Resolving Path Selection Issues in Redistributed NetworksNow that you have an understanding of the commands to redistribute into OSPF and EIGRP, you next need to configure the router to redistribute into the edge (or interim) protocol. This edge protocol is often, but not exclusively, an IGP such as RIPv2, IGRP, and EIGRP in Cisco implementations . The process entails going into global configuration mode for the edge routing process and taking one of several approaches. You can redistribute a default route for the core AS (backbone) into the edge AS, or redistribute several static routes to the backbone into the edge system. Whenever there is two-way redistribution, however, filtering is often a necessary component of redistribution strategy. You can also tweak the administrative distance value assigned to the routes received so that they are not selected when more than one route exists to a destination network. The passive-interface CommandYou may remember the passive-interface command from your CCNA studies. It is commonly used to keep routing updates from being sent out of an interface, while still allowing the designated interface to receive update messages. The passive-interface command is also often used in the redistribution process with the OSPF to stop the router from establishing an adjacency with another router connected on the same interface as the link identified in the passive-interface command. You should not activate OSPF on the interfaces that should not be participating in OSPF. With EIGRP, all a router has to see is a hello packet from a peer, and it begins sending out its routing table through update packets. There is no requirement for two-way communications in EIGRP as there is in OSPF. Because the Hello protocol is used to confirm the two-way exchange between the routers, an adjacency relationship is not created. A router that is configured to refrain from sending updates does not take part in the two-way communication process of link-state protocols or EIGRP. After you determine which router protocol and interfaces from which you want to prevent the sending of updates, you use the following sample syntax in router configuration mode: RouterA(config-router)# passive-interface Serial0.1
The ip default-network CommandYou can also configure a default route for protocols on a Cisco router by issuing the global configuration ip default-network command. The ip default-network command is used specifically to let other internal routers know how to get to networks outside the internetwork through another major network. The command doesn't offer any real functionality for the configured router. When you use the ip default-network command, you specify a network that is in your current routing table as the default path to take. The syntax for the ip default-network command is RouterA(config)# ip default-network network-number The configuration of the RIP router could look something like this: Router rip network 10.10.0.0 network 172.16.0.0 ! ip classless ip default-network 10.10.0.0 As a result, RIP sources a default route in the routing table which appears as 0.0.0.0 0.0.0.0 to its RIP neighbors. For example, assuming the IP address of the next-hop router was 10.20.1.2, the output snippet from the show ip route command would look like something like this: <Output Omitted> Gateway of last resort is 10.20.1.2 to network 0.0.0.0 <Output Omitted> R* 0.0.0.0/0 [120/1] via 10.20.1.2, 00:00:17, Ethernet0
The number of redistribution scenarios is almost unlimited. However, a typical configuration might be EIGRP running as the backbone (core) routing protocol with RIPv2 as the edge (or transitional) protocol, as shown in Figure 10.3. Figure 10.3. A typical redistribution scenario with an EIGRP backbone and RIPv2 at the edge.
In the following scenario represented in Figure 10.4, you want the OSPF core network (the backbone) to be aware of all the routes in every AS, so you configure redistribution on RouterA1 and RouterB1 so that two summarized routes, 10.10.0.0/24 and 192.168.0.0/24, are redistributed into OSPF. Both these routes are summaries of the many smaller subnets contained in the RIP areas. You also want the RIPv2 routing domains to know about only their internal edge areas and a default route to get to the backbone. Therefore, you have the ASBR's RouterA1 and RouterB1 running both routing protocols and injecting the default route into the RIP domains. Figure 10.4. A more elaborate redistribution scenario with an OSPF backbone and RIPv2 at the edge.
The internal RIP routers in networks 10.10.0.0/24 and 192.168.0.0/24 (A2 and A3, B2 and B3) do not need any redistribution configured because they are only loaded with RIPv2. We do not need these routers to learn any specific external route because the default gateway will do. It is important to mention that extreme care should be taken when redistributing from a classful protocol, such as RIPv1 or IGRP, to a classless protocol, such as OSPF. As you know, classful protocols are not capable of VLSM and are unable to advertise subnet mask information. You must issue the classless global configuration command ip classless on all the RIP routers if they are not already so configured. By default, classful routing protocols, such as RIP and IGRP, throw out packets that are intended for unrecognized or non-connected subnets of a classful network to which they are directly attached. If the RIP router has no entry in its routing table for the non-connected subnet, then the destination network is considered nonexistent. As a result, the router ignores any default route in its routing table and drops the packet. Classful routing protocols take for granted that any subnets of a directly attached major network should appear in its routing table.
In classless routing mode, a RIP router uses the default route when it is unable to reach subnets that do not appear in the routing table. In Figure 10.4, the ip classless command enables the Cisco IOS to forward data packets meant for unrecognized subnets (the 10.10.0.0 subnets, for example) of directly connected networks to the optimal supernetted route, possibly the default route itself.
Along these same lines, you must use the subnets keyword when configuring redistribution on ASBR RouterA to redistribute all subnetted and non- subnetted networks into OSPF. Even though it is automatically enabled, you do not specifically need the ip classless setting on RouterA1 because you are running OSPF. You can see the configuration of ASBR RouterA1 from Figure 10.4 in Listing 10.3. Listing 10.3 Configuration for ASBR RouterA1<Output Omitted> ! RouterA1(config)# router ospf 300 RouterA1(config-router)# redistribute rip metric 30 subnets RouterA1(config-router)# network 172.16.31.1 0.0.0.0 area 0 ! RouterA1(config)# router rip RouterA1(config-router)# network 10.0.0.0 ! RouterA1(config)# no ip classless RouterA1(config)# ip default-network 10.0.0.0 ! <Output Omitted> In Listing 10.3, the statement redistribute rip metric 30 subnets specifies that route updates originating from the RIP routing domain should be assigned an OSPF cost value of 30. The subnets keyword tells the router to consider subnets (in the RIP domain) as qualified for redistribution. The ip default-network command is intended to relieve administrators of the necessity of manually configuring static default routes on every router in a routing domain. After you configure redistribution on ASBR RouterA1, you can issue the show ip route command on RouterA1 and see something similar to Listing 10.4. Listing 10.4 Routing Table of ASBR RouterA1 After Configuring RedistributionRouterA1# show ip route <Output Omitted> * 10.10.0.0/24 is subnetted, 6 subnets C 10.10.3.0 is directly connected, Serial0 O E2 10.20.1.0 [110/30] via 172.16.31.2, 00:23:42, Ethernet0 C 10.10.2.0 is directly connected, Serial1 R 10.10.1.0 [120/1] via 10.10.3.1, 00:00:07, Serial0 [120/1] via 10.10.2.1, 00:00:15, Serial1 O E2 10.20.2.0 [110/30] via 172.16.31.2, 00:23:42, Ethernet0 O E2 10.20.3.0 [110/30] via 172.16.31.2, 00:23:42, Ethernet0 172.16.0.0/24 is subnetted, 1 subnets C 172.16.31.0 is directly connected, Ethernet0 We need to follow up on the previous discussion of the ip default-network command. The internal RIPv2 routers in network 10.10.0.0/24 have a default entry to external networks through the internal interface 10.10.2.2 on RouterA1, as follows : R* 0.0.0.0/0 [120/1] via 10.10.2.2, 00:00:17, Serial0 Implementing Route FiltersYou can leverage the Cisco IOS access list technology to filter inbound and outbound updates. The router goes through a five-step process to filter routes.
You can use both the access-list and distribute-list commands to filter inbound and outbound IP routes. One commonly used technique of route filtering involves identifying the network addresses that you want to filter, generating an access list to define the packet test for routing information, and then using the distribute-list command to implement the filtering policy. The complete syntax for the distribute-list out command is as follows: [View full width]
The access-list-number name parameter designates the standard access list number or name. The out keyword binds the access-list to outbound routing update messages. The interface-name parameter is an optional parameter that represents the interface name on which updates are filtered. OSPF outbound updates cannot be filtered on the way out of an interface . The routing-process parameter can be either a routing process number for OSPF or an AS number for IGRP/EIGRP. In Figure 10.5, the finance department in network 10.0.0.0 needs to be hidden (filtered) from the sales department at network 192.168.100.0. Figure 10.5. Using route redistribution filtering to hide the finance LAN from the sales LAN.
You can use the following snippet to filter out network 10.0.0.0 on RouterB: RouterB(config)# router eigrp 10 RouterB(config-router)# network 172.16.0.0 RouterB(config-router)# network 192.168.100.0 RouterB(config-router)# distribute-list 1 out s1 ! RouterB(config)# access-list 1 permit 172.16.1.1 0.0.255.255 The router configuration command distribute-list 1 out S1 applies access list number 1 to filter route redistribution of EIGRP updates sent outbound on Serial 1 to the sales LAN. The global configuration command access-list 1 permit 172.16.0.0 0.0.255.255 gives the access-list number, enables routes that match the parameters of the list, and provides the network and wildcard mask that is used to see which (the first two octets in this case) source addresses are qualified. This is not the only method that could be used for filtering out the finance LAN, but it shows how you can use the access-list and distribute-list in combination effectively.
The distance CommandYou can also use the distance command instead of the default-metric command to make sure that a router chooses an optimal path over a suboptimal path for redundant network routes. You can assure the selection of routes from the preferred protocol by assigning the other redundant route(s) a larger AD through the router configuration distance command. This also serves to reduce the incidence of loops between routing domains. The command syntax is a bit different for the EIGRP and BGP routing protocols. The syntax of the distance command for any supported routing protocol other than EIGRP or BGP is as follows: RouterA(config-router)# distance weight [address mask [access-list-number name]] [ ip ] The syntax for the EIGRP routing protocol, as follows, is somewhat different and is fully explained in Table 10.4: RouterA(config-router)# distance eigrp internal-distance external-distance The distance command is also different for the BGP routing protocol, with more similarity to EIGRP, as shown here: RouterA(config-router)# distance bgp internal-distance external-distance local-distance Tables 10.4 through Table 10.6 show the definitions of the various parameters for the distance command for the routing protocols mentioned previously. You may refer back to Table 10.1 as a reference as well. Table 10.4. distance Command Syntax Parameters for the BGP Routing Protocol
Table 10.5. distance Command Syntax Parameters for the EIGRP Routing Protocol
Table 10.6. distance Command Syntax Parameters for All Other Cisco-Supported Routing Protocols
For instance, if you want to assign a default administrative distance of 160 to routes that match an access list number of 30, and that come from any other router, you can issue the following command in router configuration mode: RouterA(config-router)# distance 160 0.0.0.0 255.255.255.255 30 The parameter of 160 represents the AD that designated routes are assigned. The 0.0.0.0 255.255.255.255 represents the source address (any router) of the device providing the routing update. Finally, the number 30 at the end of the command stands for access list number 30. This list filters incoming routing updates to decide which ones will have their AD numbers modified. |