From: alsontra@hotmail.com
Date: Mon Mar 15 2004 - 08:44:22 GMT-3
Hi Jura,
IMHO- If you search the archive you will find that you are not the only
one who has tried to develop a one "best way" to solve sub - optimal routing
and protocol loops. I think I spent an entire month exploring different
redistribution methodologies, before coming to the following conclusion:
There is no "one" best way to deal with all suboptimal or protocol loop
situations.
I am now of the opinion that its better to try and understand the
protocols and how they interoperate. When you see redistribution evaluate
the situation and select the best possible solution based upon your
knowledge the protocols and any known issues. Also, based upon my own
experiences, I think your conclusions regarding redistribution methods is
fairly inline with my own. That is, with a few exception. For instance you
can not change the AD of an external Eigrp Route and I generally try and
avoid listing networks in redistribution scenarios. Perhaps one of the more
senior members will chime in....
$.02
Alsontra-
----- Original Message -----
From: <juraj.markotic@combis.hr>
To: <ccielab@groupstudy.com>
Sent: Monday, March 15, 2004 1:16 AM
Subject: Loops and suboptimal routing problem
> Hi group,
> I have been having problem with some scenarios having mutual
redistribution when loops and suboptimal routing occurs. I know there are
lot of ways of doing this, some specific to some situations, but I tried to
approach this problem as general as I can, no matter which two routing
protocols are in game.
> Tools to battle loops:
>
> **** Tags
> They don't solve suboptimal routing (at least on one of borde routers) and
they pretty much break redundancy: if one domain (ie. ospf) is split in two
parts, they will not be able to communicate over eigrp domain, because
routes are filtered so no ospf routes are sent back to ospf domain. And
also, tags are not supported in RIP1 and IS-IS (at least in 12.2 ?). So I
don't see tags as some general solution for handling loops. Am I Wrong ?
>
> **** Diffenetiating between internal and external routes
> Only OSPF and EIGRP support differentiation between external and internal
routes. EIGRP already has higher AD for external routes so it is pretty much
loop free. So i need to do this on OSPF side and both domains will favor
internal routes that those received thru redistribution (including his own
routes that got back on the other point). So, no loops are possible here.
But, only supported in combination ospf/eigrp, problem still exists if we
use Rip/isis combination or something similar that can't set higher AD for
external redistributed routes.
>
> **** changing distance for specific routes only
> Good thing would be if I could change distance for all routes received
from one specific neighbor. Well, this works for rip, eigrp protocols with
statement
> distance 99 10.1.1.1 0.0.0.0
> and all routes received from 10.1.1.1 neighbor now have AD 199.
> But this just doesn't work for ospf and isis, because router-id for ospf
route is router-id that originated the route, not the ruter that sent route
to his own neighbor. Meaning, if i receive couple of ospf routes from my
neighbor , it is possible that all routes have different router-id of
routers that injected route in domain, meaning the only way I could catch
them all is to use statement 0.0.0.0, but if I do that, than I merely
changed distance for all ospf routes received from all neighbors, not from
some specific neighbor.
> Well that is problem only with isis and ospf. Right ?
>
> So the last solution I see is to change distance for domain specific
routes, no matter what neighbor received from. But that is administratively
daunting task because I have to maintain routes from one domain.
> For example, if I have OSPF and ISIS domain and I do double redistribution
on 2 points I will get loop because one router will route to all his own
isis routes trhu ospf domain (because routes that he received from ospf have
lower AD).
> So on both border routers I could set filter that sets AD for all isis
originated routes to have lower AD than routes received trhu ospf. Of course
I need to have acl that define isis nets.
> For example, config of both border routers should be:
> router isis
> distance 109 0.0.0.0 255.255.255.255 ISIS_NETS
> ! networks that are in ISIS domain
> ip access-list standard ISIS_NETS
> permit 150.1.16.0 0.0.0.255
> permit 150.1.56.0 0.0.0.255
> ...
> Now, both border routers will always favor those routes received from isis
neigbhor, and not the same routes received from ospf domain. I have
redundancy, no loops and no suboptimal routing here.
>
> Question in the end: do you thing this method is OK and is it general
enough so I could use it on lab in any situation ? Biggest drawback is that
I have to maintain networks in acl, and that become administrative task
whenever new network is introduced in domain. Do you think I could lose
point for this on exam ?
> Do you have some opservations, recommendations ?
> And most of all, do you see some wrong interpretations about
redistribution, that I wrote about other methods ?
>
> thanks,
> jura
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:26 GMT-3