CCNP Route - Path control, part 1: Redistribution and Controling Routing Updates

IP Routing Frequently Asked Questions

Redistributing Routing Protocols

- EIGRP external routes in RIB marked as (D EX), OSPF external routes in RIB as (O E2  /  O E1),

- You can only redistribute from routing protocols that support the same protocol stack (IPv4<->IPv4, no IPv4<-/->IPv6).

- RIP have no default metric for redistributed routes = infinite- If RIP router redistribute routes with metric ex:5, RIP neighbor will have metric for these routes '5' also.


- EIGRP have no default metric for redistributed routes = infinite (redistribute ospf 2 metric 1000 33 255 1 1500),
- EIGRP does auto metric for connected, static (will use exit interface parameters for K-values, ex: Null0) or other EIGRP process,
- EIGRP can use default settings that define the metric components for all routes redistributed into EIGRP, or the engineer can set the metric components in a variety of ways, as covered in several locations,
- When redistributing IGRP to EIGRP, there is a feature that they are automatically redistributed IF they have same AS, in opposite , they need to manually redistributed if AS is different,

EIGRP Autosummarization

By default, EIGRP performs auto-summarization in two situations:
  • Autosummarization will occur at the major class boundary during redistribution from EIGRP into a classful routing protocol, such as IGRP or RIP. This type of summarization cannot be disabled.
  • Autosummarization will occur at the major class boundary when the route is advertised out an interface that is on a different major class boundary. This summarization can be disabled with the command no auto-summary from the router(config-router) prompt.

- EIGRP will auto-sum routes, when redistributed to classful protocol (RIPv1, IGRP), even no auto-summary is configured
- EIGRP will NOT auto-sum external (redistributed) routes, sended to another EIGRP neighbor, even auto-summary is configured


- OSPF default redistribute only classfull (if subnets - needed, redistribute eigrp 1 subnets), link
- OSPF does have default redistribute metric=20 for all protocols except BGP which will have mteric=1, default metric type=E2

- When OSPF redistributing another OSFP, SFP metric is preserved(saved) and not applied default metric values,
- Like EIGRP, OSPF treats the redistributed routes as external routes.    OSPF creates an LSA to represent each redistributed subnet–normally a Type 5 LSA, but when redistributed into an NSSA area, the router instead creates a Type 7 LSA.
Redistributing protocol   Default Seed metric
Distance Vector protocols does know nothing about metric when some protocol are redistributed in
RIP                       0, which is interpreted as infinity. (except static, connected, default metric=1)
EIGRP (IGRP)              0, which is interpreted as infinity. (except static, connected, another EIGRP)
OSPF                      20 for all (except for BGP, which is 1), from OSPF,  O/O IA metric are preserved.
RIP                       0, is not treated as unreachable
BGP                       is set to IGP metric

Because the details of various routing protocols topology tables differ, the redistribution process does not use the topology tables when redistributing routes.
Instead, redistribution uses the IP routing table (the one table that both routing protocols understand).

The redistribute command tells the router to take not only routes learned by the source routing protocol, but also connected routes on interfaces enabled with that routing protocol–including passive interfaces.
(Although Router B is not redistributing connected networks, it does advertise the network, which is part of the EIGRP process redistributed into OSPF.)

The following are some ways to control or prevent dynamic routing updates from being generated:
■ Passive interface—A passive interface prevents routing updates for the specified protocol from being sent through an interface.
■ Default routes—A default route instructs the router that if it does not have a route for a given destination, it should send the packet to the default route. Therefore, no dynamic routing updates about the remote destinations are necessary.
■ Static routes—A static route allows routes to remote destinations to be manually configured on the router. Therefore, no dynamic routing updates about the remote
destinations are necessary.
■ Route maps—Route maps are complex access lists that allow conditions to be tested against a packet or route, and then actions taken to modify attributes of the packet or route. (used for route filtering, PBR, NAT, BGP)
■ Distribute lists—A distribute list allows an access list to be applied to routing updates.
■ Prefix lists—A prefix list is a specialized access list designed to filter routes.

Route redistribution - is a function that imports selected routes from the routing table into the routing process,
Route advertisement - is a function that exports selected routes from the routing table to neighbors of the routing process.
In either case, routes are selected from the routing table, and are distributed out to either the routing process itself, or to a neighbor of the routing process.

The "distribute-list out" command is optionally used within the configuration of a routing process to restrict which routes are considered for route redistribution or route advertisement.  It is rooted in the routing table, not the routing protocols, which explains the basis for the “out” direction; “out” means out of the routing table, not out of the routing process.

Additionally, the "distribute-list out" command can optionally specify either an interface or a routing process to narrow the range of its application. 

Current documentation suggests that the <acl> must be a standard access list, but current IOS still allows both standard and extended access-lists.  If a standard access-list is used, it can be either a named or a numbered access list, but for an extended access-list, it can only be a numbered list.

If an extended access-list is used, and the “destination” portion of the access-list specifies the match criteria for the route’s network number without regard to the route’s netmask, and the “source” portion of the access-list must match (e.g. “any”).  It works just like a standard access-list, but it counter intuitively uses the “destination” instead of the “source” portion.
method            ACL        prefix    routemap
use ACL            yes        no        yes      
use prefixlist    no        yes        yes
allow route        permit    permit    permit
filter route    deny    deny    deny
distribute-list <acl> out [<interface>]
distribute-list <acl> out [<routing-process>]
distribute-list prefix <p1> [gateway <p2>] out [<interface>]
distribute-list prefix <p1> [gateway <p2>] out [<routing-process>]
distribute-list gateway <p2> out [<routing-process>] (OSPF only)
Routes are classified either as permitted (sent or received) in an EIGRP update or denied (filtered).


When using an ACL, in order to find the range of addresses matched by the ACLs address and wildcard mask, use the address field as the low end of the range and simply add the wildcard mask to the address to find the high end of the range.

before filtering 
R4#sh ip rip database     [5] via, 00:00:03, FastEthernet0/0    [5] via, 00:00:03, FastEthernet0/0    [5] via, 00:00:03, FastEthernet0/0    [5] via, 00:00:59, FastEthernet0/0    [5] via, 00:00:59, FastEthernet0/0
R4#sh ip route is subnetted, 4 subnets
R [120/5] via, 00:01:35, FastEthernet0/0
R [120/5] via, 00:00:13, FastEthernet0/0
R [120/5] via, 00:00:13, FastEthernet0/0
R [120/5] via, 00:00:14, FastEthernet0/0 is subnetted, 1 subnets
R [120/5] via, 00:01:36, FastEthernet0/0
! apply filtering
access-list 10 permit
R4(config)#router rip
R4(config-router)#distribute-list 10 in FastEthernet0/0
! after filtering
R4#sh ip rip database    [5] via, 00:00:13, FastEthernet0/0    [5] via, 00:00:13, FastEthernet0/0    [5] via, 00:00:13, FastEthernet0/0    [5] via, 00:02:35, FastEthernet0/0    [5] via, 00:02:36, FastEthernet0/0
R4#sh ip route is subnetted, 3 subnets
R [120/5] via, 00:00:01, FastEthernet0/0
R [120/5] via, 00:00:01, FastEthernet0/0
R [120/5] via, 00:00:01, FastEthernet0/0


When using a prefix list, the route's prefix must be within the range of addresses implied by the prefix-list command's prefix/prefix-length parameters.
When using a prefix list, the route's prefix length must match the range of prefixes implied by the prefix-list command's prefix-length, ge, and le parameters.
Cisco IOS requires that the configured prefix-length, ge-value, and le-value meet the following requirements: prefix-length <= ge-value <= le-value.
Otherwise, Cisco IOS rejects the ip prefix-list command.

When using a route-map command with the permit option, the route will either be allowed through (if matched by the match command) or remain in the list of routes to be examined by the next route-map clause.
When using a route-map command with the deny option, the route will either be filtered (if matched by the match command) or remain in the list of routes to be examined by the next route-map clause.
If a clause's match commands refer to an ACL or prefix list, and the ACL or prefix list matches a route with the deny action, the route is not filtered. Instead, it means the route does not match the match command logic, resulting in the Cisco IOS to consider the next route-map clause.
The route-map command includes an implied “deny” all clause at the end; to configure a permit all, use the route-map command with a permit action, but

Modifying Administrative Distance
In some cases, you will find that a router selects a suboptimal path as a result of believing a routing protocol that actually has a poorer route, because that protocol has a better administrative distance. One way to make sure that routes from the desired routing protocol are selected is to assign a higher administrative distance to the routes from the undesired routing protocol.
router <proces-id>
 distance <administrative-distance> [address <wildcard-mask> [ipstandard- list] [ip-extended-list]]
  Sets the administrative distance, an integer from 10 to 255. The values 0-9 are reserved for internal use and should not be used, even though 1-9 can be configured.
  address/wildcard-mask  - optional.
  Use an address/mask of to match any IP address (any source router supplying the routing information).
  ACL - optiona, Allows filtering of the networks being advertised.

! for EIGRP, alternatively can be used
distance eigrp <internal-distance>  <external-distance>
distance eigrp 80 130

! Alternatively for OSPF,
distance ospf {[intra-area dist1] [inter-area dist2] [external dist3]}
distance ospf external 100 inter-area 100 intra-area 100

! Alternatively, for BGP
distance bgp <external-distance> <internal-distance> <local-distance>
! defaults are 20 200 200
Set AD from specific routers
! routes from a router with address will have an administrative distance of 90
distance 90,
distance 110
!  routes from a router with address will have an administrative distance of 130
distance 130
There are times when you must include a subnet in a routing protocols’ network command, although you do not want the interface on which the subnet is connected to participate in the routing protocol. 3
passive-interface <type> <number> [default]
[default] - is optional
- with RIP (and IGRP), routing updates are not sent out of the specified interface. However, the router still receives routing updates on that interface.
- with EIGRP, hello messages are not sent out of the specified interface. Neighboring router relationships do not form, no other EIGRP traffic is sent.
- with OSPF - prevents the router from establishing neighboring router adjacencies with other routers connected to the interface.

Suboptimal Routing

One-Point One-Way Redistribution Issue
Router R1 running EIGRP is announcing an external route to Routers R2 and R3. Both of these routers are running the two routing protocols OSPF and EIGRP, but the redistribution between EIGRP and OSPF occurs only on Router R2.
Router R3 receives routing update information for the external route directly from Router R1 via EIGRP, and via OSPF from Router R2.
The administrative distance of OSPF (110) is lower than administrative distance of external EIGRP routes (170), so Router R3 selects the OSPF route.
Instead of sending packets directly from Router R3 to Router R1, Router R3 prefers the path via Router R2, resulting in suboptimal routing.

Multipoint two-way redistribution difficulties include the following:
■ Suboptimal routing (because only part of the total metric is considered in routing decisions, from the redistribution point onward).
■ Self-sustaining routing loops are possible.

To prevent routing loops in multipoint redistribution scenario the following recommendations should be considered:
■ Insert only internal routes from one routing protocol to another (and vice versa).
■ Tag routes in redistribution points and filter based on these tags when configuring redistribution in the other direction.
■ Propagate metrics from routing protocol A to routing protocol B properly (even though this is not sufficient to prevent loops).
■ Use default routes to avoid having to do two-way redistribution.

The safest way to perform redistribution is to redistribute routes in only one direction, on only one boundary router within the network.
If redistribution must be done in both directions or on multiple boundary routers, the redistribution should be tuned to avoid problems such as suboptimal routing and routing loops.

Redistribution into RIP
The metric advertised to a router (3 in this case) is what that router uses as its metric.
The sending router is assumed to have added 1 to the hop count.
The receiving router does not add another hop. Notice also that the route is automatically summarized by Router A.
router rip
redistribute <protocol> [process-id] [match <route-type>] [metric <metric-value>] [route-map <map-tag>]
Redistribution into EIGRP
In real life, engineers often use both route filtering and route summarization at the redistribution point on a router.redistribute command, which tells the routing protocol to take the routes learned by another source of routing information and to then advertise those routes.

R3(config)# router eigrp 1
R3(config-router)# redistribute ospf 1 metric 1544 2000 255 1 1500
redistribute protocol [process-id | as-number [eigrp_spec] [ospf_spec] [tag tag-value] [route-map name]

protocol - the source of routing information: RIP, OSPF, EIGRP, IS-IS,BGP, connected, static.
eigrp_spec [metric bw delay reliability load  mtu ]
ospf_spec (if redistributing from OSPF) [match {internal | nssa-external | external 1 | external 2}]
tag - assigns a unitless integer value to the redistributed routes, which can be matched by other routers using a routemap.
route-map - apply the logic in the referenced route-map to filter routes, set metrics, and set route tags.
Metric is derived automaticaly for routes redistributed from connected, static or other EIGRP process (it takes the metric from the source of the EIGRP routing information).
EIGRP does not have a default metric components to use when redistributing into EIGRP from OSPF.
! redistribute = “take-routes-from” - Put routes learned from OSPF proc-id 2    INTO   EIGRP 2
! will not work if default metric is not specified
router eigrp 1
 redistribute ospf 2
default-metric  - 'bw delay reliability load mtu' EIGRP subcommand
metric - 'bw delay reliability load mtu' parameters on the redistribute command
route-map - parameter on the redistribute command, matching routes and setting metric components.
default-metric 1000 33 255 1 1500
! sets the bandwidth to 1000 (Kbps), the delay to 33 (tens-of-microseconds, or 330 microseconds), reliability to 255 (a value between 1–255,255 is best), load to 1 (a value between 1–255, 1 is best), and MTU of 1500
redistribute ospf 2 metric 1000 33 255 1 1500
RD1# show ip eigrp topology
IP-EIGRP (AS 1): Topology entry for
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2568448
Routing Descriptor Blocks:, from Redistributed, Send flag is 0x0
  Composite metric is (2568448/0), Route is External
  Minimum bandwidth is 1000 Kbit
  Total delay is 330 microseconds
  Reliability is 255/255
  Load is 1/255
  Minimum MTU is 1500
  Originating router is (this system)
  AS number of route is 2
  External protocol is OSPF, external metric is 65
  Administrator tag is 0 (0x00000000)
Redistribution into OSPF
OSPF redistribution has several similarities and differences as compared to redistribution into EIGRP.
 - Like EIGRP, OSPF flags redistributed routes as being external.
 - Unlike EIGRP, OSPF creates LSAs to represent each external route, and OSPF must then apply some much different logic than EIGRP to calculate the best route to each external subnet.
 - Unlike EIGRP, OSPF does have useful default metrics for redistributed routes, but OSPF does use the same general methods to configure metrics for redistributed routes.
redistribute protocol [process-id | as-number] [metric metric-value] [metric-type type-value]
[match {internal | external 1 | external 2 | nssa-external}] [tag tag-value] [route-map map-tag] [subnets]

metric - defines the cost metric assigned to redistributed routes, unless overridden by a route map
metric-type {1| 2} - defines the external metric type for the redistributed routes 1(E1 routes) or 2(E2 routes)
match (if redistributing from another OSPF process) - match internal OSPF routes, external (by type), and NSSA external routes
tag - assigns a unitless integer value,can be later matched by other routers using a route-map
route-map - route-map to filter routes, set metrics, and set route tags.
subnets - redistribute subnets of classful networks. Without this parameter, only routes for classful networks are redistributed. (This behavior is unique to the OSPF redistribute command.)

RD1(config)#router ospf 2
RD1(config-router)#redistribute eigrp 1
% Only classful networks will be redistributed

! Redistribution into OSPF can also be limited to a defined number of prefixes
redistribute maximum-prefix <maximum> [threshold] [warning-only]
Redistribution into OSPF uses the following defaults:
- When taking from BGP, use a default metric of 1.
- When taking from another OSPF process, take the source route’s metric.
- When taking from all other sources, use a default metric of 20.
- Create a Type 5 LSA for each redistributed route (external) if not inside an NSSA area; create a Type 7 LSA if inside an NSSA area.
- Use external metric type 2.
- Redistribute only routes of classful (class A, B, and C) networks, and not all routes if 'subnets' is not used.

When created, the ASBR floods the Type 5 LSA throughout the area.
When flooded, OSPF has little work to do to calculate the metric for an E2 route, routers do not add any internal OSPF cost to the metric for an E2 route.

The benefits of the different external route types apply mostly to when multiple ASBRs advertise the same subnet.
- if the goal is to always send traffic through ASBR1, you could use E2 routes and set the metric for ASBR1’s redistributed routes to a lower metric than ASBR2. (every router will choose ASBR1 as the better ASBR)
- if the goal is to balance the traffic, and make each router pick the closest ASBR, both ASBRs could set the same metric to their redistributed routes, but make the routers Type E1.

Also, note that for a given prefix/length, OSPF always prefers an E1 route over an E2 route.

Determining the Next-Hop for Type 2 External Routes–Intra-area (same area)
When a router finds multiple routes for the same E2 destination subnet, it chooses the best route based on the lowest cost to reach any ASBR(s) that advertised the lowest E2 metric.
Determining the Next-hop for Type 2 External Routes–Interarea
When a router exists in a different area than the ASBR, the issues remain the same, but the tie-breaker calculation of choosing the least cost route to reach the ASBR changes.
If a router finds multiple routes to reach a single E2 subnet, some or all may tie based on metric, because the metric is based solely on the external cost as defined by the ASBR.
A router then chooses the best route based on the least-cost route to reach an ASBR that has advertised the lowest E2 cost for the subnet.

ABR create and flood the Type 4 LSA. (the LSA makes an announcement like this: “I am ABR X, I can reach ASBR Y, and my cost to reach that ASBR is Z.)
R5#show ip ospf database| begin ASB
R5#show ip ospf database asbr-summary
R5#show ip ospf border-routers
i [64] via, Serial0/1, ABR, Area 1, SPF 6
I [65] via, Serial0/0, ASBR, Area 1, SPF 6
i [64] via, Serial0/0, ABR, Area 1, SPF 6
R5#show ip route
O E2 [110/20] via, 05:48:42, Serial0/0
Redistributing into OSPF as E1 Routes
OSPF’s external metric type feature allows engineers a design tool for influencing the choice of best route.
 E2 routes ignore the internal OSPF cost (except when breaking ties for best route), so when OSPF compares two E2 routes for the same subnet, that first choice to pick the lowest-metric route is based on the external metric only.

OSPF routers calculate the metrics of E1 routes by adding the internal cost to reach the ASBR to the external cost defined on the redistributing ASBR.
RD1(config)#router ospf 2
RD1(config-router)#redistribute eigrp 1 subnets metric-type 1
R4#show ip route
O E1 [110/84] via, 00:00:06, Serial0/0/0
R4#show ip ospf border-routers
Codes: i - Intra-area route, I - Inter-area route
i [64] via, Serial0/0/0, ASBR, Area 0, SPF 16
i [65] via, Serial0/0/0, ABR, Area 0, SPF 16
i [128] via, Serial0/0/1, ABR, Area 1, SPF 8
When breaking tie:
■ The best intra-area cost to reach the ABR (per that area’s LSDB)
■ The cost from that ABR to the ASBR (per Type 4 LSA)
■ The external cost for the route (per Type 5 LSA)

R5’s best cost to reach ASBR RD1 was out S0/0, to R3 next, with cost 65. Adding the external cost of 20, R5’s best route will have a metric of 85.
■ The intra-area cost to ABR R3 (64), by analyzing the area 1 LSDB entries
■ R3’s cost to reach ASBR, as listed in its Type 4 LSA (1)
■ The external cost as listed in the Type 5 LSA (20

External Routes in NSSA Areas
Routes may be redistributed into OSPF on any OSPF router, with a few exceptions.
May be:
 - any router in Area0,
 - any ABR,
 - any router in non-Area0.

Stub areas  none of the stubby area types allow Type 5 LSAs):
- stub, total stub, can not redistribute,
- nssa, total nssa can redistribute (but not generate external routes- LSA Type5).

R5#show ip ospf database nssa-external
R8#show ip ospf database | begin Type-7
R8#show ip ospf database | begin External