Firstly let's examine EIGRP-OSPF mutual redistribution.
The topology is as following:
Basic redistribution configuration:
R3:
router eigrp 200
redistribute ospf 100 metric 100000 10 255 1 1500 #EIGRP doesn't have default metrics for redistributed routes. For another EIGRP process it uses the same metrics.
no auto-summary
!
router ospf 100
redistribute eigrp 200 subnets #In opposite to EIGRP OSPF has default metrics (1 for BGP, the same for OSPF and 20 for other protocols). Without "subnets" keyword OSPF will try to redistribute only classful networks.
R4:
router eigrp 200
redistribute ospf 100
default-metric 100000 10 255 1 1500 #You can omit metrics per "redistribute" command and use default for all redistributions. You also can use route-map with "set metric" command to set metric per prefix.
no auto-summary
At this point everything is simple. R1 and R2 receive EIGRP routes and R5, R6 receive OSPF networks from both R3 and R4.
R1:
R1#show ip ospf database | begin External
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
10.0.5.0 3.3.3.3 419 0x80000001 0x00D3B1 0 #Each route from R3 and R4.
10.0.5.0 4.4.4.4 309 0x80000001 0x00B5CB 0
10.0.6.0 3.3.3.3 419 0x80000001 0x00C8BB 0
10.0.6.0 4.4.4.4 309 0x80000001 0x00AAD5 0
10.0.35.0 3.3.3.3 419 0x80000001 0x0088DE 0
10.0.35.0 4.4.4.4 309 0x80000001 0x006AF8 0
10.0.46.0 3.3.3.3 419 0x80000001 0x000F4D 0
10.0.46.0 4.4.4.4 309 0x80000001 0x00F067 0
10.0.56.0 3.3.3.3 419 0x80000001 0x00A0B1 0
10.0.56.0 4.4.4.4 309 0x80000001 0x0082CB 0
R5:
R5#show ip eigrp topology all-links
IP-EIGRP Topology Table for AS(200)/ID(5.5.5.5)
P 3.3.3.3/32, 1 successors, FD is 284160, serno 8 #R3's loopback is participationg in OSPF process.
via 10.0.35.3 (284160/28160), FastEthernet0/0.35 #And advertised via R3
via 10.0.56.6 (309760/284160), FastEthernet0/0.56 #and R4.
P 2.2.2.2/32, 1 successors, FD is 284160, serno 7
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 1.1.1.1/32, 1 successors, FD is 284160, serno 6
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.12.0/24, 1 successors, FD is 284160, serno 9
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.13.0/24, 1 successors, FD is 284160, serno 10
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.2.0/24, 1 successors, FD is 284160, serno 11
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.3.0/24, 1 successors, FD is 284160, serno 12
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.1.0/24, 1 successors, FD is 284160, serno 13
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.6.0/24, 1 successors, FD is 307200, serno 4
via 10.0.56.6 (307200/281600), FastEthernet0/0.56
P 10.0.4.0/24, 1 successors, FD is 284160, serno 14
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.5.0/24, 1 successors, FD is 281600, serno 3
via Connected, FastEthernet0/0.5
P 10.0.24.0/24, 1 successors, FD is 284160, serno 15
via 10.0.35.3 (284160/28160), FastEthernet0/0.35
via 10.0.56.6 (309760/284160), FastEthernet0/0.56
P 10.0.46.0/24, 1 successors, FD is 307200, serno 5
via 10.0.56.6 (307200/281600), FastEthernet0/0.56
P 10.0.35.0/24, 1 successors, FD is 281600, serno 1
via Connected, FastEthernet0/0.35
P 10.0.56.0/24, 1 successors, FD is 281600, serno 2
via Connected, FastEthernet0/0.56
The redistribution loop will not occur in this kind of topology because at least one of participating protocols does distinguish between external and internal routes in Administrative Distance (AD) terms. In this case it is EIGRP (external AD - 170, internal AD - 90).
Although there is no redistribution loop, routes are still advertised in a loop, but aren't being considered as best due to the bigger AD. For example EIGRP route 10.0.35/24 from R6's perspective:
R6#show ip eigrp topology 10.0.35.0/24
IP-EIGRP (AS 200): Topology entry for 10.0.35.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 307200
Routing Descriptor Blocks:
10.0.56.5 (FastEthernet0/0.56), from 10.0.56.5, Send flag is 0x0
R4 doesn't advertise back this prefix because a router advertises to another IGP only routes from it's routing table:
R4#show ip route 10.0.35.0 255.255.255.0
Routing entry for 10.0.35.0/24
Known via "eigrp 200", distance 90, metric 332800, type internal
Redistributing via ospf 100, eigrp 200
Advertised by ospf 100 subnets
Last update from 10.0.46.6 on FastEthernet0/0.46, 00:38:47 ago
As you can see R4 has this route in the routing table with EIGRP's AD of 90. In the same time it has 2 LSA5 with this route:
R4#show ip ospf database | include 10.0.35.0
10.0.35.0 3.3.3.3 412 0x80000002 0x0086DF 0
10.0.35.0 4.4.4.4 348 0x80000002 0x0068F9 0
But R4 uses EIGRP's route for this prefix due to lower AD.
You can set metrics for redistributed routes. There is three options (in increasing priority order):
- set default metric;
- set metric per redistribution command;
- use route-map.
Let's consider first two options:
R1 before:
R1#sh ip route | include 10.0.56.0
O E2 10.0.56.0 [110/20] via 10.0.13.3, 00:06:26, FastEthernet0/0.13
R3:
router ospf 100
redistribute eigrp 200 subnets
default-metric 30
R4:
router ospf 100
redistribute eigrp 200 metric 30 subnets #Slightly different syntax, but result is the same.
R1 after:
R1#sh ip route | i 10.0.56.0
O E2 10.0.56.0 [110/30] via 10.0.13.3, 00:01:06, FastEthernet0/0.13
Let's imagine that R1 and R2 have to use R3 to send traffic to R6's 10.0.6.0/24. At the moment routers use R3 and R4 respectively due to metric calculation to the closest ASBR:
R1#show ip route 10.0.6.0
Routing entry for 10.0.6.0/24
Known via "ospf 100", distance 110, metric 30, type extern 2, forward metric 10
Last update from 10.0.13.3 on FastEthernet0/0.13, 00:07:01 ago
R2#show ip route 10.0.6.0
Routing entry for 10.0.6.0/24
Known via "ospf 100", distance 110, metric 30, type extern 2, forward metric 10
Last update from 10.0.24.4 on FastEthernet0/0.24, 00:07:07 ago
To achieve this on R4 we can set lower metric for this particular route:
router ospf 100
log-adjacency-changes
redistribute eigrp 200 metric 30 subnets route-map SET-METRIC
!
access-list 100 permit ip host 10.0.6.0 host 255.255.255.0 #Note that for extended ACL IOS uses source IP as prefix and destination IP as prefix mask.
!
route-map SET-METRIC permit 10
match ip address 100
set metric 1
!
route-map SET-METRIC permit 20 #This clause prevents filtering of all other prefixec due to implicit deny.
R1# show ip route 10.0.6.0
Routing entry for 10.0.6.0/24
Known via "ospf 100", distance 110, metric 1, type extern 2, forward metric 20
Last update from 10.0.12.2 on FastEthernet0/0.12, 00:05:45 ago
R2#show ip route 10.0.6.0
Routing entry for 10.0.6.0/24
Known via "ospf 100", distance 110, metric 1, type extern 2, forward metric 10
Last update from 10.0.24.4 on FastEthernet0/0.24, 00:05:57 ago
Now let's consider filtering options:
- with route-map;
- with distribute-list out command.
Let's filter R1's prefix 10.0.1.0/24 from being redistributed into EIGRP domain. With route map it is pretty simple.
R5 before:
R5#show ip route 10.0.1.0
Routing entry for 10.0.1.0/24
Known via "eigrp 200", distance 170, metric 284160, type external
Redistributing via eigrp 200
Last update from 10.0.35.3 on FastEthernet0/0.35, 00:29:44 ago
R3:
router eigrp 200
redistribute ospf 100 metric 100000 10 255 1 1500 route-map OSPF_TO_EIGRP
!
ip prefix-list NET_10.0.1.0/24 seq 5 permit 10.0.1.0/24
!
route-map OSPF_TO_EIGRP deny 10
match ip address prefix-list NET_10.0.1.0/24
!
route-map OSPF_TO_EIGRP permit 20
R4 has almost the same configuration.
R5 after:
R5#show ip route 10.0.1.0
% Subnet not in table
Next option is to use distribute-list command, which syntax is pretty tricky.
R3:
router eigrp 200
redistribute ospf 100 metric 100000 10 255 1 1500
distribute-list route-map OSPF_TO_EIGRP out #We redistribute OSPF and apply this distribute-list with route-map (you also can use ACL or prefix-list). The logic is as following: OSPF -> DISTRIBUTE-LIST -> EIGRP.
no auto-summary
!
ip prefix-list NET_10.0.1.0/24 seq 5 permit 10.0.1.0/24
!
route-map OSPF_TO_EIGRP deny 10
match ip address prefix-list NET_10.0.1.0/24
!
route-map OSPF_TO_EIGRP permit 20
R4 has the same configuration.
And the result is the same as with route-map applied to redistribute command:
R5#show ip route 10.0.1.0
% Subnet not in table
Now let's consider what will happen if we change EIGRP to RIP:
R3:
router ospf 100
redistribute rip subnets
!
router rip
version 2
redistribute ospf 100 metric 5
network 11.0.0.0
no auto-summary
R4:
router ospf 100
redistribute rip subnets
!
router rip
version 2
redistribute ospf 100 metric 5
network 11.0.0.0
no auto-summary
There will be a route loop. For example R5's and R6's LANs - 11.0.5.0/24 and 11.0.6.0/24 respectively:
R3#show ip route | include 11\.0\.[5-6]\.
R 11.0.6.0 [120/2] via 11.0.35.5, 00:00:01, FastEthernet0/0.35
R 11.0.5.0 [120/1] via 11.0.35.5, 00:00:01, FastEthernet0/0.35
R4#show ip route | include 11\.0\.[5-6]\.
O E2 11.0.6.0 [110/20] via 10.0.24.2, 00:16:09, FastEthernet0/0.24
O E2 11.0.5.0 [110/20] via 10.0.24.2, 00:16:09, FastEthernet0/0.24
What do we see here - R5 advertises prefix 11.0.5.0/24 to R3 and R6 with AD of 120. R3 conversely advertises this prefix to OSPF domain (R1 -> R2 -> R4) with AD of 110. R6 advertises this prefix to R4 with AD of 120. The same happens with the 11.0.6.0/24 prefix but in other order of routers. At this point R4 has 2 paths to the same prefix but with different ADs and it chooses the one with better (lower) AD - path through the OSPF domain. It is actually not a loop, it is suboptimal routing.
This problem can be solved in at least three different manners:
- use different AD for external routes (for RIP or OSPF);
- filter routes advertised between routing domains.
RIP doesn't distinguish external and internal routes, so it's better to adjust AD for external routes in the OSPF:
R3 and R4:
router ospf 100
distance ospf external 140
Routing loop is eliminated now:
R3#show ip route | include 11\.0\.[5-6]\.
R 11.0.6.0 [120/2] via 11.0.35.5, 00:00:01, FastEthernet0/0.35
R 11.0.5.0 [120/1] via 11.0.35.5, 00:00:01, FastEthernet0/0.35
R4#show ip route | include 11\.0\.[5-6]\.
R 11.0.6.0 [120/1] via 11.0.46.6, 00:00:01, FastEthernet0/0.46
R 11.0.5.0 [120/2] via 11.0.46.6, 00:00:01, FastEthernet0/0.46
Now, when R3 or R4 receive two same prefixes from different routing domains they choose the one with the lowest AD. RIP AD is 120 whereas OSPF External AD is 140. Notice that AD is only locally significant and isn't being advertised in the routing updates.
You also can set distance per route and/or per neighbor.
In this scenario routes from one routing domain are still advertised to the same domain through another. To prevent this and eliminate problem with loops you can filter updates on the domain border routers (R3 and R4). In this case on R3 and R4 you can filter prefixes from OSPF domain to being received from the RIP domain and vise versa.
Two options available here - filter prefixes with route maps or filter prefixes by route tag (which is much more convenient with big routing domains).
R3 and R4:
router ospf 100
redistribute rip subnets tag 10 route-map OSPF-RIP #All redistributes RIP prefixes are now tagged with tag value 10. All OSPF prefixes from RIP domain are filtered (by tag 20).
!
router rip
redistribute ospf 100 metric 5 route-map RIP-OSPF #Here we tagging OSPF prefixes with value 20 and denying RIP prefixes with tag 10.
!
route-map RIP-OSPF deny 10
match tag 10
!
route-map RIP-OSPF permit 20
set tag 20
!
route-map OSPF-RIP deny 10
match tag 20
route-map OSPF-RIP permit 20
Great post. Thanks.
ReplyDelete