Presentation is loading. Please wait.

Presentation is loading. Please wait.

1RD-CSY3021. Preventing Propagation of routing information When using an on-demand WAN link To minimize, or stop entirely, the exchange of routing update.

Similar presentations


Presentation on theme: "1RD-CSY3021. Preventing Propagation of routing information When using an on-demand WAN link To minimize, or stop entirely, the exchange of routing update."— Presentation transcript:

1 1RD-CSY3021

2 Preventing Propagation of routing information When using an on-demand WAN link To minimize, or stop entirely, the exchange of routing update information across this type of link; otherwise, the link will remain up constantly To prevent routing loops When a path is learned to the same destination by two different routing protocols, you may want to filter the propagation of one of the paths To preserve bandwidth To ensure maximum bandwidth availability for data traffic by reducing unnecessary routing update traffic 2RD-CSY3021

3 1. Passive interface 1. Prevents all routing updates from being sent through an interface 2. Default routes 1. Instructs the router that if it does not have a route for a given destination, to send the packet to the default route 3. Static routes 1. A route to a destination that is configured in the router 4. Route update filtering  Use access lists to filter route update traffic about specific networks 5. Route Maps – Policy Routing 3RD-CSY3021

4  With most protocols passive interface stops the router from sending updates to a particular neighbor, but continues to listen and use routing updates from that neighbor In OSPF the interface address you specify as passive appears as a stub network in the OSPF domain.  OSPF routing information is neither sent nor received through the specified router interface In EIGRP, passive interface causes the router to stop sending hello packets.  When this happens, the router can't form neighbor adjacencies on the interface or send or receive routing updates  To achieve the common effect of passive interface with EIGRP, use the distribute-list command 4RD-CSY3021

5 5

6 Gateway of Last Resort  The gateway of last resort is a routing entry that the router forwards packets to when it lacks a more specific route to a network  When IP routing is Enabled 1. The ip default-network to tag a route as a gateway of last resort  Router(config)#ip default-network  Propagated differently depending on which protocol is propagating the default route  For IGRP/EIGRP to, the network specified must be a IGRP or EIGRP derived network in the routing table or advertised into these protocols using ‘network’ command 2. Create a Static Route to quad zero ( )  Router (config)# ip route  IGRP can not understand a route to  When IP routing is disabled,  Router(config) # ip default-gateway Can a router have multiple IP default networks entered ? #show ip route Gateway of last resort is not set /24 is subnetted, 1 subnets C is directly connected, Ethernet /24 is subnetted, 1 subnets C is directly connected, Serial0 S /24 [1/0] via

7  2513(config)#ip default−network ,  2513#show ip route  Gateway of last resort is to network  /24 is subnetted, 1 subnets  C is directly connected, Ethernet0  /24 is subnetted, 1 subnets  C is directly connected, Serial0  S* /24 [1/0] via #show ip route Gateway of last resort is not set /24 is subnetted, 1 subnets C is directly connected, Ethernet /24 is subnetted, 1 subnets C is directly connected, Serial0 S /24 [1/0] via Add another default gateway 2513(config)#ip route (config)#ip default−network #show ip route  Gateway of last resort is to network  /16 is variably subnetted, 2 subnets, 2 masks  S /16 [1/0] via  S /24 [1/0] via  /24 is subnetted, 1 subnets  C is directly connected, Ethernet0  /24 is subnetted, 1 subnets  C is directly connected, Serial0  S* /24 [1/0] via Why is the network not flagged as default network 7RD-CSY3021

8  The ip default−network command is classful. This means that if the router has a route to the subnet indicated by this command, it installs the route to the major net.  At this point neither network has been flagged as the default network. The ip default−network command must be issued again, using the major net, in order to flag the candidate default route.  2513(config)#ip default−network  2513(config)#^Z  2513#show ip route  Gateway of last resort is to network  * /16 is variably subnetted, 2 subnets, 2 masks  S* /16 [1/0] via  S /24 [1/0] via  /24 is subnetted, 1 subnets  C is directly connected, Ethernet0  /24 is subnetted, 1 subnets  C is directly connected, Serial0  S* /24 [1/0] via RD-CSY3021

9  Significant overhead can be created by packets for routes that do not exist.  the router may want to send an Internet Control Message Protocol (ICMP) host or network- unreachable message for each un-routable packet  One solution is to configure a route to the null0 interface  a legitimate interface that accepts the packets and then throws them away  No ICMP host or network-unreachable messages are sent for packets forwarded to null0 9RD-CSY3021

10 route-map my_bgp permit 10 { match statements } { set statements } route-map my_bgp deny 20 :: :::: route-map my_bgp permit 30 :: ::::  Route maps are similar to a scripting language:  A list of statements composes a route map.  The list is processed top-down like an access list.  The first match found for a route is applied.  The sequence number is used for inserting or deleting specific route map statements. 10RD-CSY3021

11 redistribute protocol [process id] route-map map-tag router(config-router)#  Allows for detailed control of routes being redistributed into a routing protocol route-map map-tag [permit | deny] [sequence-number] router(config)#  Defines the route map conditions match {conditions} router(config-route-map)#  Defines the conditions to match set {actions} router(config-route-map)#  Defines the action to be taken on a match 11RD-CSY3021

12  The match statement may contain multiple references.  Multiple match criteria in the same line use a logical OR.  Each vertical match uses a logical AND.  All match statements must permit the route for it to remain a candidate for redistribution.  Route map permit or deny determines if the candidate will be redistributed. 12RD-CSY3021

13 Example - Policy Routing  With normal routing, all the packets from /8 network to the Internet will take the path through interface ethernet 0/0 of Cisco WAN Router (via /24 subnet) as it is the best path with least metric.  Policy-based routing can be used such that these packets take the path through the Firewall to the Internet, normal routing behavior has to be overridden by configuring policy routing.  The firewall translates all the packets from /8 network going to the Internet, which is however not necessary for policy routing to work. interface Ethernet3/0 ip address ip policy route-map net-10 access-list 111 permit ip any route-map net-10 permit 10 match ip address 111 set interface Ethernet0/1 route-map net-10 permit 20 13

14 CommandDescription match community Matches a BGP community match interface Matches any routes that have the next hop out of one of the interfaces specified match ip address Matches any routes that have a destination network number address that is permitted by a standard or extended ACL match ip next-hop Matches any routes that have a next-hop router address that is passed by one of the ACLs specified match ip route- source Matches routes that have been advertised by routers and access servers at the address that is specified by the ACLs match length Matches based on the layer 3 length of a packet match metric Matches routes with the metric specified match route-type Matches routes of the specified type match tag Matches tag of a route

15 Filtering Routing Updates  A distribute-list is used to control routing updates either coming TO router or leaving your router.  Example: we want to filter out route /32. ◦ define an ACL that identifies that route, denies it, and allows all other traffic ◦ Create a Distribute-List that references the ACL and defines the direction ◦ Go into the routing process  we want to filter OSPF routes so we go into the OSPF routing process configuration ◦ Verify that the route has been removed  Router# show ip route  Gateway of last resort is not set  /8 is variably subnetted, 3 subnets, 2 masks  O /32 [110/11] via , 00:00:10, Ethernet0  O /32 [110/11] via , 00:00:10, Ethernet0  C /24 is directly connected, Loopback0  /24 is subnetted, 1 subnets  C is directly connected, Ethernet0  Define Access list  Router(config)# access-list 50 deny  Router(config)# access-list 50 permit any  OSPF ROUTING PROCESS CONFIGURATION  Router(config)# router ospf 10  Router(config-router)# distribute-list 50 in  Verify route  Router# sh ip route  …  /8 is variably subnetted, 2 subnets, 2 masks  O /32 [110/11] via , 00:11:39, Ethernet0  C /24 is directly connected, Loopback0  /24 is subnetted, 1 subnets  C is directly connected, Ethernet0 15RD-CSY3021

16 distance administrative distance [address wildcard-mask [access-list-number | name]] Router(config-router)#  Used for all protocols except EIGRP and BGP redistribution distance eigrp internal-distance external-distance Router(config-router)#  Used for EIGRP 16RD-CSY3021


Download ppt "1RD-CSY3021. Preventing Propagation of routing information When using an on-demand WAN link To minimize, or stop entirely, the exchange of routing update."

Similar presentations


Ads by Google