18 - IPv4 Redistribution - Implementing Advanced Redistribution
Lets get basic routing over OSPF and EIGRP, ready for our redistribution (R2 and R3)
STEP 1
R1(config)#router ospf 1
R1(config-router)#network 10.0.0.0 0.255.255.255 area 0
R4(config)#router eigrp 100
R4(config-router)#no auto-summary
R4(config-router)#network 10.0.0.0
R2(config)#router ospf 1
R2(config-router)#network 10.1.12.0 0.0.0.255 area 0
03:51:46: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.0.1 on Serial0/0 from LOADING to FULL, Loading Done
R2(config)#router eigrp 100
R2(config-router)#no auto-summary
R2(config-router)#network 10.1.24.0 0.0.0.255
03:52:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 10.1.24.4 (Ethernet0/0) is up: new adjacency
R3(config)#router ospf 1
R3(config-router)#network 10.1.13.0 0.0.0.255 area 0
*Mar 1 03:54:04.403: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.0.1 on FastEthernet0/0 from LOADING to FULL, Loading Done
R3(config)#router eigrp 100
R3(config-router)#network 10.1.23.0 255.255.255.0
So Router 2 now sees all routes from both domains:
R2#show ip
10.0.0.0/8 is variably subnetted, 11 subnets, 2 masks
O 10.1.13.0/24 [110/791] via 10.1.12.1, 00:05:04, Serial0/0
C 10.1.12.1/32 is directly connected, Serial0/0
C 10.1.12.0/24 is directly connected, Serial0/0
D 10.4.4.0/24 [90/409600] via 10.1.24.4, 00:06:40, Ethernet0/0
O 10.1.0.0/24 [110/782] via 10.1.12.1, 00:05:04, Serial0/0
D 10.4.2.0/24 [90/409600] via 10.1.24.4, 00:06:40, Ethernet0/0
D 10.4.3.0/24 [90/409600] via 10.1.24.4, 00:06:40, Ethernet0/0
D 10.4.0.0/24 [90/409600] via 10.1.24.4, 00:06:40, Ethernet0/0
D 10.4.1.0/24 [90/409600] via 10.1.24.4, 00:06:40, Ethernet0/0
C 10.1.24.0/24 is directly connected, Ethernet0/0
C 10.1.23.0/24 is directly connected, Serial0/1
STEP 1 COMPLETE
STEP 2
Enable full, mutual redistribution on R2 and R3 between OSPF and EIGRP. The 10.4.0.0/24 and 10.4.1.0/24 subnets should have a seed metric of 100 and an OSPF tag of 10 while the 10.4.2.0/24 and 10.4.3.0/24 subnets should have a seed metric of 200 and an OSPF tag of 20. All other subnets redistributed into OSPF should have a seed metric of 300 and an OSPF tag of 30. OSPF routes redistributed into EIGRP should have a seed metric of BW: 400 DLY: 20 REL: 255 LD: 1 MTU: 1500 and a tag of 40. Finally, external OSPF routes should not increment their metric as they pass through the OSPF domain.
last part of STEP 2:
external OSPF routes should not increment their metric as they pass through the OSPF domain. - is an E2 route (what we covered in last lab)
SO, best way forward, ACLs with route maps, lets group the networks by what metrics they need and go from there:
R2(config)#ip access-list standard METRIC100
R2(config-std-nacl)#permit 10.4.0.0 0.0.0.255
R2(config-std-nacl)#permit 10.4.1.0 0.0.0.255
R2(config-std-nacl)#ip access-list standard METRIC200
R2(config-std-nacl)#permit 10.4.2.0 0.0.0.255
R2(config-std-nacl)#permit 10.4.3.0 0.0.0.255
R2(config-std-nacl)#ip access-list standard DENY-10.4.4.0
R2(config-std-nacl)#permit 10.4.4.0 0.0.0.255
R2(config)#route-map EIGRP-TO-OSPF
R2(config-route-map)#match ip address METRIC100
R2(config-route-map)#set metric 100
R2(config-route-map)#set tag 10
AWESOME! so lets check that baby out:
R2#show route-map EIGRP-TO-OSPF
route-map EIGRP-TO-OSPF, permit, sequence 10
Match clauses:
ip address (access-lists): METRIC100
Set clauses:
metric 100
tag 10
Policy routing matches: 0 packets, 0 bytes
SWEEET!!!! SOOOO SOOO KOOL!
route-map EIGRP-TO-OSPF permit 20
match ip address METRIC200
set metric 200
set tag 20
route-map EIGRP-TO-OSPF deny 25 <- - DENY THE ACL TRAFFIC.... which we are PERMITTING in the below ACL
match ip address DENY-10.4.4.0
NOTE, Had we of denied the subnet 10.4.4.0/24 in the ACL, we would have needed to use PERMIT in the above sequence 25
GET THIS, if you DENY at the sequence level of the route-map and deny at the ACL too, it permits it! so 2 negatives make a positive! lol, SO rule of thumb (the Jeremy way) keep route-maps at permit and do the denies at the ACL, keeps it simplier.
route-map EIGRP-TO-OSPF permit 30 <- - NO MATCH, so MATCHES EVERYTHING THAT HASN'T ALREADY BEEN MATCHED BY THE PREVIOUS SEQEUENCES!
set metric 300
set tag 30
So the above also takes care of step 3 in our objective;
3. Ensure the 10.4.4.0/24 network does not reach the OSPF routing domain.
SO, we now have our tastey route-map as follows:
route-map EIGRP-TO-OSPF, permit, sequence 10
Match clauses:
ip address (access-lists): METRIC100
Set clauses:
metric 100
tag 10
Policy routing matches: 0 packets, 0 bytes
route-map EIGRP-TO-OSPF, permit, sequence 20
Match clauses:
ip address (access-lists): METRIC200
Set clauses:
metric 200
tag 20
Policy routing matches: 0 packets, 0 bytes
route-map EIGRP-TO-OSPF, deny, sequence 25
Match clauses:
ip address (access-lists): DENY-10.4.4.0
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map EIGRP-TO-OSPF, permit, sequence 30
Match clauses:
Set clauses:
metric 300
tag 30
Policy routing matches: 0 packets, 0 bytes
YY-EEE-AAAAH BOI!!!! thats what im talking about!
Lets apply this bad muftha, we need to go under the OSPF process, as this is filtering EIGRP TO OSPF
R2(config)#router ospf 1
R2(config-router)#redistribute eigrp 100 subnets route-map EIGRP-TO-OSPF
DONT need to set metric or tags as that is all down in the route-map, lets check it out on R1!!!
R1#show ip route
10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
C 10.1.12.2/32 is directly connected, Serial0/0
C 10.1.13.0/24 is directly connected, Ethernet0/0
C 10.1.12.0/24 is directly connected, Serial0/0
C 10.1.0.0/24 is directly connected, Loopback0
O E2 10.4.2.0/24 [110/200] via 10.1.12.2, 00:00:09, Serial0/0
O E2 10.4.3.0/24 [110/200] via 10.1.12.2, 00:00:09, Serial0/0
O E2 10.4.0.0/24 [110/100] via 10.1.12.2, 00:00:09, Serial0/0
O E2 10.4.1.0/24 [110/100] via 10.1.12.2, 00:00:09, Serial0/0
O E2 10.1.24.0/24 [110/300] via 10.1.12.2, 00:00:09, Serial0/0
O E2 10.1.23.0/24 [110/300] via 10.1.12.2, 00:00:09, Serial0/0
SWEEEEEEET! check it out! check out them metrics! and notice the WAN links 10.1.23 & .24.0/24 have the metric of 300!!!
lets check the TAGs (although not doing anything at the mooooo, but) :
R1#show ip route 10.4.2.0
Routing entry for 10.4.2.0/24
Known via "ospf 1", distance 110, metric 200
Tag 20, type extern 2, forward metric 781
Last update from 10.1.12.2 on Serial0/0, 00:05:48 ago
R1#show ip route 10.4.0.0
Routing entry for 10.4.0.0/24
Known via "ospf 1", distance 110, metric 100
Tag 10, type extern 2, forward metric 781
Last update from 10.1.12.2 on Serial0/0, 00:05:32 ago
R1#show ip route 10.1.24.0
Routing entry for 10.1.24.0/24
Known via "ospf 1", distance 110, metric 300
Tag 30, type extern 2, forward metric 781
Last update from 10.1.12.2 on Serial0/0, 00:06:53 ago
Lets apply the same route-map to our other re-distribution router R3;
R3(config)#route-map EIGRP-TO-OSPF permit 10
match ip address METRIC100
set metric 100
set tag 10
!
route-map EIGRP-TO-OSPF permit 20
match ip address METRIC200
set metric 200
set tag 20
!
route-map EIGRP-TO-OSPF deny 25
match ip address DENY-10.4.4.0
!
route-map EIGRP-TO-OSPF permit 30
set metric 300
set tag 30
and apply the ACL's
R3(config)#ip access-list standard DENY-10.4.4.0
permit 10.4.4.0 0.0.0.255
ip access-list standard METRIC100
permit 10.4.0.0 0.0.0.255
permit 10.4.1.0 0.0.0.255
ip access-list standard METRIC200
permit 10.4.2.0 0.0.0.255
permit 10.4.3.0 0.0.0.255
lets check R1 now;
R1#show ip route
10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
C 10.1.12.2/32 is directly connected, Serial0/0
C 10.1.13.0/24 is directly connected, Ethernet0/0
C 10.1.12.0/24 is directly connected, Serial0/0
C 10.1.0.0/24 is directly connected, Loopback0
O E2 10.4.2.0/24 [110/200] via 10.1.13.3, 00:00:58, Ethernet0/0
O E2 10.4.3.0/24 [110/200] via 10.1.13.3, 00:00:58, Ethernet0/0
O E2 10.4.0.0/24 [110/100] via 10.1.13.3, 00:02:44, Ethernet0/0
O E2 10.4.1.0/24 [110/100] via 10.1.13.3, 00:02:44, Ethernet0/0
O E2 10.1.24.0/24 [110/300] via 10.1.13.3, 00:00:58, Ethernet0/0
O E2 10.1.23.0/24 [110/300] via 10.1.13.3, 00:00:58, Ethernet0/0
SO now, we need to look at redistributing the other way, OSPF --> EIGRP
R2(config)#route-map OSPF-TO-EIGRP
R2(config-route-map)#set metric ? <--NO match needed, this will match ALL
+/-<metric> Add or subtract metric
<0-4294967295> Metric value or Bandwidth in Kbits per second
<cr>
R2(config-route-map)#set metric 400 20 255 1 1500 <--(set all K-Values)
R2(config-route-map)#set tag 40
Apply the route-map to the re-distribution process for OSPF;
R2(config)#router eigrp 100
R2(config-router)#redistribute ospf 1 route-map OSPF-TO-EIGRP
(Apply this route map to R3 as well)
Lets check the routing table of R4;
R4#show ip route
10.0.0.0/8 is variably subnetted, 11 subnets, 2 masks
D EX 10.1.13.0/24 [170/6430720] via 10.1.24.2, 00:01:33, FastEthernet0/0
D EX 10.1.12.1/32 [170/6430720] via 10.1.24.2, 00:01:33, FastEthernet0/0
D EX 10.1.12.0/24 [170/6430720] via 10.1.24.2, 00:01:33, FastEthernet0/0
C 10.4.4.0/24 is directly connected, Loopback4
D EX 10.1.0.0/24 [170/6430720] via 10.1.24.2, 00:01:33, FastEthernet0/0
C 10.4.2.0/24 is directly connected, Loopback2
C 10.4.3.0/24 is directly connected, Loopback3
C 10.4.0.0/24 is directly connected, Loopback0
C 10.4.1.0/24 is directly connected, Loopback1
C 10.1.24.0/24 is directly connected, FastEthernet0/0
D 10.1.23.0/24 [90/2195456] via 10.1.24.2, 01:44:40, FastEthernet0/0
R4#show ip route 10.1.0.0
Routing entry for 10.1.0.0/24
Known via "eigrp 100", distance 170, metric 6430720
Tag 40, type external
Redistributing via eigrp 100
Last update from 10.1.24.2 on FastEthernet0/0, 00:02:07 ago
Routing Descriptor Blocks:
* 10.1.24.2, from 10.1.24.2, 00:02:07 ago, via FastEthernet0/0
Route metric is 6430720, traffic share count is 1
Total delay is 1200 microseconds, minimum bandwidth is 400 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R4#show ip route 10.1.12.0
Routing entry for 10.1.12.0/24
Known via "eigrp 100", distance 170, metric 6430720
Tag 40, type external
Redistributing via eigrp 100
Last update from 10.1.24.2 on FastEthernet0/0, 00:04:19 ago
Routing Descriptor Blocks:
* 10.1.24.2, from 10.1.24.2, 00:04:19 ago, via FastEthernet0/0
Route metric is 6430720, traffic share count is 1
Total delay is 1200 microseconds, minimum bandwidth is 400 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
And the Tags are there tooo
RIGHT, lets take on Step 4 tomorrow:
4. Enable filtering using the assigned route tags to ensure redistributed routes do not cause any looping issues.
No comments:
Post a Comment