课题内容:双点双向重分布解决方案 (EIGRP vs OSPF)
目标:掌握企业网多协议互操作场景中多点双向重分布应用解决方案;
拓扑:
拓扑介绍:
EIGRP自治系统号码为 90,其中R3的环回口 0 33.1.1.1/32宣告进EIGRP,环回口 10 33.1.2.1/32重分布进EIGRP;
OSPF所有设备进程号为 110,区域为 0,R2的环回口 0宣告进入OSPF;
配置IP地址及路由协议 (步骤省略)
验证:
ping
show ip interface brief
show ip ospf neighbor
show ip ospf interface brief
show ip eigrp neighbor
show ip eigrp interface
show ip route
在R1和R4两台ASBR上执行双点双向重分布
R1、R4
router ospf 110
redistribute eigrp 90 subnets
router eigrp 90
redistribute ospf 110 metric 1544 2000 255 1 1500
验证重分布效果:
R3#show ip route eigrp | begin Gateway
Gateway of last resort is not set
12.0.0.0/24 is subnetted, 1 subnets
D EX 12.1.1.0 [170/2195456] via 10.1.1.4, 00:00:29, Ethernet0/2
[170/2195456] via 10.1.1.1, 00:00:29, Ethernet0/2
22.0.0.0/32 is subnetted, 1 subnets
D EX 22.1.1.1 [170/2195456] via 10.1.1.4, 00:00:29, Ethernet0/2
[170/2195456] via 10.1.1.1, 00:00:29, Ethernet0/2
24.0.0.0/24 is subnetted, 1 subnets
D EX 24.1.1.0 [170/2195456] via 10.1.1.4, 00:00:29, Ethernet0/2
[170/2195456] via 10.1.1.1, 00:00:29, Ethernet0/2
R2#show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
O E2 10.1.1.0 [110/20] via 24.1.1.4, 00:03:31, Serial1/1
[110/20] via 12.1.1.1, 00:03:46, Serial1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2 33.1.1.1 [110/20] via 24.1.1.4, 00:03:31, Serial1/1
[110/20] via 12.1.1.1, 00:03:46, Serial1/0
在R3上将一条直连路由重分布进入EIGRP,模拟来自EIGRP外部的路由;
同时,为了便于管理及操控,我们为该路由做上标记 为 6.6.6.6
route-tag notation dotted-decimal //将路由标记显示为 点分十进制
route-map RED permit 10 //定义一个route-map
match interface Loopback10 //仅仅将环回口 10 的网络重分布进入 EIGRP
set tag 6.6.6.6 //为引入的前缀打上标记,标记值为 6.6.6.6
验证:
R3#show ip eigrp topology all-links //在R3的EIGRP拓扑表中居然能够从R1和R4两个方向收取到关于自身引入的外部路由的信息;
P 33.1.2.1/32, 1 successors, FD is 128256, tag is 6.6.6.6, serno 6
via Rconnected (128256/0)
via 10.1.1.1 (2195456/2169856), Ethernet0/2
via 10.1.1.4 (2195456/2169856), Ethernet0/2, serno 87
R1#show ip route eigrp //在R1和R4两台设备上观察EIGRP路由,关于33.1.2.1/32的路由处于不稳定状态,一会儿有一会儿没有
由此引发出次优路径,以及数据转发环路等问题:
R1#traceroute 33.1.2.1 numeric
Type escape sequence to abort.
Tracing the route to 33.1.2.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.3 1 msec *
12.1.1.2 9 msec
R1#traceroute 33.1.2.1 numeric
Type escape sequence to abort.
Tracing the route to 33.1.2.1
VRF info: (vrf in name/id, vrf out name/id)
1 12.1.1.2 7 msec 8 msec 9 msec
2 24.1.1.4 18 msec 17 msec 18 msec
3 24.1.1.2 18 msec 11 msec 17 msec
4 24.1.1.4 27 msec 26 msec 27 msec
5 24.1.1.2 26 msec 27 msec 26 msec
6 24.1.1.4 32 msec 35 msec 35 msec
7 24.1.1.2 29 msec 36 msec 35 msec
8 24.1.1.4 38 msec 44 msec 39 msec
9 24.1.1.2 43 msec 44 msec 39 msec
10 24.1.1.4 52 msec 48 msec 52 msec
11 24.1.1.2 48 msec 52 msec 48 msec
12 24.1.1.4 61 msec 56 msec 57 msec
13 24.1.1.2 61 msec 56 msec 62 msec
14 24.1.1.4 64 msec 65 msec 70 msec
15 24.1.1.2 65 msec 65 msec
10.1.1.3 50 msec
解决方案:
通过修改管理距离来避免次优路径的产生,从而预防数据转发不按照管理员意愿的情况出现;
行之有效的修改方法,就是将OSPF协议外部路由的管理距离修改为大于EIGRP外部路由的管理距离;
R1、R4
router ospf 110
distance ospf external 175
验证:
R1#show ip protocols | section ospf
Redistributing: ospf 110
Routing Protocol is "ospf 110"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 11.1.1.1
It is an autonomous system boundary router
Redistributing External Routes from,
eigrp 90, includes subnets in redistribution
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
Routing on Interfaces Configured Explicitly (Area 0):
Serial1/0
Routing Information Sources:
Gateway Distance Last Update
22.1.1.1 110 00:00:59
44.1.1.1 175 00:00:54
Distance: intra-area 110 inter-area 110 external 175
R4#show ip route eigrp | begin Gateway //R1和R4的路由表都变得稳定,不再翻动//
Gateway of last resort is not set
33.0.0.0/32 is subnetted, 2 subnets
D 33.1.1.1 [90/409600] via 10.1.1.3, 00:40:27, Ethernet0/2
D EX 33.1.2.1 [170/409600] via 10.1.1.3, 00:00:55, Ethernet0/2
小结:通过在上述环境中修改OSPF的外部路由管理距离,可以预防由于网络中存在EIGRP外部路由而产生的次优路径问题;
事实证明,这种解决方案在现有环境是可行且行之有效的;
那么问题来了,如果现在R2上产生了一个OSPF外部路由,这个网络还会不会处于稳定状态?
在R2上创建环回口 10,配置IP地址为 22.1.2.1/32,并重分布进入OSPF,设置标记为 8.8.8.8
interface Loopback10
ip address 22.1.2.1 255.255.255.255
route-map RED permit 10
match interface Loopback10
set tag 134744072
router ospf 110
redistribute connected subnets route-map RED
验证:
R2#show ip os database | begin Type-5
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
10.1.1.0 11.1.1.1 690 0x80000002 0x00D3B1 0
10.1.1.0 44.1.1.1 673 0x80000002 0x00A9BA 0
22.1.2.1 22.1.1.1 105 0x80000001 0x00D27A 134744072
22.1.2.1 44.1.1.1 102 0x80000001 0x000C2B 134744072
33.1.1.1 11.1.1.1 690 0x80000002 0x009DCF 0
33.1.1.1 44.1.1.1 673 0x80000002 0x0073D8 0
33.1.2.1 11.1.1.1 925 0x80000119 0x00EE4D 101058054
33.1.2.1 44.1.1.1 595 0x80000001 0x00F73C 101058054
严重注意红色字体,很明显的,发现源自于R2的22.1.2.1/32这条前缀,却由R4产生了一个外部LSA,这是正常的,但显然不是我们想要的结果;
R4#show ip route 22.1.2.1
Routing entry for 22.1.2.1/32
Known via "eigrp 90", distance 170, metric 2195456
Tag 8.8.8.8, type external
Redistributing via eigrp 90, ospf 110
Advertised by ospf 110 subnets
Last update from 10.1.1.1 on Ethernet0/2, 00:09:42 ago
Routing Descriptor Blocks:
* 10.1.1.1, from 10.1.1.1, 00:09:42 ago, via Ethernet0/2
Route metric is 2195456, traffic share count is 1
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
Route tag 8.8.8.8
由于OSPF的外部路由管理距离已经修改为 175,因此当前的EIGRP外部路由管理距离 170更加优先;
次优路径再次出现;
引入另一种解决方案:
通过路由共同点,tag或者源协议、源网关等属性,来针对路由做批量操控
既然要引入新的解决方案,我们暂时放弃所有关于管理距离的配置,将其删除掉;(步骤省略)
分析问题根源:
R2和R3相互需要学习到来自对方协议的路由,而且还包括对方协议的外部路由;
现在R2和R3并不参与路由重分布操作,次优路径也仅仅存在于R1和R4两台ASBR上;
现在需要操控的就是ASBR上的路由表;
通过应用分发列表,来在in方向控制ASBR上的路由表;
链路状态型协议,in方向仅仅影响本设备;
首先解决来自EIGRP的外部路由的次优路径问题;
在R1和R4上应用分发列表,阻止来自OSPF域内的关于EIGRP外部路由前缀的路由放入OSPF路由表;
配置:
R1、R4 //定义一个route-map
route-map OO deny 10
match tag 6.6.6.6 //拒绝掉所有携带TAG为 6.6.6.6的前缀
route-map OO permit 20 //放行其它所有路由
应用分发列表 (R1、R4)
R1(config)#router ospf 110
R1(config-router)#distribute-list route-map OO in
验证:
R1#show ip route 33.1.2.1
Routing entry for 33.1.2.1/32
Known via "eigrp 90", distance 170, metric 409600
Tag 6.6.6.6, type external
Redistributing via eigrp 90, ospf 110
Advertised by ospf 110 subnets
Last update from 10.1.1.3 on Ethernet0/2, 00:00:49 ago
Routing Descriptor Blocks:
* 10.1.1.3, from 10.1.1.3, 00:00:49 ago, via Ethernet0/2
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
Route tag 6.6.6.6
R4#show ip route 33.1.2.1
Routing entry for 33.1.2.1/32
Known via "eigrp 90", distance 170, metric 409600
Tag 6.6.6.6, type external
Redistributing via eigrp 90, ospf 110
Advertised by ospf 110 subnets
Last update from 10.1.1.3 on Ethernet0/2, 00:00:59 ago
Routing Descriptor Blocks:
* 10.1.1.3, from 10.1.1.3, 00:00:59 ago, via Ethernet0/2
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
Route tag 6.6.6.6
R1#show ip route 22.1.2.1
Routing entry for 22.1.2.1/32
Known via "ospf 110", distance 110, metric 20
Tag 8.8.8.8, type extern 2, forward metric 64
Redistributing via eigrp 90
Advertised by eigrp 90 metric 1544 2000 255 1 1500
Last update from 12.1.1.2 on Serial1/0, 00:04:24 ago
Routing Descriptor Blocks:
* 12.1.1.2, from 22.1.1.1, 00:04:24 ago, via Serial1/0
Route metric is 20, traffic share count is 1
Route tag 8.8.8.8
R4#show ip route 22.1.2.1
Routing entry for 22.1.2.1/32
Known via "ospf 110", distance 110, metric 20
Tag 8.8.8.8, type extern 2, forward metric 64
Redistributing via eigrp 90
Advertised by eigrp 90 metric 1544 2000 255 1 1500
Last update from 24.1.1.2 on Serial1/1, 00:00:51 ago
Routing Descriptor Blocks:
* 24.1.1.2, from 22.1.1.1, 00:00:51 ago, via Serial1/1
Route metric is 20, traffic share count is 1
Route tag 8.8.8.8
那么,关于OSPF外部路由的次优路径问题也解决了;
总结:通过分发列表在ASBR的链路状态型路由协议in方向做干涉,是一个很巧妙的行为,既能够避免ASBR上的路由表加载次优路径,又不影响链路状态型协议自治系统内其它设备的路由学习和传递;