Monday, 5 March 2012

IPv4 Redistribution - Implementing Advanced Redistribution


 Lets do the easy guys first, lets get OSPF up and running on R1 ...


R1(config)#router ospf 1
R1(config-router)#network 10.0.0.0 0.255.255.255 area 0


and then jump over to R4 to get EIGRP running...

R4(config)#router eigrp 100
R4(config-router)#no auto
R4(config-router)#network 10.0.0.0


Lets get the redistibution routers up and running;


R2(config)#router ospf 1
R2(config-router)#network 10.1.12.0 0.0.0.255 area 0


R2(config-router)#router eigrp 100
R2(config-router)#no aut
R2(config-router)#network 10.1.24.0 0.0.0.255
R2(config-router)#network 10.1.23.0 0.0.0.255


R3(config)#router ospf 1
R3(config-router)#network 10.1.13.0 0.0.0.255 area 0

R3(config-router)#router eigrp 100
R3(config-router)#no auto
R3(config-router)#network 10.1.23.0 0.0.0.255
Lets check R2's routing table;

R2#show ip route


     10.0.0.0/24 is subnetted, 10 subnets
O       10.1.13.0 [110/1626] via 10.1.12.1, 00:02:07, Serial0/1
C       10.1.12.0 is directly connected, Serial0/1
D       10.4.4.0 [90/2297856] via 10.1.24.4, 00:07:12, Serial0/2
O       10.1.0.0 [110/65] via 10.1.12.1, 00:02:07, Serial0/1
D       10.4.2.0 [90/2297856] via 10.1.24.4, 00:07:12, Serial0/2
D       10.4.3.0 [90/2297856] via 10.1.24.4, 00:07:12, Serial0/2
D       10.4.0.0 [90/2297856] via 10.1.24.4, 00:07:12, Serial0/2
D       10.4.1.0 [90/2297856] via 10.1.24.4, 00:07:13, Serial0/2
C       10.1.24.0 is directly connected, Serial0/2
C       10.1.23.0 is directly connected, Serial0/0

As expected R2 can see the loopbacks from R4 (its EIGRP neighbour) and the OSPF route is from
R3 via R1, all good.

Right, thats the BASE of what we are doing sorted, lets move onto objective 2.




 Lets break this down, step by step, first off lets do the seed metrics and tagging (bit like vlan tagging on switches, but these are router tags), lets put it in a pretty picture



 So to all this, lets use our friends route-maps, these will enable us to manipulate updates and performing the tagging;

lets group the networks by what metrics they need and go from there:


R2(config)#ip access-list standard METRIC100
R2(config-std-nacl)#permit 10.4.0.0 0.0.0.255
R2(config-std-nacl)#permit 10.4.1.0 0.0.0.255

R2(config-std-nacl)#ip access-list standard METRIC200
R2(config-std-nacl)#permit 10.4.2.0 0.0.0.255
R2(config-std-nacl)#permit 10.4.3.0 0.0.0.255

R2(config-std-nacl)#ip access-list standard DENY-10.4.4.0
R2(config-std-nacl)#permit 10.4.4.0 0.0.0.255


Okay, we now have the "matching criteria" aspect of it, lets do the route-map to apply the funky stuff

R2(config)#route-map EIGRP-TO-OSPF
R2(config-route-map)#match ip address METRIC100
R2(config-route-map)#set metric 100
R2(config-route-map)#set tag 10


AWESOME! so lets check that baby out:

R2#show route-map EIGRP-TO-OSPF
route-map EIGRP-TO-OSPF, permit, sequence 10
  Match clauses:
    ip address (access-lists): METRIC100
  Set clauses:
    metric 100
    tag 10
  Policy routing matches: 0 packets, 0 bytes


SWEEET!!!! SOOOO SOOO KOOL!


route-map EIGRP-TO-OSPF permit 20
 match ip address METRIC200
 set metric 200
 set tag 20

route-map EIGRP-TO-OSPF deny 25  <- - DENY ACLTRAFFIC.... which we are PERMITTING in the below ACL
 match ip address DENY-10.4.4.0

NOTE, Had we if denied the subnet 10.4.4.0/24 in the ACL, we would have needed to use PERMIT in the above sequence 25

GET THIS, if you DENY at the sequence level of the route-map and deny at the ACL too, it permits it! so 2 negatives make a positive! lol, SO rule of thumb (the Jeremy way) keep route-maps at permit and do the denies at the ACL, keeps it simplier.

route-map EIGRP-TO-OSPF permit 30  <- - NO MATCH, so MATCHES EVERYTHING THAT HASN'T ALREADY BEEN MATCHED BY THE PREVIOUS SEQEUENCES!
 set metric 300
 set tag 30

So the above also takes care of step 3 in our objective;
3. Ensure the 10.4.4.0/24 network does not reach the OSPF routing domain.

SO, we now have our tastey route-map as follows:

R2#show run | s route-map
route-map EIGRP-TO-OSPF permit 10
 match ip address METRIC100
 set metric 100
 set tag 10
route-map EIGRP-TO-OSPF permit 20
 match ip address METRIC200
 set metric 200
 set tag 20
route-map EIGRP-TO-OSPF deny 25
 match ip address DENY-10.4.4.0
route-map EIGRP-TO-OSPF permit 30
 set metric 300
 set tag 30


YY-EEE-AAAAH BOI!!!! thats what im talking about!
Lets apply this bad muftha, we need to go under the OSPF process, as this is filtering EIGRP INTO OSPF

R2(config)#router ospf 1
R2(config-router)#redistribute eigrp 100 subnets route-map EIGRP-TO-OSPF

DONT need to set metric or tags as that is all down in the route-map, lets check it out on R1!!!


R1#show ip route

     10.0.0.0/24 is subnetted, 9 subnets
C       10.1.13.0 is directly connected, Serial0/1
C       10.1.12.0 is directly connected, Serial0/0
C       10.1.0.0 is directly connected, Loopback0
O E2    10.4.2.0 [110/200] via 10.1.12.2, 00:00:28, Serial0/0
O E2    10.4.3.0 [110/200] via 10.1.12.2, 00:00:28, Serial0/0
O E2    10.4.0.0 [110/100] via 10.1.12.2, 00:00:28, Serial0/0
O E2    10.4.1.0 [110/100] via 10.1.12.2, 00:00:28, Serial0/0
O E2    10.1.24.0 [110/300] via 10.1.12.2, 00:00:28, Serial0/0
O E2    10.1.23.0 [110/300] via 10.1.12.2, 00:00:29, Serial0/0








So, where do we check the TAGs ...

R1#  show ip route 10.1.23.0
Routing entry for 10.1.23.0/24
  Known via "ospf 1", distance 110, metric 300
  Tag 30, type extern 2, forward metric 1562
  Last update from 10.1.12.2 on Serial0/0, 00:01:29 ago
  Routing Descriptor Blocks:
  * 10.1.12.2, from 10.1.24.2, 00:01:29 ago, via Serial0/0
      Route metric is 300, traffic share count is 1
      Route tag 30

Lets copy and paste these ACLs and route map over to R3 as well, as this is performing redistribution;

R3(config)#ip access-list standard DENY-10.4.4.0
R3(config-std-nacl)# permit 10.4.4.0 0.0.0.255
R3(config-std-nacl)#ip access-list standard METRIC100
R3(config-std-nacl)# permit 10.4.0.0 0.0.0.255
R3(config-std-nacl)# permit 10.4.1.0 0.0.0.255
R3(config-std-nacl)#ip access-list standard METRIC200
R3(config-std-nacl)# permit 10.4.2.0 0.0.0.255
R3(config-std-nacl)# permit 10.4.3.0 0.0.0.255
R3(config-std-nacl)#route-map EIGRP-TO-OSPF permit 10
R3(config-route-map)# match ip address METRIC100
R3(config-route-map)# set metric 100
R3(config-route-map)# set tag 10
R3(config-route-map)#!
R3(config-route-map)#route-map EIGRP-TO-OSPF permit 20
R3(config-route-map)# match ip address METRIC200
R3(config-route-map)# set metric 200
R3(config-route-map)# set tag 20
R3(config-route-map)#!
R3(config-route-map)#route-map EIGRP-TO-OSPF deny 25
R3(config-route-map)# match ip address DENY-10.4.4.0
R3(config-route-map)#!
R3(config-route-map)#route-map EIGRP-TO-OSPF permit 30
R3(config-route-map)# set metric 300
R3(config-route-map)# set tag 30


R3(config)#router ospf 1
R3(config-router)#redistribute eigrp 100 subnets route-map EIGRP-TO-OSPF

SO now, we need to look at redistributing the other way, OSPF --> EIGRP

R2(config)#route-map OSPF-TO-EIGRP
R2(config-route-map)#set metric ?                 <--NO match needed, this will match ALL
  +/-<metric>     Add or subtract metric
  <0-4294967295>  Metric value or Bandwidth in Kbits per second
  <cr>

R2(config-route-map)#set metric 400 20 255 1 1500 <--(set all K-Values)
R2(config-route-map)#set tag 40

Apply the route-map to the re-distribution process for OSPF;

R2(config)#router eigrp 100
R2(config-router)#redistribute ospf 1 route-map OSPF-TO-EIGRP

(Apply this route map to R3 as well)

Lets check the routing table of R4;

R4#show ip route

     10.0.0.0/24 is subnetted, 10 subnets
D EX    10.1.13.0 [170/6917120] via 10.1.24.2, 00:00:27, Serial0/0
D EX    10.1.12.0 [170/6917120] via 10.1.24.2, 00:00:27, Serial0/0
C       10.4.4.0 is directly connected, Loopback4
D EX    10.1.0.0 [170/6917120] via 10.1.24.2, 00:00:27, Serial0/0
C       10.4.2.0 is directly connected, Loopback2
C       10.4.3.0 is directly connected, Loopback3
C       10.4.0.0 is directly connected, Loopback0
C       10.4.1.0 is directly connected, Loopback1
C       10.1.24.0 is directly connected, Serial0/0
D       10.1.23.0 [90/2681856] via 10.1.24.2, 01:25:38, Serial0/0

R4#show ip route 10.1.13.0
Routing entry for 10.1.13.0/24
  Known via "eigrp 100", distance 170, metric 6917120
  Tag 40, type external
  Redistributing via eigrp 100
  Last update from 10.1.24.2 on Serial0/0, 00:04:21 ago
  Routing Descriptor Blocks:
  * 10.1.24.2, from 10.1.24.2, 00:04:21 ago, via Serial0/0
      Route metric is 6917120, traffic share count is 1
      Total delay is 20200 microseconds, minimum bandwidth is 400 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
      Route tag 40


Right sweet, thats us upto step 4 now :0) ..... which we will tackle tomorrow :0)
Posted by at No comments:
Subscribe to: Posts (Atom)