Lab 23: Default Routing, Route Manipulation, and Filtering in EIGRP Networks-Part II

EIGRP Redistribution and Route Control

To filter routing updates in EIGRP, use a distribute list. A distribute list calls a standard or extended access list and filters routing updates accordingly . When redistributing one protocol into another, use the redistribute command along with a default metric. A route map should be used in place of a distribute list when controlling specific routes during the redistribution process. Redistribution happens automatically between IGRP and EIGRP when they are in the same autonomous systems.

• Router(config-router) distribute-list [ 1-199 ] [ in out ] [ interface ] ” Use this command to call a standard or extended access list to filter inbound or outbound routing updates. The in and out options always are applied from the view of the interface ”in other words, to prevent a routing update from being advertised out an interface, use the out option. To prohibit route updates from entering an interface, use the in option.

• Router(config-router) redistribute [ connected static bgp rip igrp ospf isis ] {metric} {route-map} ” Use this command to redistribute other routing protocols into EIGRP. A route map may be added for additional route control. An optional metric also can be supplied for routes originating from the routing protocol being redistributed that are different from the default metric. Whenever redistributing routes, remember that IP needs a route to and from a destination. Many times, mutual redistribution might be required to give IP a path to and from a destination.

  Router(config-router) default-metric [ bandwidth_kbps 1-4214748364 ] [ delay_ ms 1-4214748364 ] [ reliability 1-255 ] [ load 1-244 ] [ mtu 1-4214748364 ] ” Use this command to set the default metric of all routes redistributed into EIGRP. You must supply a default metric whenever redistributing. A common metric to use is default-metric 1544 100 254 1 1500. This metric tells the router to derive the composite metric from the values of bandwidth of 1544 and delay of 100; with a link that is 254 reliable, where 255 is 100 percent reliable; with a load of 1, or no load; and, finally, an MTU of 1500. Perhaps more important than the actual value of the default metric is the practice of using the same metric throughout the EIGRP domain so that all redistributed routes have the same weight.

The following subsets of commands are used to influence routing decisions made by EIGRP. Individual metrics can be modified in addition to the administrative distance of the EIGRP. Whenever you are influencing a specific link's metric, use the delay command over the bandwidth command. Both may be used; however, recall that OSPF also is affected by bandwidth, whereas delay affects only IGRP and EIGRP.

• Router(config-router) metric weights 0 k1 k2 k3 k4 k5 ” This command allows you to set the weight of the EIGRP metric in terms of bandwidth, load, delay, and reliability. Change these values with extreme caution; EIGRP will not form neighbors with mismatched K values.

• Router(config-router) distance [ 1-255 ] adjacent_neighbors_ip_address wildcard_ mask [access_list_0-99] ” Use this command to change the administrative distance of routes received from a neighbor. If the IP address and wildcard mask are omitted, all routes for that protocol will be set to the distance value.

• Router(config-if)delay [ 1-4214748364 ] ” Specifies the delay of an interface in tens of microseconds. This command is used only by routing protocols and does not affect traffic on the link.

• Router(config-if) bandwidth [ bandwidth_kbps 1-4214748364 ] ” Specifies the bandwidth of an interface in kilobits per second. This command is used only by routing protocols and does not affect traffic on the link.

• Router(config-router) passive-interface interface_name ” Prevents the sending of EIGRP hellos on the link. This command operates differently on EIGRP than on IGRP. Because hellos are suppressed, no neighbors are formed ; therefore, no routing updates are sent or received.

• Router(config-router) offset-list [ access_list_0-99 { in out } offset [ metric_offset_ 1-214748364 ] [ interface ] ” Used to increase the value of the routing metrics. The metric offset cannot exceed 214748364. The offset list is applied in the same way as it is in RIP, using the EIGRP metric. For an example of the application of the offset list, see Chapter 9, "Distance Vector Protocols: Routing Information Protocol Versions 1 and 2 (RIP-1 and RIP-2).

Practical Example: Applying EIGRP Redistribution

Let's apply some of these concepts to a practical model in route redistribution and control. The model in Figure 11-6 shows three routing domains. The canada routers and the Frame Relay network reside in the EIGRP domain. Across the Frame Relay network reside two other routing domains; the mexico routers are in an IGRP domain, while the usa routers reside in an OSPF domain.

You must verify two things within the routing domains to allow IP end-to-end connectivity:

• Notice that the IGRP domain is on a 24-bit boundary. This means that when the IGRP domain receives a route, it must exist on a major bit boundary or a 24-bit boundary for the interface to accept that route.

• Mutual redistribution must occur between EIGRP and IGRP, and EIGRP and OSPF.

Beginning with the configuration for the canada_1 router, you can follow the three-step process for configuring EIGRP as listed earlier in this chapter. First, all EIGRP routers are in the autonomous system 2001; therefore, you will use this as the Autonomous System ID. Second, the networks that you are running EIGRP on reside in the major network of 172.16.0.0, which you will use in the network command. The third step is optional; in this case, however, you are configuring EIGRP over Frame Relay, so it's a good idea to add the bandwidth commands under the serial subinterfaces. In this model, you will set the bandwidth equal to the port speed of the remote routers Frame Relay interface. Example 11-14 lists the configuration of the canada_1 router.

Example 11-14 Configuration of the canada_1 Router

 hostname canada_1 ! interface Serial0  no ip address   encapsulation frame-relay   no ip mroute-cache   !   interface Serial0.1 point-to-point   ip address 172.16.1.1 255.255.255.0    bandwidth 64  EIGRP bandwidth set    frame-relay interface-dlci 110   !   interface Serial0.2 point-to-point   ip address 172.16.2.1 255.255.255.0    bandwidth 64  EIGRP bandwidth set    frame-relay interface-dlci 130   !   interface TokenRing0   ip address 172.16.3.1 255.255.255.0   ring-speed 16   !    router eigrp 2001  EIGRP routing enabled     network 172.16.0.0  Networks running EIGRP   

You can follow the same process to configure EIGRP for the mexico_1 and usa_1 routers, with a couple of minor differences. In both instances, you do not want to risk having any EIGRP neighbors automatically created on the Ethernet segments of these routers. To accomplish this, add the passive-interface ethernet 0 command under EIGRP for the mexico_1 and usa_1 routers. Example 11-15 lists the configuration thus far for the mexico_1 and usa_1 routers. For more information on the IGRP and OSPF configuration portions of the configuration, see Chapter 12, "Link-State Protocols: Open Shortest Path First (OSPF)."

Example 11-15 EIGRP Configuration of mexico_1 and usa_1 Routers

 hostname mexico_1 ! interface Ethernet0  ip address 172.16.5.5 255.255.255.0  no ip directed-broadcast ! interface Serial0  no ip address  no ip directed-broadcast  encapsulation frame-relay  no ip mroute-cache ! interface Serial0.1 point-to-point  ip address 172.16.1.5 255.255.255.0  no ip directed-broadcast  frame-relay interface-dlci 111 ! <<<Text omitted>>> ! router eigrp 2001  passive-interface Ethernet0  network 172.16.0.0 ! router igrp 2000  passive-interface Serial0.1  network 172.16.0.0 <<<Text omitted>>> _______________________________________________________________________ hostname usa_1 ! interface Ethernet0  ip address 172.16.6.6 255.255.255.0 ! interface Serial0  no ip address  encapsulation frame-relay ! interface Serial0.1 point-to-point  ip address 172.16.2.6 255.255.255.0  frame-relay interface-dlci 131 ! <<<Text omitted>>> ! router eigrp 2001  passive-interface Ethernet0  network 172.16.0.0 ! router ospf 69  network 172.16.6.6 0.0.0.0 area 0 <<<Text omitted>>> 

At this point, you should have full IP connectivity within the EIGRP routing domain. To verify this, perform a show ip route combined with the show ip eigrp neighbors command on the canada_1 router, as demonstrated in Example 11-16.

Example 11-16 Verifying EIGRP Routing

 canada_1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set      172.16.0.0/24 is subnetted, 5 subnets D       172.16.5.0 [90/40537600] via 172.16.1.5, 00:45:58, Serial0.1 D       172.16.6.0 [90/40537600] via 172.16.2.6, 00:45:58, Serial0.2 C       172.16.1.0 is directly connected, Serial0.1 C       172.16.2.0 is directly connected, Serial0.2 C       172.16.3.0 is directly connected, TokenRing0 D    182.16.0.0/16 [90/304128] via 172.16.3.3, 00:43:27, TokenRing0 canada_1# canada_1#  show ip eigrp neighbors  IP-EIGRP neighbors for process 2001 H   Address                 Interface   Hold Uptime   SRTT   RTO  Q  Seq                                         (sec)         (ms)       Cnt Num 2   172.16.3.3              To0           11 00:43:36  685  4110  0  3 1   172.16.2.6              Se0.2         14 1d06h      48  2280  0  28 0   172.16.1.5              Se0.1         12 1d06h      29  2280  0  23 canada_1# 

The important elements of the output that you are looking for are that route 172.16.5.0/24 is reported through 172.16.1.5, route 172.16.6.0/24 is reported through 172.16.2.6, and 182.16.3.0/24 and 182.16.4.0/24 are reported through 172.16.3.3. Because of EIGRP autosummarization, 182.16.3.0/24 and 182.16.4.0 will be summarized at its natural 16 bit-boundary when these routes are advertised out the canada_2 Token Ring interface. The show ip eigrp neighbors command verifies that EIGRP adjacencies have been formed between canada_1 and the other two routers.

To allow EIGRP connectivity to the OSPF routing domain, you must mutually redistribute between EIGRP and OSPF on the usa_1 router. There is only one redistribution point for EIGRP and OSPF, so you do not have to take into account "route feedback" or redistribution loops . Example 11-17 shows the configuration of the usa_1 router.

Example 11-17 Redistribution Configuration Portion of usa_1

 ! router eigrp 2001  redistribute ospf 69  passive-interface Ethernet0  network 172.16.0.0  default-metric 1544 100 254 1 1500 ! router ospf 69  redistribute eigrp 2001 subnets  network 172.16.6.6 0.0.0.0 area 0  default-metric 100 ! 

The OSPF routes 192.168.3.0/24 and 192.168.4.0/24 now appear as external EIGRP routes on the canada_1 router. Likewise, all EIGRP routes appear as OSPF external Type 2 routes on the usa_2 router.

Mutual redistribution also must be performed between the EIGRP and IGRP routing domains on the mexico_1 router. If the IGRP routing domain was in the same autonomous system as EIGRP, redistribution would not be necessary because it would occur automatically. Example 11-18 shows the configuration of the mexico_1 router.

Example 11-18 Redistribution Configuration portion of mexico_1

 ! router eigrp 2001  redistribute igrp 2000  passive-interface Ethernet0  network 172.16.0.0  default-metric 1544 100 254 1 1500 ! router igrp 2000  redistribute eigrp 2001  passive-interface Serial0.1  network 172.16.0.0  default-metric 1544 100 254 1 1500 ! 

The route table for the mexico_2 router now shows all the appropriate routes for every network in the model. Example 11-19 shows the route table of mexico_2.

Example 11-19 Route Table of the mexico_2 Router After Redistribution

 mexico_2#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set      172.16.0.0/24 is subnetted, 5 subnets C       172.16.5.0 is directly connected, Ethernet0/0 I       172.16.6.0 [100/10676] via 172.16.5.5, 00:00:16, Ethernet0/0 I       172.16.1.0 [100/8576] via 172.16.5.5, 00:00:16, Ethernet0/0 I       172.16.2.0 [100/10576] via 172.16.5.5, 00:00:16, Ethernet0/0 I       172.16.3.0 [100/8639] via 172.16.5.5, 00:00:16, Ethernet0/0 I    192.168.4.0/24 [100/10676] via 172.16.5.5, 00:00:16, Ethernet0/0 I    182.16.0.0/16 [100/9139] via 172.16.5.5, 00:00:16, Ethernet0/0 I    192.168.3.0/24 [100/10676] via 172.16.5.5, 00:00:16, Ethernet0/0 mexico_2# 

The redistribution in this model was relatively straightforward because all the networks in the model either are on a 24-bit boundary or are automatically summarized on a 24-bit boundary. EIGRP automatically summarizes at a major bit boundary when advertising or redistributing. During redistribution into IGRP, EIGRP automatically summarized the network 192.168.4.0/24 because it is on a 24-bit boundary along with 192.168.3.0/24. The network 182.16.0.0 was summarized when it was advertised out the s0.1 and s0.2 interfaces.

It is important to note that if the IP address of the advertising interface is in the same major class boundary as the route being advertised, automatic summarization will not occur. For example, if the router were advertising 172.16.100.0/30 out an interface with an IP address of 172.16.10.1/24, EIGRP would not summarize the route at its natural bit boundary. If the same network, 172.16.100.0/24, was advertised out an interface with the IP address of 172.17.10.1/24, EIGRP would advertise only the summary route 172.16.0.0/16, as seen in the previous model.

As you will see in the upcoming section on EIGRP summarization, we will make some subtle changes to the IP address structure, which will force the use of manual summarization before redistribution will work correctly.

Practical Example: Applying EIGRP Route Control

Now that you have a working IP network, let's examine route control through the application of route maps and distribution lists using the network in Figure 11-6 as the model again. On the usa_1 router, you will apply a distribution list preventing the route 192.168.3.0/24 from being advertised by EIGRP to the entire EIGRP domain. To carry out this task, use the distribute-list router command; apply an access list denying 192.168.3.0/24, while allowing other routes to be advertised. Example 11-20 highlights the configuration of the usa_1 router, allowing EIGRP to advertise only the 192.168.3.0/24 route.

Example 11-20 Application of Distribution List

 router eigrp 2001  redistribute ospf 69  passive-interface Ethernet0  network 172.16.0.0  default-metric 1544 100 254 1 1500   distribute-list 10 out Serial0.1     Apply access list 10 to interface s0.1  ! router ospf 69  redistribute eigrp 2001 subnets  network 172.16.6.6 0.0.0.0 area 0  default-metric 100 ! ip classless  access-list 10 deny   192.168.3.0 0.0.0.255  deny route 192.168.3.0/24   access-list 10 permit any  allow all other routes to pass  ! 

Whenever you are controlling routing updates from one routing protocol to another, use a route map. In this model, a route map is used to prohibit the OSPF route of 172.16.6.0/24 from being redistributed from EIGRP into IGRP. The route map is called from the redistribution command in IGRP; the route map then calls and permits routes that match access list 11. Example 11-21 lists the configuration of the mexico_1 router using a route map to filter the route 172.16.6.0/24.

Example 11-21 Calling a Route Map During Redistribution on mexico_1

 router eigrp 2001  redistribute igrp 2000  passive-interface Ethernet0  network 172.16.0.0  default-metric 1544 100 254 1 1500 ! router igrp 2000  redistribute eigrp 2001 route-map noospf  call route map named noospf  passive-interface Serial0.1  network 172.16.0.0  default-metric 1544 100 254 1 1500 ! ip classless !  access-list 11 deny   172.16.6.0 0.0.0.255  deny 172.16.6.0/24  access-list 11 permit any route-map noospf permit 10  match ip address 11  allow routes that pass access list 11  ! 

The route table on the mexico_2 router now shows only one route from the OSPF domain 192.168.4.0. Compare the output in Example 11-22 with that of Example 11-19 to see the application of the route map and distribution list.

Example 11-22 The Route Table of mexico_2 After Route Filtering

 mexico_2#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set      172.16.0.0/24 is subnetted, 4 subnets C       172.16.5.0 is directly connected, Ethernet0/0 I       172.16.1.0 [100/8576] via 172.16.5.5, 00:00:51, Ethernet0/0 I       172.16.2.0 [100/10576] via 172.16.5.5, 00:00:51, Ethernet0/0 I       172.16.3.0 [100/8639] via 172.16.5.5, 00:00:51, Ethernet0/0 I    192.168.4.0/24 [100/10676] via 172.16.5.5, 00:00:51, Ethernet0/0 I    182.16.0.0/16 [100/9139] via 172.16.5.5, 00:00:51, Ethernet0/0 mexico_2#