From: Michael Snyder (msnyder@revolutioncomputer.com)
Date: Fri Feb 06 2004 - 00:08:50 GMT-3
I just got done doing a three way redistribution (ipexpert 34).
I used them all. Redistribution lists, tags, and increasing metrics,
and distance.
Rip to Ospf; Tagged into ospf, and blocked tag going back into rip.
Also stopped one route with a distribute list because it belonged to
eigrp (damn classful rip)
Eigrp to ospf; Tagged into ospf, and blocked tag going back into eigrp.
Rip to eigrp; used a greater metric than my ospf to eigrp operation.
Eigrp to rip; used a greater metric than my ospf to rip operation.
Check out the distance trick I did on rip on R2. Poisoned everything
except routes from my one valid neighbor. Classful causes way too many
problems.
To answer your question, It depends.
BTW, ran my grading script on each router, and every route checks.
R2#show run
Building configuration...
Current configuration : 4311 bytes
!
version 12.2
no service single-slot-reload-enable
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
service linenumber
!
hostname R2
!
logging rate-limit console 10 except errors
!
clock timezone CST -6
clock summer-time CDT recurring
ip subnet-zero
no ip finger
ip tcp synwait-time 5
no ip domain-lookup
!
ip multicast-routing
no ip dhcp-client network-discovery
isdn switch-type basic-net3
!
key chain michael
key 1
key-string lifeisgood
!
!
!
!
interface Loopback0
ip address 192.168.2.2 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
no ip address
encapsulation frame-relay
ip ospf hello-interval 2
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface Serial0.24 multipoint
ip address 172.16.24.1 255.255.255.252
ip bandwidth-percent eigrp 40 20
ip authentication mode eigrp 40 md5
ip authentication key-chain eigrp 40 michael
frame-relay map ip 172.16.24.1 104
frame-relay map ip 172.16.24.2 104 broadcast
!
interface Serial0.56 multipoint
ip address 172.16.56.2 255.255.255.248
ip pim dr-priority 1000
ip pim nbma-mode
ip pim sparse-dense-mode
ip ospf hello-interval 2
ip ospf priority 255
frame-relay map ip 172.16.56.2 105
frame-relay map ip 172.16.56.5 105 broadcast
frame-relay map ip 172.16.56.6 106 broadcast
!
interface Serial1
ip address 172.16.12.2 255.255.255.0
ip rip v2-broadcast
!
interface BRI0
ip address 172.16.25.2 255.255.255.0
encapsulation ppp
isdn switch-type basic-net3
isdn spid1 1111
isdn spid2 1112
cdapi buffers regular 0
cdapi buffers raw 0
cdapi buffers large 0
!
router eigrp 40
redistribute rip metric 1 1 1 1 1
redistribute ospf 34 metric 10 1 1 1 1 match internal external 1
external 2 route-map catch444
network 172.16.24.0 0.0.0.3
no auto-summary
eigrp router-id 192.168.2.2
no eigrp log-neighbor-changes
!
router ospf 34
router-id 192.168.2.2
log-adjacency-changes
area 0 authentication message-digest
area 1 virtual-link 192.168.6.6 authentication message-digest
area 1 virtual-link 192.168.6.6 message-digest-key 1 md5 michael
area 1 virtual-link 192.168.5.5 authentication message-digest
area 1 virtual-link 192.168.5.5 message-digest-key 1 md5 michael
redistribute rip metric 34 metric-type 1 subnets tag 111
redistribute eigrp 40 metric 1000 metric-type 1 subnets tag 444
network 172.16.25.0 0.0.0.255 area 1
network 172.16.56.0 0.0.0.7 area 1
network 192.168.2.2 0.0.0.0 area 2
neighbor 172.16.56.6
neighbor 172.16.56.5
distribute-list 11 out rip
!
router rip
version 2
redistribute ospf 34 metric 4 match internal external 1 external 2
route-map catch111
redistribute eigrp 40 metric 5
passive-interface default
no passive-interface Serial1
output-delay 25
network 172.16.0.0
distance 255
distance 120 172.16.12.1 0.0.0.0
no auto-summary
!
ip kerberos source-interface any
ip classless
no ip http server
ip pim send-rp-announce Loopback0 scope 10 group-list 77
ip pim send-rp-discovery Loopback0 scope 10
!
access-list 11 deny 172.16.24.0 0.0.0.255
access-list 11 permit any
access-list 77 permit 227.1.1.1
access-list 77 permit 239.1.1.1
route-map catch444 deny 5
match tag 444
!
route-map catch444 permit 10
!
route-map catch111 deny 5
match tag 111
!
route-map catch111 permit 10
!
!
banner motd ^C
Router R2 - Cisco 2503 Interfaces S0 S1 E0 BRI0
S0 - Frame-Relay; S1 Connected to R1-S0
^C
alias exec c config t
alias exec s show ip interface brief | e unass|Int
alias exec cb clear ip bgp *
alias exec ci clear ip route *
alias exec co clear ip ospf process
alias exec ce clear ip eigrp neighbors
alias exec sb show ip bgp
alias exec se show ip eigrp
alias exec si show ip route | e -|sub
alias exec so show ip ospf
alias exec sr show running-config | e alias
alias exec sbs show ip bgp neighbors | include (BGP neighbor)|(BGP
state)
alias exec st show run int
alias exec sp show ip protocol
!
line con 0
exec-timeout 1440 0
privilege level 15
logging synchronous
length 21
history size 30
transport input none
line aux 0
exec-timeout 1440 0
privilege level 15
logging synchronous
length 21
history size 30
line vty 0 4
exec-timeout 1440 0
privilege level 15
logging synchronous
no login
length 21
history size 30
transport input telnet
!
end
Routing tables
R2 (everything)
O E1 192.168.9.9 [110/1128] via 172.16.56.6, 00:55:45, Serial0.56
O IA 172.16.90.128/28 [110/134] via 172.16.56.6, 00:55:45, Serial0.56
O 172.16.200.0/25 [110/74] via 172.16.56.6, 00:55:45, Serial0.56
[110/74] via 172.16.56.5, 00:55:45, Serial0.56
C 172.16.56.0/29 is directly connected, Serial0.56
D 172.16.40.0/24 [90/2195456] via 172.16.24.2, 00:57:57,
Serial0.24
C 172.16.24.0/30 is directly connected, Serial0.24
C 172.16.25.0/24 is directly connected, BRI0
C 172.16.12.0/24 is directly connected, Serial1
R 172.16.10.0/24 [120/1] via 172.16.12.1, 00:00:22, Serial1
O 172.16.78.0/30 [110/138] via 172.16.56.6, 00:55:45, Serial0.56
[110/138] via 172.16.56.5, 00:55:45, Serial0.56
O IA 172.16.69.0/30 [110/128] via 172.16.56.6, 00:55:45, Serial0.56
D 192.168.4.4 [90/2297856] via 172.16.24.2, 00:57:57, Serial0.24
O IA 192.168.5.5 [110/65] via 172.16.56.5, 00:55:45, Serial0.56
O IA 192.168.6.6 [110/65] via 172.16.56.6, 00:55:46, Serial0.56
D 11.4.104.4 [90/2297856] via 172.16.24.2, 00:57:58, Serial0.24
D 11.4.102.4 [90/2297856] via 172.16.24.2, 00:57:59, Serial0.24
O 192.168.7.7 [110/75] via 172.16.56.6, 00:55:47, Serial0.56
[110/75] via 172.16.56.5, 00:55:47, Serial0.56
R 192.168.1.1 [120/1] via 172.16.12.1, 00:00:24, Serial1
C 192.168.2.2 is directly connected, Loopback0
R2#
RIP
R1#si
Gateway of last resort is not set
R 192.168.9.9 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 172.16.90.128/28 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 172.16.200.0/25 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 172.16.56.0/29 [120/1] via 172.16.12.2, 00:00:05, Serial0
R 172.16.40.0/24 [120/5] via 172.16.12.2, 00:00:05, Serial0
R 172.16.24.0/30 [120/1] via 172.16.12.2, 00:00:05, Serial0
R 172.16.25.0/24 [120/1] via 172.16.12.2, 00:00:05, Serial0
C 172.16.12.0/24 is directly connected, Serial0
C 172.16.10.0/24 is directly connected, Ethernet0
R 172.16.78.0/30 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 172.16.69.0/30 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 192.168.4.4 [120/5] via 172.16.12.2, 00:00:05, Serial0
R 192.168.5.5 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 192.168.6.6 [120/4] via 172.16.12.2, 00:00:05, Serial0
R 11.4.104.4 [120/5] via 172.16.12.2, 00:00:05, Serial0
R 11.4.102.4 [120/5] via 172.16.12.2, 00:00:05, Serial0
R 192.168.7.7 [120/4] via 172.16.12.2, 00:00:05, Serial0
C 192.168.1.1 is directly connected, Loopback0
R 192.168.2.2 [120/4] via 172.16.12.2, 00:00:07, Serial0
R1#
EIGRP
R4#
R4#si
Gateway of last resort is not set
D EX 192.168.9.9 [170/256512256] via 172.16.24.1, 00:22:41, Serial0
D EX 172.16.90.128/28 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.200.0/25 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.56.0/29 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
C 172.16.40.0/24 is directly connected, Ethernet0
C 172.16.24.0/30 is directly connected, Serial0
D EX 172.16.25.0/24 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.12.0/24 [170/2560512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.10.0/24 [170/2560512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.78.0/30 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
D EX 172.16.69.0/30 [170/256512256] via 172.16.24.1, 00:22:41,
Serial0
C 192.168.4.4 is directly connected, Loopback0
D EX 192.168.5.5 [170/256512256] via 172.16.24.1, 00:22:41, Serial0
D EX 192.168.6.6 [170/256512256] via 172.16.24.1, 00:22:41, Serial0
C 11.4.104.4 is directly connected, Loopback4
C 11.4.103.4 is directly connected, Loopback3
C 11.4.102.4 is directly connected, Loopback2
C 11.4.101.4 is directly connected, Loopback1
D EX 192.168.7.7 [170/256512256] via 172.16.24.1, 00:22:43, Serial0
D EX 192.168.1.1 [170/2560512256] via 172.16.24.1, 00:22:43, Serial0
D EX 192.168.2.2 [170/256512256] via 172.16.24.1, 00:22:43, Serial0
R4#
R5#si
Gateway of last resort is not set
O E1 192.168.9.9 [110/1074] via 172.16.200.6, 00:46:31, Ethernet0
O IA 172.16.90.128/28 [110/80] via 172.16.200.6, 00:46:31, Ethernet0
C 172.16.200.0/25 is directly connected, Ethernet0
C 172.16.56.0/29 is directly connected, Serial0
O E1 172.16.40.0/24 [110/1064] via 172.16.56.2, 00:35:05, Serial0
O E1 172.16.24.0/30 [110/1064] via 172.16.56.2, 00:35:05, Serial0
C 172.16.25.0/24 is directly connected, BRI0
O E1 172.16.12.0/24 [110/98] via 172.16.56.2, 00:46:31, Serial0
O E1 172.16.10.0/24 [110/98] via 172.16.56.2, 00:46:31, Serial0
O 172.16.78.0/30 [110/74] via 172.16.200.7, 00:46:41, Ethernet0
O IA 172.16.69.0/30 [110/74] via 172.16.200.6, 00:46:31, Ethernet0
O E1 192.168.4.4 [110/1064] via 172.16.56.2, 00:35:05, Serial0
C 192.168.5.5 is directly connected, Loopback0
O IA 192.168.6.6 [110/11] via 172.16.200.6, 00:46:31, Ethernet0
O E1 11.4.104.4 [110/1064] via 172.16.56.2, 00:35:05, Serial0
O E1 11.4.102.4 [110/1064] via 172.16.56.2, 00:35:06, Serial0
O 192.168.7.7 [110/11] via 172.16.200.7, 00:46:42, Ethernet0
O E1 192.168.1.1 [110/98] via 172.16.56.2, 00:46:33, Serial0
O IA 192.168.2.2 [110/75] via 172.16.200.6, 00:46:33, Ethernet0
R5#so d
OSPF Router with ID (192.168.5.5) (Process ID 34)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link
count
192.168.2.2 192.168.2.2 1 (DNA) 0x80000003 0xBB2E 2
192.168.5.5 192.168.5.5 954 0x80000016 0x1B42 2
192.168.6.6 192.168.6.6 827 0x80000015 0xBC9B 2
192.168.7.7 192.168.7.7 1492 0x8000000F 0x67CB 3
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.200.7 192.168.7.7 9 0x8000000D 0x271E
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.25.0 192.168.2.2 3 (DNA) 0x80000001 0x5D4
172.16.25.0 192.168.5.5 1212 0x80000010 0xBF05
172.16.25.0 192.168.6.6 828 0x80000002 0x513F
172.16.56.0 192.168.2.2 5 (DNA) 0x80000001 0xCBD5
172.16.56.0 192.168.5.5 954 0x80000002 0xA2F7
172.16.56.0 192.168.6.6 828 0x80000002 0x9503
172.16.69.0 192.168.6.6 1069 0x8000000F 0x476
172.16.90.128 192.168.6.6 306 0x8000000F 0xBDF
192.168.2.2 192.168.2.2 5 (DNA) 0x80000001 0x91CF
192.168.5.5 192.168.5.5 1213 0x8000000E 0x1137
192.168.6.6 192.168.6.6 1334 0x8000000B 0xF452
Summary ASB Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
192.168.2.2 192.168.5.5 955 0x80000002 0xD247
192.168.2.2 192.168.6.6 829 0x80000002 0xC552
192.168.9.9 192.168.6.6 308 0x8000000F 0x18E4
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link
count
192.168.2.2 192.168.2.2 826 0x80000014 0x8E80 2
192.168.5.5 192.168.5.5 955 0x80000013 0xB74B 2
192.168.6.6 192.168.6.6 830 0x80000012 0x57AD 1
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.56.2 192.168.2.2 826 0x80000010 0x3E35
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.69.0 192.168.2.2 826 0x80000002 0xD47A
172.16.69.0 192.168.5.5 1214 0x8000000F 0x75FC
172.16.69.0 192.168.6.6 1072 0x8000000F 0x476
172.16.78.0 192.168.2.2 827 0x80000002 0xD566
172.16.78.0 192.168.5.5 1214 0x8000000B 0x1A53
172.16.78.0 192.168.6.6 1072 0x8000000B 0xD5E
172.16.90.128 192.168.2.2 827 0x80000002 0xDBE3
172.16.90.128 192.168.5.5 202 0x8000000E 0x7E65
172.16.90.128 192.168.6.6 310 0x8000000E 0xDDE
172.16.200.0 192.168.2.2 827 0x80000002 0x2559
172.16.200.0 192.168.5.5 1700 0x80000011 0x5D4C
172.16.200.0 192.168.6.6 1828 0x80000011 0x5057
192.168.2.2 192.168.2.2 827 0x80000004 0x8BD2
192.168.2.2 192.168.5.5 956 0x80000002 0x4FC0
192.168.2.2 192.168.6.6 831 0x80000002 0x42CB
192.168.5.5 192.168.2.2 827 0x80000002 0xD247
192.168.5.5 192.168.5.5 1214 0x8000000E 0x1137
192.168.5.5 192.168.6.6 311 0x8000000E 0x68D3
192.168.6.6 192.168.2.2 828 0x80000002 0xBD5A
192.168.6.6 192.168.5.5 1460 0x8000000B 0x66D8
192.168.6.6 192.168.6.6 1337 0x8000000B 0xF452
192.168.7.7 192.168.2.2 828 0x80000002 0xDFE
192.168.7.7 192.168.5.5 1216 0x8000000B 0x51EB
192.168.7.7 192.168.6.6 1074 0x8000000B 0x44F6
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.2.2 192.168.5.5 958 0x80000002 0x37D8
192.168.2.2 192.168.6.6 832 0x80000002 0x2AE3
192.168.9.9 192.168.2.2 828 0x80000002 0xE8E8
192.168.9.9 192.168.5.5 203 0x8000000E 0x8B6A
192.168.9.9 192.168.6.6 311 0x8000000E 0x1AE3
Router Link States (Area 5)
Link ID ADV Router Age Seq# Checksum Link
count
192.168.5.5 192.168.5.5 1216 0x8000000E 0x6564 1
Summary Net Link States (Area 5)
Link ID ADV Router Age Seq# Checksum
172.16.25.0 192.168.5.5 1217 0x80000010 0xBF05
172.16.56.0 192.168.5.5 959 0x80000002 0xA2F7
172.16.69.0 192.168.5.5 1217 0x8000000F 0x75FC
172.16.78.0 192.168.5.5 1217 0x8000000B 0x1A53
172.16.90.128 192.168.5.5 204 0x8000000E 0x7E65
172.16.200.0 192.168.5.5 1702 0x80000011 0x5D4C
192.168.2.2 192.168.5.5 959 0x80000002 0x4FC0
192.168.6.6 192.168.5.5 1461 0x8000000B 0x66D8
192.168.7.7 192.168.5.5 1217 0x8000000B 0x51EB
Summary ASB Link States (Area 5)
Link ID ADV Router Age Seq# Checksum
192.168.2.2 192.168.5.5 959 0x80000002 0x37D8
192.168.9.9 192.168.5.5 204 0x8000000E 0x8B6A
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
11.4.102.4 192.168.2.2 65 0x80000002 0xAFF3 444
11.4.104.4 192.168.2.2 67 0x80000002 0x9908 444
172.16.10.0 192.168.2.2 831 0x80000002 0xAAC3 111
172.16.12.0 192.168.2.2 831 0x80000002 0x94D7 111
172.16.24.0 192.168.2.2 67 0x80000002 0x5DED 444
172.16.40.0 192.168.2.2 67 0x80000002 0xBE79 444
192.168.1.1 192.168.2.2 831 0x80000002 0xD7F1 111
192.168.4.4 192.168.2.2 67 0x80000002 0xF7B3 444
192.168.9.9 192.168.9.9 404 0x80000028 0x909A 0
R5#
Grading script
; --- R1 ---
show ip route 192.168.1.1 255.255.255.255 | i not
show ip route 172.16.10.1 255.255.255.0 | i not
show ip route 172.16.12.1 255.255.255.0 | i not
; --- R2 ---
show ip route 192.168.2.2 255.255.255.255 | i not
show ip route 172.16.24.1 255.255.255.252 | i not
show ip route 172.16.56.2 255.255.255.248 | i not
show ip route 172.16.12.2 255.255.255.0 | i not
show ip route 172.16.25.2 255.255.255.0 | i not
; --- R4 ---
show ip route 192.168.4.4 255.255.255.255 | i not
show ip route 11.4.101.4 255.255.255.255 | e not
show ip route 11.4.102.4 255.255.255.255 | i not
show ip route 11.4.103.4 255.255.255.255 | e not
show ip route 11.4.104.4 255.255.255.255 | i not
show ip route 172.16.40.4 255.255.255.0 | i not
show ip route 172.16.24.2 255.255.255.252 | i not
; --- R5 ---
show ip route 192.168.5.5 255.255.255.255 | i not
show ip route 172.16.200.5 255.255.255.128 | i not
show ip route 172.16.56.5 255.255.255.248 | i not
show ip route 172.16.25.5 255.255.255.0 | i not
; --- R6 ---
show ip route 192.168.6.6 255.255.255.255 | i not
show ip route 172.16.200.6 255.255.255.128 | i not
show ip route 172.16.56.6 255.255.255.248 | i not
show ip route 172.16.69.1 255.255.255.252 | i not
; --- R7 ---
show ip route 192.168.7.7 255.255.255.255 | i not
show ip route 172.16.200.7 255.255.255.128 | i not
show ip route 172.16.78.1 255.255.255.252 | i not
; --- R9 ---
show ip route 192.168.9.9 255.255.255.255 | i not
show ip route 172.16.69.2 255.255.255.252 | i not
show ip route 172.16.90.129 255.255.255.240 | i not
show ip route sum | i Total
-----Original Message-----
From: srivera7@optonline.net [mailto:srivera7@optonline.net]
Sent: Thursday, February 05, 2004 8:39 PM
To: ccielab@groupstudy.com
Subject: Preventing routing loops - Distribute list vs Distance
(changing adminstrative distance)
Hello Group,
Need some advise. What is the best solution for preventing routing
loops when redistributing into mutiple routing domains. Changing
administrative distances is one solution and using distribute list is
another solution.
Lets say for example we have
2 routers in RIPv1 domain mutually redistributing to 2 routers in an
OSPF domain. The 2 routers in the OSPF domain are also mutally
redistributing to 2 routers in an EIGRP domain.
RP1, RP2 (RIPv1) <--> R01,R02 (OSPF) <--> RE1,RE2 (EIGRP)
Rip domain is advertising 150.8.0.0/16. When redistributed into ospf
it comes back from EIGRP with a lower admin distance. OSPF routers see
this and think EIGRP domain is best path to this network. Routing loop
occurs. What I did was under the OSPF routing process issue "distance
ospf external 200". Routing loop is gone and I can reach this network
via RIP that way is advertised. Not sure if this is the best solution.
Which is the best solution for prevent routing loops ? Do you know of
any good links ?
Cheers,
William
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:47 GMT-3