redistribute
要求router取出
1來源路由協定學到的路徑
2路由協定的界面上取出直連路徑
使用的時機
1被併購公司使用不同的路由協定
2不同部門想自己控制路由協定
3支援不同廠商路由器的路由協定
指定目前protocol1路徑要從那個protocol2學過來
(config)# router < protocol1-option>
(config-router)# redistribute < protocol2-option>
protocol2-option主要選項有以下
eigrp < as> [eigrp-option]
ospf < process> [ospf-option]
[connected] 重新配置直連的子網路,預設不啟用,但該方法在特定情況下可能造成loop問題
ps:
進入rip,eigrp的route一定要指定metric
ps
igrp和eigrp會自動redistribute
……….
rip redistribute
(config)# router rip
(config-router)# redistribute < protocol> metric < metric> [ option]
[option]有以下
match internal:只學ospf內部route
設定預設metric
(config-router)#default-metric < metric>
……….
eigrp redistribute
1針對一個redistribute指定權值
(config)#router eigrp < as>
(config-router)# redistribute < protocol2-option> metric < bw|delay|reliability|load|mtu> [other-option]
metric 用來指定權值
2對全部redistribute指定權值
(config-router)# redistribute < protocol2-option> [other-option]
(config-router)# default-metric < bw|delay|reliability|load|mtu>
其中
[other-option]=[match-option>][tag < tag-value>] [route-map < name>]
而
[match-option>]=match < internal|nssa-external|external 1|external 2> 比對ospf的路徑
tag:可用來和route-map進行比對
route-map:參照某個route-map
ps:
bw的單位是kb,delay的單位是microsecond*10
ex:
eigrp as1的路徑,從ospf的process 2取得,並針對一個redistribute指定權值
(config)# router eigrp 1
(config-router)# redistribute ospf 2 metric 1000 33 255 1 1500
ex:
eigrp as1的路徑,從ospf的process 2取得,並對全部redistribute指定權值
(config)# router eigrp 1
(config-router)# redistribute ospf 2
(config-router)# default-metric 1000 33 255 1 1500
#show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(172.3.1.1)
Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply,
r – reply Status, s – sia Status
P 172.6.1.0/25, 1 successors, FD is 2568448
via Redistributed (2568448/0) //透過distribute方式學到,fd根據metric 1000 33 255 1 1500計算得到2568448
P 172.6.2.0/30, 1 successors, FD is 2568448
via Redistributed (2568448/0)
#show ip eigrp topology 172.1.1.0/25
IP-EIGRP (AS 1): Topology entry for 172.1.1.0/25
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2568448
Routing Descriptor Blocks:
172.1.2.2, from Redistributed, Send flag is 0x0
Composite metric is (2568448/0), Route is External
Vector metric: //以下metric根據指令metric 1000 33 255 1 1500而來
Minimum bandwidth is 1000 Kbit
Total delay is 330 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 0
External data:
Originating router is 172.3.1.1 (this system) //該router執行distribute命令,路由資訊來源為172.3.1.1
AS number of route is 2
External protocol is OSPF, external metric is 65 //外部路徑使用ospf,此來源路徑的權值為65
Administrator tag is 0 (0x00000000)
# show ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
omit…
Gateway of last resort is not set
172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
D EX 172.1.48.0/25 [170/3080448] via 172.3.12.1, 00:25:15, Serial0/0/1 //使用EIGRP external,且EIGRP外部路徑ad為170
D EX 172.1.18.0/30 [170/3080448] via 172.3.12.1, 00:25:15, Serial0/0/2
O 172.1.20.0/30 [110/3080448] via 172.21.12.1, 00:25:15, Serial0/0/3
……………………………………………………….
ospf redistribute
(config)#router ospf < process>
(config-router)# redistribute < protocol option> [subnets] [metric-type < type>]
[subnets] 啟用無級別支援,預設不啟用,所以預設只能學到分級式網路的路徑
type 指定外部路徑的計算方式,1表示E1,2表示E2(預設)
E1(type1),會參考外部與內部成本,可用來手動控制最佳路徑,
E2(type2),只參考外部成本
無論權值如何,E1會優於E2
ps:
權值(外部成本)使用預設值,規則如下
從BGP取得的路徑,預設權值為1
從其他路由協定取得的路徑,預設權值為20
從其他OSPF取得的路徑,用來源的預設權值
ps:
ospf可以從其他ospf程式中取得路徑
ex:
ospf id2的路徑,從eigrp的as1取得,且網路中有包含無級別網路
(config)# router ospf 2
(config-router)# redistribute eigrp 1 subnets
指定ospf權值
1對全部redistribute指定權值
default-metric < cost> OSPF
2針對一個redistribute指定權值
redistribute < protocol option> metric < cost>
3使用route-map指定權值
ASBR#show ip protocol
可檢查ASBR redistribution configurations
ASBR#show ip ospf database
[omit]
Summary ASB Link States (Area 1) //type 4 lsa
Link ID ADV Router Age Seq# Checksum //以下列出2個type4 lsa
1.1.1.1 3.3.3.3 956 0x8000000D 0x00E43A //asbr rid=1.1.1.1,通告路由器為3.3.3.3
1.1.1.1 4.4.4.4 1044 0x8000000B 0x00439A
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag //以下列出5個type5 lsa
172.3.2.0 1.1.1.1 3 0x80000001 0x008050 0 //rid1.1.1.1通告type5 lsa,通告路由器為1.1.1.1
172.3.6.0 1.1.1.1 3 0x80000001 0x007741 0
Type-7 AS External Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Tag //以下列出1個type7 lsa
10.1.1.0 5.5.5.5 26 0x80000001 0x00E0A6 0
列出type5細節
ASBR#show ip ospf database external 172.3.6.0
OSPF Router with ID (4.4.4.4) (Process ID 4)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 175
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.3.6.0 (External Network Number )
Advertising Router: 1.1.1.1
LS Seq Number: 80000001
Checksum: 0x7741
Length: 36
Network Mask: /23
Metric Type: 2 (Larger than any link state path) //外部路徑類型為E2
TOS: 0
Metric: 20 //從其他路由協定取得的路徑,預設權值為20
Forward Address: 0.0.0.0
External Route Tag: 0
列出type4 lsa細節
ASBR# show ip ospf database asbr-summary
OSPF Router with ID (5.5.5.5) (Process ID 5)
Summary ASB Link States (Area 1)
Routing Bit Set on this LSA
LS age: 984
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 1.1.1.1 (AS Boundary Router address) //asbr rid=1.1.1.1
Advertising Router: 3.3.3.3 //abr=3.3.3.3
LS Seq Number: 8000000D
Checksum: 0xE43A
Length: 28
Network Mask: /0
TOS: 0 Metric: 1 //abr到asbr的最佳路徑權值為1
LS age: 1072
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 1.1.1.1 (AS Boundary Router address) //asbr=1.1.1.1
Advertising Router: 4.4.4.4 //abr=4.4.4.4
LS Seq Number: 8000000B
Checksum: 0x439A
Length: 28
Network Mask: /0
TOS: 0 Metric: 64 //成本值為64
列出type7 lsa細節
ASBR# show ip ospf database nssa-external
OSPF Router with ID (5.5.5.5) (Process ID 5)
Type-7 AS External Link States (Area 1)
LS age: 69
Options: (No TOS-capability, Type 7/5 translation, DC)
LS Type: AS External Link
Link State ID: 10.1.1.0 (External Network Number ) //lsid=10.1.1.0
Advertising Router: 5.5.5.5 //asbr rid=5.5.5.5
LS Seq Number: 80000001
Checksum: 0xE0A6
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20 //成本值20
Forward Address: 172.1.4.5
External Route Tag: 0
列出router知道的所有abr和asbr
#show ip ospf border-routers
OSPF Process 5 internal Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 4.4.4.4 [64] via 172.1.4.4, Serial0/1, ABR, Area 1, SPF 6
I 1.1.1.1 [65] via 172.1.5.3, Serial0/0, ASBR, Area 1, SPF 6
i 3.3.3.3 [64] via 172.1.5.3, Serial0/0, ABR, Area 1, SPF 6
列出route table
# show ip route
在任何一台router上都可執行該指令以確認redistribute route有建立起來
畫面大致如下
Routing entry for 172.3.0.0/16, 5 known subnets
Variably subnetted with 2 masks
O E2 172.3.6.0/23 [110/20] via 172.1.14.1, 00:01:11, Serial0/0/0 //從其他路由協定取得的路徑,預設權值為20
O E2 172.3.2.0/23 [110/20] via 172.1.14.1, 00:01:11, Serial0/0/0 //外部路徑類型為E2(ospf external type2)
O N2 10.1.1.0 [110/20] via 172.1.5.5, 00:10:54, Serial0/0/1 //外部路徑類型為n2(ospf nssa external type2)
…………………………………………………………………..
以Redistribute指令過濾路徑
ps:過濾路徑也可用distribute-list指令
套用在redistribute
(config)# router < protocol>
(config-router)# redistribute < protocol-option> route-map < map-name>
(config)# route-map < map-name> < action> < id>
route map的常用match有以下
match interface < int-type> < int-num> 比對route離開介面
match ip address < acl-name|prefix-list < p-name>> 比對路徑目地prefix和p-length
match ip next-hop < acl-name> 比對路徑的下一站位置
match ip route-source < acl-name> 比對通告路由器的ip
match metric < metric-value> [+-deviation] 比對路徑權值
match route-type < internal|external [type-1|type-2]|level-1|level-2> 比對路徑類型
match tag < tag-value> 比對route tag
ps:
在一筆route-map內的多個match代表的是and的概念,就是要符合所有match才算成立
route map的常用set < metric-option>指令有以下
set metric < metric-value> 設定ospf,rip,is-is權值
set metric < bandwidth delay reliability loading mtu> 設定eigrp路徑權值
set metric-type < type-1|type-2> 設定ospf路徑類型
set tag tag-value 設定route tag
常用的match結構:以acl為例
1設定acl
(config)# ip access-list extended < acl-name>
(config-ext-nacl)# permit ip host < network> host < mask>
2設定route-map
(config)# route-map < map-name> < action> < id>
(config-route-map)# match ip address < acl-name>
(config-route-map)# set < metric-option>
ex:從ospf學來的路徑要符合a_1規則
1
(config)# ip access-list extended a_1
(config-ext-nacl)# permit ip host 172.16.101.0 host 255.255.255.0
2
(config)# route-map m_1 deny 10
(config-route-map)# match ip address a_1
(config-route-map)# route-map m_1 permit 30
3
(config)# Router eigrp 1
(config-router)# Redistribute ospf 2 route-map m_1
ex:只從eigrp 100學default-network
1
(config)# acces-list 100 permit ip any host 0.0.0.0
2
(config)# route-map onlydefaultroute permit 10
(config-route-map)# match ip address 100
3
(config)# router eigrp 200
(config-router)# redisribute eigrp 100 route-map onlydefaultroute
常用的match結構:以prefix-list為例
1設定prefix-list
(config)# ip prefix-list < p-name> [seq < id>] permit < prefix/p-length>
2設定route-map
(config)# route-map < map-name> < action> < id>
(config-route-map)# match ip address prefix-list < p-name>
(config-route-map)# set < metric-option>
ex:從ospf學來的路徑要符合p_2規則
1
(config)# ip prefix-list p_2 seq 5 permit 172.16.14.0/30
2
(config)# route-map m_2 permit 10
(config-route-map)# match ip address prefix-list p_2
3
(config)# Router eigrp 1
(config-router)# Redistribute ospf 2 route-map m_2
ex:從ospf學來的路徑要符合p_2規則,且要套用metric 1000 44 255 1 1500
1
(config)# ip prefix-list p_2 seq 5 permit 172.16.14.0/30
2
(config)# route-map m_2 permit 10
(config-route-map)# match ip address prefix-list p_2
(config-route-map)# set metric 1000 44 255 1 1500
3
(config)# Router eigrp 1
(config-router)# Redistribute ospf 2 route-map m_2
……………………………………………………………………………………………………..
多個redistribute
優點:配置兩個以上可解決單點故障問題
缺點:配置不當會導致domain loop(領域迴圈)
解決2個domain loop方法
1使用較高的權值
ps:OSPF不需設定高權值即可克服domain loop問題,因為OSPF route優先順序為:內部route>E1 route>E2 route
2使用AD來防止(調成內部路徑ad比外部路徑ad低)
當有prefix/p-length完全相同但來源不同的多條路徑時,在router上將內部路經的AD調的比外部路徑低
ps:和eigrp作業redistribute,預設ad值即可克服domain loop問題
ps:ad調整指令如下
RIP的指令:distance < ad-value>
EIGRP的指令:distance eigrp < internal-ad> < external-ad>
OSPF的指令:distance ospf < external < ad-value>|intra-area < ad-value>|inter-area < ad-value>>
ex:ospf和rip在做redistribute時
預設ospf內部ad 110 < rip外部120 ad;rip內部ad 120 > ospf外部ad 110 ,此會造成domain loop
因此要設定ospf外部ad超過120才可解決domain loop,如下
改為ospf內部ad 110 < rip外部120 ad;rip內部ad 120 < ospf外部ad 130
解決3個以上domain loop方法
3每一筆route都指定ad值
可使用該指令 distance < ad-value> < ip-adv-router wc-mask> < acl-name>
所有執行redistribute的router需執行這樣的設定
ps:ripv2不支援此作法,因為ripv2無內部與外部路徑的概念
4過濾redistribute的子網路
5使用route tag
route tag做法
1
指定從eigrp 1學到的路徑要貼上tag 100
r1(config-router)# router ospf 2
r1(config-router)# redistribute eigrp 1 subnet route-map mapname
r1(config)# route-map mapname permit 10
r1(config-route-map)# set tag 100
2
禁止tag 100的路徑被送回eigrp 1
r2(config-router)# router eigrp 1
r2(config-router)# redistribute ospf 2 metric 1000 200 255 1 1500 route-map mapname
r2(config)# route-map mapname deny 10
r2(config-route-map)# match tag 100
3
指定從ospf 2學到的路徑要貼上tag 200
[omit]
4
禁止tag 200的路徑被送回ospf 2
[omit]
……………………………………………………………………………….
ipv6 redistribute
ps:
會忽略直連路徑
只會取出IGP學到的路徑,不會像IPV4一樣取出使用IGP介面的直連路徑
若要像ipv4一樣取出使用igp介面的直連路徑,可在distribute指令中使用include-connected參數
ps:
會忽略local route(本機路徑)
ps:
rip在學習ospf或eigrp時最好指定權值,以免ospf或eigrp的路徑權值大於16,導致學來的路徑在rip視為無效
ex:redistribute ospf 2 metric 3
ex:
1.1
ospf從rip學路徑
(config)# ipv6 router ospf 5
(config-router)# router-id 2.2.2.2
(config-router)# redistribute rip process1 route-map m include-connected
1.2
rip從ospf學路
(config)# ipv6 router rip process1
(config-router)# redistribute ospf 5 metric 3 include-connected
2
指定路徑設定權值200
(config)# ipv6 prefix-list p seq 5 permit 2000::/64
(config)# ipv6 prefix-list p seq 10 permit 2000:0:0:4::/64
(config)# route-map m permit 10
(config-router-map)# match ipv6 address prefix-list p
(config-router-map)# set metric 200