Mutual Redistribution at Multiple Routers

When multiple routers redistribute between the same two routing protocol domains, several potential problems can occur. One type of problem occurs on the redistributing routers, because those routers will learn a route to most subnets via both routing protocols. That router uses the AD to determine the best route when comparing the best routes from each of the two routing protocols; this typically results in some routes using suboptimal paths. For example, Figure 10-4 shows a sample network, with R3 choosing its AD 110 OSPF route to 10.1.2.0/24 over the probably better AD 120 RIP route.

Figure 10-4 OSPF and RIP Redistribution

Figure 10-4 OSPF and RIP Redistribution

NOTE The OSPF configuration for this network matches only the interfaces implied by the OSPF box in Figure 10-4. RIP does not have a wildcard-mask option on the network command, so R1's and R3's network commands will match all of their interfaces, as all are in network 10.0.0.0.

In Figure 10-4, R3 learns of subnet 10.1.2.0/24 via RIP updates from R2. Also, R1 learns of the subnet with RIP and redistributes the route into OSPF, and then R3 learns of a route to 10.1.2.0/24 via OSPF. R3 chooses the route with the lower administrative distance; with all default settings, OSPF's AD of 110 is better that RIP's 120.

If both R1 and R3 mutually redistribute between RIP and OSPF, the suboptimal route problem would occur on either R1 or R3 for each RIP subnet, all depending on timing. Example 10-3 shows the redistribution configuration, along with R3 having the suboptimal route shown in Figure 10-4. However, after R1's fa0/0 interface flaps, R1 now has a suboptimal route to 10.1.2.0/24, but R3 has an optimal route.

Example 10-3 Suboptimal Routing at Different Redistribution Points

! R1s related configuration follows:

router ospf 1

router-id 1.1.1.1

redistribute rip subnets

!

router rip

redistribute ospf 1

network 10.0.0.0

default-metric 1

! R3's related configuration follows:

router ospf 1

router-id 3.3.3.3

redistribute rip subnets

network 10.1.34.3 0.0.0.0 area 0

router rip

redistribute ospf 1

network 10.0.0.0

default-metric 1

! R3 begins with an AD 120 OSPF route, and not a RIP route, to 10.1.2

CM ©

R3# sh ip route I incl 10.1.2.0

O E2 10.1.2.0 [110/20] via 10.1.34.4, 00:02:01, Serial0/0/0.4

! R1 has a RIP route to 10.1.2.0/24, and redistributes it into OSPF,

causing R3

! to learn an OSPF route to 10.1.2.0/24.

R1# sh ip route I incl 10.1.2.0

R 10.1.2.0 [120/1] via 10.1.12.2, 00:00:08, FastEthernet0/0

! Next, R1 loses its RIP route to 10.1.2.0/24, causing R3 to lose its

OSPF route.

R1# conf t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)# int fa 0/0

R1(config-if)# shut

! R3 loses its OSPF route, but can then insert the RIP route into its table.

! R3 loses its OSPF route, but can then insert the RIP route into its table.

Example 10-3 Suboptimal Routing at Different Redistribution Points (Continued)

R3# sh ip route 1 incl 10.1.2.0 R 10.1.2.0 [120/1] via 10.1.23.2, 00

00:12,

Serial0/0/0.2

! Not shown: R1 brings up its fa0/0 again

! However, R1 now has the suboptimal route

to 10.1

.2.0/24, through OSPF.

R1# sh ip route 1 incl 10.1.2.0

O E2 10.1.2.0 [110/20] via 10.1.15.5, 00

5:00:09,

Serial0/0/0.5

The key concept behind this seemingly odd example is that a redistributing router processes only the current contents of its IP routing table. When this network first came up, R1 learned its RIP route to 10.1.2.0/24, and redistributed into OSPF, before R3 could do the same. So, R3 was faced with the choice of putting the AD 110 (OSPF) or AD 120 (RIP) route into its routing table, and R3 chose the lower AD OSPF route. Because R3 never had the RIP route to 10.1.2.0/24 in its routing table, R3 could not redistribute that RIP route into OSPF.

Later, when R1's fa0/0 failed (as shown in Example 10-3), R3 had time to remove the OSPF route and add the RIP route for 10.1.2.0/24 to its routing table—which then allowed R3 to redistribute that RIP route into OSPF, causing R1 to have the suboptimal route.

To solve this type of problem, the redistributing routers must have some awareness of which routes came from the other routing domain. In particular, the lower-AD routing protocol needs to decide which routes came from the higher-AD routing protocol, and either use a different AD for those routes or filter the routes. The next few sections show a few different methods of preventing this type of problem.

Preventing Suboptimal Routes by Setting the Administrative Distance

One simple and elegant solution to the problem of suboptimal routes on redistributing routers is to flag the redistributed routes with a higher AD. A route's AD is not advertised by the routing protocol; however, a single router can be configured such that it assigns different AD values to different routes, which then impacts that one router's choice of which routes end up in that router's routing table. For example, back in Figure 10-4 and Example 10-3, R3 could have assigned the OSPF-learned route to 10.1.2.0/24 an AD higher than 120, thereby preventing the original problem.

Figure 10-5 shows a more complete example, with a route from the RIP domain (10.1.2.0/24) and another from the OSPF domain (10.1.4.0/24). Redistributing router R3 will learn the two routes both from RIP and OSPF. By configuring R3's logic to treat OSPF internal routes with default AD 110, and OSPF external routes with AD 180 (or any other value larger than RIP's default of 120), R3 will choose the optimal path for both RIP and OSPF routes.

Figure 10-5 The Effect of Differing ADs for Internal and External Routes

Figure 10-5 The Effect of Differing ADs for Internal and External Routes

■>• Routing Info for 10.1.2.0/24 --->- Routing Info for 10.1.4.0/24

Example 10-4 shows how to configure both R1 and R3 to use a different AD for external routes by using the distance ospf external 180 command, under the router ospf process.

Example 10-4 Preventing Suboptimal Routes with the distance Router Subcommand

! Both R1s and R3's configurations look like they do in Example 10-3's, but with the ! addition of the distance command, router ospf 1

distance ospf external 180

! R3 has a more optimal RIP route to 10.1.2.0/24, as does R1. R3# sh ip route I incl 10.1.2.0

R 10.1.2.0 [120/1] via 10.1.23.2, 00:00:19, Serial0/0/0.2

R 10.1.2.0 [120/1] via 10.1.12.2, 00:00:11, FastEthernet0/0

! R1 loses its next-hop interface for the RIP route, so now its OSPF route, with ! AD 180, is its only and best route to 10.1.2.0/24. R1# conf t

Enter configuration commands, one per line. End with CNTL/Z. R1(config)# int fa 0/0 R1(config-if)# shut

O E2 10.1.2.0 [180/20] via 10.1.15.5, 00:00:05, Serial0/0/0.5

EIGRP supports the exact same concept by default, using AD 170 for external routes and 90 for internal routes. In fact, if EIGRP were used instead of OSPF in this example, neither R1 nor R3 would have experienced any of the suboptimal routing. You can reset EIGRP's distance for internal and external routes by using the distance eigrp router subcommand. (At presstime, neither the IS-IS nor RIP distance commands support setting external route ADs and internal route ADs to different values.)

In some cases, the requirements may not allow for setting all external routes' ADs to another value. For instance, if R4 injected some legitimate external routes into OSPF, the configuration in Example 10-4 would result in either R1 or R3 having a suboptimal route to those external routes that pointed through the RIP domain. In those cases, the distance router subcommand can be used in a different way, influencing some or all of the routes that come from a particular router. The syntax is as follows:

distance {distance-value ip-address {wildcard-mask} [ip-standard-list] [ip-extended-list]

This command sets three key pieces of information: the AD to be set, the IP address of the router advertising the routes, and, optionally, an ACL with which to match routes. With RIP, EIGRP, and IS-IS, this command identifies a neighboring router's interface address using the ip-address wildcard-mask parameters. With OSPF, those same parameters identify the RID of the router owning (creating) the LSA for the route. The optional ACL then identifies the subset of routes for which the AD will be set. The logic boils down to something like this:

Set this AD value for all routes, learned from a router that is defined by the IP address and wildcard mask, and for which the ACL permits the route.

Example 10-5 shows how the command could be used to solve the same suboptimal route problem on R1 and R3, while not causing suboptimal routing for other external routes. The design goals are summarized as follows:

■ Set a router's local AD for its OSPF routes for subnets in the RIP domain to a value of 179, thereby making the RIP routes to those subnets better than the OSPF routes to those same subnets.

Example 10-5 Using the distance Command to Reset Particular Routes' ADs

! R1 config. Note that the command refers to 3.3.3.3, which is R3's RID. Other ! commands not related to resetting the AD are omitted. Of particular importance, ! the distance command on R1 refers to R3's OSPF RID, because R3 created the OSPF ! LSAs that we are trying to match — the LSAs created when R3 injected the ! routes redistributed from RIP. router ospf 1

distance 179 3.3.3.3 0.0.0.0 only-rip-routes

Example 10-5 Using the distance Command to Reset Particular Routes' ADs (Continued) !

ip access-list standard only-rip-routes permit 10.1.12.0 permit 10.1.3.0 permit 10.1.2.0 permit 10.1.23.0

! R3 config. Note that the command refers to 1.1.1.1, which is R1

s RID. Other

! commands not related to resetting the AD are omitted. Also, the

only-rip-routes

! ACL is identical to R1s only-rip-routes ACL.

router ospf 1

distance 179 1.1.1.1 0.0.0.0 only-rip-routes

Preventing Suboptimal Routes by Using Route Tags

Another method of preventing suboptimal routing on the redistributing routers is to simply filter the problematic routes. Using subnet 10.1.2.0/24 as an example again, R3 could use an incoming distribute-list command to filter the OSPF route to 10.1.2.0/24, allowing R3 to use its RIP route to 10.1.2.0/24. R1 would need to perform similar route filtering as well to prevent its suboptimal route.

Performing simple route filtering based on IP subnet number works, but the redistributing routers will need to be reconfigured every time subnets change in the higher-AD routing domain. The administrative effort can be improved by adding route tagging to the process. By tagging all routes taken from the higher-AD domain and advertised into the lower-AD domain, the distribute-list command can make a simple check for that tag. Figure 10-6 shows the use of this idea for subnet 10.1.2.0/24.

Route tags are simply unitless integer values in the data structure of a route. These tags, typically either 16 or 32 bits long depending on the routing protocol, allow a router to imply something about a route that was redistributed from another routing protocol. For instance, R1 can tag its OSPF-advertised route to 10.1.2.0/24 with a tag—say, 9999. OSPF does not define what a tag of 9999 means, but the OSPF protocol includes the tag field in the LSA so that it can be used for administrative purposes. Later, R3 can filter routes based on their tag, solving the suboptimal route problem.

Figure 10-6 and Example 10-6 depict an example of route tagging and route filtering, used to solve the same old problem with suboptimal routes. R1 and R3 tag all redistributed RIP routes with tag 9999 as they enter the OSPF domain, and then R1 and R3 filter incoming OSPF routes based on the tags. This design works well because R1 can tag all redistributed RIP routes, thereby removing the need to change the configuration every time a new subnet is added to the RIP domain. (Note that both R1 and R3 will tag routes injected from RIP into OSPF as 9999, and both will then filter OSPF-learned routes with tag 9999. Figure 10-6 just shows one direction to keep the figure less cluttered.)

Figure 10-6 Filtering with Reliance on Route Tags

Figure 10-6 Filtering with Reliance on Route Tags

Example 10-6 Using Route Tags and Distribute Lists to Prevent Suboptimal Routes at Redistributing Routers

! R1 config. The redistribute command calls the route map that tags routes taken ! from RIP as 9999. distribute-list looks at routes learned in OSPF that were ! earlier tagged by R3. router ospf 1 redistribute rip subnets route-map tag-rip-9999 network 10.1.15.1 0.0.0.0 area 0 distribute-list route-map check-tag-9999 in

! Clause 10, a deny clause, matches all tagged 9999 routes — so those ! routes are filtered. Clause 20 permits all other routes, because with no match ! subcommand, the clause is considered to "match all." route-map check-tag-9999 deny 10 match tag 9999

route-map check-tag-9999 permit 20

! tag-rip-9999 matches all routes (it has no match command), and then ! tags them all with tag 9999. This route-map is used only for routes taken from ! RIP into OSPF.

route-map tag-rip-9999 permit 10 set tag 9999

! R3 Config

! The R3 configuration does not have to use the same names for route maps, but

Example 10-6 Using Route Tags and Distribute Lists to Prevent Suboptimal Routes at Redistributing Routers (Continued)

! the essential elements are identical, so the route maps are not repeated here.

router ospf 1 redistribute rip subnets route-map tag-rip-9999 network 10.1.34.3 0.0.0.0 area 0 distribute-list route-map check-tag-9999 in

! R3 (shown) and R1 have RIP routes to 10.1.2.0, as well as other routes from the

! RIP domain. Also, note that the OSPF LSDB shows the tagged values on the routes.

R 10.1.2.0 [120/1] via 10.1.23.2, 00:00:26, Serial0/0/0.2

R3# sh ip ospf data begin Type-5

Type-5 AS External Link States

Link

ID

ADV

Router

Age

Seq#

Checksum

Tag

10.1

.1.0

1.1

.1.1

834

0x80000006

0x00CE86

9999

10.1

.1.0

3.3

.3.3

458

0x80000003

0X0098B7

9999

10.1

.2.0

1.1

.1.1

834

0x80000006

0X00C390

9999

10.1

.2.0

3.3

.3.3

458

0x80000003

0x008DC1

9999

! lines omitted for brevity

! Next, the unfortunate side effect of filtering the routes — R3 does not have an ! alternative route to RIP subnets, although OSPF internal routers (like R4 ! in Figure 10-6) will. R3# conf t

Enter configuration commands, one per line. End with CNTL/Z.

R3(config-subif)# shut

R3(config-subif)# "Z

! lines omitted for brevity

! Next, the unfortunate side effect of filtering the routes — R3 does not have an ! alternative route to RIP subnets, although OSPF internal routers (like R4 ! in Figure 10-6) will. R3# conf t

Enter configuration commands, one per line. End with CNTL/Z.

R3(config-subif)# shut

R3(config-subif)# "Z

The last few lines of the example show the largest negative of using route filtering to prevent the suboptimal routes. When R3 loses connectivity to R2, R3 does not use the alternate route through the OSPF domain. R3's filtering of those routes occurs regardless of whether R3's RIP routes are available or not. As a result, using a solution that manipulates the AD may ultimately be the better solution to this suboptimal-routing problem.

Using Metrics and Metric Types to Influence Redistributed Routes

A different set of issues can occur for a router that is internal to a single routing domain, like R4 and R5 in Figure 10-4. The issue is simple—with multiple redistributing routers, an internal router learns multiple routes to the same subnet, so it must pick the best route. As covered earlier in the chapter, the redistributing routers can set the metrics; by setting those metrics with meaningful values, the internal routers can be influenced to use a particular redistribution point.

Interestingly, internal routers may not use metric as their first consideration when choosing the best route. For instance, an OSPF internal router will first take an intra-area route over an inter-area route, regardless of their metrics. Table 10-8 lists the criteria an internal router will use when picking the best route, before considering the metrics of the different routes.

Table 10-8 IGP Order of Precedence for Choosing Routes Before Considering the Metric

IGP

Order of Precedence of Metric

RIP

No other considerations

EIGRP

Internal, then external

OSPF

Intra-area, inter-area, E1, then E2*

IS-IS

L1, L2, external

* For E2 routes whose metric ties, OSPF also checks the cost to the advertising ASBR.

* For E2 routes whose metric ties, OSPF also checks the cost to the advertising ASBR.

To illustrate some of these details, Example 10-7 focuses on R4 and its routes to 10.1.2.0/24 and 10.1.5.0/24 from Figure 10-4. The example shows the following, in order:

1. R1 and R3 advertise 10.1.2.0/24 as an E2 route, metric 20. R4 uses the route through R3, because R4's cost to reach ASBR R3 is lower than its cost to reach ASBR R1.

2. After changing R1 to advertise redistributed routes into OSPF as E1 routes, R4 uses the E1 routes through R1, even though the metric is larger than the E2 route through R3.

3. R4 uses it higher-metric intra-area route to 10.1.5.0/24 through R5. Then, the R4-R5 link fails, causing R4 to use the OSPF external E2 route to 10.1.5.0/24—the route that leads through the RIP domain and back into OSPF via the R3-R2-R1-R5 path.

Example 10-7 Demonstration of the Other Decision Criteria for Choosing the Best Routes

! R4 has E2 routes to all the subnets in the RIP domain, and they all point to R3.

R4# sh ip route ospf

10.0.0.0/24 is subnetted, 10 subnets

O 10.1.15.0 [110/128] via 10.1.45.5, 00:03:23, Serial0/0/0.5

O E2 10.1.12.0 [110/20] via 10.1.34.3, 00:03:23, Serial0/0/0.3

O E2 10.1.3.0 [110/20] via 10.1.34.3, 00:03:23, Serial0/0/0.3

O E2 10.1.2.0 [110/20] via 10.1.34.3, 00:03:23, Serial0/0/0.3

O E2 10.1.1.0 [110/20] via 10.1.34.3, 00:03:23, Serial0/0/0.3

O 10.1.5.0 [110/65] via 10.1.45.5, 00:03:23, Serial0/0/0.5

O E2 10.1.23.0 [110/20] via 10.1.34.3, 00:03:23, Serial0/0/0.3

! R4 chose the routes through R3 instead of R1 due to the lower cost to R3.

R4# show ip ospf border-routers

OSPF Process 1 internal Routing Table

Codes: i - Intra-area route, I - Inter-area route

Example 10-7 Demonstration of the Other Decision Criteria for Choosing the Best Routes (Continued)

i 1.1.1.1 [128] via 10.1.45.5, Serial0/0/0.5, ASBR, Area 0, SPF 13

i 3.3.3.3 [64] via 10.1.34.3, Serial0/0/0.3, ASBR, Area 0, SPF 13

! (Not Shown): R1 is changed to redistribute RIP routes as E1 routes by

! adding the metric-type 1 option on the redistribute command on R1.

! R4 picks routes through R1 because they are E1 routes, even though the metric

! (148) is higher than the routes through R3 (cost 20)

R4# show ip route ospf

10.0.0.0/24 is subnetted, 10 subnets

O E1 10.1.2.0 [110/148] via 10.1.45.5, 00:00:11, Serial0/0/0.5 ! lines omitted for brevity

! R4's route to 10.1.5.0/24 below is intra-area, metric 65 R4# show ip route I incl 10.1.5.0

O 10.1.5.0 [110/65] via 10.1.45.5, 00:04:48, Serial0/0/0.5

! R4's new route to 10.1.5.0/24 is E2, learned from R3, with metric 20 R4# show ip route I incl 10.1.5.0\

O E2 10.1.5.0 [110/20] via 10.1.34.3, 00:10:52, Serial0/0/0.3

Was this article helpful?

+1 -1

Post a comment