Professional Documents
Culture Documents
UPDATE: For more information on Redistribution see the video series Understanding Route Submit
Were going to take our basic topology from the previous post Understanding Redistribution Part I , and configure
to provide full connectivity between all devices with the most simple configuration. Then we are going to tweak
some settings and see how they affect redistribution and optimal routing. This is going to be an introductory
example to illustrate the redistribution control techniques mentioned previously.
First, we configure IGP routing per the diagram, and advertise Loopback0 interfaces (150.X.Y.Y/24, where X is the
rack number, and Y is the router number) into IGP. Specifically, R2, R3 and R4 Loopbacks are advertised into
OSPF Area 0. R5 and R6 Loopbacks are advertised into EIGRP 356 and R1 Loopback interface is simply
advertised into EIGRP 123.
Next, we propose OSPF to be the core routing domain, used as transit path to reach any other domains. All other
domains, in effect, will be connected as stub (non-transit) to the core domain. We start with EIGRP 123 and OSPF
domains, and enable mutual redistribution between them on R2 and R3 routers:
R2:
!
! Metric values are chosen just to be easy to type in
! No big secret rules of thumb behind this one
!
router eigrp 123
redistribute ospf 1 metric 1 1 1 1 1
!
router ospf 1
redistribute eigrp 123 subnets
R3:
router eigrp 123
redistribute ospf 1 metric 1 1 1 1 1
!
router ospf 1
redistribute eigrp 123 subnets
In effect, we would expect both routing domains to become transit for each other. However, EIGRP has a really
nice feature of assigning default AD value of 170 to external routes. This, in turn, prevents circular redistribution
all OSPF routes injected into EIGRP 123 domain have AD of 170, and are effectively stopped from being
advertised back into OSPF, since native OSPF routes preempt them. Lets see the routing table states:
Just as we would expect, R1 has two routes from each OSPF prefix, since both R2 and R3 assign the same seed Routing & Sw itching
Security
metric to redistributed routes.
Service Provider
Voice
Mark Snow CCIE #14073
Rack18R2#show ip route | beg Gate
Voice
Gateway of last resort is not set Security
O 150.18.3.0 [110/65] via 174.18.234.3, 00:00:19, Serial0/0 / Optimized Edge Routing (OER) -
Part 1
Rack18R3#show ip route | beg Gate
SO Many Voice Updates!
Gateway of last resort is not set
All seems to be fine here too; thanks to EIGRP AD value of 90, EIGRP native prefixes are reachable via EIGRP,
and OSPF native subnets are reachable via OSPF (since EIGRP External AD value is 170). Next, we move a step
further, and redistribute between OSPF and EIGRP 356 domains, i.e. attach the latter domain to the core:
R3:
router eigrp 356
redistribute ospf 1 metric 1 1 1 1 1
!
router ospf 1
redistribute eigrp 123 subnets
redistribute eigrp 356 subnets
Since EIGRP 356 domain has just one point of attachement to the core, there should be no big problems. Look at
the routing table of R1:
Ah, great. R1 sees R5 and R6 loopback as they are advertised by R2 only. Naturally, redistribution between local
routing processes on R3 is non-transitive when we inject EIGRP 356 routes into OSPF, they are not further
propagated into EIGRP 123, even though OSPF is redistributed into EIGRP 123. So R1 packets would have to
transit OSPF domain, in order to reach R5 and R6.
Fine, now to finish the picture, we redistribute between RIP and OSPF on R4
R4:
router ospf 1
redistribute rip subnets
!
! Assign some large metric value to redistributed routes
!
router rip
redistribute ospf 1 metric 8
Seems like we have connectivity to all prefixes, even the ones injected by BB2 (205.90.31.0/24 etc). All of them,
with except to EIGRP 356 routes are symmetrically reachable via R2 and R3. Now, a long snapshot of all other
routing tables:
A quick stop at R5. Since RIPv2 AD is 120, and EIGRP External AD is 170, R5 sees all non EIGRP 356 routes via
RIP. Not a big problem right now, but it creates suboptimal paths to EIGRP 123 routes, since its more, well,
effective to reach them over Ethernet links.
We may opt to craeate an access-list, select all RIP routes, and freeze their AD down to 120. Next we can rais
global RIP distance to something bigger than 170, to fix this issue. Not a big deal, though! OK, so the only left are
R6 and BB2:
BB2>sh ip ro rip
174.18.0.0/24 is subnetted, 3 subnets
R 174.18.234.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 174.18.0.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 174.18.123.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
150.18.0.0/24 is subnetted, 6 subnets
R 150.18.4.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 150.18.5.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 150.18.6.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 150.18.1.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 150.18.2.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
R 150.18.3.0 [120/8] via 192.10.18.4, 00:00:24, Ethernet0
This seems to be an easy one. Were done, full connectivity attained, and no loops were introduced. Thanks to
EIGRP External AD there is no need to manually filter routes on the border routes between EIGRP 123 and OSPF.
But what if we are asked to redistribute some native EIGRP 123 prefixes (e.g. R1 Loopback0) instead of
advertising them?
R1:
router eigrp 123
redistribute connected
network 174.18.123.1 0.0.0.0
R2 sees R1 Loopback0 as EIGRP external route reachable via R1. However, the situation is different on R3:
Thanks to R1 Loopback0 being redistributed into OSPF, R3 prefers it via R2, not R1, due to AD values. Not a very
big problem in this scenario, but in more complex cases this may lead to routing loops, since suboptimal path may
be chosen. In order to fix this, we may adjust AD for the EIGRP prefix. However, there is a problem here we cant
change EIGRP external AD selectively, only for all prefixes at once.
This why we may choose to play with AD under OSPF. We may simply adjust AD for R1 Loopback0 prefix to a
value of 171. However, we may go further, and simulate the feature of EIGRP with OSPF speficically, make sure
OSPF internal routes have AD different from the external prefixes. For EIGRP the values are 90 and 170. What
values should we pick up for OSPF? Well, since OSPF is the core routing domain, it has more information
available on whats going around. Okay, and its the only transit domain, so we should make sure it has the highest
preference among others. So it makes sense to set internal/external AD for OSPF to 80 and 160 lower than the
EIGRP values. This ensure that internal routes are always preferred over external, but core routing protocol is
always the most trusted one.
R2 & R3:
access-list 1 permit 150.18.1.0
!
router ospf 1
distance ospf intra-area 80
distance ospf inter-area 80
distance ospf external 160
distance 171 0.0.0.0 255.255.255.255 1
All seems to look great, with except to the fact that EIGRP 123 and EIGRP 356 have to transit OSPF domain in
order to reach each other. Though this is only true for R1, still we need to find out a way to resolve this issue.
What if we start exhanging routes on R3 between EIGRP 123 and EIGRP 356? This will not cause any new domain
to become transit because EIGRP external AD will block the external routes from being re-injected into the core
domain. This is why we may safely turn on mutual redistribution between the two domains.
R3:
router eigrp 123
redistribute eigrp 356
!
router eigrp 356
redistribute eigrp 123
Observe the effect on R1 now. Note the metrics assigned to R5 and R6 Loopback prefixes they are taken
directly from EIGRP 356 native prefixe metric values.
R3 will not transit OSPF backbone, due to our choice of administrative distances:
So we come up with (mostly) optimal redistribution configuration for our topology. What we learned so far, is that
Split-horizon rule may also be implemented using the Administrative Disatnces. EIGRP implements this extremely
useful feature automatically, while OSPF should be manually tuned for that. However, as we will learn in further
examples, some additional work is needed for RIP. Also, now we remember that redistribution is non-transitive on
local router. Finally, we learned a way to introduce a kind of hierarchy of administrative distances for a star-like
routing domain topology (core transit domain, and stub edge domains). More complicated examples are to follow
this post.
Great Post!!! Seldom ive seen such a clear and structured explanation.
Reply
After banging my head on almost each redistribution task in IEWB first 7 labs and not understanding anything, (I partly blame the
WB. Man it goes to lengths explaining CCNA level stuff, like frame relay mappings or spanning tree but almost mute on
redistribution) I am finally getting a bit understanding. And since I cant afford COD, this blog is the greatest resource I have.
Cant wait for your next post, rather all the posts on redistribution:)
Reply
Reply
[...] is a link to a great read regarding redistribution I had a look at this week: Understanding Redistribution (Part 2) by Petr Lapukhov,
CCIE #16379 @ Internetwork [...]
Reply
Reply
Reply
Just wanted to clarify if the distance ospf external command is in 12.4 release , which will be in the routers for the lab ?
Reply
Good post, I replicated the scenario, and I noticed that before of change the R1 loopback from advertise to redistribute you wrote
down:
This seems to be an easy one. Were done, full connectivity attained, and no loops were introduced. Thanks to EIGRP External
AD there is no need to manually filter routes on the border routes between EIGRP 123 and OSPF.
it was copied directly from your post (I got the same result):
Rgds.
Reply
Excellent article thanks! Question: what do you guys use or recommend for a lab simulations? I heard of gns3 but I was wondering
if there is something better out there
CheerS!
Reply
Reply
hi
Thank It is really good ways to understand.
Q1) In which router interface you defined
222.22.2.0/24 these ?
If it loopback then it should start with 150.X.X.X ? I am confuse Please help me ?
Reply
Hi Peter ,
I just want to know ,R3 is not runing RIP and in part I you have this (if we configure bi-directional redistribution on R3 between RIPv2
and OSPF ) is this right ???
Reply
Reply
Hello,
after mutual redistribution betweend EIGRP123 and OSPF on R2 and R3 you need to configure loopback0 interfaces on all ospf
routers to ip ospf network point-to-point.
Reply
This seems to be an easy one. Were done, full connectivity attained, and no loops were introduced.
As Omarept said before, we do not have reachability to R1s loopback from the R6 router.
This is true, and also we does not have reachability to 174.18.123.0/24 network.
As you remember, the redistribution on router is non-transitive, and routes redistributed on R3 from EIG 356 to OSPF1 are not
redistributed to EIG 123 even if we have redistribution from OSPF1 to EIG 123 on the same device, and vice-versa.
The reason we can see them in EIG123 domain is that R2 knows that routes from R3 over OSPF1, and can redistribute it to EIG123.
Here, in EIG 356 situation is slightly different. As we know, the router wont redistribute from EIG123 through ospf 1 to EIG356. R3
knows that routes by the EIG123 routing process, and since EIG123 AD (90) is better than OSPF1 AD (110), it will use routes
received from EIG123. Thats the reason why it cannot redistribute it over to the EIG356.
Reply
Rack1R2(config-router)#router ospf 1
Rack1R2(config-router)#distance ospf intra-area 80
Rack1R2(config-router)#distance ospf inter-area 80
Rack1R2(config-router)#distance ospf external 160
The result of prefixes imported from rip is unpredictable, very often it ends up looping this prefixes between R2 and R3:
Whoops
Rack1R4#traceroute 222.22.2.2
[blablabla]
*Oct 6 22:23:24.971: OSPF-RIB-LOCAL: Synced 222.22.2.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
04, spf 26, route instance 26
*Oct 6 22:23:24.971: OSPF-RIB-GLOBAL: Network update succeeded 220.20.3.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:23:24.971: OSPF-RIB-LOCAL: Synced 220.20.3.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
04, spf 26, route instance 26
*Oct 6 22:23:24.971: OSPF-RIB-GLOBAL: Network update succeeded 205.90.31.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4
[blablabla]
*Oct 6 22:23:25.003: OSPF-RIB-GLOBAL: Network update succeeded 222.22.2.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:23:25.003: OSPF-RIB-LOCAL: Synced 222.22.2.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
04, spf 27, route instance 27
*Oct 6 22:23:25.003: OSPF-RIB-GLOBAL: Network update succeeded 220.20.3.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:23:25.003: OSPF-RIB-LOCAL: Synced 220.20.3.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
04, spf 27, route instance 27
[blablabla]
*Oct 6 22:23:25.495: OSPF-RIB-GLOBAL: Route delete succeeded 222.22.2.0/255.255.255.0 via 174.1.234.4 on Serial0/0, source
4.4.4.4, type 16, return: 2
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: No more paths for 222.22.2.0/255.255.255.0 type 16 delete route from local RIB
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: Synced 222.22.2.0/255.255.255.0 type 16 added 0 paths, deleted 1 paths, change flag
05, spf 30, route instance 28
*Oct 6 22:23:25.495: OSPF-RIB-GLOBAL: Route delete succeeded 220.20.3.0/255.255.255.0 via 174.1.234.4 on Serial0/0, source
4.4.4.4, type 16, return: 2
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: No more paths for 220.20.3.0/255.255.255.0 type 16 delete route from local RIB
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: Synced 220.20.3.0/255.255.255.0 type 16 added 0 paths, deleted 1 paths, change flag
05, spf 30, route instance 28
*Oct 6 22:23:25.495: OSPF-RIB-GLOBAL: Route delete succeeded 205.90.31.0/255.255.255.0 via 174.1.234.4 on Serial0/0, source
4.4.4.4, type 16, return: 2
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: No more paths for 205.90.31.0/255.255.255.0 type 16 delete route from local RIB
*Oct 6 22:23:25.495: OSPF-RIB-LOCAL: Synced 205.90.31.0/255.255.255.0 type 16 added 0 paths, deleted 1 paths, change flag
05, spf 30, route instance 28
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: Callback for 222.22.2.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: 222.22.2.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be advertised
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: Callback for 220.20.3.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: 220.20.3.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be advertised
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: Callback for 205.90.31.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:23:25.535: OSPF-RIB-REDIST: 205.90.31.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be advertised
[blablabla]
Anyway, I think that is it somehow connected to internal ospf mechanisms responsible for changing routing table after ospf
distances was changed.
R2 drops routes from ospf peers just to reload them after a while with another AD.
In the meantime, eigrp 123 injects its routes to rip networks to the ospf1 process on R2:
Rack1R2#show ip route 222.22.2.0
Routing entry for 222.22.2.0/24
Known via eigrp 123, distance 170, metric 2560002816, type external
Redistributing via eigrp 123, ospf 1
Advertised by ospf 1 subnets
Last update from 174.1.123.3 on FastEthernet0/0, 00:21:23 ago
Routing Descriptor Blocks:
* 174.1.123.3, from 174.1.123.3, 00:21:23 ago, via FastEthernet0/0
Route metric is 2560002816, traffic share count is 1
Total delay is 110 microseconds, minimum bandwidth is 1 Kbit
Reliability 1/255, minimum MTU 1 bytes
Loading 1/255, Hops 1
and then R2 advertises those to all other routers in the ospf1 area0.
Unfortunatly, AD for whole ospf process on R4 is still 110, so it preempts valid routes, learned from rip.
After R4 route cache is poisoned with those informations, there is no possibility to break this loop, since valid informations are lost.
Finally, R3 lose its route to RIP prefixes from R4, and learn invalid informations from R2, next it redistributes that invalid information
to eig123 process.
Then again, R2 redistribute this information to OSPF all over again.
Possible solution to break that loop is to set OSPF distances on R4 just like we did on R2 and R3 (particularly the external one):
Rack1R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R4(config)#router ospf 1
Rack1R4(config-router)#distance ospf intra-area 80
Rack1R4(config-router)#distance ospf inter-area 80
Rack1R4(config-router)#distance ospf external 160
Rack1R4(config-router)#^Z
Rack1R2#
*Oct 6 22:51:49.475: OSPF-RIB-LOCAL: Add 205.90.31.0/255.255.255.0, area dummy area, type 16, dist 20, forward 64, tag 00, via
174.1.234.4 Serial0/0, route flags 0800, path flags 00, source 4.4.4.4, spf 33, list-type 3
*Oct 6 22:51:49.479: OSPF-RIB-REDIST: Callback for 205.90.31.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:51:49.479: OSPF-RIB-REDIST: 205.90.31.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be flushed
*Oct 6 22:51:49.479: OSPF-RIB-GLOBAL: Network update succeeded 205.90.31.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:51:49.479: OSPF-RIB-LOCAL: Synced 205.90.31.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
0xE, spf 33, route instance 33
*Oct 6 22:51:49.575: OSPF-RIB-LOCAL: Add 220.20.3.0/255.255.255.0, area dummy area, type 16, dist 20, forward 64, tag 00, via
174.1.234.4 Serial0/0, route flags 0800, path flags 00, source 4.4.4.4, spf 36, list-type 3
*Oct 6 22:51:49.575: OSPF-RIB-REDIST: Callback for 220.20.3.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:51:49.575: OSPF-RIB-REDIST: 220.20.3.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be flushed
*Oct 6 22:51:49.575: OSPF-RIB-GLOBAL: Network update succeeded 220.20.3.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:51:49.575: OSPF-RIB-LOCAL: Synced 220.20.3.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
0xE, spf 36, route instance 36
*Oct 6 22:51:49.575: OSPF-RIB-LOCAL: Add 222.22.2.0/255.255.255.0, area dummy area, type 16, dist 20, forward 64, tag 00, via
174.1.234.4 Serial0/0, route flags 0800, path flags 00, source 4.4.4.4, spf 36, list-type 3
*Oct 6 22:51:49.575: OSPF-RIB-REDIST: Callback for 222.22.2.0/255.255.255.0 redistributed from process OSPF Router
*Oct 6 22:51:49.575: OSPF-RIB-REDIST: 222.22.2.0/255.255.255.0, metric -1734964480, tag 00, attributes 00, will be flushed
*Oct 6 22:51:49.575: OSPF-RIB-GLOBAL: Network update succeeded 222.22.2.0/255.255.255.0, via 174.1.234.4 on Serial0/0,
distance 20, flags 00, source 4.4.4.4, tag 00, type 16, return: 0
*Oct 6 22:51:49.575: OSPF-RIB-LOCAL: Synced 222.22.2.0/255.255.255.0 type 16 added 1 paths, deleted 0 paths, change flag
0xE, spf 36, route instance 36
Reply
Reply
Hi,
This is probably something thats obvious to all of you, but I am hoping someone could help me understand something here.
After R3 has been configured to mutually redistribute EIGRP356 and EIGRP123, shouldnt R1 have two routes to R5 and R6s
loopback?
For example, R6s loopback interface (150.18.6.0) is redistributed into OSPF and EIGRP123 via R3. R2 would see ospf E2 route for
150.18.6.0 with AD of 160 at this time and and redistribute it into EIGRP123. Why doesn R1 see this redistribution from R2?
Thank you.
Reply
Ah, I figured it out I forgot that EIGRP356s metric is carried over into EIGRP123 whereas in R2s case its using an arbitrary
metric 1 1 1 1 1 when its redistributing the prefix into EIGRP123.
Reply
[...] use feature X or Y I should know how to do it using feature Z. So here is part second part in the route redistribution [...]
Reply
wit wew!!! no exact word how Im thankful for this post, I really gained my confidence in redistribution. all I can say is more power to
you Petr and God bless you always.
Reply
Leave a Reply
Name (required)
Submit Comment
$399 CCIE R&S Live Online 5-Day CCIE R&S Printed Vol I - IV Workbook New CCIE Security 5-Day Live
Written Bootcamp! Bundle Special for only $799! Bootcamp dates have been added
http://t.co/KtM1Xn1u http://t.co/TWyLv7YC for January and May 2012 in
twitter.com/inetraining Chicago, IL! Sign Up Today!
http://t.co/XsgqosG4
pdfcrowd.com