1 route optimization chapter 10. 2 2 route filters use access list to filter out unwanted routes...
Post on 27-Dec-2015
217 Views
Preview:
TRANSCRIPT
1
Route OptimizationChapter 10
22
Route Filters
Use access list to filter out unwanted routes
Identifies packets or addresses to be filtered
Prevents certain routes from being advertised
Controls routing updates
33
Filtering
Access Groups Distribute List Route Maps
44
Access Lists
List of routes or packets to permit or deny
Order of statements in access list is important If packet matches access list, router goes
to next statement If packet does not match access list,
router denies or permits packet If packet does not match anything on
access list, implicit denial causes router to deny packet
55
Access Groups
Access Groups are applying the access lists you learned about in 240
Router(config)#access list 100 deny ip 192.168.24.0 0.0.0.255 192.168.50.0 0.0.0.255
Router(config)#access list 100 permit ip any any
Router(config)#int f0/0
Router (config-if)#ip access-group 100 in
66
How Route Filters Work
Route filters use access lists to accept or reject routes
Filter both routes advertised and incoming routes accepted from other routers
Router examines interface to see if routing filter is applied If so, examines access list to see if route
should be dropped in update If route matches statement in list, processes
it according to deny or permit keyword If route does not match statement, route is
dropped by implicit denial
77
Configuring Route Filters
Steps to configure route filter include Creating access list to match routes Determine which interface(s) to apply
route filter to and whether it will apply to incoming or outgoing route updates
Apply route filter with distribute-list command
88
Distribute List
Blocks the advertising of a route by using a Access List
Applied to the Router not the interface
Can block out a certain interface or all
99
Router(config)#access list 1 deny 192.168.50.0 0.0.0.255
Router(config)#access list 1 permit any
Router(config)#access list 2 deny 192.168.88.0 0.0.0.255
Router(config)#access list 2 permit any
Router(config)#router eigrp 100
Router(config-router)#distribute-list 1 out s1
Router(config-router)#distribute-list 2 out
Router(config)#access list 100 permit ip any any
1010
Using Route Maps to Implement Routing Policy Configure policy-based routing
Routes packets differently based on properties of packets
Introduced in Cisco 11.0 Use to mark packet with precedence or TOS
value Provides different Quality of Service (QOS) to
different types of traffic Can use values in queuing packets Allows service providers to route packets
from different sources through different paths
1111
How Route Maps Work
Route maps make policies based on attributes of a packet: Source address of packet Protocol Application Packet size
Route map has series of permit and deny statements Unlike access lists, route maps are
processed in order specified by sequence number
1212
Processing Route Maps
Each permit or deny statement works like if/then statement If packet matches the match
statement, router applies set command to packet
If packet doesn’t match any statement in route map, it is denied
May add statement at end to match all packets calling for some default action
1313
Policy-Based Routing
Router(config)#access-list 100 permit ip 192.168.200.0 0.0.0.255 192.168.50.0 0.0.0.255
Router(config)#access-list 100 permit ip 192.168.200.0 0.0.0.255 192.168.100.0 0.0.0.255
Router(config)#access-list 110 permit ip 192.168.50.0 0.0.0.255 Router(config)#access-list 110 permit ip 192.168.100.0 0.0.0.255Router(config)#route-map POLICY1 permit 10Router(config-route-map)#match ip address 100Router(config-route-map)#set interface s0/0Router(config-route-map)#route-map POLICY1 permit 20Router(config-route-map)#match ip address 110Router(config-route-map)#set interface s0/1Router(config-route-map)#exitRouter(config)#interface s1/1Router(config-if)#ip policy route-map POLICY1Router(config-if)#int f0/0Router(config-if)#ip policy route-map POLICY1
1414
Benefits and Disadvantages of Route Redistribution Redistribute routes for a variety of
reasons When two organizations merge, to
redistribute routes between Autonomous Systems
When migrating from one interior gateway protocol to another
When you must use multiple routing protocols on parts of network
To use different routing protocols on different sections of hierarchical network
1515
Redistributing Routes
• Allows one routing protocol to exchange information with different routing protocol
• Border router takes routes learned from one source of routing information and injects them into second Alternative to using work-intensive
static routing
1616
Two Connected Autonomous Systems
1717
Potential Redistribution Problems
Several potential problems Routing loops Poor path selection Inconsistent convergence times
1818
Protocol Considerations
• Routing protocols must support same routed protocol stack to redistribute
• Protocol determines how you redistribute routes Automatically redistributes between
EIGRP and IGRP in same Autonomous System
EIGRP metrics equal IGRP metrics multiplied by 256
Automatically redistributes between IPX and AppleTalk
1919
Configuring Route Redistribution Steps to configure basic route
redistribution Identify border routers that will
redistribute routes Decide which protocols will inject routes
into other routing protocol Enter routing configuration mode for
protocol that will learn routes Configure route distribution between two
routing protocols May need to redistribute one instance of
routing protocol into another
2020
Setting Default Metrics
• Two ways to set a default or seed metric
• Use the default-metric command with arguments Bandwidth - minimum in Kbps Delay - in tens of microseconds Reliability - with number from 1-255 where
255 means 100% reliable Loading - with number from 1-255 where
255 means 100% loaded MTU - in bytes
• Use metric-value keyword with redistribute command
2121
RIP Redistribution
Router(config)#router rip
Router(config-router)#redistribute igrp 100 metric 1
Router(config)#router rip
Router(config-router)#default-metric 1
Router(config-router)#redistribute igrp 100
2222
IGRP Distribution
Router(config)#router igrp 100
Router(config-router)#redistribute rip metric 100 100 200 1 1500
Router(config)#router igrp 100
Router(config-router)#default-metric 100 100 200 1 1500
Router(config-router)#redistribute rip
2323
OSPF Distribution
Router(config)# router ospf 1
Router(config-router)# redistribute eigrp 100 metric 100 subnets
Allows Classless routers to be redistributed
2424
Static, Default, and Connected Routes Situations where static or default
routes are better than dynamic routes Stub networks with only one outgoing
connection Internet connections Back-up links
Static routes must be redistributed for other routers in Autonomous System to use them
2525
Redistributing Static Routes• To configure a static route, use ip
route command Route tag lets you match a static
route in route maps Permanent keyword makes router
keep route in its routing table even if associated interface goes down
• Static routes can be configured to go through an interface instead of next hop
2626
Redistributing Connected Routes Use redistribute connected
command to redistribute any connected network By default, all connected networks
are redistributed Can use route filter to remove
network that should not be redistributed
Use redistribute static command to redistribute between routing protocols
2727
Redistributed Static and Connected Routes
2828
Redistributing Default Routes Special type of static route Two ways to configure default route:
Use ip route 0.0.0.0 0.0.0.0 next-hop command
Use ip default-network network command
Can help router choose default gateway or gateway of last resort
Protocol determines how commands are used
Weigh benefits of static and dynamic routes against disadvantages
2929
Redistributing into Classful Routing Protocols Potential problems when
redistributing between classless routing protocols with VLSMs those that do not support VLSMs Classless routing protocols may
inject routes that are not subnetted along classful boundaries
3030
Two Strategies to Solve Problem Propagate default route to OSPF
domain through RIPv1 domain Summarize or filter routes
injected from OSPF domain to make RIPv1 routers learn only about routes with classful netmasks
3131
Clean Up Routing Tables Before Redistribution Prevent potential problems by
simplifying topology of each Autonomous System before redistribution Reduce amount of routing
information that each protocol redistributes
Reduce size of routing table Use route filters and route maps
3232
Changing Metrics with Route Maps Identify routes whose metrics you
want to change Steps to change metrics
Write access list identifying routes to be matched
Define route map identifying routes with match statement
Use set command to set metric for routes Decide how to handle all other routes Use redistribution command to activate
redistribution, set default metric, and activate the route map
3333
One-Way Redistribution Through a Single Border Router
• Two Autonomous Systems redistributing routes at a single router Packets traveling from one AS to other
go through border router For RIP domain, redistribute default
route and use ip classless command For EIGRP domain, use static route to
allow EIGRP AS to learn about routes in RIP AS
• Disadvantage is single point of failure
3434
Redistributing from RIP into EIGRP with a Default Route
3535
One-Way Redistribution Through Multiple Border Routers
Connect two Autonomous Systems at multiple places to avoid single point of failure
Set seed metric for RIP router redistribution into EIGRP
3636
Possible Problems with Multiple Border Routers
Possible problem since both EIGRP and RIP propagate default routes All packets sent on Internet may
enter routing loop if primary route to Internet is down
Solution is to filter default route so that EIGRP Autonomous System does not learn about it
3737
EIGRP Autonomous System Connected to OSPF AS Each Autonomous System has
default route to the Internet Neither Autonomous System can
use a default route to get to each other
Each Autonomous System must learn routes from the other
3838
Redistributing OSPF into EIGRP Set seed metrics for routes
redistributed into each routing protocol
Use match keyword to match only certain types of routes
Use subnets keyword to have protocol inject information about subnets
3939
Redistributing EIGRP into OSPF Redistribution does not allow
control of types of routes injected into OSPF
Use a route filter to eliminate problems Identify networks to be filtered and
make an access list Use distribute-list out command to
apply access list
4040
Monitoring and Troubleshooting Redistribution
Two ways to verify that route redistribution is configured Use show running-config
command Use show ip protocols command
Use show ip route command to examine routing tables
4141
Troubleshooting Redistribution Problems• Examine topology of each involved
Autonomous System• Examine routing tables of any border
routers• Examine routing tables of routers
inside each Autonomous System• Use ping and traceroute commands to
check routes crossing the boundary between Autonomous Systems
• Use debug commands on routers that seem to have a problem
top related