Being that the two way redistribution training gets into route tagging and other fun concepts, I want to just get an easy lab configuration under my belt to get myself started, and will just be working with R3 and R4 as no other routers can see the OSPF routes except R3 after I do this:
R3(config-router)#no redistribute ospf 1
R3(config-router)#do ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R3(config-router)#do sh ip ospf nei
Neighbor ID Pri State Dead Time Address Interface
172.12.44.4 0 FULL/ – – 172.12.34.4 OSPF_VL0
172.12.44.4 1 FULL/DR 00:00:39 172.12.34.4 FastEthernet0/1
R3(config-router)#
However, they are still neighbors and can ping, so that is a good deal, and lets see what happened to R4:
R4#sh ip route
Gateway of last resort is not set
3.0.0.0/32 is subnetted, 1 subnets
O E2 3.3.3.3 [110/20] via 172.12.34.3, 00:02:36, FastEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback4
O E2 5.0.0.0/8 [110/20] via 172.12.34.3, 00:17:32, FastEthernet0/1
33.0.0.0/24 is subnetted, 1 subnets
O E2 33.33.33.0 [110/20] via 172.12.34.3, 00:00:09, FastEthernet0/1
172.12.0.0/16 is variably subnetted, 6 subnets, 2 masks
O E2 172.12.15.0/24 [110/20] via 172.12.34.3, 00:17:32, FastEthernet0/1
C 172.12.34.0/24 is directly connected, FastEthernet0/1
L 172.12.34.4/32 is directly connected, FastEthernet0/1
C 172.12.44.0/24 is directly connected, Loopback44
L 172.12.44.4/32 is directly connected, Loopback44
O E2 172.12.123.0/24 [110/20] via 172.12.34.3, 00:17:32, FastEthernet0/1
R4#
Now we’ve got a party! I have added two loopback interfaces to R3 inside the RIP domain to work with as well, I don’t think I will touch anything but metrics, but we shall see what we can break along the way. So in order I must to make the route map
- Create ACL’s for all networks to be adjusted
- Create a route-map sequence for each ACL to set clauses for the route / network
- Remove the Redistribute command entirely, and re-apply it with the route-map
In the video series I had watched, the ACL’s were all configured first to completion, then route-map clauses to completion, and then applied to the redistribution – I am not going to do that. I am going to start a couple of ACL’s, a route-map with a couple of clauses, and applying that route-map to the redistribution and adding to it from there.
One of the more interesting things to me will be what happens with all these routes without clauses, and no catch-all statement, and what happens if I put a catch all statement on a route-map with a lower sequence # than other policies I will later add with higher sequence numbers. It is about to get thick 🙂
So first off, I’d like to know the true distance to our routes 172.12.15.0 and 5.0.0.0 right off the bat, but will point out some things along the way:
R3(config)#access-list 5 permit 5.0.0.0 0.255.255.255
R3(config)#access-list 15 permit 172.12.15.0 0.0.0.255
R3(config)#route-map RIP2OSPF permit ?
Sequence to insert to/delete from existing route-map entry
R3(config)#route-map RIP2OSPF permit 10
R3(config-route-map)#?
Route Map configuration commands:
continue Continue on a different entry within the route-map
default Set a command to its defaults
description Route-map comment
exit Exit from route-map configuration mode
help Description of the interactive help system
match Match values from routing table
no Negate a command or set its defaults
set Set values in destination routing protocol
R3(config-route-map)#
As seen the 2 ACL’s are made for those networks with permit statements, as any traffic deny statements will be implemented as a sequence on the route-map. As can also be seen they are called sequences, I assume it works the same as extended ACL #’s for lines, that will be the focus of lab session part 2. They can also be clauses without matching an ACL or setting parameters, such as the catch all clause demonstrated below.
So I may call them sequences or clauses, was the shorter version of that 🙂
Another thing I chose to highlight, as of now in my learning I will be using match, and set in route-map configuration. You may be asking how I will use them, and let me show you with some information poked in between output:
R3(config-route-map)#match ?
as-path Match BGP AS path list
clns CLNS information
community Match BGP community list
extcommunity Match BGP/VPN extended community list
interface Match first hop interface of route
ip IP specific information
ipv6 IPv6 specific information
length Packet length
local-preference Local preference for route
metric Match metric of route
mpls-label Match routes which have MPLS labels
nlri BGP NLRI type
policy-list Match IP policy list
route-type Match route-type of route
source-protocol Match source-protocol of route
tag Match tag of route
R3(config-route-map)#match ip ?
address Match address of route or match packet
next-hop Match next-hop address of route
route-source Match advertising source address of route
R3(config-route-map)#match ip address ?
IP access-list number
IP access-list number (expanded range)
WORD IP access-list name
prefix-list Match entries of prefix-lists
R3(config-route-map)#match ip address 5
R3(config-route-map)#
I highlighted both where the config line currently is among all the output, and the command needed next to get to the access-list, which is funny to me that it couldn’t just be match access-list x – It had to be hidden in “match ip address (acl #)” for some reason.
So I have used “match” to define the route(s) that will be effected by this sequence of the route-map, now to use “set” to define how to adjust it, and here is a glimpse of why we will only touch metrics in this lab:
R3(config-route-map)#set ?
as-path Prepend string for a BGP AS-path attribute
automatic-tag Automatically compute TAG value
clns OSI summary address
comm-list set BGP community list (for deletion)
community BGP community attribute
dampening Set BGP route flap dampening parameters
default Set default information
extcommunity BGP extended community attribute
interface Output interface
ip IP specific information
ipv6 IPv6 specific information
level Where to import route
local-preference BGP local preference path attribute
metric Metric value for destination routing protocol
metric-type Type of metric for destination routing protocol
mpls-label Set MPLS label for prefix
nlri BGP NLRI type
origin BGP origin code
tag Tag value for destination routing protocol
traffic-index BGP traffic classification number for accounting
vrf Define VRF name
weight BGP weight for routing table
R3(config-route-map)#set
Yeah… So for now I am going to set both sequences with clauses that will turn those routes into a E1 routes to get their real metric rather than the default / seed metric of 20:
R3(config-route-map)#set metric-type ?
external IS-IS external metric
internal IS-IS internal metric or Use IGP metric as the MED for BGP
type-1 OSPF external type 1 metric
type-2 OSPF external type 2 metric
R3(config-route-map)#set metric-type type-1 ?
R3(config-route-map)#set metric-type type-1
R3(config-route-map)#route-map RIP2OSPF permit 15
R3(config-route-map)#match ip address 15
R3(config-route-map)#set metric-type type-1
R3(config-route-map)#
I wanted to show the output of the metric-type on here even though the acronym might get me on the NSA’s list, to show that you will want to choose either type-1 (E1) or type-2 (E2) for OSPF, while the internal / external is for IS-IS routing protocol.
So now that everything is set with no catch-all permit clause, lets apply the Redistribution and see what happens:
R3(config-router)#no redistribute rip subnets
R3(config-router)#
ASR#4
[Resuming connection 4 to r4 … ]
R4#sh ip route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback4
O E2 5.0.0.0/8 [110/20] via 172.12.34.3, 00:57:11, FastEthernet0/1
172.12.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.12.34.0/24 is directly connected, FastEthernet0/1
L 172.12.34.4/32 is directly connected, FastEthernet0/1
C 172.12.44.0/24 is directly connected, Loopback44
L 172.12.44.4/32 is directly connected, Loopback44
R4#clear ip route *
R4#sh ip route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback4
O E2 5.0.0.0/8 [110/20] via 172.12.34.3, 00:00:03, FastEthernet0/1
172.12.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.12.34.0/24 is directly connected, FastEthernet0/1
L 172.12.34.4/32 is directly connected, FastEthernet0/1
C 172.12.44.0/24 is directly connected, Loopback44
L 172.12.44.4/32 is directly connected, Loopback44
R4#
So apparently R5’s loopback of 5.5.5.5 is still being redistributed, even after I obviously typed “no redistribute rip subnets” into OSPF configuration on R3? ARE YOU READY FOR ONE OF CISCO’S GOTCHA’S THAT YOU MIGHT SEE ON AN EXAM?
R3#sh ip proto
Routing Protocol is “ospf 1”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 172.12.33.3
It is an area border and autonomous system boundary router
Redistributing External Routes from,
rip
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
172.12.33.0 0.0.0.255 area 0
172.12.34.0 0.0.0.255 area 34
Reference bandwidth unit is 100 mbps
Routing Information Sources:
Gateway Distance Last Update
172.12.44.4 110 00:44:19
Distance: (default is 110)
Routing Protocol is “rip”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 19 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 1, receive any version
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 1 1 2
FastEthernet0/1 1 1 2
Serial0/2 1 1 2
Serial0/3 1 1 2
Loopback3 1 1 2
Loopback33 1 1 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
3.0.0.0
33.0.0.0
172.12.0.0
Routing Information Sources:
Gateway Distance Last Update
172.12.123.1 120 00:00:17
Distance: (default is 120)
SNEAKY, SNEAKY CISCO! As policy moving forward as I don’t imagine I typed redistribute rip without adding the subnets command, when you remove redistribution that includes subnets as an option, remove it both as “no redistribute connected subnets” AND “no redistribute connected” and verify with “sh ip proto” to confirm they are gone.
**So remember, if the redistribution includes ‘subnets’ remove it both with subnets on the command and without it tagged on the command to be thorough**
So I will correct this, and get R4’s external routes at a complete stop:
R3#conf t
R3(config)#router ospf 1
R3(config-router)#no redistribute rip
R3(config-router)#
ASR#4
[Resuming connection 4 to r4 … ]
R4#sh ip route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback4
172.12.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.12.34.0/24 is directly connected, FastEthernet0/1
L 172.12.34.4/32 is directly connected, FastEthernet0/1
C 172.12.44.0/24 is directly connected, Loopback44
L 172.12.44.4/32 is directly connected, Loopback44
R4#
And now on R3, I will apply the route-map, and see what happens:
R3(config-router)#redistribute rip subnets ?
metric Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
route-map Route map reference
tag Set tag for routes redistributed into OSPF
R3(config-router)#redistribute rip subnets route-map ?
WORD Pointer to route-map entries
R3(config-router)#redistribute rip subnets route-map RIP2OSPF ?
metric Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
tag Set tag for routes redistributed into OSPF
R3(config-router)#redistribute rip subnets route-map RIP2OSPF
R3(config-router)#
There is our friends metric-type in the redistribution command for the same protocols mentioned in route maps. So lets see how R4 took that route-mapping so far:
R4#show ip route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback4
O E1 5.0.0.0/8 [110/21] via 172.12.34.3, 00:01:43, FastEthernet0/1
172.12.0.0/16 is variably subnetted, 5 subnets, 2 masks
O E1 172.12.15.0/24 [110/21] via 172.12.34.3, 00:01:43, FastEthernet0/1
C 172.12.34.0/24 is directly connected, FastEthernet0/1
L 172.12.34.4/32 is directly connected, FastEthernet0/1
C 172.12.44.0/24 is directly connected, Loopback44
L 172.12.44.4/32 is directly connected, Loopback44
R4#
Very interesting, that catch all “permit clause” really is needed like an ACL, as all other routers took a hike, and I am not quite sure how it came up with 21 as the true metric unless it just took the seed / default and RIP added it’s metric (1 hop) to the destination.
This little bit of accomplishment was actually more work than I anticipated, so I am going to call it a night here now that I know we need to define some more sequences / clauses to bring in some more routes, and have a bit more fun with configuring the route-map so I will wr mem and pick up where I left off tomorrow.
The DEVNET GRIND! 