Finer control of inter-domain routing using route policy
The wide variety of match types available with route policy allows you to make finer distinctions when distributing routes across routing domain boundaries.
Suppose that you want to limit the distribution of the "non-connected" routes in the northern RIP domain to the "odd-numbered" prefixes—that is, to 10.1.11.x and 10.1.13.x. You can accomplish that by creating a prefix list:
ip prefix-list "Odds" seq 5 permit 10.1.11.1 255.255.255.0 ge 24 le 24 ip prefix-list "Odds" seq 10 permit 10.1.13.1 255.255.255.0 ge 24 le 24
Then matching that prefix-list in a route map:
route-map "PermitOdds" permit seq 10 match ip address prefix-list "Odds" exit
And finally applying that route map to the redistribution of RIP routes in the North router:
router ospf area backbone redistribute connected redistribute rip route-map "PermitOdds" exit
The result of this is to permit redistribution
of routes 10.1.11.x and 10.1.13.x, and to deny redistribution of routes
10.1.12.x and 10.1.14.x. (Routes 10.1.15.x and 10.1.16.x are redistributed
by the redistribute connected
command.) This occurs
throughout the OSPF domain, and is propagated through redistribution
by the South router into the southern RIP domain.
For instance, in the OSPF domain the route map of the East router becomes:
East(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.3.32.1 32 ospf External2 10 110 10.1.13.0/24 10.3.32.1 32 ospf External2 10 110 10.1.15.0/24 10.3.32.1 32 ospf External2 10 110 10.1.16.0/24 10.3.32.1 32 ospf External2 10 110 10.2.21.0/24 10.3.33.2 33 ospf External2 10 110 10.2.22.0/24 10.3.33.2 33 ospf External2 10 110 10.2.23.0/24 10.3.33.2 33 ospf External2 10 110 10.2.29.0/24 10.3.33.2 33 ospf External2 10 110 10.3.31.0/24 10.3.32.1 32 ospf IntraArea 2 110 10.3.31.0/24 10.3.33.2 33 ospf IntraArea 2 110 10.3.32.0/24 VLAN32 32 connected 1 0 10.3.33.0/24 VLAN33 33 connected 1 0 10.3.34.0/24 VLAN34 34 connected 1 0 10.3.37.0/24 10.3.33.2 33 ospf IntraArea 2 110 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0
In the southern RIP domain, the route map of the Southeast router becomes:
Southeast(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.2.21.1 21 rip 2 120 10.1.13.0/24 10.2.21.1 21 rip 2 120 10.1.15.0/24 10.2.21.1 21 rip 2 120 10.1.16.0/24 10.2.21.1 21 rip 2 120 10.2.21.0/24 VLAN21 21 connected 1 0 10.2.22.0/24 VLAN22 22 connected 1 0 10.2.23.0/24 VLAN23 23 connected 1 0 10.2.29.0/24 10.2.21.1 21 rip 2 120 10.3.31.0/24 10.2.21.1 21 rip 2 120 10.3.32.0/24 10.2.21.1 21 rip 2 120 10.3.33.0/24 10.2.21.1 21 rip 2 120 10.3.34.0/24 10.2.21.1 21 rip 2 120 10.3.37.0/24 10.2.21.1 21 rip 2 120 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0
To not lose the "even-numbered" routes (10.1.12.x and 10.1.14.x) in the OSPF domain, reinstate the original redistribution in the North router:
router ospf area backbone redistribute connected redistribute rip exit
And move the prefix list, route map, and redistribution
from the North router to the South router. To get the same distribution
of routes from the northern RIP to the southern RIP domain, add the
10.1.15.x and 10.1.16.x routes to the prefix list—they will not be
redistributed by the redistribute connected
command
because they are not directly connected to the South router. The prefix
list would expand to:
ip prefix-list "Odds" seq 5 permit 10.1.11.1 255.255.255.0 ge 24 le 24 ip prefix-list "Odds" seq 10 permit 10.1.13.1 255.255.255.0 ge 24 le 24 ip prefix-list "Odds" seq 15 permit 10.1.15.1 255.255.255.0 ge 24 le 24 ip prefix-list "Odds" seq 20 permit 10.1.16.1 255.255.255.0 ge 24 le 24
The route map would move from North to South with no changes:
route-map "Odds" permit seq 10 match ip address prefix-list "PermitOdds" exit
And the route redistribution would move from
the router ospf
context to the router
rip
context:
router rip redistribute connected redistribute ospf route-map "PermitOdds" exit
This has the desired effect of redistributing all the routes in the OSPF domain, as indicated by the East router's route table:
East(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.3.32.1 32 ospf External2 10 110 10.1.12.0/24 10.3.32.1 32 ospf External2 10 110 10.1.13.0/24 10.3.32.1 32 ospf External2 10 110 10.1.14.0/24 10.3.32.1 32 ospf External2 10 110 10.1.15.0/24 10.3.32.1 32 ospf External2 10 110 10.1.16.0/24 10.3.32.1 32 ospf External2 10 110 10.2.21.0/24 10.3.33.2 33 ospf External2 10 110 10.2.22.0/24 10.3.33.2 33 ospf External2 10 110 10.2.23.0/24 10.3.33.2 33 ospf External2 10 110 10.2.29.0/24 10.3.33.2 33 ospf External2 10 110 10.3.31.0/24 10.3.32.1 32 ospf IntraArea 2 110 10.3.31.0/24 10.3.33.2 33 ospf IntraArea 2 110 10.3.32.0/24 VLAN32 32 connected 1 0 10.3.33.0/24 VLAN33 33 connected 1 0 10.3.34.0/24 VLAN34 34 connected 1 0 10.3.37.0/24 10.3.33.2 33 ospf IntraArea 2 110 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0
However, it falls short in the southern RIP domain. The northern RIP routes are distributed as expected, but some of the routes from the OSPF domain are missing —10.3.32.x and 10.3.34.x. Here is the Southeast router's route table:
Southeast(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.2.21.1 21 rip 2 120 10.1.13.0/24 10.2.21.1 21 rip 2 120 10.1.15.0/24 10.2.21.1 21 rip 2 120 10.1.16.0/24 10.2.21.1 21 rip 2 120 10.2.21.0/24 VLAN21 21 connected 1 0 10.2.22.0/24 VLAN22 22 connected 1 0 10.2.23.0/24 VLAN23 23 connected 1 0 10.2.29.0/24 10.2.21.1 21 rip 2 120 10.3.31.0/24 10.2.21.1 21 rip 2 120 10.3.33.0/24 10.2.21.1 21 rip 2 120 10.3.37.0/24 10.2.21.1 21 rip 2 120 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0
You can solve this problem by adding a second sequence to the route map to deal with the routes from the OSPF domain. The expanded route map becomes:
route-map "PermitOdds" permit seq 10 match ip address prefix-list "Odds" exit route-map "PermitOdds" permit seq 20 match source-protocol ospf exit
Now all the desired routes show up in the Southeast router's route table:
Southeast(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.2.21.1 21 rip 2 120 10.1.13.0/24 10.2.21.1 21 rip 2 120 10.1.15.0/24 10.2.21.1 21 rip 2 120 10.1.16.0/24 10.2.21.1 21 rip 2 120 10.2.21.0/24 VLAN21 21 connected 1 0 10.2.22.0/24 VLAN22 22 connected 1 0 10.2.23.0/24 VLAN23 23 connected 1 0 10.2.29.0/24 10.2.21.1 21 rip 2 120 10.3.31.0/24 10.2.21.1 21 rip 2 120 10.3.32.0/24 10.2.21.1 21 rip 2 120 10.3.33.0/24 10.2.21.1 21 rip 2 120 10.3.34.0/24 10.2.21.1 21 rip 2 120 10.3.37.0/24 10.2.21.1 21 rip 2 120 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0
In addition to using route maps to filter routes,
you can also use them to apply properties to the routes. For example,
to apply a route metric when redistributing routes from the northern
RIP domain to the OSPF domain, you could apply the metric with a set metric
command in a route map in the North router:
route-map "Metric25" permit seq 10 match source-protocol rip set metric 25 exit
Then you could redistribute from the router ospf
context:
router ospf area backbone redistribute connected redistribute rip route-map "Metric25" exit
The results are displayed in the Metric column of the East router's route map:
East(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.3.32.1 32 ospf External2 25 110 10.1.12.0/24 10.3.32.1 32 ospf External2 25 110 10.1.13.0/24 10.3.32.1 32 ospf External2 25 110 10.1.14.0/24 10.3.32.1 32 ospf External2 25 110 10.1.15.0/24 10.3.32.1 32 ospf External2 10 110 10.1.16.0/24 10.3.32.1 32 ospf External2 10 110 10.2.21.0/24 10.3.33.2 33 ospf External2 10 110 10.2.22.0/24 10.3.33.2 33 ospf External2 10 110 10.2.23.0/24 10.3.33.2 33 ospf External2 10 110 10.2.29.0/24 10.3.33.2 33 ospf External2 10 110 10.3.31.0/24 10.3.32.1 32 ospf IntraArea 2 110 10.3.31.0/24 10.3.33.2 33 ospf IntraArea 2 110 10.3.32.0/24 VLAN32 32 connected 1 0 10.3.33.0/24 VLAN33 33 connected 1 0 10.3.34.0/24 VLAN34 34 connected 1 0 10.3.37.0/24 10.3.33.2 33 ospf IntraArea 2 110 127.0.0.0/8 reject static 0 0 127.0.0.1/32 lo0 connected 1 0