From: Howard C. Berkowitz (hcb@xxxxxxxxxxxx)
Date: Thu Apr 25 2002 - 14:53:40 GMT-3
At 10:07 AM -0400 4/25/02, Charles Carley wrote:
>I am working on redistribution and was wanting to know what stategies people
>use when building access lists to control routing loops. Do you draw out a
>matrix on scrap paper, do you cut and paste the routing tables into notepad
>as a reference? Just looking for some best practices.
I'm not sure if this is what you are looking for, but here's what I
do in real-world networks. First, I check whether the organization
consciously has a well-thought out addressing plan, which will help
enormously.
There are degrees of this. I was the outside architect for a very
large company (i.e., at least 1 class A and lots and lots of B's),
and you could be reasonably certain at the start which major network
belonged to which organization. Subnet assignment inside the
organizations was a crapshoot.
Now, the solutions I use most often for real-world situations won't
be popular in the CCIE lab, since they usually involve the edge
advertising to the core, and the core advertising back only default
-- and other routes that have specific justification. Sometimes
reorganizing the logical topology helps. I dealt with one Canadian
company that was having horrible problems with its OSPF, until I
pointed out that they really had an Eastern and a Western domain. I
organized a separate area 0.0.0.0 for each of these and
interconnected the backbones. The need for over 100 special-case
static routes immediately disappeared.
Getting back to a lab (but still practical) model, when I sit down
with the configurations, I may set up a spreadsheet. The rows are
routers with location information and the like. The columns are for
routing protocols on those routers.
I go through each configuration looking for _router_ statements, and
record the network statements under them in the appropriate protocol
column. I then look for protocols that appear in more than one
column (special problems), and try to see what summarization I can do
among protocol domains. As I do this, I'll also look for static
routes and other potential anomalies.
It occurs to me that it really wouldn't be that hard to develop a
Perl script that would read a stream of router configs, recognizing
hostname, router, network, and maybe IP route statements, and spit
out a cross-reference. By cross-reference, I'm thinking of my
programming days, when good compilers would list all your variables
and the lines in which they appeared.
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:19 GMT-3