Network Summarizations Made Easy

Network summarization is rather simple to setup, yet may be potent if not done properly. I wanted to share some of my insight with you regarding this topic. We all know that some of the most popular dynamic routing protocols would summarize network automatically for you if you configured them to, for example, EIGRP and RIP allow for automatic summarization while OSPF does not. With that said, most network admins would avoid setting up automatic summarization as this is very error prone and usually results in network summarizations being too loose. I recently added a signature to indeni’s Dynamic Knowledge platform that helps users out with network summarization. In this signature, we take all the summarized routes and look at them to make sure that they are as summarized as possible. If they are not, we propose a more summarized option for the user.

The way we actually do it is quite simple, we use “show ip routes” to get all the routes including those summarized. We then select all the summarized routes and check whether they are loose and could be “tightened up”.

Here is what it looks like on indeni:

Alert Description:

Network summarizations might be too loose. Some of the network summaries can be tightened and still contain all the currently summarized networks. The following loose networks have been found: 10.10.0.0/16 192.0.0.0/8

 

Manual Remediation steps:

The suggested networks summarizations can be manually configured using the command: “ip summary-address PROTOCOL x.x.x.x x.x.x.x” Auto summarization can be turned off by manually issuing the command “no auto-summary” under the relevant protocol configuration.

 

For those of you who choose to do it manually, here is how you summarize routes:

Say you want to summarize these networks: 192.168.4.0/24 192.168.5.0/23 192.168.6.0/24

First thing you have to do is convert the networks into their binary octets (here is a simple conversion table) 192.168.4.0 / 24 turns into 11000000.10101000.00000100.00000000 / 24 192.168.5.0 / 23 turns into 11000000.10101000.00000101.00000000 / 23 192.168.6.0 / 22 turns into 11000000.10101000.00000110.00000000 / 22 A / 24 mask is translated to 24 one bits followed by 32-24=8 trailing zeros: 11111111.11111111.11111111.00000000 To apply the mask you have to do a bitwise AND between the network and its mask.

 

1100 0000 .1010 1000 .0000 0100 .0000 0000 &

1111 1111 .1111 1111 .1111 1111 .0000 0000

1100 0000 .1010 1000 .0000 0100 .0000 0000

1100 0000 .1010 1000 .0000 0101 .0000 0000 &

1111  1111 .1111  1111  .1111 1110  .0000 0000

1100 0000 .1010 1000 .0000 0100 .0000 0000

1100 0000.1010 1000 .0000 0110.0000 0000 &

1111 1111 .1111 1111 .1111 1111 .0000 0000

1100 0000.1010 1000. 0000 0110.0000 0000

Notice that the first two networks are the same.

Now, let’s look at our networks and summarize them, summarizing the networks is all about finding a common prefix.

11000000.00000000.00000000.00000000 is a common prefix for both our networks, but so is 11000000.10101000.00000000.00000000 so how do you choose?

Each of the proposed summarizations contain networks that we didn’t want to include in our summary and the rule of thumb in our case says: “The tighter the summary is, the less unwanted networks are included in it”.

The tightest summary is the longest common prefix between all summarized networks, and in our case it’s: 11000000.10101000.00000100.00000000

Which translates back (use the table) to the original network of: 192.168.4.0

Leave a Reply