Re: OSPF distance command

From: Niche (jackyliu419@gmail.com)
Date: Sun Sep 11 2005 - 12:46:34 GMT-3

Hi Tim,

There are a few ways (route-map after the network statement, distance bgp by
route-source, etc) but all are related to control the AD of the that bgp
route.

Any other option can do the same way without modifying the AD but can
achieve the same result? I would love to know too =)

Cheers!
Jacky

On 9/12/05, Tim <ccie2be@nyc.rr.com> wrote:
>
> Niche,
>
> How would you solve this problem if you weren't allowed to use the
> backdoor
> command?
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Niche
> Sent: Sunday, September 11, 2005 8:29 AM
> To: ccielab@groupstudy.com
> Subject: Re: OSPF distance command
>
> Hi Guys,
>
> To Tim's question, try debug "debug ip routing" and you will see the
> router
> complaining about route loop.
>
> Reason, the AD of eBGP is 20, higher than any IGP default AD, so the
> router
> will trash the IGP route than install the eBGP route.
> After the eBGP route installed, the router receive IGP update for the same
> route, then the route think there is a route loop occur... on and on..
>
> Solution,
>
> network x.x.x.x mask y.y.y.y backdoor to increase the eBGP AD to 200.
>
> My 2 cents
>
> Cheers!
> Jacky
>
> On 9/12/05, Tim <ccie2be@nyc.rr.com> wrote:
> >
> > Be mindful of the line break.
> >
> > -----Original Message-----
> > From: Lee Donald [mailto:Lee.Donald@t-systems.co.uk]
> > Sent: Sunday, September 11, 2005 7:00 AM
> > To: 'Tim'; Lee Donald; 'Venkataramanaiah.R'
> > Cc: 'FCO.JAVIER TOME MORAN'; ccielab@groupstudy.com
> > Subject: RE: OSPF distance command
> >
> > Tim,
> >
> > Thanks for trying but these links don't work anymore.
> >
> > I will try and hunt the new ones down.
> >
> > Cheers.
> >
> > Lee.
> >
> >
> >
> > -----Original Message-----
> > From: Tim [mailto:ccie2be@nyc.rr.com]
> > Sent: Sunday, September 11, 2005 5:37 PM
> > To: 'Lee Donald'; 'Venkataramanaiah.R'
> > Cc: 'FCO.JAVIER TOME MORAN'; ccielab@groupstudy.com
> > Subject: RE: OSPF distance command
> >
> > Lee,
> >
> > Here's an example of an IGP specific form of the command for ospf:
> >
> >
> >
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
> > rp_r/1rfospf.htm#wp1017956
> >
> > For eigrp, look at:
> >
> >
> >
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
> > rp_r/1rfeigrp.htm#wp1017590
> >
> > For BGP, look at:
> >
> >
> >
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
> > rp_r/bgp_r/1rfbgp1.htm#wp1113874
> >
> > For rip and ISIS, there isn't an IGP specific form.
> >
> > Also, compare the IGP specific form to the generic version at the below
> > link.
> >
> >
> >
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
> > rp_r/ind_r/1rfindp1.htm#wp1017503
> >
> > Personally, I find the documentation on these commands to be grossly
> > inadequate but many others disagree.
> >
> > And, while we're on the topic, here's a nasty problem you might
> encounter
> > sometime in your life that could easily leave you baffled for a long
> time
> > if
> > you're like me and don't immediately recognize the AD issue at play
> here.
> >
> > There are 2 routers running both BGP and an IGP (your choice since it
> > doesn't matter).
> >
> > R1 <-----> R2
> >
> > Assume the following:
> >
> > The 2 routers are ebgp peering using their loopbacks addresses,
> 1.1.1.1/24 <http://1.1.1.1/24><http://1.1.1.1/24>
> > and 2.2.2.2/24 <http://2.2.2.2/24> <http://2.2.2.2/24>, respectively.
> >
> > The loopbacks are being advertised by both BGP and the IGP.
> >
> > The config's of each router are like this:
> >
> > Router (IGP)
> > Net x.x.x.x
> >
> > Router bgp (1 or 2)
> > Nei x.x.x.x remote-as (1or 2)
> > Nei x.x.x.x update-source lo0
> > Nei x.x.x.x ebgp multi-hop 255
> > Net x.x.x.x mask 255.255.255.0 <http://255.255.255.0> <
> http://255.255.255.0>
> >
> > Try it and see what happens.
> >
> > HTH, Tim
> >
> >
> > -----Original Message-----
> > From: Lee Donald [mailto:Lee.Donald@t-systems.co.uk]
> > Sent: Sunday, September 11, 2005 6:17 AM
> > To: 'Tim'; 'Venkataramanaiah.R'; Lee Donald
> > Cc: 'FCO.JAVIER TOME MORAN'; ccielab@groupstudy.com
> > Subject: RE: OSPF distance command
> >
> > Tim,
> >
> > That's great. I've just tested it and it works using the router-id
> instead
> > of the source ip, like in other igp's. Typical Cisco, to implement it
> > differently.
> >
> > I thought it didn't work for OSPF, thanks a lot.
> >
> > What do you mean the protocol specific form? Class ?
> >
> > Regards
> >
> > Lee.
> >
> >
> >
> > -----Original Message-----
> > From: Tim [mailto:ccie2be@nyc.rr.com]
> > Sent: Sunday, September 11, 2005 4:57 PM
> > To: 'Venkataramanaiah.R'; 'Lee Donald'
> > Cc: 'FCO.JAVIER TOME MORAN'; ccielab@groupstudy.com
> > Subject: RE: OSPF distance command
> >
> > Venkat,
> >
> > I think you mis-spoke.
> >
> > OSPF IS a Link-State protocol, not a distance vector protocol.
> >
> > And, when the distance command is used with ospf, the ip address MUST
> > reference the router id of the router from which the local router is
> > learning the routes.
> >
> > As a side note, all ccie candidates should know that ospf (and most
> others
> > IGP's) support 2 forms of the distance command.
> >
> > One form is the "generic" form being used in this example which can be
> > used
> > with any IGP. The other form is the protocol specific form.
> >
> > Personally, I like to think of the "generic" form as the retail model of
> > the
> > command because with this form of the command, you can use an acl to
> > specify
> > very specifically to which routes the command applies.
> >
> > The protocol specific form I think of as the wholesale form of the
> command
> > because instead of using an acl to specify which routes the new AD
> applies
> > to, you specify which "class" of routes the command where "class" refers
> > to
> > a whole category of routes such as internal or external.
> >
> > When the same result can be achieved with either form of the command, I
> > prefer using the protocol specific form for a couple of reasons.
> >
> > With the IGP specific form of the command, you don't need to be
> concerned
> > with whether the ip address references the interface address or the
> > router-id which means there's less to remember and there's less chance
> of
> > error.
> >
> > Also, by not needing to create an acl, you avoid the highly error prone
> > configuration task of acl creation. When using an acl, all sorts of
> > mistakes are possible and easy to make from omitting a needed route, to
> > using the wrong subnet mask and so on.
> >
> > But, sometimes it's impossible to avoid using the generic distance
> command
> > and therefore it's important to know what to lookout for and when this
> > form
> > can't be avoided.
> >
> > HTH, Tim
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > Venkataramanaiah.R
> > Sent: Sunday, September 11, 2005 4:43 AM
> > To: Lee Donald
> > Cc: FCO.JAVIER TOME MORAN; ccielab@groupstudy.com
> > Subject: Re: OSPF distance command
> >
> > Hi,
> >
> > * distance 171 0.0.0.0 <http://0.0.0.0> <http://0.0.0.0> <http://0.0.0.0
> >
> > 255.255.255.255 <http://255.255.255.255> <http://255.255.255.255><
> http://255.255.255.255>1
> > Use a permit all wild card, while modifying the distance for routes
> under
> > OSPF. This will cover all the router ids in the area and hence will
> cover
> > all the routes mentioned in access-list 1 although the originator for
> > those
> > routes might be different within the area. See JD-I pg 792
> >
> > OSPF being a distance Vector protocol, the updates could be anyone in
> the
> > area, so you cannot filter a route specifically from a neighbor. Well
> when
> > you want to use the distance command in OSPF, apply to all the guys.
> >
> > Please correct if i am wrong
> >
> > Thanks
> > -Venkat
> >
> > On 9/11/05, Lee Donald <Lee.Donald@t-systems.co.uk> wrote:
> > >
> > > The distance command does not work this way for OSPF. Don't ask me why
> > but
> > > for RIP, and I think EIGRP, the config you have would work but not for
> > > OSPF.
> > >
> > > Regards
> > >
> > > Lee.
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: FCO.JAVIER TOME MORAN [mailto:fjtm@tid.es]
> > > Sent: Sunday, September 11, 2005 10:42 AM
> > > To: ccielab@groupstudy.com
> > > Subject: OSPF distance command
> > >
> > > Hi all,
> > >
> > > Not sure about how distance command works in OSPF. I am working in a
> > > frame-relay hub an spoke environment with three routers R1, R2, and R5
> > > (R5 as the hub). OSPF network-type has been set as point-to-multipoint
> > > non-broadcast, and neighbor cost has been modified to use one of the
> > > neighbors (R1) as the preferred path...
> > >
> > > Here are my configs...
> > >
> > >
> > > On R5...
> > > ********
> > >
> > > router ospf 1
> > > router-id 150.1.5.5 <http://150.1.5.5> <http://150.1.5.5> <
> http://150.1.5.5>
> > > log-adjacency-changes
> > > redistribute eigrp 10 metric-type 1 subnets
> > > network 150.1.5.5 <http://150.1.5.5> <http://150.1.5.5> <
> http://150.1.5.5>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.125.5 <http://173.1.125.5> <http://173.1.125.5> <
> http://173.1.125.5>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > <--- This is ip addressing on
> > > frame-relay
> > > neighbor 173.1.125.1 <http://173.1.125.1> <http://173.1.125.1> <
> http://173.1.125.1> cost 130
> > > neighbor 173.1.125.2 <http://173.1.125.2> <http://173.1.125.2> <
> http://173.1.125.2> cost 1562
> > > distance 109 173.1.125.2 <http://173.1.125.2> <http://173.1.125.2> <
> http://173.1.125.2>
> > 0.0.0.0 <http://0.0.0.0> <http://0.0.0.0>
> > <http://0.0.0.0>BGP_DLSW
> > >
> > >
> > > ip access-list standard BGP_DLSW
> > > permit 150.1.2.0 <http://150.1.2.0> <http://150.1.2.0> <
> http://150.1.2.0>
> 0.0.0.255 <http://0.0.0.255><http://0.0.0.255><
> > http://0.0.0.255>
> > >
> > >
> > > On R1...
> > > ********
> > >
> > > router ospf 1
> > > router-id 150.1.1.1 <http://150.1.1.1> <http://150.1.1.1> <
> http://150.1.1.1>
> > > log-adjacency-changes
> > > network 150.1.1.1 <http://150.1.1.1> <http://150.1.1.1> <
> http://150.1.1.1>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.13.1 <http://173.1.13.1> <http://173.1.13.1> <
> http://173.1.13.1>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.125.1 <http://173.1.125.1> <http://173.1.125.1> <
> http://173.1.125.1>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.137.1 <http://173.1.137.1> <http://173.1.137.1> <
> http://173.1.137.1>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 137
> > >
> > > On R2...
> > > ********
> > >
> > > router ospf 1
> > > router-id 150.1.2.2 <http://150.1.2.2> <http://150.1.2.2> <
> http://150.1.2.2>
> > > log-adjacency-changes
> > > area 23 nssa default-information-originate metric 100
> > > network 150.1.2.2 <http://150.1.2.2> <http://150.1.2.2> <
> http://150.1.2.2>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.23.2 <http://173.1.23.2> <http://173.1.23.2> <
> http://173.1.23.2>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 23
> > > network 173.1.32.2 <http://173.1.32.2> <http://173.1.32.2> <
> http://173.1.32.2>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > network 173.1.125.2 <http://173.1.125.2> <http://173.1.125.2> <
> http://173.1.125.2>
> 0.0.0.0 <http://0.0.0.0><http://0.0.0.0><
> > http://0.0.0.0> area 0
> > > distance 109 173.1.125.5 <http://173.1.125.5> <http://173.1.125.5> <
> http://173.1.125.5>
> > 0.0.0.0 <http://0.0.0.0> <http://0.0.0.0>
> > <http://0.0.0.0>BGP_DLSW
> > >
> > > ip access-list standard BGP_DLSW
> > > permit 150.1.5.0 <http://150.1.5.0> <http://150.1.5.0> <
> http://150.1.5.0>
> 0.0.0.255 <http://0.0.0.255><http://0.0.0.255><
> > http://0.0.0.255>
> > >
> > >
> > >
> > >
> > > My point is to make R2 (173.1.125.2 <http://173.1.125.2> <
> http://173.1.125.2> <
> > http://173.1.125.2>) as the next-hop
> > > to R2 loopback
> > > address on R5, and R5 (173.1.125.5 <http://173.1.125.5> <
> http://173.1.125.5> <
> > http://173.1.125.5>) as the next-hop
> > > to R5 loopback
> > > address on R2. This way I would force BGP and DLSW session to be
> > > stablished over the low speed frame-relay circuit between R2 and R5,
> > > overriding the cost of the circuit.
> > > Nontheless, I get no change on the routing table of R5 and R2.
> > >
> > > I have also tried using router-id as the source of the routing
> > > information in the distance command (i.e "distance 109
> > 150.1.2.2 <http://150.1.2.2> <http://150.1.2.2><http://150.1.2.2>
> > > 0.0.0.0 <http://0.0.0.0> <http://0.0.0.0> <http://0.0.0.0> BGP_DLSW"
> on router R5 and so
> > on). With this
> > > configuration I
> > > get the AD of the route change, but the next hop still points to R1.
> > >
> > > I guess I have some missunderstanding on the technology. Could anyone
> > > put some light on the issue?...
> > >
> > > Thank you in advance
> > >
> > > JT
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:14 GMT-3