{"id":5197,"date":"2024-09-09T06:38:14","date_gmt":"2024-09-09T11:38:14","guid":{"rendered":"http:\/\/109.199.106.156\/~indeni\/wp\/?p=1574"},"modified":"2024-09-09T06:38:14","modified_gmt":"2024-09-09T11:38:14","slug":"network-summarizations-made-easy","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/09\/09\/network-summarizations-made-easy\/","title":{"rendered":"Network Summarizations Made Easy"},"content":{"rendered":"<p>Network summarization is rather simple to setup, yet may be potent if not done properly. I wanted to share some of my insight with you regarding this topic. We all know that some of the most popular dynamic routing protocols would summarize network automatically for you if you configured them to, for example, <a target=\"_blank\" href=\"https:\/\/indeni.com\/how-to-configure-eigrp\/\" rel=\"noopener\">EIGRP<\/a> and RIP allow for automatic summarization while OSPF does not. With that said, most network admins would avoid setting up automatic summarization as this is very error prone and usually results in network summarizations being too loose. I recently added a signature to indeni\u2019s Dynamic Knowledge platform that helps users out with network summarization. In this signature, we take all the summarized routes and look at them to make sure that they are as summarized as possible. If they are not, we propose a more summarized option for the user.<\/p>\n<p>The way we actually do it is quite simple, we use \u201cshow ip routes\u201d to get all the routes including those summarized. We then select all the summarized routes and check whether they are loose and could be \u201ctightened up\u201d.<\/p>\n<p><strong>Here is what it looks like on indeni:<\/strong><\/p>\n<blockquote readability=\"13\">\n<p><strong>Alert Description:<\/strong><\/p>\n<p>Network summarizations might be too loose. Some of the network summaries can be tightened and still contain all the currently summarized networks. The following loose networks have been found: 10.10.0.0\/16 192.0.0.0\/8<\/p>\n<p><strong>Manual Remediation steps:<\/strong><\/p>\n<p>The suggested networks summarizations can be manually configured using the command: \u201cip summary-address PROTOCOL x.x.x.x x.x.x.x\u201d Auto summarization can be turned off by manually issuing the command \u201cno auto-summary\u201d under the relevant protocol configuration.<\/p>\n<\/blockquote>\n<p><strong>For those of you who choose to do it manually, here is how you summarize routes:<\/strong><\/p>\n<p>Say you want to summarize these networks: 192.168.4.0\/24 192.168.5.0\/23 192.168.6.0\/24<\/p>\n<p>First thing you have to do is convert the networks into their binary octets (here is a simple <a target=\"_blank\" href=\"https:\/\/indeni.com\/decimal-to-binary-conversion-table-for-ip-networks\" rel=\"noopener\">conversion table<\/a>) 192.168.4.0 \/ 24 turns into 11000000.10101000.00000100.00000000 \/ 24 192.168.5.0 \/ 23 turns into 11000000.10101000.00000101.00000000 \/ 23 192.168.6.0 \/ 22 turns into 11000000.10101000.00000110.00000000 \/ 22 A \/ 24 mask is translated to 24 one bits followed by 32-24=8 trailing zeros: 11111111.11111111.11111111.00000000 To apply the mask you have to do a bitwise AND between the network and its mask.<\/p>\n<p>1100 0000 .1010 1000 .0000 0100 .<strong>0000 0000<\/strong> &amp;<\/p>\n<p><span>1111 1111 .1111 1111 .1111 1111 .<strong>0000 0000<\/strong><\/span><\/p>\n<p>1100 0000 .1010 1000 .0000 0100 .0000 0000<\/p>\n<p>1100 0000 .1010 1000 .0000 010<strong>1 .0000 0000<\/strong> &amp;<\/p>\n<p><span>1111 &nbsp;1111 .1111 &nbsp;1111 &nbsp;.1111 111<strong>0 &nbsp;.0000 0000<\/strong><\/span><\/p>\n<p>1100 0000 .1010 1000 .0000 0100 .0000 0000<\/p>\n<p>1100 0000.1010 1000 .0000 0110.<strong>0000 0000<\/strong> &amp;<\/p>\n<p><span>1111 1111 .1111 1111 .1111 1111 .<strong>0000 0000<\/strong><\/span><\/p>\n<p>1100 0000.1010 1000. 0000 0110.0000 0000<\/p>\n<p>Notice that the first two networks are the same.<\/p>\n<p>Now, let\u2019s look at our networks and summarize them, summarizing the networks is all about finding a common prefix.<\/p>\n<p>11000000.00000000.00000000.00000000 is a common prefix for both our networks, but so is 11000000.10101000.00000000.00000000 so how do you choose?<\/p>\n<p>Each of the proposed summarizations contain networks that we didn\u2019t want to include in our summary and the rule of thumb in our case says: \u201cThe tighter the summary is, the less unwanted networks are included in it\u201d.<\/p>\n<p>The tightest summary is the longest common prefix between all summarized networks, and in our case it\u2019s: <strong>11000000.10101000.000001<\/strong>00.00000000<\/p>\n<p>Which translates back (use the <a target=\"_blank\" href=\"https:\/\/indeni.com\/decimal-to-binary-conversion-table-for-ip-networks\" rel=\"noopener\">table<\/a>) to the original network of: <strong>192.168.4.0<\/strong><\/p>\n<p><a href=\"https:\/\/bluecatnetworks.com\/thought-leadership\/network-summarizations-made-easy\/\">BlueCat Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Network summarization is rather simple to setup, yet may be<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2632,2631],"tags":[2634,2633],"class_list":["post-5197","post","type-post","status-publish","format-standard","hentry","category-network-summarization","category-thought-leadership","tag-network-summarization","tag-thought-leadership"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Blue Cat","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/bluecat\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/network-summarization\/\" rel=\"category tag\">Network Summarization<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/thought-leadership\/\" rel=\"category tag\">Thought Leadership<\/a>","tag_info":"Thought Leadership","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5197","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5197"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5197\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5197"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5197"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5197"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}