single-point_2way_redist_3routers_new

Boy do I feel stupid. After spending hours of scratching my head at why this is not working yet, as OSPF seems to be gettings tags but RIP is not, that is when I really put my work under a microscope and found that I was applying OSPF2RIP in OSPF router config and the other way around (I think). I have no other way to logically explain why they are working today, as they actually didn’t work earlier as well after “wr er” / “reload” / reconfigure.

So I stripped all redistribution off, deleted the route-maps, and started from square 1, again. Then when I was struggling to remember which way it went with applying what route-map to which protocol, I might have been on auto-pilot last night and completely overlooked that as the issue!

So here is how I applied a fix for that:

R3(config-router)#router ospf 1
R3(config-router)#redistribute rip subnets route-map RIP2OSPF
R3(config-router)#router rip

R3(config-router)#redistribute ospf 1 route-map OSPF2RIP metric 2
R3(config-router)#do sh route-map
route-map OSPF2RIP, permit, sequence 10
  Match clauses:
  Set clauses:
    tag 10
  Policy routing matches: 0 packets, 0 bytes
route-map RIP2OSPF, permit, sequence 10
  Match clauses:
  Set clauses:
    tag 20
  Policy routing matches: 0 packets, 0 bytes

And this is where I was able to verify and FINALLY see the results I was looking for(!!!):
R3(config-router)#
ASR#3
[Resuming connection 3 to r4 … ]

R4#show ip route ospf

Gateway of last resort is not set

      5.0.0.0/24 is subnetted, 1 subnets
O E2     5.5.5.0 [110/20] via 172.12.34.3, 00:02:47, FastEthernet0/1
      172.12.0.0/16 is variably subnetted, 4 subnets, 2 masks
O E2     172.12.15.0/24 [110/20] via 172.12.34.3, 00:02:47, FastEthernet0/1
O E2     172.12.123.0/24 [110/20] via 172.12.34.3, 00:02:47, FastEthernet0/1
R4#show ip route 5.5.5.5
Routing entry for 5.5.5.0/24
  Known via “ospf 1”, distance 110, metric 20
  Tag 20, type extern 2, forward metric 1
  Last update from 172.12.34.3 on FastEthernet0/1, 00:02:05 ago
  Routing Descriptor Blocks:
  * 172.12.34.3, from 3.3.3.3, 00:02:05 ago, via FastEthernet0/1
      Route metric is 20, traffic share count is 1
      Route tag 20

ASR#1
[Resuming connection 1 to r1 … ]

R1#show ip route rip
     4.0.0.0/32 is subnetted, 1 subnets
R       4.4.4.4 [120/2] via 172.12.123.3, 00:00:00, Serial0/0
     172.12.0.0/24 is subnetted, 3 subnets
R       172.12.34.0 [120/1] via 172.12.123.3, 00:00:00, Serial0/0
     40.0.0.0/32 is subnetted, 1 subnets
R       40.40.40.1 [120/2] via 172.12.123.3, 00:00:00, Serial0/0
     44.0.0.0/32 is subnetted, 1 subnets
R       44.44.44.1 [120/2] via 172.12.123.3, 00:00:00, Serial0/0
R1#show route 4.4.4.4
route-map 4.4.4.4 not found
R1#show ip route 4.4.4.4
Routing entry for 4.4.4.4/32
  Known via “rip”, distance 120, metric 2
  Tag 10
  Redistributing via rip
  Last update from 172.12.123.3 on Serial0/0, 00:00:16 ago
  Routing Descriptor Blocks:
  * 172.12.123.3, from 172.12.123.3, 00:00:16 ago, via Serial0/0
      Route metric is 2, traffic share count is 1
      Route tag 10

R1#

OSPF is showing up as tag 10 on the RIP side, and RIP routes as tagged 20 on the OSPF side. Now I am going to try redistributing connected routes with these same route-maps and see if that breaks anything, and if not we will cap it off by adding some deny statements in our route-maps:

R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#router rip
R3(config-router)#redistribute connected route-map OSPF2RIP metric 3
R3(config-router)#router ospf 1
R3(config-router)#redistribute connected subnets route-map RIP2OSPF
R3(config-router)#

And now to pray I have some routes on R1:
R1#sh ip route rip
     3.0.0.0/32 is subnetted, 1 subnets
R       3.3.3.3 [120/3] via 172.12.123.3, 00:00:22, Serial0/0
     4.0.0.0/32 is subnetted, 1 subnets
R       4.4.4.4 [120/2] via 172.12.123.3, 00:00:22, Serial0/0
     172.12.0.0/24 is subnetted, 3 subnets
R       172.12.34.0 [120/1] via 172.12.123.3, 00:00:22, Serial0/0
     40.0.0.0/32 is subnetted, 1 subnets
R       40.40.40.1 [120/2] via 172.12.123.3, 00:00:22, Serial0/0
     44.0.0.0/32 is subnetted, 1 subnets
R       44.44.44.1 [120/2] via 172.12.123.3, 00:00:22, Serial0/0
R1#

This is a sweet roll to be on, where was this last night! I think it was both that I was getting the route-map’s named mixed up, and I was relying too much on how it was worded rather than what actions were happening. It took a mix of “show ip proto” / “sh route-map / “sh run” (which I wouldn’t count on for exam day) to read the route maps and how they will impact each other as explained below.

I will now attempt to do one more thing, add deny’s into the route maps, which is really the core of this lesson is using tags to stop route leaks or route loops from forming. Both route-maps have a “permit 10” sequence #, with a “set tag 10/20” to define ‘let all the traffic through but apply this tag to it’.

However the trick to this is placing the deny sequence # lower than the permit / set tag sequence for it to filter traffic, otherwise it will just hit the ‘let everything through with a tag’ clause and skip the deny clause, so this is why you want to plan for both current and future growth of sequences. So  will make these both sequence 5, so I have 1-4 and 6-9 to add additional clauses as needed

**REMEMBER YOU WANT TO WRITE ‘PERMIT’ SEQUENCES TO ‘SET’ A TAG FOR ROUTES, AND WRITE ‘DENY’ SEQUENCES TO ‘MATCH’ THE TAG # TO BE FILTERED!!**

Now I am done yelling at myself lets get back to configuring:

R3(config-router)#exit
R3(config)#route-map OSPF2RIP deny 5
R3(config-route-map)#match tag 10
% “OSPF2RIP” used as redistribute connected into rip route-map, tag match not supported
R3(config-route-map)#route-map RIP2OSPF deny 5
R3(config-route-map)#match tag 20
% “RIP2OSPF” used as redistribute connected into ospf route-map, tag match not supported

As you can see by the complaints we got from the console about connected routes, that they are already active, and as soon as I hit enter to “match” the tag # to on the route-maps deny list, it kicked out the message about connected routes don’t support tag matching.

So lets once more see if R1 survived this change:

R1#show ip route rip
     4.0.0.0/32 is subnetted, 1 subnets
R       4.4.4.4 [120/2] via 172.12.123.3, 00:00:14, Serial0/0
     172.12.0.0/24 is subnetted, 3 subnets
R       172.12.34.0 [120/1] via 172.12.123.3, 00:00:15, Serial0/0
     40.0.0.0/32 is subnetted, 1 subnets
R       40.40.40.1 [120/2] via 172.12.123.3, 00:00:15, Serial0/0
     44.0.0.0/32 is subnetted, 1 subnets
R       44.44.44.1 [120/2] via 172.12.123.3, 00:00:15, Serial0/0

Amazing, well that is going to do it for me today, that was relatively easy, just be sure to watch how you are applying those route-map’s, AND NAME THEM AS INTUITIVELY AS POSSIBLE to not make the mistakes I did.

For review of how it should look on the ASBR, I’m going to paste the running configuration below for future reference, and that is it for tonight and then onto PBR lessons :

R3#sh run
Building configuration…

Current configuration : 1588 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$.iVA$HbHo0g/PqIytO6Yf5XLAm1
!
no aaa new-model
!
resource policy
!
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
controller T1 0/0
 framing sf
 linecode ami
!
controller T1 0/1
 framing sf
 linecode ami
!
!
!
!
!
!
interface Loopback3
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 172.12.34.3 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/2
 ip address 172.12.123.3 255.255.255.0
 no fair-queue
!
interface Serial0/3
 no ip address
 shutdown
!
router ospf 1
 log-adjacency-changes
 redistribute connected subnets route-map RIP2OSPF
 redistribute rip subnets route-map RIP2OSPF
 network 172.12.34.0 0.0.0.255 area 0
!
router rip
 version 2
 redistribute connected metric 3 route-map OSPF2RIP
 redistribute ospf 1 metric 2 route-map OSPF2RIP
 network 172.12.0.0
 no auto-summary
!
!
!
ip http server
no ip http secure-server
!
!
!
!
route-map OSPF2RIP deny 5
 match tag 10
!
route-map OSPF2RIP permit 10
 set tag 10
!
route-map RIP2OSPF deny 5
 match tag 20
!
route-map RIP2OSPF permit 10
 set tag 20
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 password CCNP
 logging synchronous
 login
!
!
end

R3#