From: Tom Larus (tlarus@xxxxxxxxxxxxxxx)
Date: Mon Jun 10 2002 - 12:30:23 GMT-3
Thank you. That was a good point.
I think I may be beginning to understand the problem with any method like
the tagging method. Doyle I says on page 780, "To prevent route feedback,
routed must be filtered as they are incoming on an interface, before they
are entered into the route table."
Now I don't think the RIP route redistributed into OSPF will ever get back
to the RIP domain, as long as we use tags and route-maps, but the problem
remains that we now have a RIP route in our ASBR routing table as an OSPF
route, with whatever metric we assigned it when we distributed it into OSPF.
This can't make for a very accurate routing table. All of RIP routes are
gone, because OSPF AD is lower.
How big a problem do you folks think it is that all the routes are now OSPF,
if the tags keep the RIP-redist-ed routes from being advertised back into
RIP. Is this really route feedback, or is it just another problem?
-- Original Message -----
From: "Bruce Williams" <bruce@williamsnetworking.com>
To: "Baety Wayne SrA 18 CS/SCBX" <Wayne.Baety@kadena.af.mil>; "'Anthony
Pace'" <anthonypace@fastmail.fm>; "Tom Larus" <tlarus@novacoxmail.com>;
"Treptow, Georg" <gxtrept@qwest.com>; "Dennis Laganiere"
<dennisl@advancedbionics.com>; "'Paul Connelly'" <chewy7700@yahoo.com>;
<ccielab@groupstudy.com>
Sent: Monday, June 10, 2002 9:56 AM
Subject: RE: OSPF tags as a way to stop route feedback from
redistribution -- what is the downside?
> You can specify the length of the mask with an access-list.
>
> Like this:
> access-list 101 permit ip 121.1.0.0 0.0.255.255 host 255.255.0.0
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Baety Wayne SrA 18 CS/SCBX
> Sent: Monday, June 10, 2002 2:01 AM
> To: 'Anthony Pace'; Tom Larus; Treptow, Georg; Dennis Laganiere; 'Paul
> Connelly'; ccielab@groupstudy.com
> Subject: RE: OSPF tags as a way to stop route feedback from
> redistribution -- what is the downside?
>
>
> Another problem with distribute-list is its inherent inability to
> distinguish routes of differing prefix length. Let's say you want to
allow
> 121.1.0.0/24 through but not 121.1.0.0/16. Any access list style wildcard
> you create that matches one route will match the other. BGP handles this
> situation quite nicely with its prefix-list capability, however. For the
> moment, Route-Tagging is the only successful way to deal with
heterogeneous
> masking, BGP support notwithstanding. But as you've already pointed out,
> some protocols do not support tagging of routes.
>
> WAYNE BAETY, MCSE, SRA, USAF
> Network Systems Trainer
>
>
> > -----Original Message-----
> > From: Anthony Pace [mailto:anthonypace@fastmail.fm]
> > Sent: Monday, June 10, 2002 9:36 AM
> > To: Tom Larus; Treptow, Georg; Dennis Laganiere; 'Paul Connelly';
> > ccielab@groupstudy.com
> > Subject: Re: OSPF tags as a way to stop route feedback from
> > redistribution-- what is the downside?
> >
> > The downside of the distribute lists is that networks can't really be
> > added behind the redist router (if you used permits in the
> > dist-list)They also destroy redundany accross multiple redistribution
> > points. Doyle describes a scenario where you don't block the routes
> > being fedback (perhaps form a second redist-router), but lower their AD
> > so they never make it into your routing table and thus are never
> > advertised beyond the redist router. If there is a failure somewhere
> > then these routes with their "inferior" AD will be prefered and go into
> > the table and once the network converges you have a redundent path.
> >
> > Anthony Pace
> >
> > On Sat, 8 Jun 2002 22:07:34 -0400, "Tom Larus" <tlarus@novacoxmail.com>
> > said:
> > > Yes. RIP does not carry tags. This tagging must be done as the
routes
> > > are
> > > redistributed INTO a routing protocol that supports them. I see the
> > > problem, now, and that is that we still need to stop the OSPF routes
> > > that go
> > > into RIP or IGRP from feeding back into OSPF. For that I guess we
need
> > > to
> > > use the old methods of blocking individual routes.
> > >
> > > Doyle I also indicated that distribute lists have their shortcomings,
> > > too,
> > > but it is too late for me to get teh book and cite the page. He had
an
> > > explanation that I need to take a bit more time to think about and
> > > digest. I
> > > definitely need to do more work with this manipulating admin distance.
> > > The
> > > big problems seem to have to do with redistributed routes that have
> > > lower
> > > admin distance.
> > >
> > >
> > > ----- Original Message -----
> > > From: "Treptow, Georg" <gxtrept@qwest.com>
> > > To: "'Tom Larus'" <tlarus@novacoxmail.com>; "Anthony Pace"
> > > <anthonypace@fastmail.fm>; "Dennis Laganiere"
> > > <dennisl@advancedbionics.com>;
> > > "'Paul Connelly'" <chewy7700@yahoo.com>; <ccielab@groupstudy.com>
> > > Sent: Saturday, June 08, 2002 9:42 PM
> > > Subject: RE: OSPF tags as a way to stop route feedback from
> > > redistribution--
> > > what is the downside?
> > >
> > >
> > > > This unfortunatly is not an answer but more of an extension to Tom's
> > > > question.....
> > > >
> > > > I have recently done a lot of work on tagging, one of my scenarios
> > that I
> > > > tried did not work out that great..
> > > >
> > > > R1--------------R6----
> > > > RIP v.1 |
> > > > | OSPF
> > > > R10--|
> > > > |
> > > > R4--------------R13---
> > > >
> > > > R1,R4 are redistribution routers between RIP v.1 and OSPF, R10 runs
> > RIPv.1
> > > > only. R6 and R10 OSPF only.
> > > >
> > > > I thought to myself that there has to be a better way of
> > redistribution
> > > from
> > > > RIP to OSPF and vice versa.
> > > > Instead of doing distribute/prefix lists I tagged all routes going
> > into
> > > the
> > > > RIP domain (from OSPF) at R1 with 1111 and R4 I used 4444.
> > > > At R1 I declared all routes with a tag of 4444 to be dismissed from
> > > > redistribution back into OPSF and at R4 i did the same blocking all
> > routes
> > > > with a tag of 1111 but allowing all others. For whatever reason all
> > routes
> > > > from the RIP domain were blocked.
> > > >
> > > > Is it possible that RIP gets rid of tag information? Am I missing
> > > something
> > > > here?
> > > >
> > > >
> > > > Thanks,
> > > >
> > > > Georg Treptow
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Tom Larus [mailto:tlarus@novacoxmail.com]
> > > > Sent: Saturday, June 08, 2002 8:21 PM
> > > > To: Anthony Pace; Dennis Laganiere; 'Paul Connelly';
> > > > ccielab@groupstudy.com
> > > > Subject: OSPF tags as a way to stop route feedback from
> > redistribution--
> > > > what is the downside?
> > > >
> > > >
> > > > I'd like to ask about the downside of another approach that seems
too
> > good
> > > > to be true. In doing practice labs, I like to tag routes from other
> > > > protocols as they are redistributed into OSPF (for example, tag
routes
> > > from
> > > > IGRP 120 with tag 120), then have a route-map that stops those
routes
> > from
> > > > going back into the other protocol. The problem is that one does
not
> > see
> > > > this in case studies or in practice lab solutions very often, and
that
> > > makes
> > > > me nervous. Doyle I contains a reference to this use of tags in the
> > > chapter
> > > > on route-maps, and that makes me feel a little better.
> > > >
> > > > This has the feel of something that seems neat but is very
dangerous.
> > > > Basically, anything that does involve manually typing in half the
> > routes
> > > in
> > > > my network feels wrong, because it is not the tedious method that
> > involves
> > > > as much typing of routes as possible and nailing things down
manually.
> > > > --- Original Message -----
> > > > From: "Anthony Pace" <anthonypace@fastmail.fm>
> > > > To: "Tom Larus" <tlarus@novacoxmail.com>; "Dennis Laganiere"
> > > > <dennisl@advancedbionics.com>; "'Paul Connelly'"
> > <chewy7700@yahoo.com>;
> > > > <ccielab@groupstudy.com>
> > > > Sent: Saturday, June 08, 2002 8:01 PM
> > > > Subject: OSPF into IGRP and summarizing into FLSM
> > > >
> > > >
> > > > > Tom Larus said "Let's say you have loopback addresses on OSPF
> > enabled
> > > > > routers that you will need to summarize so that an IGRP /24
network
> > > > > will be able to see them and reach them. You redistribute them
into
> > > > > OSPF, and use summary-address ip mask to summarize them right
there
> > on
> > > > > the same router, which is by definition an ASBR because
> > redistribution
> > > > > is happening on it. Works like a charm."
> > > > >
> > > > > In other words you are using IP SUMMARY under OSPF even though you
> > want
> > > > > to shoot the /24 into IGRP? Then, a /24 is created right there on
> > that
> > > > > router and puhed into the IGRP world? Is that correct?
> > > > >
> > > > > I have been looking at this list for a definitive answer on this
for
> > a
> > > > > while (not wanting to repost a question if it has allready been
> > > > > answered) This seems like a solution. The quesion has been asked
> > many
> > > > > times and interpreted or missinterpreted differently in different
> > posts
> > > > > but essentially this is the problem as I see it: All of the
> > protocoles
> > > > > on the LABS we have all been doing have a mechanism for
> > redistributing
> > > > > and controlling summarization except IGRP. The LABS almost always
> > give
> > > > > you the ability to summarize almost all your networks via these
> > other
> > > > > mechanisms long before they reach the OSPF/IGRP redistribution
point
> > > > > with the exeption of a loopback or directly connected network on
> > that
> > > > > router which does not conform to the IGRP FLSM. It has been
> > suggested
> > > > > that a "ip default-network" be shot into IGRP and this works but
it
> > is
> > > > > questionable as to weather this constitutes an ILLEGAL STATIC
ROUTE.
> > > > > The Solie labs pose this scenario but the soltions do not address
> it.
> > > > >
> > > > > Are there any other tools that can be used?
> > > > >
> > > > > Anthony Pace
> > > > >
> > > > >
> > > > >
> > > > > On Tue, 4 Jun 2002 13:35:53 -0400, "Tom Larus"
> > <tlarus@novacoxmail.com>
> > > > > said:
> > > > > > I have never taken the lab, so I could not speak to that aspect
of
> > the
> > > > > > question, but I did learn something recently I thought was neat,
> > but
> > > > > > that
> > > > > > many others here have probably known for years.
> > > > > >
> > > > > > Let's say you have loopback addresses on OSPF enabled routers
that
> > you
> > > > > > will
> > > > > > need to summarize so that an IGRP /24 network will be able to
see
> > them
> > > > > > and
> > > > > > reach them. You redistribute them into OSPF, and use summary-
> > address
> > > > > > ip
> > > > > > mask to summarize them right there on the same router, which is
by
> > > > > > definition an ASBR because redistribution is happening on it.
> > Works
> > > > > > like a
> > > > > > charm.
> > > > > >
> > > > > > Okay, it's old hat for a lot of you old hands, but I still think
> > it is
> > > > > > pretty neat.
> > > > > >
> > > > > >
> > > > > > ----- Original Message -----
> > > > > > From: "Dennis Laganiere" <dennisl@advancedbionics.com>
> > > > > > To: "'Paul Connelly'" <chewy7700@yahoo.com>;
> > <ccielab@groupstudy.com>
> > > > > > Sent: Tuesday, June 04, 2002 12:40 PM
> > > > > > Subject: RE: Connected routes vs network statement
> > > > > >
> > > > > >
> > > > > > > Some routing protocols will interpret the two differently.
> > EIGRP,
> > > or
> > > > > > > instance, will see the redistributed route as external, which
> > has a
> > > > much
> > > > > > > higher AD.
> > > > > > >
> > > > > > > --- Dennis
> > > > > > >
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Paul Connelly [mailto:chewy7700@yahoo.com]
> > > > > > > Sent: Tuesday, June 04, 2002 9:03 AM
> > > > > > > To: ccielab@groupstudy.com
> > > > > > > Subject: Connected routes vs network statement
> > > > > > >
> > > > > > > Is there a preference in the lab when to use "redistribute
> > > connected"
> > > > vs.
> > > > > > > network statements? I know the redistribute connected will not
> > turn
> > > on
> > > > the
> > > > > > > routing protocol on the interface but you can easily turn it
off
> > > with
> > > > > > > passive-interface. Just want to check if the exam wants you to
> > do it
> > > a
> > > > > > > certain way.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Thanks
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > ---------------------------------
> > > > > > > Do You Yahoo!?
> > > > > > > Sign-up for Video Highlights of 2002 FIFA World Cup
> > > > > > >
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:30 GMT-3