CCIE RS – Routing Concepts – Implement, optimize and troubleshoot redistribution between any routing protocol

Implement, Optimize and Troubleshoot Redistribution between any Routing Protocol

Redistributing Routing Protocols

I will briefly describe how redistribution works for each of the protocols. The best way to truly understand this is to lab up the scenarios and see what happens


RIP

RIP uses a hop count as it’s metric for routes, 16 being unreachable. You’ll want the metric to be defined in a way that will not allow for a routing loop to occur. A metric must be defined when redistibuting other protocols into RIP

router rip
network 10.2.0.0
redistribute static
redistribute eigrp[metric]
redistribute ospf[metric] 
redistribute isis 
default-metric [metric]

 


EIGRP

EIGRP uses a composite metric can can be computed based on: bandwidth, load, delay, reliability and MTU. A metric must be defined when redisitrubtuing other routing protocols into EIGRP

Metric order: Bandwidth (Kbps), delay (tens of microseconds), reliability (255=100%), load (0-255, 255=100%loaded), MTU (1500)

Becareful in named mode EIGRP, metric 1 1 1 1 1 no longer works because you’re using wide metrics

router eigrp [AS] 
network 10.1.0.0 
redistribute static
redistribute ospf [metric] 
redistribute rip 
redistribute isis 
default-metric 10000 100 255 1 1500

OSPF

OSPF does not require a seed metric (cost), but one can be defined . The default value is 20, except for BGP which is 1. The subnet keyword needs to be defined on the redistributed protocol or only major nets will be redistributed.

There are 4 different route types for OSPF when redistributing,

E1>E2, N1>N2

Difference is how the cost is calculated

  • E1 – Normal area, type 5 LSA, external cost plus the internal cost to reach the route
  • E2 – Normal area, type 5 LSA, cost of route is always the external (20)
  • N1 – NSSA area, type 7 LSA, external cost plus the internal cost to reach the route
  • N2 – NSSA area, type 7 LSA, cost of route is always the external (20)
router ospf [process ID] 
network 10.10.0.0 0.0.255.255 area 0 
redistribute static metric 200 [subnets]
redistribute rip metric 200 [subnets] 
redistribute eigrp 1 metric 100 [subnets] 
redistribute isis metric 10 [subnets]

BGP

BGP does not use a seed metric when redistrbuting other protocols into it.

OSPF has specicial requirements when redistributing into BGP. Only intra-area and inter-area are included by default. You’ll need to use the external keyword if you want external OSPF routes to be included

router bgp [as]
redistribute static
redistribute eigrp [as]

redistribute isis ? 
 WORD ISO routing area tag
 clns Redistribution of OSI dynamic routes
 ip Redistribution of IP dynamic routes
 level-1 IS-IS level-1 routes only
 level-1-2 IS-IS level-1 and level-2 routes
 level-2 IS-IS level-2 routes only
 metric Metric for redistributed routes
 route-map Route map reference
 <cr>

redistribute ospf [pid] match 
redistribute ospf 1 match ?
 external Redistribute OSPF external routes
 internal Redistribute OSPF internal routes
 nssa-external Redistribute OSPF NSSA external routes


ISIS

Metrics for ISIS are between 1 – 63. There is no default metric and one should be configured. The default metric is 0 if one is not included.

router isis 
network 49.1234.1111.1111.1111.00
redistribute static
redistribute rip metric 20 
redistribute eigrp 1 metric 20 
redistribute ospf 1 metric 20

 

 

CCIE RS – Routing Concepts – Implement, Optimize and Troubleshoot Filtering with any Routing Protocol

Implement, Optimize and Troubleshoot Filtering with any Routing Protocol

Options:

Control routing updates with passive interface

Control processing and advertising in routing updates

  • Distribute List – Filter prefixes inbound/outbound
  • Offset List – Change incoming/outgoing metrics
  • Administrative Distance
  • Summarization
  • Floating Routes
  • OSPF – LSA Filters
  • BGP… Will be explained in it’s own post

Match IP/Prefixes

  • Standard Access List
  • Extended Access List
  • Prefix List
  • Tag
  • Route Map
    • Match next-hop
    • Match route-source
    • Match Metric
    • Match route-type
    • Match Tag
    • Match Interface
    • Match IP address

Routing Protocol Specifics

Config snipit’s based on INE workbook

RIP

Offset List
access-list 1 permit host [ip]
access-list 2 permit host [ip]
!
router rip
 offset-list 1 in 3 [int]
 offset-list 2 out 16 [int]

Distribute List with Prefix-list
ip prefix-list NOT_FROM_R4 seq 5 deny 155.1.0.4/32
ip prefix-list NOT_FROM_R4 seq 10 permit 0.0.0.0/0 le 32
!
ip prefix-list PERMIT_ALL seq 5 permit 0.0.0.0/0 le 32
!
ip prefix-list RIP_FILTER_TO_R8 seq 5 deny 150.1.6.6/32
ip prefix-list RIP_FILTER_TO_R8 seq 15 permit 0.0.0.0/0 le 32
!
router rip
 distribute-list prefix RIP_FILTER_TO_R8 out GigabitEthernet1.58
 distribute-list prefix PERMIT_ALL gateway NOT_FROM_R4 in

Distribute List with Standard ACL
access-list 1 permit 0.0.1.0 255.255.254.255
!
router rip
 distribute-list 1 in

Distribute List with Extended ACL
access-list 100 deny ip host 155.1.0.1 host 150.1.1.1
access-list 100 permit ip any any
!
router rip
 distribute-list 100 in tunnel0

Administrative Distance
router rip
 distance 255 0.0.0.0 255.255.255.255 [acl]

EIGRP

Distribute List with Prefix List
ip prefix-list NOT_FROM_R4 seq 5 deny 155.1.146.4/32
ip prefix-list NOT_FROM_R4 seq 10 permit 0.0.0.0/0 le 32
!
ip prefix-list PERMIT_ALL seq 5 permit 0.0.0.0/0 le 32
!
router eigrp 100
 distribute-list prefix PERMIT_ALL gateway NOT_FROM_R4 in

Distribute List with Standard ACL
access-list 1 permit 0.0.0.0 255.255.254.255
!
router eigrp 100
 distribute-list 1 in GigabitEthernet1.79

Distribute List with Exteneded ACL
access-list 100 deny ip host 155.1.0.4 host 150.1.9.9
access-list 100 permit ip any any
!
router eigrp 100
 distribute-list 100 in Tunnel0

Offset List
router eigrp 100
offset-list 1 in 2000 GigabitEthernet1.37

Administrative Distance
access-list 4 permit host 150.1.4.4
!
router eigrp 100
 distance 255 0.0.0.0 255.255.255.255 4

Distribute List with Route Map
route-map FILTER_ON_TAGS deny 10
 match tag 4
!
route-map FILTER_ON_TAGS permit 20
!
router eigrp 100
 distribute-list route-map FILTER_ON_TAGS in

OSPF

OSPF can filter on more than just tags or IP addresses. You can also filter LSA types from being forwarded into other areas based on the area type.

Stub Area: Stops type 4 and 5 LSAs

Totally Stubby: Stops type 3, 4 and 5 LSA’s, only gets 1 default type 3 LSA

Not So Stubby Area: Translates type 7 into 5. Stops type 4 and 5 LSAs

Totally No So Stubby Area: Translates type 7 into 5. Stops type 3, 4 and 5 LSA’s, only gets 1 default type 3 LSA

Distribute List with Standard ACL
router ospf 1
 distribute-list 1 in
!
access-list 1 deny 150.1.1.1 0.0.0.0
access-list 1 permit any

Administrative Distance
access-list 10 permit 155.1.146.0
!
router ospf 1
 distance 255 150.1.5.5 0.0.0.0 10

Distribute List with Route Map
route-map DENY_VLAN146_FROM_R4 deny 10
 match ip address 3
 match ip next-hop 4
! 
route-map DENY_VLAN146_FROM_R4 permit 20
!
router ospf 1
 distribute-list route-map DENY_VLAN146_FROM_R4 in

ISIS

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_isis/configuration/15-mt/irs-15-mt-book/is-is_inbound_filtering.html#GUID-A2FF145F-7989-442E-A9C5-C074FB4A800F

Route filtering by route destination with ACL
access-list access-list-number {permit | deny} ip any destination-address destination-wildcard
!
interface type number
ip router isis [route-tag]
!
router isis route-tag
distribute-list access-list-number in [interface-type interface-number]

BGP

BGP is also not limited to filtering on the normal set of tags and ip addresses. Routes can be filtered based on the AS number and communities. More details of this will be in the BGP section

 

CCIE RS – Routing Concepts – Implement and Troubleshoot VRF Lite

Implement and Troubleshoot VRF Lite

VRF without MPLS

Support different routing tables on the same device

  • Allows for overlapping IP addressing as long as they are in different vrf’s
  • Uses input interfaces to distinguish routes form over vpns

TCAM resources are shared between all vrf’s

Does not support ISIS

Configuration

Following only works with IPv4
ip vrf [name]
rd [route-distinguisher] --> required
route-target {export | import | both} --> optional in vrf-lite
import map route-map

----
Following works with IPv4 and IPv6
vrf definition RED
 rd 1:1
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family

Interface > ip vrf forwarding [vrf name] --> removes current IP when applied

Router(config-if)#vrf forwarding RED

EIGRP

router eigrp [as]
address-family ipv4 vrf VRF

----

Router(config)#router eigrp NAMED
Router(config-router)#address-family ipv4 vrf RED as 1

OSPF

router ospf [process id] vrf [vrf name]

BGP

router bgp [as]
address-family ipv4 vrf [vrf name]

CCIE RS – Routing Concepts – Implement and Troubleshoot Passive Interface

Implement and Troubleshoot Passive Interface

Passive interfaces controls the advertisement of routing information

Enables suppression of routing updates over some interfaces

Restricts outgoing advertisements with the exception of EIGRP

  • EIGRP suppresses the exchange of Hellos
  • Does not allow a neighbor to form

Enabled under the routing process

passive-interface

RIP: Prevent the interface from sending RIP advertisements

router rip
passive-interface [default]
no passive-interface [interface]

EIGRP: Supresses hello messages, preventing a neighbor relationship to form. Stops routing advertisements and incoming routing updates

router eigrp [as]
passive-interface [default]
no passive-interface [interface]

--

router eigrp [NAME]
address-family [ipv4/ipv6] unicast autonomous-system [as]
af-interface [interface]
[no] passive-interface

--

router eigrp EIGRP
 !
 address-family ipv4 unicast autonomous-system 1
 !
 af-interface default
 passive-interface
 exit-af-interface
 !
 af-interface GigabitEthernet0/1
 no passive-interface
 exit-af-interface
 !
 topology base
 exit-af-topology
 exit-address-family

OSPF: Setting an interface as passive disables the sending of routing updates on that interface, adjacencies will not be formed. The subnet will continue to be advertised to other interfaces.

router ospf [instance]
 passive-interface [default]
 no passive-interface [interface]

ISIS: Suppresses the sending of routing updates through the specified interface.

router isis
passive-interface [interface]
advertise-passive-only

 

CCIE RS – Routing Concepts – Implement, Optimize and Troubleshoot Administrative Distance

Implement, Optimize and Troubleshoot Administrative Distance

Specifics into each routing protocol will be covered in their own topics


Best path selection – first criterion a router uses to determine which routing protocol to use if 2 protocols provide information to the same destination

Lower admin distance is considered more reliable

Modify AD of a protocol with ‘distance’ cmd in the routing process – Local to that router

Screen Shot 2018-02-01 at 2.26.00 PM

CCIE RS – Routing Concepts – Compare Routing Protocol Types

Compare Routing Protocol Types


Distance Vector

Bellman-Ford or DUAL algorithm

Requires router to inform neighbors of topology changes periodically

RIPv1, RIPv2, IGRP

Does not have full knowledge of how to get to a destination

  1. Direction in which router or exit interface a packet should be forwarded
  2. Distance from its destination

Count to Infinity

  • Routing loops
  • RIP avoids with the following
  • Split Horizon: Prohibit router from advertising a route back onto the interface from which it was learned
  • Poison Reverse: Indicate to other routers that a route is no longer reachable and should not be considered from their routing tables
  • Max number of hops – 15

 

EIGRP falls under this type as it uses routing by rumor as well. The router only knows of routes learned by it’s neighbor, it does not build a full database like OSPF does.


Link State

OSPF and ISIS

  • Dijkstra’s algorithm – shortest path first (SPF)

Creates a full topology of the network and places themselves at the root of the tree

 


Path Vector

BGP: Maintains a list of AS’s that are traversed to reach a destination

CCIE RS – Routing Concepts – Implement and Troubleshoot Default Routing

Implement and Troubleshoot Default Routing

Ip route 0.0.0.0 0.0.0.0 [next-hop ip]

  • Not dependent on any routing protocol
  • Ip routing must be enabled
  • Sharing default route with EIGRP
    • Route must be redistributed into EIGRP to be shared
  • RIP
    • Route must be redistributed into RIP to be shared

Ip default-gateway

  • Only used when ip routing is DISABLED on the router
  • Router acting as a host in IP world

Ip default-network

  • Can be used when ip routing is enabled
  • Installed as gateway of last resort
  • Independent of any routing protocol
  • Gateway of last report in dynamic routing protocols
    • EIGRP
      • Must be a EIGRP derived network in the routing table or the static redistributed into EIGRP
      • Network command
    • RIP
      • Advertises a to 0.0.0.0 if gateway of last resort is selected
      • Does not need to be explicitly advertised under the RIP process
    • OSPF
      • Not propagated in OSPF
      • OSPF has it’s own process for injecting a default route
    • ISIS
      • Not propagated in ISIS