From: Brian McGahan (brian@xxxxxxxxxxxxxxx)
Date: Thu Jul 18 2002 - 15:02:22 GMT-3
LUW,
Yes, these are my official configs. Regarding your issues with
them:
"1. there is no metric setting in R2 ospf. It will not
work properly for redistribution without metric."
http://www.cisco.com/warp/public/104/3.html#14.0
"The protocol and process-id are the protocol that we are injecting into
OSPF and its process-id if it exits. The metric is the cost we are
assigning to the external route. If no metric is specified, OSPF puts a
default value of 20 when redistributing routes from all protocols except
BGP routes, which get a metric of 1. The metric-type is discussed in the
next paragraph."
"2. Since R2 is ASBR, it should not define area 12 as
nssa instead of "stub". Then, using distribute-list to
block the default route. I think virtual-link has
changed the ospf topology."
I'm not exactly sure what you mean by this. If you define area 12 as a
stub, R1 should filter 0.0.0.0/0 with an inbound distribute-list under
OSPF. If area 12 is an NSSA, the NSSA ABR does not originate a default
route by default, so this is fine. Either answer is an acceptable
solution. What do you mean by " I think virtual-link has changed the
ospf topology"
HTH
Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com
CyscoExpert Corporation
Internetwork Consulting & Training
http://www.cyscoexpert.com
Voice: 847.674.3392
Fax: 847.674.2625
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
William lu
Sent: Wednesday, July 17, 2002 8:27 PM
To: IPSec; nshah@connect.com.au
Cc: ccielab@groupstudy.com
Subject: Re: Re: Cyscoexpert Official Configs
Hi,
You can not have 150.1.30.0/24 in R1 by the simple
solution of eigrp / ospf redistribution.
After redistributing 150.1.30.0/24 from ospf to eigrp
in R2. R2 will send this routing update with AD 170 to
R4 by GRE tunnel.
R4 also receive 150.1.30.0/24 from ospf with AD 110.
Therefore, the route learned from eigrp can not be
populated in R4's routing table because its AD is
lower than one from ospf. Since it is not in routing
table, it can not send to eigrp neighbor R1 also.
Workaround solution:
Having a distribute-list ACL in R4 ospf process and
to block 150.1.30.0/24 into routing table. Then, you
can see the 150.1.30.0/24 with AS 170 learned from R2
in R4 and R1's routing table.
The problem of this approach is that it will take
longer path from
R1->R4->R2-R5 to reach R3.
I am not sure that the "Official Config" posted is
real official one from Cyscoexpert or not because I
found few mistakes in the configuration.
1. there is no metric setting in R2 ospf. It will not
work properly for redistribution without metric.
2. Since R2 is ASBR, it should not define area 12 as
nssa instead of "stub". Then, using distribute-list to
block the default route. I think virtual-link has
changed the ospf topology.
General speaking, it is a very good lab scenario.
LUW
--- IPSec <ipsec@myrealbox.com> wrote:
> Since 150.1.30.0/24 is an E2 network in OSPF, it's
> not allowed in R1. 150.1.30.0/24 gets in R1's
> routing table by EIGRP from redistribution from
> OSPF.
>
>
> -----Original Message-----
> From: "Nick Shah" <nshah@connect.com.au>
> To: "IPSec" <ipsec@myrealbox.com>,
> <ccielab@groupstudy.com>
> Date: Sun, 14 Jul 2002 16:21:13 +1000
> Subject: Re: Cyscoexpert Official Configs
>
> And how did u get 150.1.30.0/24 into R1 's routing
> table (via OSPF) ?
>
> Nick
> ----- Original Message -----
> From: IPSec <ipsec@myrealbox.com>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, July 14, 2002 3:12 PM
> Subject: Cyscoexpert Official Configs
>
>
> > Hi Group,
> >
> > Here are the official lab solutions:
> >
> > TermServ-34>1
> > [Resuming connection 1 to rack3r1 ... ]
> >
> > R1#sh run
> > Building configuration...
> >
> >
> >
> > Current configuration : 2014 bytes
> > !
> > version 12.1
> > service timestamps debug uptime
> > service timestamps log uptime
> > no service password-encryption
> > !
> > hostname R1
> > !
> > enable password cisco
> > !
> > !
> > !
> > !
> > !
> > ip subnet-zero
> > no ip domain-lookup
> > !
> > ipx routing 0001.0001.0001
> > !
> > !
> > dlsw local-peer peer-id 150.1.1.1
> > dlsw remote-peer 0 tcp 150.1.3.3
> > dlsw icanreach mac-exclusive
> > dlsw icanreach mac-address 7145.a0e3.0000 mask
> ffff.ffff.0000
> > dlsw bridge-group 1
> > !
> > interface Loopback0
> > ip address 150.1.1.1 255.255.255.0
> > ipx network 1
> > !
> > interface Loopback1
> > ip address 220.1.0.1 255.255.255.0
> > !
> > interface Loopback2
> > ip address 220.1.1.1 255.255.255.0
> > !
> > interface Loopback3
> > ip address 220.1.2.1 255.255.255.0
> > !
> > interface Loopback4
> > ip address 220.1.3.1 255.255.255.0
> > !
> > interface Loopback10
> > ip address 195.1.1.1 255.255.255.0
> > !
> > interface Ethernet0
> > ip address 150.1.10.1 255.255.255.0
> > ipx network 10
> > bridge-group 1
> > !
> > interface Serial0
> > ip address 150.1.14.1 255.255.255.0
> > ip summary-address eigrp 100 220.1.0.0
> 255.255.252.0 5
> > ipx network 14
> > no fair-queue
> > clockrate 2000000
> > !
> > interface Serial1
> > ip address 150.1.12.1 255.255.255.0
> > ipx network 12
> > clockrate 2000000
> > !
> > interface TokenRing0
> > no ip address
> > shutdown
> > !
> > router eigrp 100
> > network 150.1.14.1 0.0.0.0
> > network 220.1.0.0 0.0.3.255
> > auto-summary
> > no eigrp log-neighbor-changes
> > !
> > router ospf 1
> > router-id 150.1.1.1
> > log-adjacency-changes
> > area 12 nssa
> > network 150.1.1.1 0.0.0.0 area 12
> > network 150.1.12.1 0.0.0.0 area 12
> > !
> > router bgp 1
> > bgp log-neighbor-changes
> > network 195.1.1.0
> > neighbor 150.1.12.2 remote-as 256
> > neighbor 150.1.14.4 remote-as 34
> > neighbor 150.1.14.4 route-map PREPEND out
> > !
> > ip classless
> > ip http server
> > !
> > !
> > ip prefix-list R1_LOOPBACK seq 5 permit
> 195.1.1.0/24
> > route-map PREPEND permit 10
> > match ip address prefix-list R1_LOOPBACK
> > set as-path prepend 1 1
> > !
> > route-map PREPEND permit 20
> > !
> > !
> > !
> > !
> > !
> > bridge 1 protocol ieee
> > !
> > line con 0
> > exec-timeout 0 0
> > logging synchronous
> > line aux 0
> > exec-timeout 0 0
> > logging synchronous
> > line vty 0 4
> > exec-timeout 0 0
> > logging synchronous
> > no login
> > !
> > end
> >
> > R1#
> > TermServ-34>2
> > [Resuming connection 2 to rack3r2 ... ]
> >
> > R2#sh run
> > Building configuration...
> >
> > Current configuration : 2171 bytes
> > !
> > version 12.1
> > service timestamps debug uptime
> > service timestamps log uptime
> > no service password-encryption
> > !
> > hostname R2
> > !
> > enable password cisco
> > !
> > !
> > !
> > !
> > !
> > ip subnet-zero
> > no ip domain-lookup
> > !
> > ipx routing 0002.0002.0002
> > ipx internal-network 2222
> > !
> > !
> > !
> > interface Loopback0
> > ip address 150.1.2.2 255.255.255.0
> > ipx network 2
> > !
> > interface Loopback10
> > ip address 195.1.2.2 255.255.255.0
> > !
> > interface Tunnel0
> > ip address 150.1.24.2 255.255.255.0
> > ipx network 24
> > tunnel source Loopback0
> > tunnel destination 150.1.4.4
> > !
> > interface Ethernet0
> > ip address 150.1.222.2 255.255.255.0
>
=== message truncated ===
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:35 GMT-3