© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Manipulating Routing Updates Controlling Routing Update Traffic
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Using the passive-interface Command
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Controlling Routing Update Traffic
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v distribute-list {access–list-number | name} out [interface–name | routing–process [routing-process parameter]] Router(config-router)# Configuring distribute-list distribute-list [access–list-number | name] | [route-map map-tag] in [interface-type interface-number]] Router(config-router)# Use an access list (or route map) to permit or deny routes. Can be applied to transmitted, received, or redistributed routing updates. For outbound updates: For inbound updates:
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Hides network using interface filtering Filtering Routing Updates with a Distribute List
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Controlling Redistribution with Distribute Lists
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Route Maps Route maps are similar to a scripting language for these reasons: They work like a more sophisticated access list. –They offer top-down processing. –Once there is a match, leave the route map. Lines are sequence-numbered for easier editing. –Insertion of lines –Deletion of lines Route maps are named rather than numbered for easier documentation. Match criteria and set criteria can be used, similar to the if, then logic in a scripting language.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Route Map Applications The common uses of route maps are as follows: Redistribution route filtering: a more sophisticated alternative to distribute lists Policy-based routing: the ability to determine routing policy based on criteria other than the destination network BGP policy implementation: the primary tool for defining BGP routing policies
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v route-map my_bgp permit 10 { match statements } { set statements } route-map my_bgp deny 20 :: :::: route-map my_bgp permit 30 :: :::: Route Map Operation A list of statements constitutes a route map. The list is processed top-down like an access list. The first match found for a route is applied. The sequence number is used for inserting or deleting specific route map statements.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v The match statement may contain multiple references. Multiple match criteria in the same line use a logical OR. At least one reference must permit the route for it to be a candidate for redistribution. Each vertical match uses a logical AND. All match statements must permit the route for it to remain a candidate for redistribution. Route map permit or deny determines if the candidate will be redistributed. Route Map Operation (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v redistribute protocol [process id] route-map map-tag router(config-router)# Allows for detailed control of routes being redistributed into a routing protocol route-map Commands route-map map-tag [permit | deny] [sequence-number] router(config)# Defines the route map conditions match {conditions} router(config-route-map)# Defines the conditions to match set {actions} router(config-route-map)# Defines the action to be taken on a match
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v The match Command router(config-route-map)# Match {options} options : ip address ip-access-list ip route-source ip-access-list ip next-hop ip-access-list interface type number metric metric-value route-type [external | internal | level-1 | level-2 |local] … The match commands specify criteria to be matched. The associated route map statement permits or denies the matching routes.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v The set Command router(config-route-map)# set {options} options : metric metric-value metric-type [type-1 | type-2 | internal | external] level [level-1 | level-2 | level-1-2 |stub-area | backbone] ip next-hop next-hop-address The set commands modify matching routes. The command modifies parameters in redistributed routes.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Route Maps and Redistribution Commands Router(config)# router ospf 10 Router(config-router)# redistribute rip route-map redis-rip Router(config)# route-map redis-rip permit 10 match ip address set metric 500 set metric-type type-1 route-map redis-rip deny 20 match ip address 37 route-map redis-rip permit 30 set metric 5000 set metric-type type-2 Routes matching either access list 23 or 29 are redistributed with an OSPF cost of 500, external type 1. Routes permitted by access list 37 are not redistributed. All other routes are redistributed with an OSPF cost metric of 5000, external type 2. Router(config)# access-list 23 permit access-list 29 permit access-list 37 permit
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Route SourceDefault Distance Connected interface0 Static route1 EIGRP summary route5 External BGP20 Internal EIGRP90 IGRP100 OSPF110 IS-IS115 RIPv1, RIPv2120 External EIGRP170 Internal BGP200 Unknown255 Administrative Distance
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Administrative Distance (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v distance administrative distance [address wildcard-mask [access-list-number | name]] Router(config-router)# Used for all protocols except EIGRP and BGP redistribution Modifying Administrative Distance distance eigrp internal-distance external-distance Router(config-router)# Used for EIGRP
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Example: Redistribution Using Administrative Distance
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v router ospf 1 redistribute rip metric metric-type 1 subnets network area 0 ! router rip version 2 redistribute ospf 1 metric 5 network no auto-summary router ospf 1 redistribute rip metric metric-type 1 subnets network area 0 ! router rip version 2 redistribute ospf 1 metric 5 network no auto-summary Router P3R1 Router P3R2 Example: Redistribution Using Administrative Distance (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Example: Redistribution Using Administrative Distance (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Example: Redistribution Using Administrative Distance (Cont.) hostname P3R1 ! router ospf 1 redistribute rip metric metric-type 1 subnets network area 0 distance ! router rip version 2 redistribute ospf 1 metric 5 network no auto-summary ! access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit hostname P3R2 ! router ospf 1 redistribute rip metric metric-type 1 subnets network area 0 distance ! router rip version 2 redistribute ospf 1 metric 5 network no auto-summary ! access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit access-list 64 permit
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Example: Redistribution Using Administrative Distance (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Summary The passive-interface command allows control of routing updates. A distribute list uses an ACL to control routing updates. A distribute list may be applied to an interface or to redistribute routes. A route map is a complex tool used for manipulating and filtering routes and uses match–set or if–then logic. A route-map can be used to streamline the route redistribution process. Administrative distance is a value used by routers to evaluate the route received from more than one routing protocol. Each IP routing protocol is assigned a value by Cisco, which can be changed with Cisco IOS software commands. During route redistribution, administrative distance must be manipulated at times to maintain routing accuracy.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v