Redistribution Methodology

From: Joe Rinehart (jjrinehart@hotmail.com)
Date: Tue Jul 06 2004 - 15:42:52 GMT-3

• Next message: Kenneth Wygand: "Rp declaring itself as RP?"
• Previous message: tycampbell@comcast.net: "Re: Honest Opinion!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have a question that has been bugging me for a little while and would like
to see what the overall opinion is on the subject.

When redistributing routing protocols (I am speaking here mainly of IGP
redistribution), I know that route feedback can be an issue, especially
where mutual redistribution is concerned. Something I have been doing in
those instances is putting in filters and route maps to prevent that.

Here is the basic methodology, per protocol:

1. Create an access list with the routes to be filtered (i.e., those
already in that IGP that shouldnt be coming back in from another source).
This is a series of deny statements followed by a permit any statement.

2. Create a route map calling that access list.

3. Configure the redistribute statement under the target IGP calling that
route map.

Here is an example below, you may recognize it from CPSV2:
router eigrp 2003
 redistribute ospf 1 route-map filter-eigrp
 redistribute rip route-map filter-eigrp
 passive-interface default
 no passive-interface Serial0/0.103105
 network 175.10.16.0 0.0.0.255
 network 175.10.120.0 0.0.0.255
 default-metric 1544 100 254 1 1500
 no auto-summary
 no eigrp log-neighbor-changes
!
router ospf 1
 log-adjacency-changes
 area 0 authentication message-digest
 area 500 stub
 redistribute connected route-map CONNECTED
 redistribute eigrp 2003 subnets route-map filter-ospf
 redistribute rip subnets route-map filter-ospf
 network 10.1.1.0 0.0.0.255 area 500
 network 192.168.1.0 0.0.0.255 area 100
 network 192.168.2.0 0.0.0.255 area 0
!
router rip
 version 2
 redistribute eigrp 2003 route-map filter-eigrp
 redistribute ospf 1 route-map filter-eigrp
 passive-interface default
 no passive-interface Serial0/0.100
 network 175.10.0.0
 default-metric 5
 no auto-summary

access-list 1 deny 175.10.1.0 0.0.0.255
access-list 1 deny 175.10.16.0 0.0.0.255
access-list 1 permit any
access-list 2 deny 175.10.0.0 0.0.63.255
access-list 2 permit any
access-list 3 deny 10.10.1.0 0.0.0.255
access-list 3 deny 10.10.2.0 0.0.0.255
access-list 3 deny 192.200.0.0 0.0.255.255
access-list 3 deny 192.168.0.0 0.0.31.255
access-list 3 permit any
dialer-list 1 protocol ip permit
route-map filter-ospf permit 10
 match ip address 3
!
route-map filter-eigrp permit 10
 match ip address 1
!
route-map filter-rip permit 10
 match ip address 2

Here is my question. I KNOW that this approach works rather splendidly and
can take pretty much everything into account as a template overall, but is
this the kind of thing that can cost you points on the exam? I know that
the rules of thumb are if they dont forbid something you are allowed to do
it, and ultimately the other test is if it works, but I also know there is a
subjective aspect as well.

Thoughts?

Joe Rinehart
AT&T

• Next message: Kenneth Wygand: "Rp declaring itself as RP?"
• Previous message: tycampbell@comcast.net: "Re: Honest Opinion!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:47 GMT-3