From: Brian McGahan (brian@xxxxxxxxxxxxxxx)
Date: Thu Jul 18 2002 - 18:55:34 GMT-3
Ramon,
Don't overanalyze the scenario. It doesn't mention anything
about reachability to hosts, and lab scenarios such as this (including
the actual lab) are way way way far away from best practices.
Another note to add to this, you can change the network type to
non-broadcast. This will meet the requirement of the OSPF timers, and
it will originate the network with a mask of /24 so you still have host
reachability.
HTH
Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com
CyscoExpert Corporation
Internetwork Consulting & Training
http://www.cyscoexpert.com
Voice: 847.674.3392
Fax: 847.674.2625
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Ramon Nieva
Sent: Thursday, July 18, 2002 4:23 PM
To: Brian McGahan
Cc: 'William lu'; 'IPSec'; nshah@connect.com.au; ccielab@groupstudy.com
Subject: RE: Re: Cyscoexpert Official Configs
Brian,
Would you mind posting the final routing tables?
After changing the ospf network-type on the ethernet interface in area
51 to point-to-multipoint, host-routes (/32) will get populated into
ospf instead of the /24's.
This make my R3 end up with only these 3 host-routes for R2, R5 and R6
and not the whole subnet:
O IA 150.1.222.2/32 [110/74] via 150.1.111.5, 06:02:51, Serial8/0
O IA 150.1.222.5/32 [110/64] via 150.1.111.5, 06:02:51, Serial8/0
O IA 150.1.222.6/32 [110/74] via 150.1.111.5, 06:02:51, Serial8/0
Altough I can still reach all three routers, hosts that would be
connected to that subnet wouldn't be reachable until I redistribute the
150.1.222.0/24 into ospf.
Cheers,
Ramon
On Thu, 2002-07-18 at 20:02, Brian McGahan wrote:
> LUW,
>
> Yes, these are my official configs. Regarding your issues with
> them:
>
> "1. there is no metric setting in R2 ospf. It will not
> work properly for redistribution without metric."
>
> http://www.cisco.com/warp/public/104/3.html#14.0
>
> "The protocol and process-id are the protocol that we are injecting
into
> OSPF and its process-id if it exits. The metric is the cost we are
> assigning to the external route. If no metric is specified, OSPF puts
a
> default value of 20 when redistributing routes from all protocols
except
> BGP routes, which get a metric of 1. The metric-type is discussed in
the
> next paragraph."
>
>
> "2. Since R2 is ASBR, it should not define area 12 as
> nssa instead of "stub". Then, using distribute-list to
> block the default route. I think virtual-link has
> changed the ospf topology."
>
> I'm not exactly sure what you mean by this. If you define area 12 as
a
> stub, R1 should filter 0.0.0.0/0 with an inbound distribute-list under
> OSPF. If area 12 is an NSSA, the NSSA ABR does not originate a
default
> route by default, so this is fine. Either answer is an acceptable
> solution. What do you mean by " I think virtual-link has changed the
> ospf topology"
>
>
> HTH
>
> Brian McGahan, CCIE #8593
> Director of Design and Implementation
> brian@cyscoexpert.com
>
> CyscoExpert Corporation
> Internetwork Consulting & Training
> http://www.cyscoexpert.com
> Voice: 847.674.3392
> Fax: 847.674.2625
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> William lu
> Sent: Wednesday, July 17, 2002 8:27 PM
> To: IPSec; nshah@connect.com.au
> Cc: ccielab@groupstudy.com
> Subject: Re: Re: Cyscoexpert Official Configs
>
> Hi,
>
> You can not have 150.1.30.0/24 in R1 by the simple
> solution of eigrp / ospf redistribution.
>
> After redistributing 150.1.30.0/24 from ospf to eigrp
> in R2. R2 will send this routing update with AD 170 to
> R4 by GRE tunnel.
>
> R4 also receive 150.1.30.0/24 from ospf with AD 110.
> Therefore, the route learned from eigrp can not be
> populated in R4's routing table because its AD is
> lower than one from ospf. Since it is not in routing
> table, it can not send to eigrp neighbor R1 also.
>
> Workaround solution:
> Having a distribute-list ACL in R4 ospf process and
> to block 150.1.30.0/24 into routing table. Then, you
> can see the 150.1.30.0/24 with AS 170 learned from R2
> in R4 and R1's routing table.
>
> The problem of this approach is that it will take
> longer path from
> R1->R4->R2-R5 to reach R3.
>
> I am not sure that the "Official Config" posted is
> real official one from Cyscoexpert or not because I
> found few mistakes in the configuration.
> 1. there is no metric setting in R2 ospf. It will not
> work properly for redistribution without metric.
> 2. Since R2 is ASBR, it should not define area 12 as
> nssa instead of "stub". Then, using distribute-list to
> block the default route. I think virtual-link has
> changed the ospf topology.
>
> General speaking, it is a very good lab scenario.
>
> LUW
>
>
> --- IPSec <ipsec@myrealbox.com> wrote:
> > Since 150.1.30.0/24 is an E2 network in OSPF, it's
> > not allowed in R1. 150.1.30.0/24 gets in R1's
> > routing table by EIGRP from redistribution from
> > OSPF.
> >
> >
> > -----Original Message-----
> > From: "Nick Shah" <nshah@connect.com.au>
> > To: "IPSec" <ipsec@myrealbox.com>,
> > <ccielab@groupstudy.com>
> > Date: Sun, 14 Jul 2002 16:21:13 +1000
> > Subject: Re: Cyscoexpert Official Configs
> >
> > And how did u get 150.1.30.0/24 into R1 's routing
> > table (via OSPF) ?
> >
> > Nick
> > ----- Original Message -----
> > From: IPSec <ipsec@myrealbox.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Sunday, July 14, 2002 3:12 PM
> > Subject: Cyscoexpert Official Configs
> >
> >
> > > Hi Group,
> > >
> > > Here are the official lab solutions:
> > >
> > > TermServ-34>1
> > > [Resuming connection 1 to rack3r1 ... ]
> > >
> > > R1#sh run
> > > Building configuration...
> > >
> > >
> > >
> > > Current configuration : 2014 bytes
> > > !
> > > version 12.1
> > > service timestamps debug uptime
> > > service timestamps log uptime
> > > no service password-encryption
> > > !
> > > hostname R1
> > > !
> > > enable password cisco
> > > !
> > > !
> > > !
> > > !
> > > !
> > > ip subnet-zero
> > > no ip domain-lookup
> > > !
> > > ipx routing 0001.0001.0001
> > > !
> > > !
> > > dlsw local-peer peer-id 150.1.1.1
> > > dlsw remote-peer 0 tcp 150.1.3.3
> > > dlsw icanreach mac-exclusive
> > > dlsw icanreach mac-address 7145.a0e3.0000 mask
> > ffff.ffff.0000
> > > dlsw bridge-group 1
> > > !
> > > interface Loopback0
> > > ip address 150.1.1.1 255.255.255.0
> > > ipx network 1
> > > !
> > > interface Loopback1
> > > ip address 220.1.0.1 255.255.255.0
> > > !
> > > interface Loopback2
> > > ip address 220.1.1.1 255.255.255.0
> > > !
> > > interface Loopback3
> > > ip address 220.1.2.1 255.255.255.0
> > > !
> > > interface Loopback4
> > > ip address 220.1.3.1 255.255.255.0
> > > !
> > > interface Loopback10
> > > ip address 195.1.1.1 255.255.255.0
> > > !
> > > interface Ethernet0
> > > ip address 150.1.10.1 255.255.255.0
> > > ipx network 10
> > > bridge-group 1
> > > !
> > > interface Serial0
> > > ip address 150.1.14.1 255.255.255.0
> > > ip summary-address eigrp 100 220.1.0.0
> > 255.255.252.0 5
> > > ipx network 14
> > > no fair-queue
> > > clockrate 2000000
> > > !
> > > interface Serial1
> > > ip address 150.1.12.1 255.255.255.0
> > > ipx network 12
> > > clockrate 2000000
> > > !
> > > interface TokenRing0
> > > no ip address
> > > shutdown
> > > !
> > > router eigrp 100
> > > network 150.1.14.1 0.0.0.0
> > > network 220.1.0.0 0.0.3.255
> > > auto-summary
> > > no eigrp log-neighbor-changes
> > > !
> > > router ospf 1
> > > router-id 150.1.1.1
> > > log-adjacency-changes
> > > area 12 nssa
> > > network 150.1.1.1 0.0.0.0 area 12
> > > network 150.1.12.1 0.0.0.0 area 12
> > > !
> > > router bgp 1
> > > bgp log-neighbor-changes
> > > network 195.1.1.0
> > > neighbor 150.1.12.2 remote-as 256
> > > neighbor 150.1.14.4 remote-as 34
> > > neighbor 150.1.14.4 route-map PREPEND out
> > > !
> > > ip classless
> > > ip http server
> > > !
> > > !
> > > ip prefix-list R1_LOOPBACK seq 5 permit
> > 195.1.1.0/24
> > > route-map PREPEND permit 10
> > > match ip address prefix-list R1_LOOPBACK
> > > set as-path prepend 1 1
> > > !
> > > route-map PREPEND permit 20
> > > !
> > > !
> > > !
> > > !
> > > !
> > > bridge 1 protocol ieee
> > > !
> > > line con 0
> > > exec-timeout 0 0
> > > logging synchronous
> > > line aux 0
> > > exec-timeout 0 0
> > > logging synchronous
> > > line vty 0 4
> > > exec-timeout 0 0
> > > logging synchronous
> > > no login
> > > !
> > > end
> > >
> > > R1#
> > > TermServ-34>2
> > > [Resuming connection 2 to rack3r2 ... ]
> > >
> > > R2#sh run
> > > Building configuration...
> > >
> > > Current configuration : 2171 bytes
> > > !
> > > version 12.1
> > > service timestamps debug uptime
> > > service timestamps log uptime
> > > no service password-encryption
> > > !
> > > hostname R2
> > > !
> > > enable password cisco
> > > !
> > > !
> > > !
> > > !
> > > !
> > > ip subnet-zero
> > > no ip domain-lookup
> > > !
> > > ipx routing 0002.0002.0002
> > > ipx internal-network 2222
> > > !
> > > !
> > > !
> > > interface Loopback0
> > > ip address 150.1.2.2 255.255.255.0
> > > ipx network 2
> > > !
> > > interface Loopback10
> > > ip address 195.1.2.2 255.255.255.0
> > > !
> > > interface Tunnel0
> > > ip address 150.1.24.2 255.255.255.0
> > > ipx network 24
> > > tunnel source Loopback0
> > > tunnel destination 150.1.4.4
> > > !
> > > interface Ethernet0
> > > ip address 150.1.222.2 255.255.255.0
> >
> === message truncated ===
>
>
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:36 GMT-3