CCNP ROUTE (Version 7) – Chapter 4: Manipulating Routing Updates

Objectives

  • This chapter covers the following topics:
  • Using Multiple IP Routing Protocols on a Network
  • Implementing Route Redistribution
  • Controlling Routing Update Traffic

Using Multiple IP Routing Protocols on a Network

  • Describe the need for using more than one protocol in a network
  • Describe how routing protocols interact
  • Describe solutions for operating in a multiple routing protocol environment
  • Simple routing protocols work well for simple networks, but as networks grow and become more complex, it may be necessary to change the routing protocols.
  • Often, the transition between routing protocols takes place gradually, so there are multiple routing protocols that are operating in the network for variable lengths of time.

Why Run Multiple Routing Protocols?

  • When migrating from an older Interior Gateway Protocol (IGP) to a new IGP.
  • The same applies to company mergers between companies that are each using a different routing protocol.
  • In mixed-router vendor environments.
  • When the use of a new protocol is desired, but the old routing protocol is needed for host systems
  • When some departments do not want to upgrade their routers to support a new routing protocol.

Running Multiple Routing Protocols

When running multiple routing protocols, a router may learn of a route from different routing sources. If a router learns of a specific destination from two different routing domains, the route with the lowest administrative distance would get installed in routing table.

Administrative Distance

The administrative distance is used to rate a routing protocol’s believability (also called its trustworthiness). Each routing protocol is prioritized in order from most to least believable using an assigned value called the administrative distance.

Multiple Routing Protocols Solutions

Careful routing protocol design and traffic optimization solutions should be implemented when supporting complex multiprotocol networks.

These solutions include the following:

  • Summarization (Chapter 2 & 3)
  • Redistribution between routing protocols
  • Route filtering

Implementing Route Redistribution

  • Describe the need for route redistribution
  • Identify some considerations for route redistribution
  • Describe how to configure and verify route redistribution
  • Identify the different types of route redistribution

Defining Route Redistribution

  • Cisco routers allow internetworks using multiple routing protocols to exchange routing information using the route redistribution feature.
  • Route redistribution is defined as the capability of boundary routers connecting different routing domains to exchange and advertise routing information between those routing domains (autonomous systems).
  • Redistribution shares routing information about routes that the router has learned with other routing protocols.

Planning to Redistribute Routes

  • Network administrators must manage redistribution carefully because it can lead to routing loops, which negatively affect an internetwork.
  • Different routing protocols have different requirements and capabilities, so it is important for network administrators to create a detailed plan before making any routing protocol changes.
  • An accurate topology map of the network and an inventory of all network devices are critical for success.
  • To have a scalable solution and limit the amount of routing update traffic, the redistribution process must selectively insert the routes that are learned.
  • When a router redistributes routes, it only propagates routes that are in the routing table. Therefore, a router can redistribute dynamically learned routes, static routes, and direct connected routes.

Within each autonomous system, internal routers typically have complete knowledge of their network. Boundary routers running multiple protocols are usually configured to redistribute routes between routing domains. To have a scalable solution and limit the amount of routing update traffic, the redistribution process must selectively insert the routes that are learned.

Redistributing Routes

  • Redistribution is always performed outbound .
  • This means that the router doing redistribution does not change its own routing table.
  • Only downstream routers receiving the redistributed routes could add them to their respective routing tables.

For instance, Figure 4-2 illustrates two routing domains interconnected by the boundary router R1. The routing table of R2 contains directly connected and OSPF networks, and the R3 routing table contains directly connected and EIGRP routes. R1 has active OSPF and EIGRP processes and its routing table contains directly connected routes, OSPF domain routes, and EIGRP domain routes. Without redistribution, routers in the OSPF domain are not aware of EIGRP routes, and routers in the EIGRP domain are not aware of OSPF routes.

  • Without redistribution, routers in the OSPF domain are not aware of EIGRP routes, and routers in the EIGRP domain are not aware of OSPF routes.

Seed Metrics

  • When a router is redistributing, the redistributed route must have a metric appropriate for the receiving protocol.
  • The seed or default metric is defined during redistribution configuration. After the seed metric for a redistributed route is established, the metric increments normally within the autonomous system.

The seed metric can be configured using either of the following:

  • The default-metric router configuration command, which establishes the seed metric for all redistributed routes. The default metric specified applies to all protocols being redistributed into this protocol.
  • The redistribute router configuration command using either the metric option or a route map. Using the metric parameter in the redistribute command, set a specific metric for the protocol being redistributed.
  • A metric configured in a redistribute command overrides the value in the default-metric command for that one protocol.

Because redistributed routes are learned from other sources (such as other routing protocols), a boundary router must be capable of translating the metric of the received route from the source routing protocol into the receiving routing protocol. For example, if a boundary router receives a RIP route, the route has hop count as a metric. To redistribute the route into OSPF, the router must translate the hop count into a cost metric that the other OSPF routers will understand.

To help prevent suboptimal routing and routing loops, always set the initial seed metric to a value that is larger than the largest metric within the receiving autonomous system.

For example, when RIP routes are redistributed into OSPF and the highest OSPF metric is 50, the redistributed RIP routes should be assigned an OSPF metric higher than 50.

Default Seed Metrics

Default seed metric value for redistributed routes for each IP routing protocol is as follows:

  • Routes redistributed into EIGRP and RIP are assigned a metric of infinity. This informs the router that the route is unreachable and should not be advertised. Therefore, a seed metric must be specified. Exceptions to this rule are redistributed connected or static routes and routes that are being redistributed between two EIGRP autonomous systems.
  • Routes redistributed into OSPF are assigned a default type 2 (E2) metric of 20. However, redistributed BGP routes are assigned a default type 2 metric of 1.
  • Routes redistributed into for BGP maintain their IGP routing metrics.
  • Routes redistributed into Intermediate System-to-Intermediate System (IS-IS) Protocol are assigned a default metric of 0. But unlike RIP or EIGRP, a seed metric of 0 is not treated as unreachable by IS-IS.

Routes redistributed into EIGRP and RIP are assigned a metric of infinity. This informs the router that the route is unreachable and should not be advertised. Therefore, a seed metric must be specified when redistributing routes into RIP and EIGRP; otherwise, the routes will not be redistributed. Exceptions to this rule are redistributed connected or static routes and routes that are being redistributed between two EIGRP autonomous systems.

Redistributing RIP Routes into OSPF

Configuring and Verifying Basic Redistribution in IPv4 and IPv6

Redistributing OSPFv2 Routes into the EIGRP Routing Domain

Router(config-router)# redistribute protocol process-id [ metric bandwidth-metric delay-metric reliability-metric effective-bandwidth-metric mtu-bytes ] [ route-map map-tag ]

Verifying Redistributed OSPF Routes on R2

  • OSPFv2 routes into the EIGRP routing domain
  • OSPFv3 routes into the EIGRP for IPv6 routing domain
  • EIGRP routes into the OSPFv2 routing domain
  • EIGRP for IPv6 routes into the OSPFv3 routing domain

Redistributing OSPFv3 Routes into the EIGRP for IPv6 Routing Domain

Redistributing Connected Routes into EIGRP for IPv6

Redistributing EIGRP Routes into the OSPFv2 Routing Domain

Router(config-router)# redistribute protocol process-id [ metric metric-value ] [ metric-type type-value ] [ route-map map-tag ] [ subnets ]

Redistributing EIGRP Routes into OSPF

OSPF Metric-Type

The following external packet types can be configured:

  • E1: Type O E1 external routes calculate the cost by adding the external cost to the internal cost of each link that the packet crosses. Use this type when there are multiple ASBRs advertising an external route to the same autonomous system to avoid suboptimal routing.
  • E2 (default): The external cost of O E2 routes is fixed and does not change across OSPF domain. Use this type if only one ASBR is advertising an external route to the autonomous system

Redistributing EIGRP Routes into OSPF as External Type 1 Routes

Types of Redistribution Techniques

One-Point Redistribution

  • One-way redistribution This method only redistributes the networks learned from one routing protocol into the other routing protocol.
  • With this method, R1 performs one-way redistribution because it only redistributes AS1 routes into the AS2 routing domain.
  • AS2 routes are not being redistributed in AS1.
  • Typically, AS1 routers would require the use of a default route or one or more static routes to reach AS2 routes.

One-Point Redistribution

  • Two-way redistribution: This method redistributes routes between the two routing processes in both directions.
  • R1 is the one-point of redistribution between AS1 and AS2.
  • R1 provides two-way redistribution because it redistributes AS1 routes into AS2 and AS2 routes into AS1.

Multipoint Redistribution

  • One-way redistribution: This method consists of two or more boundary routers only redistributing networks learned from one routing protocol into the other routing protocol.
  • The boundary routers R3 and R4 are both redistributing AS1 routes into the AS2 routing domain.
  • Again, AS1 routers would require the use of a default route or one or more static routes to reach AS2 routes.

Multipoint Redistribution

  • Two-way redistribution : Also referred to as mutual redistribution , this method consists of two or more boundary routers redistributing routes in both directions.
  • The boundary routers R3 and R4 provide two-way redistribution because they redistribute AS1 routes into AS2 and AS2 routes into AS1.

Multipoint redistribution is likely to introduce potential routing loops. Multipoint one-way redistribution is problematic, and multipoint two-way redistribution is highly dangerous. Typical problems with multipoint redistribution involve the difference in the administrative distances of the protocols and their incompatible metrics, especially when statically assigned seed metrics are used in redistribution points.

Redistribution Problems

Generic multipoint two-way redistribution requires careful design and configuration.

Problems that can occur during multipoint two-way redistribution include the following:

  • Suboptimal routing. (Only part of the total cost is considered in routing decisions.)
  • Self-sustained routing loops upon route loss.

Figure 4-11 illustrates a two-way multipoint redistribution issue where the cost of the internal links in AS1 (that is, 10 Mbps) differs from the cost of the internal links in AS2 (that is, 100 Mbps). In the figure, it is obvious that the best path between R1 and R4 is via R3, but during redistribution from AS2 to AS1, the metric is lost, and R1 is sending the packets toward R4 via R2, resulting in suboptimal routing.

Two-Way Multipoint Redistribution Issue

The cost of the internal links in AS1 (that is, 10 Mbps) differs from the cost of the internal links in AS2 (that is, 100 Mbps). In the figure, it is obvious that the best path between R1 and R4 is via R3, but during redistribution from AS2 to AS1, the metric is lost, and R1 is sending the packets toward R4 via R2, resulting in suboptimal routing.

  • The 10.2.0.0/24 network is learned natively within the RIP part of the network, R4 first sees it with a hop count of 5.
  • R4 then propagates this route to R3 and R2 with a hop count of 6.
  • R3 propagates the route to R1 with a hop count of 7, and R2 redistributes it into OSPF.
  • Now R1 has a choice to make. It has a route to the 10.2.0.0.0/24 network from RIP with an AD of 120 (RIP) and the same network with an AD of 110 (OSPF).
  • Because OSPF has a better (lower) AD, R1 redistributes the network back to RIP with the metric that is set in the redistribute command.
  • If the redistribute command is configured to assign a static metric of 3 hops (or lower); however, R3 starts preferring the path R1-R2-R4 to reach 10.2.0.0.0/24, because the hop count advertised by R1 is 3, and the hop count advertised by R4 is 6.
  • This results in suboptimal routing.
  • Worse, because R3 now prefers the path to R1, it will advertise this to R4 with a hop count of 4. R4 now has the choice of the route from R3 with a hop count of 4 or the true path to the 10.2.0.0/24 network with a hop count of 5.
  • R4 will select the path to R3 and advertise this to R2. There is now a routing loop (R4, R2, R1, R3, and R4). Packets destined for the 10.2.0.0/24 network that enter this loop will bounce around the loop and never reach the destination. Network 10.2.0.0/24 becomes unreachable.

Preventing Routing Loops in a Redistribution Environment

Redistribute routes in only one direction, on only one boundary router within the network.

If redistribution must be done in both directions or on multiple boundary routers, the redistribution should be tuned.

To prevent routing loops in a multipoint redistribution scenario:

  • Only redistribute internal routes from one autonomous system to another (and vice versa).
  • Tag routes in redistribution points and filter based on these tags when configuring redistribution in the other direction.
  • Propagate metrics from one autonomous system to another autonomous system properly. (Even though this is not sufficient to prevent loops.)
  • Use default routes to avoid having to do two-way redistribution.

Verifying Redistribution Operation

  • Know your network topology, particularly where redundant routes exist.
  • Examine the topology table of each configured routing protocol to ensure that all appropriate prefixes are being learned.
  • Perform a trace using the traceroute [ ip-address ] EXEC command on some of the routes that go across the autonomous systems to verify that the shortest path is being used for routing.
  • If you encounter routing problems, use the traceroute and debug commands to observe the routing update traffic on the boundary routers and on the internal routers.

Controlling Routing Update Traffic

  • Describe the general mechanics and need for route filtering
  • Identify how to use and configure distribute lists
  • Identify how to use and configure prefix lists
  • Identify how to use and configure route maps
  • Describe how to modify administrative distance

Because you can

In the example in Figure 4-13 , only a portion of routes from the EIGRP domain is distributed into OSPF on the boundary router R3. Specifically, the 10.0.1.0/24 and 10.0.2.0/24 should be permitted, and the 10.0.101.0/24 and 10.0.102.0/24 should be denied.

Cisco IOS allows manipulation of redistributed route information by using route filtering features. For example, a route filter option such as a route map could

Route Filtering Methods

Distribute lists

A distribute list allows an access control lists (ACLs) to be applied to routing updates.

Prefix lists

A prefix list is an alternative to ACLs designed to filter routes. It can be used with distribute lists, route maps, and other commands.

Route maps

Route maps are complex access lists that allow conditions to be tested against a packet or route, and then actions taken to modify attributes of the packet or route.

No one type of route filter is appropriate for every situation. Therefore, it is important to understand the various techniques available to help make better route filtering decisions.

Using Distribute Lists

  • A distribute list allows an ACL to be applied to routing updates.
  • Classic ACLs do not affect traffic that is originated by the router, so applying one to an interface has no effect on the outgoing routing advertisements.
  • When you link an ACL to a distribute list, routing updates can be controlled no matter what their source is.
  • ACLs are configured in the global configuration mode and are then associated with a distribute list under the routing protocol.
  • The ACL should permit the networks that should be advertised or redistributed and deny the networks that should be filtered.
  • The router then applies the ACL to the routing updates for that protocol. Options in the distribute-list command allow updates to be filtered based on three factors:
    • Incoming interface
    • Outgoing interface
    • Redistribution from another routing protocol
  • Using a distribute list gives the administrator great flexibility in determining just which routes will be permitted and which will be denied.

Configuring Distribute Lists [out]

distribute-list [ access-list-number | name ] out [ interface-type interface-number | routing process | autonomous-system-number ] command.

The distribute-list out command filters updates going out of the interface or routing protocol specified in the command, into the routing process under which it is configured.

Configuring Distribute Lists [in]

distribute-list [ access-list-number | name ] in [ interface-type interface-number ]

The distribute-list in command filters updates going into the interface specified in the command, into the routing process under which it is configured.

Distribute List and ACL Example [out]

In this example, R3 must redistribute EIGRP routes into the OSPF domain with a metric of 40. However, the administrator only wants to allow the 10.10.11.0/24 and 10.10.12.0/24 routes to be propagated. All other routes should not be permitted.

Distribute List and ACL Example [in]

In this example, R3 must redistribute EIGRP routes into the OSPF domain with a metric of 40. However, the administrator only wants to allow the 10.10.11.0/24 and 10.10.12.0/24 routes to be propagated. All other routes should not be permitted.

Distribute List Issues

Traditionally, route filtering was accomplished using ACLs with the distribute-list command; however, using ACLs as route filters for distribute lists has several drawbacks, including the following:

  • A subnet mask cannot be easily matched.
  • Access lists are evaluated sequentially for every IP prefix in the routing update.
  • Extended access lists can be cumbersome to configure.

Prefix List Characteristics

  • Prefix lists are similar to access lists in many ways.
  • A prefix list can consist of any number of lines, each of which indicates a test and a result.
  • The router can interpret the lines in the specified order, although Cisco IOS Software optimizes prefix lists for processing in a tree structure.
  • When a router evaluates a route against the prefix list, the first line that matches will result in either a “permit” or “deny.”
  • If none of the lines in the list match, the result is “implicitly deny.”

Using the ip prefix-list command has several benefits in comparison with using the access-list command. The intended use of prefix lists is limited to route filtering, where access lists were originally intended to be used for packet filtering and were then extended to route filtering.

The Advantages of Using Prefix Lists

Friendlier command-line interface

Faster processing

A significant performance improvement over access lists in loading and route lookup of large lists.

Support for incremental modifications

Sequence numbers are assigned to ip prefix-list statements, making it easier to edit.

Greater flexibility

Routers match networks in a routing update against the prefix list using as many bits as indicated. A prefix list can specify the exact size of the subnet mask, or it can indicate that the subnet mask must be in a specified range.

  • Friendlier command-line interface
  • The CLI is easier to understand and use compared to using extended access lists to filter updates.
  • Faster processing
  • A significant performance improvement over access lists in loading and route lookup of large lists. A router transforms a prefix list into a tree structure, with each branch of the tree serving as a test. Cisco IOS Software determines a verdict of either permit or deny much faster this way than when sequentially interpreting access lists.
  • Support for incremental modifications
  • Sequence numbers are assigned to ip prefix-list statements, making it easier to edit. Statements can be added in between sequence numbers or specific statements can be deleted. If no sequence number is specified, a default one is applied.

Configuring Prefix Lists

ip prefix-list { list-name | list-number } [ seq seq-value ] { deny | permit } network/ length [ ge ge-value ] [ le le-value ]

Distribute List and Prefix List Example

Prefix List Examples

Verifying Prefix Lists

Manipulating Redistribution Using ACLs, Prefix Lists, and Distribute Lists

Redistributing OSPFv2 Routes into the EIGRP Routing Domain Using an ACL and Distribute List

Redistributing EIGRP Routes into the OSPF Routing Domain Using a Prefix List and Distribute List

Understanding Route Maps

  • Route maps are complex access lists that allow some conditions to be tested against the packet or route in question using match commands.
  • If the conditions match, some actions can be taken to modify attributes of the packet or route.
  • These actions are specified by set commands.
  • A collection of route-map statements that have the same route map name is considered one route map.
  • Within a route map, each route-map statement is numbered and therefore can be edited individually.
  • The statements in a route map correspond to the lines of an access list.

Route Map Applications

Route filtering during redistribution

  • Route maps offer the benefit of manipulating routing metrics through the use of set commands.
  • The route map is applied using the redistribute command.

Policy-based routing (PBR)

  • Route maps can be used to match source and destination addresses, protocol types, and end-user applications. When a match occurs, a set command can be used to define the interface or next-hop address to which the packet should be sent.
  • The route map is applied to an interface using the ip policy route-map interface configuration command.

BGP

  • In addition to filtering, route maps provide sophisticated manipulation of BGP path attributes. The route map is applied using the BGP neighbor router configuration command.

Configuring Route Maps

Step 1. Define the route map using the route-map global configuration command.

Step 2. Define the matching conditions using the match command and optionally the action to be taken when each condition is matched using the set command.

Step 3. Apply the route map.

Define the Route Map

route-map map-tag [ permit | deny ] [ sequence-number ]

Route Map Rules

Route map sequence numbers do not automatically increment. When the sequence-number parameter of the route-map command is not used, the following occurs:

  • If no other entry is already defined with the supplied route-map map-tag , an entry is created, with the sequence-number set to 10.
  • If only one entry is already defined with the supplied route-map tag, that entry is the default entry for the route-map command, and the sequence-number of the entry is unchanged.
  • If more than one entry is already defined with the supplied route-map tag, an error message is displayed, indicating that the sequence-number is required.
  • If the no route-map map-tag command is specified (without the sequence-number parameter), the whole route map is deleted.

Like an access list, an implicit deny any appears at the end of a route map. The consequences of this deny depend on how the route map is being used.

The match condition route map configuration commands are used to define the conditions to be checked. The set condition route map configuration commands are used to define the actions to be followed if there is a match and the action to be taken is permit.

A route-map statement without any match statements will be considered matched.

Demonstration of the route-map Command

Define the Matching Conditions

Define the Set Actions

Using Route Maps with Redistribution

Manipulating Redistribution Using Route Maps

  • R1 and R4 will be configured to support mutual redistribution without any filtering mechanism.
  • R1 and R4 will be configured to support mutual redistribution using route maps.
  • Change administrative distance for certain routes to enable optimal routing.

Mutual Redistribution Without Filters

Verifying Redistributed Routes

  • Notice the redistributed EIGRP network as OSPF routes in the routing table. An example of two redistributed loopback routes is highlighted. Also notice how the link networks like 172.16.20.0/24 and 172.16.21.0/24 were redistributed.

Manipulating Redistribution Using Route Maps

  • R1 and R4 will be configured to support mutual redistribution without any filtering mechanism.
  • R1 and R4 will be configured to support mutual redistribution using route maps.
  • Change administrative distance for certain routes to enable optimal routing.

Mutual Redistribution with Route Maps

Verifying Redistributed Routes

Change Administrative Distance to Enable Optimal Routing

  • R1 and R4 will be configured to support mutual redistribution without any filtering mechanism.
  • R1 and R4 will be configured to support mutual redistribution using route maps.
  • Change administrative distance for certain routes to enable optimal routing.

Examine R1 Routing Table

  • The highlighted route 10.1.4.0/24 describes the loopback interface on R4. Notice how R1 prefers the path learned via OSPF to reach this network, even though it crosses a slow serial link. The alternative EIGRP path has faster links, but it also has a higher administrative distance. The reason is because it is an external EIGRP route and is therefore assigned an administrative value of 170, which is higher than the OSPF administrative distance of 110.

Changing External Route Administrative Distance

Manipulating Redistribution Using Route Tagging

Caveats of Redistribution

Redistribution of routing information adds to the complexity of a network and increases the potential for routing confusion, so you should use it only when necessary.

The key issues that arise when you are using redistribution are as follows:

  • Routing loops
  • Incompatible routing information
  • Inconsistent convergence time

Chapter 4 Summary

This chapter covered how to support multiple routing protocols by using redistribution and route filtering techniques, through discussion of the following topics:

  • Reasons for using more than one routing protocol (migration, host system needs, mixed-vendor environment, political and geographic borders, Multiprotocol Label Switching [MPLS] virtual private networks [VPNs]).
  • Routing information can be exchanged between them (referred to as redistribution), and how Cisco routers operate in a multiple routing protocol environment.
  • Route redistribution is always performed outbound . The router doing redistribution does not change its routing table.
  • A router assigns a seed metric to redistributed routes using the default-metric routercconfiguration command or the redistribute command with the metric parameter.
  • The redistribution techniques, one-point and multipoint:
  • The two methods of one-point route redistribution are one-way and two-way. Suboptimal routing is a possible issue with these techniques.
  • The two methods of multipoint route redistribution are one-way and two-way. Multipoint redistribution is likely to introduce potential routing loops.

To prevent routing issues, use one of the following options:

  • Redistribute a default route from the core autonomous system into the edge autonomous system, and redistribute routes from the edge routing protocols into the core routing protocol.
  • Redistribute multiple static routes about the core autonomous system networks into the edge autonomous system, and redistribute routes from the edge routing protocols into the core routing protocol.
  • Redistribute routes from the core autonomous system into the edge autonomous system with filtering to block out inappropriate routes.
  • Redistribute all routes from the core autonomous system into the edge autonomous system, and from the edge autonomous system into the core autonomous system, and then modify the administrative distance associated with redistributed routes so that they are not the selected routes when multiple routes exist for the same destination.

Configuration of redistribution between various IP routing protocols:

  • To redistribute into EIGRP, use the redistribu te protocol [ process-id ] [ match route-type ] [ metric metric-value ] [ route-map map-tag ] router configuration command.
  • To redistribute into OSPF, use the redistribute protocol [ process-id ] [ metric metric-value ] [ metric-type type-value ] [ route-map map-tag ] [ subnets ] [ tag tagvalue ] router configuration command.

Using the show ip route [ ip-address ] and traceroute [ ip-address ] commands to verify route redistribution.

Distribute lists, allowing an access list to be applied to routing updates:

  • The distribute-list { access-list-number | name } out [ interface-name ] router configuration command assigns the access list to filter outgoing routing updates. This command filters updates going out of the interface or routing protocol specified in the command, into the routing process under which it is configured.
  • The distribute-list { access-list-number | name } [ route-map map-tag ] in [ interface-type interface-number ] router configuration command assigns the access list to filter routing updates coming in through an interface. This command filters updates going into the interface specified in the command, into the routing process under which it is configured.

Prefix lists can be used with distribute lists as an alternative to ACLs, with improvements in performance, support for incremental modifications, a more userfriendly command-line interface, and greater flexibility. Prefix lists are configured with the ip prefix-list { list-name | list-number } [ seq seq-value ] { deny | permit } network / length [ ge ge-value ] [ le le-value ] global configuration command.

Whether a prefix in a prefix list is permitted or denied is based on the following rules:

  • An empty prefix list permits all prefixes.
  • If a prefix is permitted, the route is used. If a prefix is denied, the route is not used.
  • Prefix lists consist of statements with sequence numbers. The router begins the search for a match at the top of the prefix list, which is the statement with the lowest sequence number.
  • When a match occurs, the router does not need to go through the rest of the prefix list. For efficiency, you might want to put the most common matches (permits or denies) near the top of the list by specifying a lower sequence number.
  • An implicit deny Is assumed if a given prefix does not match any entries in a prefix list.

Prefix list sequence numbers:

  • Sequence numbers are generated automatically, unless you disable this automatic generation.
  • A prefix list is an ordered list. The sequence number is significant when a given prefix is matched by multiple entries of a prefix list, in which case the one with the smallest sequence number is considered the real match.
  • The evaluation of a prefix list starts with the lowest sequence number and continues down the list until a match is found, in which case the permit or deny statement is applied to that network and the remainder of the list is not evaluated.
  • Using route maps for route filtering during redistribution, PBR, and BGP.
  • The characteristics of route maps, configured using the route-map map-tag [ permit | deny ] [ sequence-number ] global configuration command:
  • Route maps allow some conditions to be tested against the packet or route in question using match commands. If the conditions match, some actions can be taken to modify attributes of the packet or route; these actions are specified by set commands.
  • A collection of route-map statements that have the same route map name is considered one route map.
  • Within a route map, each route-map statement is numbered and therefore can be edited individually.
  • The default for the route-map command is permit , with a sequence-number of 10.
  • Only one condition listed on the same match statement must match for the entire statement to be considered a match. However, all match statements within a route-map statement must match for the route map to be considered matched.
  • When used with a redistribute command, a route-map statement with permit indicates that the matched route is to be redistributed, and a route-map statement with deny indicates that the matched route is not to be redistributed.
  • A collection of route-map statements that have the same route map name is considered one route map.
  • Within a route map, each route-map statement is numbered and therefore can be edited individually.
  • The default for the route-map command is permit , with a sequence-number of 10.
  • Only one condition listed on the same match statement must match for the entire statement to be considered a match. However, all match statements within a route-map statement must match for the route map to be considered matched.
  • When used with a redistribute command, a route-map statement with permit indicates that the matched route is to be redistributed, and a route-map statement with deny indicates that the matched route is not to be redistributed.

Related Articles

Leave a Reply

avatar