constant reconfiguration is unsustainable
•Large network — Configuration becomes unmanageable
•Redundancy is critical — Need automatic failover without intervention
•Load balancing needed — Static routes don't balance across equal paths
•Complex topology — Multiple interconnected sites with various paths

Static Routing Examples

Cisco IOS

! Basic static route to network via next-hop
ip route 10.20.0.0 255.255.0.0 192.168.1.1
 
! Static route to network via interface (point-to-point links)
ip route 10.30.0.0 255.255.0.0 GigabitEthernet0/1
 
! Default route (gateway of last resort)
ip route 0.0.0.0 0.0.0.0 192.168.1.1
 
! Floating static route (backup - higher AD than dynamic protocol)
! OSPF AD = 110, so use higher for backup
ip route 10.20.0.0 255.255.0.0 192.168.2.1 150
 
! Static route with tracking (failover based on IP SLA)
ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
 threshold 1000
 frequency 5
ip sla schedule 1 life forever start-time now
 
track 1 ip sla 1 reachability
 
! Primary route tracked; fails over if SLA fails
ip route 0.0.0.0 0.0.0.0 192.168.1.1 track 1
ip route 0.0.0.0 0.0.0.0 192.168.2.1 10  ! Backup with higher AD

Hybrid Approach: Static + Dynamic

Many networks combine static and dynamic routing:

Static for Internet egress: Default route to upstream provider
Dynamic for internal: OSPF/EIGRP between internal routers
Static for partner connections: Specific routes to partner networks via dedicated links
Dynamic for data center: Full IGP deployment for redundancy and load balancing

This hybrid approach uses each method where it's most appropriate—static for stable, simple paths; dynamic for complex, redundant internal routing.

The Scaling Cliff

Static routing works well until it suddenly doesn't. A network with 5 routers and 10 static routes is manageable. When that grows to 20 routers with 50 routes and 3 redundant paths each, static routing becomes a liability—impossible to maintain accurately, slow to update, prone to human error. Plan for dynamic routing before you hit this cliff.

IGP Selection: Choosing Between RIP, OSPF, IS-IS, and EIGRP

When dynamic interior routing is needed, choosing the right IGP is critical. Here's a comprehensive decision matrix:

IGP Selection Matrix
Scenario	Recommended	Rationale
Very small network (< 10 routers), simplicity paramount	RIP (v2)	Minimal configuration; limitations don't matter at this scale
Small-medium enterprise, Cisco equipment	EIGRP	Fast convergence, simple config, excellent for Cisco shops
Small-medium enterprise, multi-vendor	OSPF	Universal support, well-understood, scalable
Large enterprise, complex topology	OSPF with areas	Hierarchical design controls LSDB size and SPF scope
Service provider core	IS-IS	Proven at scale, excellent TE/SR support, simple hierarchy
Data center (Clos/spine-leaf)	OSPF or IS-IS	Fast convergence needed; OSPF common, IS-IS growing
MPLS network	IS-IS or OSPF	Both have TE extensions; IS-IS slightly preferred by SPs
IPv6 primary or dual-stack	OSPFv3 or IS-IS	Both excellent; choose based on other factors
Need unequal-cost load balancing	EIGRP	Native variance support; OSPF only supports ECMP

Detailed Protocol Comparison:

When to Choose RIP:

Legacy environments where RIP already runs
Extremely simple networks where any IGP works
Educational or lab scenarios
Integration with non-router devices that only support RIP

Reality check: RIP is rarely the right choice for new deployments. Its 15-hop limit, slow convergence, and hop-count-only metric are severe limitations.

When to Choose EIGRP:

All-Cisco environment (or Cisco-dominant with minority other vendors)
Need fastest possible convergence (sub-second with feasible successors)
Want unequal-cost load balancing across multiple paths
Prefer simpler configuration over OSPF's explicit hierarchy
Team has EIGRP expertise and no compelling reason to switch

Consideration: EIGRP is now an IETF RFC (7868), but adoption outside Cisco remains minimal. Long-term multi-vendor strategy may favor OSPF.

When to Choose OSPF:

Multi-vendor environment (universal support)
Need hierarchical design (areas for scaling)
Industry-standard required (many environments mandate open standards)
Segment Routing deployment planned (SR-OSPF is well-supported)
Engineering staff familiar with OSPF from education/certification

Consideration: OSPF is the "safe default" for enterprise networks—well-understood, universally supported, scales well with proper area design.

When to Choose IS-IS:

Service provider core network
Hyperscale data center (Facebook, Google, Microsoft scale)
MPLS Traffic Engineering deployment
Need multi-topology routing (IPv4 and IPv6 with different topologies)
Building a new network without legacy constraints

Consideration: IS-IS has a steeper learning curve but rewards with simpler scaling. If your team knows OSPF and you're not at extreme scale, stick with OSPF.

The Expertise Factor

Don't underestimate operational familiarity. A team that deeply understands OSPF will run it better than one learning IS-IS on the job. Unless there's a compelling technical reason to switch (scale limits, missing features), leveraging existing expertise often outweighs theoretical benefits of alternatives.

When BGP Is Required

BGP operates in a different domain than IGPs. The question isn't "BGP vs. OSPF"—they serve complementary purposes. The question is: Do you need BGP at all?

BGP Is Required When:

Scenarios Requiring BGP

•Multi-homed to multiple ISPs — You have connections to two or more different service providers and need to make intelligent routing decisions about which to use for each destination
•Participating in an Internet Exchange Point (IXP) — IXP peering uses BGP to exchange routes between members
•Operating as an ISP/transit provider — Carrying traffic between other networks requires BGP for route exchange
•Announcing provider-independent (PI) address space — Your own IP allocation announced to multiple upstreams
•Implementing complex routing policy — Need to prefer certain paths based on business relationships (customer > peer > transit)
•Large enterprise with diverse connectivity — Multinational with direct connections to cloud providers, partners, and multiple ISPs

BGP Is NOT Required When:

Single-homed to one ISP: Static default route is sufficient
Multi-connection to same ISP: Provider handles redundancy; you just need their PE routes
Internal routing only: IGPs handle intra-AS routing; BGP is for inter-AS
Small business with basic Internet: Static routing or provider-managed connectivity

eBGP vs. iBGP Deployment:

BGP Deployment Scenarios
Scenario	eBGP Needed?	iBGP Needed?	Notes
Single ISP, static route	No	No	Static default route sufficient
Two ISPs, basic failover	Yes	Maybe	iBGP if multiple internal routers need external routes
Multiple ISPs, traffic engineering	Yes	Yes	Full BGP deployment for policy control
MPLS VPN customer (PE connection)	Yes (or static)	Maybe	Depends on number of sites, provider requirements
Enterprise data center with cloud	Yes	Yes	Direct connects to AWS/Azure/GCP use BGP
Hyperscale/CDN	Yes (extensively)	Yes	Hundreds of eBGP peers, sophisticated iBGP design

Common BGP Deployment Patterns

Scenario Analysis

Scenario 1: Small Business, Two ISPs
─────────────────────────────────────
Connectivity: Fiber from ISP-A, Cable from ISP-B
Requirement: Failover if primary fails
 
Option A: Static routes with IP SLA tracking
  - Simpler, no BGP knowledge needed
  - Works for basic failover
  - No inbound traffic control
 
Option B: eBGP with both ISPs
  - More control over path selection
  - Can announce your prefix (if you have PI space)
  - Influence both inbound and outbound
 
Recommendation: Option A unless you have PI space and 
traffic engineering requirements. Most small businesses
use ISP-assigned addresses and don't need BGP complexity.
 
─────────────────────────────────────
Scenario 2: Enterprise with AWS Direct Connect
─────────────────────────────────────
Connectivity: Direct Connect to AWS, MPLS to WAN, Internet via ISP
 
BGP Required:
  - AWS Direct Connect uses BGP
  - Exchange routes for AWS VPCs and on-prem networks
  - iBGP to distribute routes internally
 
Configuration:
  - eBGP session to AWS (receive VPC routes, advertise on-prem)
  - iBGP mesh or route reflectors internally
  - Redistribution into OSPF/EIGRP carefully controlled

BGP Complexity Warning

BGP adds significant operational complexity: session management, attribute manipulation, policy configuration, security considerations, and potential for route leaks affecting the Internet. Don't deploy BGP just because it seems sophisticated. Deploy it when you genuinely need inter-AS routing capabilities. For single-ISP connectivity, static routes are not only sufficient but preferable.

Designing Multi-Protocol Environments

Real networks often run multiple routing protocols. A service provider might run IS-IS in the core, OSPF in customer-facing segments, and BGP for Internet connectivity. An enterprise might have EIGRP in legacy campus, OSPF in the data center, and BGP for cloud connectivity.

Common Multi-Protocol Architectures:

Converting Mermaid diagram...

Route Redistribution:

When routes must flow between protocols, redistribution is required. This is powerful but dangerous—poorly configured redistribution causes routing loops, suboptimal paths, and network instability.

Redistribution Best Practices:

Minimize redistribution points: Each redistribution point is a potential problem source. Use the fewest possible.
Filter at boundaries: Use route-maps and prefix-lists to allow only intended routes. Never redistribute "everything."
Set sensible metrics: Redistributed routes use default metrics that may not reflect reality. Set appropriate metrics or use metric-type considerations.
Prevent routing loops: In complex topologies with multiple redistribution points, routes can loop. Use techniques like:
- Route tagging (tag routes at redistribution, filter tagged routes at other points)
- Administrative distance tuning
- Distribute-lists blocking specific prefixes
Document thoroughly: Redistribution logic can be subtle. Document what's redistributed where and why.
Test extensively: Redistribution errors may not appear until specific failure scenarios. Test failover cases.

Redistribution Example with Loop Prevention

Cisco IOS

! Redistribution between OSPF and BGP with filtering and tagging
 
! Define what BGP routes to redistribute into OSPF
ip prefix-list BGP-TO-OSPF seq 10 permit 10.0.0.0/8 le 24   ! Allow 10.x.x.x /8 to /24
ip prefix-list BGP-TO-OSPF seq 20 permit 172.16.0.0/12 le 24
ip prefix-list BGP-TO-OSPF seq 100 deny 0.0.0.0/0 le 32     ! Deny all else
 
route-map BGP-TO-OSPF-MAP permit 10
 match ip address prefix-list BGP-TO-OSPF
 set tag 100           ! Tag redistributed routes for loop prevention
 set metric 100        ! Set OSPF metric
 set metric-type type-1
 
router ospf 1
 redistribute bgp 65000 subnets route-map BGP-TO-OSPF-MAP
 
! Define what OSPF routes to redistribute into BGP
! CRITICAL: Don't redistribute routes tagged 100 (they came FROM BGP)
route-map OSPF-TO-BGP-MAP deny 10
 match tag 100         ! Deny routes that were redistributed from BGP (prevent loop)
 
route-map OSPF-TO-BGP-MAP permit 20
 match ip address prefix-list INTERNAL-ONLY
 set community 65000:200
 
router bgp 65000
 redistribute ospf 1 route-map OSPF-TO-BGP-MAP

Administrative Distance

When multiple sources provide routes to the same destination, Administrative Distance (AD) determines which wins: Connected (0) > Static (1) > eBGP (20) > EIGRP (90) > OSPF (110) > IS-IS (115) > RIP (120) > iBGP (200). Lower AD is preferred. In multi-protocol environments, understand AD to predict which route will be installed.

Convergence and Failover Design

Fast failover is often critical, but achieving it requires deliberate design. Different protocols converge at different speeds, and various techniques can accelerate recovery.

Convergence Times by Protocol
Protocol	Default Convergence	Optimized Convergence	Technique
Static	No automatic failover	~1-5 seconds	IP SLA tracking
RIP	~3-5 minutes	~30 seconds	Triggered updates, timer tuning
EIGRP	~seconds (with FS)	Sub-second	Feasible successors, BFD
OSPF	~40 seconds	~1-5 seconds	SPF tuning, BFD, fast hellos
IS-IS	~40 seconds	~1-5 seconds	SPF tuning, BFD, fast hellos
BGP	~minutes	~seconds	BFD, reduced timers (careful!)

Bidirectional Forwarding Detection (BFD):

BFD is a protocol-independent failure detection mechanism. It detects link failures in milliseconds (typically 50-300ms) and notifies the routing protocol, which can then immediately reconverge.

Why BFD is essential:

Routing protocol hellos are slow (10-30 seconds typical)
Even "fast" hellos (1-second) with 3-second dead times are too slow for some requirements
BFD operates at sub-second granularity
Works with OSPF, IS-IS, EIGRP, BGP, static routes

BFD Design Considerations:

CPU impact: Fast BFD (50ms intervals) adds load
Platform support: Hardware-assisted BFD is preferred for sub-100ms timers
Asymmetric detection: Detect failures even when only one direction fails

BFD Configuration Examples

Cisco IOS

! Enable BFD on an interface
interface GigabitEthernet0/0
 ip address 10.1.1.1 255.255.255.0
 bfd interval 100 min_rx 100 multiplier 3
 ! 100ms intervals, 300ms detection time
 
! Enable BFD for OSPF neighbors
router ospf 1
 bfd all-interfaces    ! Apply to all OSPF interfaces
 
! Enable BFD for BGP neighbor
router bgp 65000
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 fall-over bfd
 
! Enable BFD for EIGRP
router eigrp 100
 bfd all-interfaces
 
! Enable BFD for static routes
ip route 10.20.0.0 255.255.0.0 10.1.1.2 track 10
!
bfd-template single-hop BFD-STATIC
 interval min-tx 100 min-rx 100 multiplier 3
!
ip route static bfd GigabitEthernet0/0 10.1.1.2 template BFD-STATIC

Other Convergence Optimization Techniques

•IGP Timer Tuning — Reduce hello/dead intervals (e.g., OSPF 1s/3s), but balance against CPU and stability
•SPF Throttling — Configure SPF delay to run quickly for first event, then back off for subsequent events
•LSA Pacing — Control LSA generation rate to prevent storms during churn
•Incremental SPF — Modern implementations recalculate only affected portions of the tree
•LFA/rLFA (Loop-Free Alternates) — Pre-computed backup paths installed in forwarding plane for immediate failover
•MPLS Fast Reroute — Pre-computed bypass tunnels for sub-50ms protection

Convergence vs. Stability Trade-off

Aggressive timer tuning (sub-second hellos, minimal SPF delays) can cause instability. A flapping link triggers constant reconvergence, consuming CPU and potentially causing cascading failures. For production networks, aim for 'fast enough' rather than 'as fast as possible.' Sub-second BFD with standard routing timers often provides the best balance.

Migrating Between Routing Protocols

Protocol migrations are among the riskiest network operations. A botched migration can cause widespread outages. Careful planning and phased execution are essential.

Migration Strategies:

Ships-in-the-Night (Parallel)

•Run both protocols simultaneously
•New protocol active but less preferred (higher AD)
•Validate new protocol at each stage
•Flip preference once confident
•Remove old protocol after stabilization
•Pro: Rollback is easy (change AD back)
•Con: Resource overhead during transition

Redistribution-Based

•Deploy new protocol in one area
•Redistribute between old and new
•Gradually expand new protocol territory
•Shrink redistribution scope
•Eventually eliminate redistribution
•Pro: Phased, controlled migration
•Con: Redistribution complexity

Migration Best Practices:

Plan extensively — Document current state, target state, and each intermediate step
Lab validation — Test the migration process in a lab environment that mirrors production
Change windows — Schedule migrations during low-traffic periods with sufficient time for rollback
Rollback procedures — Document and test rollback before starting; know exactly how to revert
Staged rollout — Migrate one segment at a time; validate before proceeding
Monitoring — Watch routing tables, neighbor states, and traffic patterns throughout
Post-migration validation — Confirm routing is correct from multiple vantage points
Stabilization period — Keep old configuration available for quick rollback for days/weeks

EIGRP to OSPF Migration Example

Migration Steps

EIGRP to OSPF Migration (Ships-in-the-Night Approach)
═══════════════════════════════════════════════════════
 
Phase 1: Preparation
────────────────────
a) Document all EIGRP networks, metrics, and configurations
b) Design OSPF area topology
c) Create OSPF configuration templates
d) Test in lab environment
 
Phase 2: Deploy OSPF (Shadow Mode)
──────────────────────────────────
! On each router, configure OSPF but make it less preferred
router ospf 1
 router-id 1.1.1.1
 passive-interface default
 no passive-interface GigabitEthernet0/0
 network 10.0.0.0 0.255.255.255 area 0
 
! Increase OSPF's administrative distance temporarily
distance ospf external 170     ! Above EIGRP External (170)
distance ospf inter-area 115   ! Above EIGRP (90)
distance ospf intra-area 115   ! Above EIGRP (90)
 
! Verify OSPF neighbors form, routes appear in RIB but not preferred
 
Phase 3: Validate OSPF
──────────────────────
- Confirm all neighbors established
- Verify OSPF routing table matches EIGRP
- Test traffic paths using traceroute
- Check for any OSPF-specific issues (DR election, area types)
 
Phase 4: Flip Preference
────────────────────────
! Remove custom distances, let OSPF win (default AD 110 < EIGRP 90... wait)
! Actually EIGRP AD (90) is lower than OSPF (110), so:
! Option A: Increase EIGRP AD
router eigrp 100
 distance eigrp 120 120     ! Now OSPF (110) preferred
 
! Option B: Use route-maps for specific control
! This provides more granular control per prefix if needed
 
Phase 5: Stabilization
──────────────────────
- Monitor for 24-48 hours minimum
- Verify no unexpected behavior
- Keep EIGRP running as backup
 
Phase 6: Cleanup
────────────────
- Remove EIGRP configuration
- Remove temporary AD configurations
- Update documentation
- Archive EIGRP configurations

The Golden Rule of Migration

Never rush a routing protocol migration. The time spent in parallel operation, validation, and staged rollout is far less costly than an outage caused by aggressive cutover. If business pressure demands speed, push back with clear explanation of risks. A few extra days of parallel operation versus potential production outage is an easy cost-benefit analysis.

Summary: Protocol Selection Mastery

We've developed a comprehensive framework for routing protocol selection. Let's consolidate the key insights:

Key Takeaways

•Systematic selection beats instinct — Use a framework analyzing scale, convergence, vendor environment, expertise, and future requirements.
•Static routing has its place — For simple, stable topologies, static routes are simpler, more predictable, and less resource-intensive than dynamic protocols.
•IGP selection depends on context — OSPF for multi-vendor enterprise, EIGRP for Cisco shops, IS-IS for service provider scale. RIP only for legacy or trivial cases.
•BGP is for inter-AS routing — Deploy BGP when you need multi-homing, IXP participation, or complex policy routing—not as an IGP.
•Multi-protocol environments need careful design — Redistribution is powerful but dangerous; filter, tag, and document thoroughly.
•Convergence requires deliberate design — BFD, timer tuning, and architectural choices (LFA, etc.) achieve sub-second failover when needed.
•Migrations require patience and planning — Parallel operation, staged rollout, and tested rollback procedures prevent outages.

What's Next:

With protocol selection mastered, we'll complete our exploration of the interior vs. exterior distinction by examining AS boundaries—the demarcation points where IGP gives way to BGP, where administrative domains meet, and where routing policy translates to business reality.

Page Complete

You now possess a complete decision-making framework for routing protocol selection. From static routes to multi-protocol environments, from convergence optimization to safe migrations, you understand how to choose and deploy routing solutions that match your network's requirements. This knowledge transforms you from someone who configures routing to someone who designs routing architectures.

Protocol Selection

Choosing the Right Tool for the Job

This page equips you with a protocol selection framework—a methodology for analyzing network requirements and matching them to the right routing solution.

What You Will Learn

The Protocol Selection Framework

Protocol selection should be systematic, not instinctive. The following framework provides a structured approach to analyzing requirements and selecting protocols.

Step 1: Define the Routing Domain

First, identify what you're routing:

Single site: Campus, data center, branch office
Multiple sites under common management: Enterprise WAN
Multiple organizations: Service provider, Internet connectivity
Hybrid: Mix of internal and external routing requirements

This immediately suggests IGP vs. EGP scope.

Step 2: Analyze Key Requirements

Protocol Selection Requirements Analysis
Requirement	Questions to Ask	Protocol Implications
Scale	How many routers? Networks? Routes?	Small: Any IGP. Large: OSPF areas, IS-IS, route reflectors
Convergence	How fast must routes recover?	Fast: EIGRP, tuned OSPF/IS-IS + BFD. Standard: Default timers
Vendor environment	Single vendor or multi-vendor?	Cisco-only: EIGRP viable. Multi-vendor: OSPF, IS-IS
Existing expertise	What does the team know?	Leverage existing knowledge when appropriate
Traffic engineering	Need path control beyond shortest path?	MPLS-TE: IS-IS/OSPF extensions. BGP for inter-AS TE
Redundancy model	Active-active? Active-passive?	EIGRP variance for unequal load balancing. OSPF equal-cost
Address family	IPv4, IPv6, or dual-stack?	All modern IGPs support both; check deployment specifics
Future growth	How will requirements evolve?	Design for 3-5x growth; choose protocols that scale

Step 3: Consider Operational Factors

Configuration complexity: How much ongoing management overhead?
Troubleshooting difficulty: How easy to diagnose issues?
Automation compatibility: Does protocol support modern automation (NETCONF, gRPC)?
Monitoring and visibility: What tools exist for observability?
Documentation: How well-understood is the protocol internally?

Step 4: Evaluate Trade-offs

No protocol is optimal in all dimensions. Common trade-offs:

Trade-off	Option A	Option B
Simplicity vs. Features	RIP (simple, limited)	OSPF (complex, rich)
Speed vs. Stability	Fast timers (responsive, flappy)	Slow timers (stable, slow)
Vendor lock-in vs. Features	EIGRP (Cisco features)	OSPF (portable)
Flat vs. Hierarchical	Simpler config	Better scaling

Document Your Decision

When Static Routing Is Sufficient

Before selecting a dynamic routing protocol, consider whether static routing meets your needs. Dynamic protocols add complexity; if that complexity isn't justified, static routes are preferable.

Static Routing Advantages:

Zero protocol overhead: No CPU cycles for route calculation, no bandwidth for updates
Predictable behavior: Routes don't change unexpectedly
Simple security: No routing protocol authentication needed
Reduced attack surface: No routing protocol to exploit
Deterministic paths: Traffic always follows the configured path

Use Static Routing When:

•Stub network with single exit — Only one path exists; no routing decision needed
•Small network (< 10 routers) — Manual configuration is manageable
•Stable topology — Links/paths rarely change
•Security requirements — Dynamic protocols are restricted
•Default route only — Single upstream; just need default gateway
•Floating static routes — Backup paths with high administrative distance

Avoid Static Routing When:

•Multiple paths exist — Manual failover is error-prone and slow
•Topology changes frequently — Constant reconfiguration is unsustainable
•Large network — Configuration becomes unmanageable
•Redundancy is critical — Need automatic failover without intervention
•Load balancing needed — Static routes don't balance across equal paths
•Complex topology — Multiple interconnected sites with various paths

Static Routing Examples

Cisco IOS

! Basic static route to network via next-hop
ip route 10.20.0.0 255.255.0.0 192.168.1.1
 
! Static route to network via interface (point-to-point links)
ip route 10.30.0.0 255.255.0.0 GigabitEthernet0/1
 
! Default route (gateway of last resort)
ip route 0.0.0.0 0.0.0.0 192.168.1.1
 
! Floating static route (backup - higher AD than dynamic protocol)
! OSPF AD = 110, so use higher for backup
ip route 10.20.0.0 255.255.0.0 192.168.2.1 150
 
! Static route with tracking (failover based on IP SLA)
ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
 threshold 1000
 frequency 5
ip sla schedule 1 life forever start-time now
 
track 1 ip sla 1 reachability
 
! Primary route tracked; fails over if SLA fails
ip route 0.0.0.0 0.0.0.0 192.168.1.1 track 1
ip route 0.0.0.0 0.0.0.0 192.168.2.1 10  ! Backup with higher AD

Hybrid Approach: Static + Dynamic

Many networks combine static and dynamic routing:

Static for Internet egress: Default route to upstream provider
Dynamic for internal: OSPF/EIGRP between internal routers
Static for partner connections: Specific routes to partner networks via dedicated links
Dynamic for data center: Full IGP deployment for redundancy and load balancing

This hybrid approach uses each method where it's most appropriate—static for stable, simple paths; dynamic for complex, redundant internal routing.

The Scaling Cliff

IGP Selection: Choosing Between RIP, OSPF, IS-IS, and EIGRP

When dynamic interior routing is needed, choosing the right IGP is critical. Here's a comprehensive decision matrix:

IGP Selection Matrix
Scenario	Recommended	Rationale
Very small network (< 10 routers), simplicity paramount	RIP (v2)	Minimal configuration; limitations don't matter at this scale
Small-medium enterprise, Cisco equipment	EIGRP	Fast convergence, simple config, excellent for Cisco shops
Small-medium enterprise, multi-vendor	OSPF	Universal support, well-understood, scalable
Large enterprise, complex topology	OSPF with areas	Hierarchical design controls LSDB size and SPF scope
Service provider core	IS-IS	Proven at scale, excellent TE/SR support, simple hierarchy
Data center (Clos/spine-leaf)	OSPF or IS-IS	Fast convergence needed; OSPF common, IS-IS growing
MPLS network	IS-IS or OSPF	Both have TE extensions; IS-IS slightly preferred by SPs
IPv6 primary or dual-stack	OSPFv3 or IS-IS	Both excellent; choose based on other factors
Need unequal-cost load balancing	EIGRP	Native variance support; OSPF only supports ECMP

Detailed Protocol Comparison:

When to Choose RIP:

Legacy environments where RIP already runs
Extremely simple networks where any IGP works
Educational or lab scenarios
Integration with non-router devices that only support RIP

Reality check: RIP is rarely the right choice for new deployments. Its 15-hop limit, slow convergence, and hop-count-only metric are severe limitations.

When to Choose EIGRP:

All-Cisco environment (or Cisco-dominant with minority other vendors)
Need fastest possible convergence (sub-second with feasible successors)
Want unequal-cost load balancing across multiple paths
Prefer simpler configuration over OSPF's explicit hierarchy
Team has EIGRP expertise and no compelling reason to switch

Consideration: EIGRP is now an IETF RFC (7868), but adoption outside Cisco remains minimal. Long-term multi-vendor strategy may favor OSPF.

When to Choose OSPF:

Multi-vendor environment (universal support)
Need hierarchical design (areas for scaling)
Industry-standard required (many environments mandate open standards)
Segment Routing deployment planned (SR-OSPF is well-supported)
Engineering staff familiar with OSPF from education/certification

Consideration: OSPF is the "safe default" for enterprise networks—well-understood, universally supported, scales well with proper area design.

When to Choose IS-IS:

Service provider core network
Hyperscale data center (Facebook, Google, Microsoft scale)
MPLS Traffic Engineering deployment
Need multi-topology routing (IPv4 and IPv6 with different topologies)
Building a new network without legacy constraints

Consideration: IS-IS has a steeper learning curve but rewards with simpler scaling. If your team knows OSPF and you're not at extreme scale, stick with OSPF.

The Expertise Factor

When BGP Is Required

BGP operates in a different domain than IGPs. The question isn't "BGP vs. OSPF"—they serve complementary purposes. The question is: Do you need BGP at all?

BGP Is Required When:

Scenarios Requiring BGP

•Multi-homed to multiple ISPs — You have connections to two or more different service providers and need to make intelligent routing decisions about which to use for each destination
•Participating in an Internet Exchange Point (IXP) — IXP peering uses BGP to exchange routes between members
•Operating as an ISP/transit provider — Carrying traffic between other networks requires BGP for route exchange
•Announcing provider-independent (PI) address space — Your own IP allocation announced to multiple upstreams
•Implementing complex routing policy — Need to prefer certain paths based on business relationships (customer > peer > transit)
•Large enterprise with diverse connectivity — Multinational with direct connections to cloud providers, partners, and multiple ISPs

BGP Is NOT Required When:

Single-homed to one ISP: Static default route is sufficient
Multi-connection to same ISP: Provider handles redundancy; you just need their PE routes
Internal routing only: IGPs handle intra-AS routing; BGP is for inter-AS
Small business with basic Internet: Static routing or provider-managed connectivity

eBGP vs. iBGP Deployment:

BGP Deployment Scenarios
Scenario	eBGP Needed?	iBGP Needed?	Notes
Single ISP, static route	No	No	Static default route sufficient
Two ISPs, basic failover	Yes	Maybe	iBGP if multiple internal routers need external routes
Multiple ISPs, traffic engineering	Yes	Yes	Full BGP deployment for policy control
MPLS VPN customer (PE connection)	Yes (or static)	Maybe	Depends on number of sites, provider requirements
Enterprise data center with cloud	Yes	Yes	Direct connects to AWS/Azure/GCP use BGP
Hyperscale/CDN	Yes (extensively)	Yes	Hundreds of eBGP peers, sophisticated iBGP design

Common BGP Deployment Patterns

Scenario Analysis

Scenario 1: Small Business, Two ISPs
─────────────────────────────────────
Connectivity: Fiber from ISP-A, Cable from ISP-B
Requirement: Failover if primary fails
 
Option A: Static routes with IP SLA tracking
  - Simpler, no BGP knowledge needed
  - Works for basic failover
  - No inbound traffic control
 
Option B: eBGP with both ISPs
  - More control over path selection
  - Can announce your prefix (if you have PI space)
  - Influence both inbound and outbound
 
Recommendation: Option A unless you have PI space and 
traffic engineering requirements. Most small businesses
use ISP-assigned addresses and don't need BGP complexity.
 
─────────────────────────────────────
Scenario 2: Enterprise with AWS Direct Connect
─────────────────────────────────────
Connectivity: Direct Connect to AWS, MPLS to WAN, Internet via ISP
 
BGP Required:
  - AWS Direct Connect uses BGP
  - Exchange routes for AWS VPCs and on-prem networks
  - iBGP to distribute routes internally
 
Configuration:
  - eBGP session to AWS (receive VPC routes, advertise on-prem)
  - iBGP mesh or route reflectors internally
  - Redistribution into OSPF/EIGRP carefully controlled

BGP Complexity Warning

Designing Multi-Protocol Environments

Common Multi-Protocol Architectures:

Converting Mermaid diagram...

Route Redistribution:

Redistribution Best Practices:

Minimize redistribution points: Each redistribution point is a potential problem source. Use the fewest possible.
Filter at boundaries: Use route-maps and prefix-lists to allow only intended routes. Never redistribute "everything."
Set sensible metrics: Redistributed routes use default metrics that may not reflect reality. Set appropriate metrics or use metric-type considerations.
Prevent routing loops: In complex topologies with multiple redistribution points, routes can loop. Use techniques like:
- Route tagging (tag routes at redistribution, filter tagged routes at other points)
- Administrative distance tuning
- Distribute-lists blocking specific prefixes
Document thoroughly: Redistribution logic can be subtle. Document what's redistributed where and why.
Test extensively: Redistribution errors may not appear until specific failure scenarios. Test failover cases.

Redistribution Example with Loop Prevention

Cisco IOS

! Redistribution between OSPF and BGP with filtering and tagging
 
! Define what BGP routes to redistribute into OSPF
ip prefix-list BGP-TO-OSPF seq 10 permit 10.0.0.0/8 le 24   ! Allow 10.x.x.x /8 to /24
ip prefix-list BGP-TO-OSPF seq 20 permit 172.16.0.0/12 le 24
ip prefix-list BGP-TO-OSPF seq 100 deny 0.0.0.0/0 le 32     ! Deny all else
 
route-map BGP-TO-OSPF-MAP permit 10
 match ip address prefix-list BGP-TO-OSPF
 set tag 100           ! Tag redistributed routes for loop prevention
 set metric 100        ! Set OSPF metric
 set metric-type type-1
 
router ospf 1
 redistribute bgp 65000 subnets route-map BGP-TO-OSPF-MAP
 
! Define what OSPF routes to redistribute into BGP
! CRITICAL: Don't redistribute routes tagged 100 (they came FROM BGP)
route-map OSPF-TO-BGP-MAP deny 10
 match tag 100         ! Deny routes that were redistributed from BGP (prevent loop)
 
route-map OSPF-TO-BGP-MAP permit 20
 match ip address prefix-list INTERNAL-ONLY
 set community 65000:200
 
router bgp 65000
 redistribute ospf 1 route-map OSPF-TO-BGP-MAP

Administrative Distance

Convergence and Failover Design

Fast failover is often critical, but achieving it requires deliberate design. Different protocols converge at different speeds, and various techniques can accelerate recovery.

Convergence Times by Protocol
Protocol	Default Convergence	Optimized Convergence	Technique
Static	No automatic failover	~1-5 seconds	IP SLA tracking
RIP	~3-5 minutes	~30 seconds	Triggered updates, timer tuning
EIGRP	~seconds (with FS)	Sub-second	Feasible successors, BFD
OSPF	~40 seconds	~1-5 seconds	SPF tuning, BFD, fast hellos
IS-IS	~40 seconds	~1-5 seconds	SPF tuning, BFD, fast hellos
BGP	~minutes	~seconds	BFD, reduced timers (careful!)

Bidirectional Forwarding Detection (BFD):

BFD is a protocol-independent failure detection mechanism. It detects link failures in milliseconds (typically 50-300ms) and notifies the routing protocol, which can then immediately reconverge.

Why BFD is essential:

Routing protocol hellos are slow (10-30 seconds typical)
Even "fast" hellos (1-second) with 3-second dead times are too slow for some requirements
BFD operates at sub-second granularity
Works with OSPF, IS-IS, EIGRP, BGP, static routes

BFD Design Considerations:

CPU impact: Fast BFD (50ms intervals) adds load
Platform support: Hardware-assisted BFD is preferred for sub-100ms timers
Asymmetric detection: Detect failures even when only one direction fails

BFD Configuration Examples

Cisco IOS

! Enable BFD on an interface
interface GigabitEthernet0/0
 ip address 10.1.1.1 255.255.255.0
 bfd interval 100 min_rx 100 multiplier 3
 ! 100ms intervals, 300ms detection time
 
! Enable BFD for OSPF neighbors
router ospf 1
 bfd all-interfaces    ! Apply to all OSPF interfaces
 
! Enable BFD for BGP neighbor
router bgp 65000
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 fall-over bfd
 
! Enable BFD for EIGRP
router eigrp 100
 bfd all-interfaces
 
! Enable BFD for static routes
ip route 10.20.0.0 255.255.0.0 10.1.1.2 track 10
!
bfd-template single-hop BFD-STATIC
 interval min-tx 100 min-rx 100 multiplier 3
!
ip route static bfd GigabitEthernet0/0 10.1.1.2 template BFD-STATIC

Other Convergence Optimization Techniques

•IGP Timer Tuning — Reduce hello/dead intervals (e.g., OSPF 1s/3s), but balance against CPU and stability
•SPF Throttling — Configure SPF delay to run quickly for first event, then back off for subsequent events
•LSA Pacing — Control LSA generation rate to prevent storms during churn
•Incremental SPF — Modern implementations recalculate only affected portions of the tree
•LFA/rLFA (Loop-Free Alternates) — Pre-computed backup paths installed in forwarding plane for immediate failover
•MPLS Fast Reroute — Pre-computed bypass tunnels for sub-50ms protection

Convergence vs. Stability Trade-off

Migrating Between Routing Protocols

Protocol migrations are among the riskiest network operations. A botched migration can cause widespread outages. Careful planning and phased execution are essential.

Migration Strategies:

Ships-in-the-Night (Parallel)

•Run both protocols simultaneously
•New protocol active but less preferred (higher AD)
•Validate new protocol at each stage
•Flip preference once confident
•Remove old protocol after stabilization
•Pro: Rollback is easy (change AD back)
•Con: Resource overhead during transition

Redistribution-Based

•Deploy new protocol in one area
•Redistribute between old and new
•Gradually expand new protocol territory
•Shrink redistribution scope
•Eventually eliminate redistribution
•Pro: Phased, controlled migration
•Con: Redistribution complexity

Migration Best Practices:

Plan extensively — Document current state, target state, and each intermediate step
Lab validation — Test the migration process in a lab environment that mirrors production
Change windows — Schedule migrations during low-traffic periods with sufficient time for rollback
Rollback procedures — Document and test rollback before starting; know exactly how to revert
Staged rollout — Migrate one segment at a time; validate before proceeding
Monitoring — Watch routing tables, neighbor states, and traffic patterns throughout
Post-migration validation — Confirm routing is correct from multiple vantage points
Stabilization period — Keep old configuration available for quick rollback for days/weeks

EIGRP to OSPF Migration Example

Migration Steps

EIGRP to OSPF Migration (Ships-in-the-Night Approach)
═══════════════════════════════════════════════════════
 
Phase 1: Preparation
────────────────────
a) Document all EIGRP networks, metrics, and configurations
b) Design OSPF area topology
c) Create OSPF configuration templates
d) Test in lab environment
 
Phase 2: Deploy OSPF (Shadow Mode)
──────────────────────────────────
! On each router, configure OSPF but make it less preferred
router ospf 1
 router-id 1.1.1.1
 passive-interface default
 no passive-interface GigabitEthernet0/0
 network 10.0.0.0 0.255.255.255 area 0
 
! Increase OSPF's administrative distance temporarily
distance ospf external 170     ! Above EIGRP External (170)
distance ospf inter-area 115   ! Above EIGRP (90)
distance ospf intra-area 115   ! Above EIGRP (90)
 
! Verify OSPF neighbors form, routes appear in RIB but not preferred
 
Phase 3: Validate OSPF
──────────────────────
- Confirm all neighbors established
- Verify OSPF routing table matches EIGRP
- Test traffic paths using traceroute
- Check for any OSPF-specific issues (DR election, area types)
 
Phase 4: Flip Preference
────────────────────────
! Remove custom distances, let OSPF win (default AD 110 < EIGRP 90... wait)
! Actually EIGRP AD (90) is lower than OSPF (110), so:
! Option A: Increase EIGRP AD
router eigrp 100
 distance eigrp 120 120     ! Now OSPF (110) preferred
 
! Option B: Use route-maps for specific control
! This provides more granular control per prefix if needed
 
Phase 5: Stabilization
──────────────────────
- Monitor for 24-48 hours minimum
- Verify no unexpected behavior
- Keep EIGRP running as backup
 
Phase 6: Cleanup
────────────────
- Remove EIGRP configuration
- Remove temporary AD configurations
- Update documentation
- Archive EIGRP configurations

The Golden Rule of Migration

Summary: Protocol Selection Mastery

We've developed a comprehensive framework for routing protocol selection. Let's consolidate the key insights:

Key Takeaways

•Systematic selection beats instinct — Use a framework analyzing scale, convergence, vendor environment, expertise, and future requirements.
•Static routing has its place — For simple, stable topologies, static routes are simpler, more predictable, and less resource-intensive than dynamic protocols.
•IGP selection depends on context — OSPF for multi-vendor enterprise, EIGRP for Cisco shops, IS-IS for service provider scale. RIP only for legacy or trivial cases.
•BGP is for inter-AS routing — Deploy BGP when you need multi-homing, IXP participation, or complex policy routing—not as an IGP.
•Multi-protocol environments need careful design — Redistribution is powerful but dangerous; filter, tag, and document thoroughly.
•Convergence requires deliberate design — BFD, timer tuning, and architectural choices (LFA, etc.) achieve sub-second failover when needed.
•Migrations require patience and planning — Parallel operation, staged rollout, and tested rollback procedures prevent outages.

What's Next:

Page Complete