From: Nawaz, Ajaz (Ajaz.Nawaz@bskyb.com)
Date: Mon Mar 15 2004 - 13:08:52 GMT-3
<http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_
c/1cprt1/1cospf.htm#11650>
you can change the distance for OSPF intra/inter-area and external.
obviously with route-maps etc you can become further deterministic.
very useful when redistributing between 2ospf processes on single router.
my2cents
-ajaz
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
juraj.markotic@combis.hr
Sent: 15 March 2004 09:17
To: ccielab@groupstudy.com
Subject: Loops and suboptimal routing problem
Hi group,
I have been having problem with some scenarios having mutual redistribution
when loops and suboptimal routing occurs. I know there are lot of ways of
doing this, some specific to some situations, but I tried to approach this
problem as general as I can, no matter which two routing protocols are in
game.
Tools to battle loops:
**** Tags
They don't solve suboptimal routing (at least on one of borde routers) and
they pretty much break redundancy: if one domain (ie. ospf) is split in two
parts, they will not be able to communicate over eigrp domain, because
routes are filtered so no ospf routes are sent back to ospf domain. And
also, tags are not supported in RIP1 and IS-IS (at least in 12.2 ?). So I
don't see tags as some general solution for handling loops. Am I Wrong ?
**** Diffenetiating between internal and external routes
Only OSPF and EIGRP support differentiation between external and internal
routes. EIGRP already has higher AD for external routes so it is pretty much
loop free. So i need to do this on OSPF side and both domains will favor
internal routes that those received thru redistribution (including his own
routes that got back on the other point). So, no loops are possible here.
But, only supported in combination ospf/eigrp, problem still exists if we
use Rip/isis combination or something similar that can't set higher AD for
external redistributed routes.
**** changing distance for specific routes only
Good thing would be if I could change distance for all routes received from
one specific neighbor. Well, this works for rip, eigrp protocols with
statement
distance 99 10.1.1.1 0.0.0.0
and all routes received from 10.1.1.1 neighbor now have AD 199.
But this just doesn't work for ospf and isis, because router-id for ospf
route is router-id that originated the route, not the ruter that sent route
to his own neighbor. Meaning, if i receive couple of ospf routes from my
neighbor , it is possible that all routes have different router-id of
routers that injected route in domain, meaning the only way I could catch
them all is to use statement 0.0.0.0, but if I do that, than I merely
changed distance for all ospf routes received from all neighbors, not from
some specific neighbor.
Well that is problem only with isis and ospf. Right ?
So the last solution I see is to change distance for domain specific routes,
no matter what neighbor received from. But that is administratively daunting
task because I have to maintain routes from one domain.
For example, if I have OSPF and ISIS domain and I do double redistribution
on 2 points I will get loop because one router will route to all his own
isis routes trhu ospf domain (because routes that he received from ospf have
lower AD).
So on both border routers I could set filter that sets AD for all isis
originated routes to have lower AD than routes received trhu ospf. Of course
I need to have acl that define isis nets.
For example, config of both border routers should be:
router isis
distance 109 0.0.0.0 255.255.255.255 ISIS_NETS
! networks that are in ISIS domain
ip access-list standard ISIS_NETS
permit 150.1.16.0 0.0.0.255
permit 150.1.56.0 0.0.0.255
...
Now, both border routers will always favor those routes received from isis
neigbhor, and not the same routes received from ospf domain. I have
redundancy, no loops and no suboptimal routing here.
Question in the end: do you thing this method is OK and is it general enough
so I could use it on lab in any situation ? Biggest drawback is that I have
to maintain networks in acl, and that become administrative task whenever
new network is introduced in domain. Do you think I could lose point for
this on exam ?
Do you have some opservations, recommendations ?
And most of all, do you see some wrong interpretations about redistribution,
that I wrote about other methods ?
thanks,
jura
This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:27 GMT-3