Configuring Default Routes

14 Mar

Configuring Default Routes
In larger networks, there might be many static routes to be configured. Not only is this a chore for the administrator, but it also requires vigilance so that changes in the routing table can be reconfigured. It might be that turning on a routing protocol is advised, or alternatively, you can configure a specialized static route, called a static default route. The following is a static default route that will generate a default route on the router configured:

Router(config)#ip route 0.0.0.0 0.0.0.0 s0

NOTE The different routing protocols treat these default route commands differently when redistributing them into the routing protocol. Reference the Cisco documentation set for detailed explanations.

The default routes are propagated through the network dynamically or can be configured into the individual routers.

If a router has a directly connected interface onto the specified default network, the dynamic routing protocols running on that router will generate or source a default route. In the case of RIP, it will advertise the pseudonetwork 0.0.0.0. In the case of IGRP, the network itself is advertised and flagged as an exterior route.

When default information is being passed along through a dynamic routing protocol, no further configuration is required. In the case of RIP, there can be only one default route, network 0.0.0.0. However, in the case of IGRP, several networks can offer default routes, although only one is used.

If the router is not directly connected to the default network but does have a route to it, it is considered as a candidate default path. To configure a default route, use the following syntax:

Router(config)#ip default-network network-number

This command will generate a default route to be sent in updates. It does not generate a default network on the router that was configured, and it will only generate a default route if the route used is directly connected. When there are multiple default routes in the routing table, the route candidates are examined. As you would expect, the best default path is selected based on administrative distance and metric. The gateway to the best default path then becomes the gateway of last resort for the router, which is another term for default router. You can display the gateway of last resort with this command:

Router#show ip route
The default route will appear in the routing table marked as a static route with S*. The gateway of last resort will be set to this network.

Redistribution Examples
The following examples are case studies that pull together the concepts you learned about redistribution. Redistribution involves complex design and configuration considerations. Therefore, it is best to see the various problems and solutions illustrated in context.

This section presents three examples:
■ Route redistribution without redundant paths between different routing protocols.
■ Route redistribution with redundant paths between different routing protocols. The example also covers resolving the path selection problems that result in redistributed networks.
■ The use of a default network in a redistributed environment.

Example 1: Route Redistribution Without Redundant Paths
Refer to Figure 17-9 for this example of route redistribution without redundant paths between different routing protocols.

Figure 17-9 Simple Redistribution Between RIP and EIGRP

Figure 17-9 shows local offices connecting to the main office via Frame Relay. Each office has a point-to-point permanent virtual circuit (PVC) to a router in the main office.

EIGRP is being run through the Frame Relay cloud to reduce the network overhead. The LANs are running IP for Microsoft Windows NT, and there is no need for a routing protocol to be run on the LAN segments.

RIP is being run at the main office. This is to allow the corporate servers to have an understanding of the network. The servers are UNIX systems running the RouteD daemon. RouteD listens only to RIP updates. Redistribution allows the servers to know about the EIGRP networks.

If the EIGRP networks need to know about each other, the RIP networks would need to be redistributed into the EIGRP environment. This is unlikely because the servers are centrally held at the main office, and there will be little lateral traffic flow. The configuration shown in Figure 17-9 is simple because there are no redundant links. The Frame Relay cloud uses point-to-point PVCs.

In the future, the company might want to add redundancy by meshing the Frame Relay cloud and consolidating the three core routers into one large router. Currently, the company has a simple and low-cost solution using existing equipment.

Example 2: Route Redistribution with Redundant Paths Refer to Figure 17-10 for this example, which covers route redistribution with redundant paths between different routing protocols and resolving path selection problems that result in redistributed networks.

In Figure 17-10, Router A is connected to networks 140.100.1.0, 140.100.2.0, and 140.100.3.0. Using RIP, network 140.100.1.0 is advertised to Router B, 140.100.3.0 is advertised to Router C, and network 140.100.2.0 is advertised to both Routers A and B.

Figure 17-10 Choosing the Optimal Path, Through Administrative Distance, When Redistribution Is Using Redundant Paths

The routing table of Router A will show the information presented in Table 17-9.
Table 17-9 Router A Routing Table Information

Table 17-10 Router B Routing Table Information (Continued)

Note that the routing table for Router A sees all the subnets for network 10.0.0.0 with a mark of 255.255.255.252 or /30. However, because RIP does not pass the network mark in updates and Router A is not connected to network 10.0.0.0, a static route must have been configured so that Router A can see the /30 mask.

The routing table sees all the paths as unique, so it is clear which paths are accessible through RIP or EIGRP. Even after redistribution, the routing table will not change; the confusion occurs after the propagation of the EIGRP updates through the network.

The EIGRP updates will be sent to all the routers in the domain, and Routers E, F, and G will have no confusion. Depending on the timing of the updates and convergence, however, Router C might become confused. Routers E, F, and G will have sent information on how to get to the networks 140.100.1.0 and 140.100.2.0. Router C will also receive information from Router A. Sending the data traffic to Router A is obviously the optimum path; however, because EIGRP has a significantly better administrative distance, the EIGRP route will be placed in the routing table as having the best path. On the assumption that the Frame Relay PVCs all have the same bandwidth, the routing table will see all three paths and distribute the traffic evenly among them.

Example 17-5 shows how to configure Routers B, C, and D to change the administrative distance to favor RIP for the LANs within its domain. The networks 140.100.1.0 and 140.100.2.0 are given an administrative distance of 200 in accordance with the access list. This ensures that the RIP path will be favored if it is available.

Example 17-5 Changing the Administrative Distance to Favor RIP

Example 17-5 Changing the Administrative Distance to Favor RIP (Continued)

The distance command sets the administrative distance for the EIGRP 100 process. It changes the distance from 90 to 200, which makes the routes that RIP offers more favorable because RIP has an administrative distance of 120. The use of 0.0.0.0 with a wildcard mask of 255.255.255.255 is just as a placeholder. It indicates that although the command allows for a network to be specified so that the administrative distance can be applied selectively to that network, in this configuration, no network has been selected. The command has been applied to all networks. You do want the administrative distance to be altered on two networks, however. This granularity cannot be stated in the distance command; therefore, an access list is used. In the example, the number 3 at the end of the command line points to the access list that carries that number as an identifier. The access list, by permitting networks 140.100.1.0 and 140.100.2.0, is identifying the networks to which the distance command is to be applied.

Example 3: A Default Network in a Redistributed Environment
The use of the default network simplifies the configuration of a redistributed network by allowing the redistribution to be one-way. This significantly reduces the possibility of feedback of networks into the originating domain. The configuration for this example is inset within Figure 17-11 because the configuration of more than one router is shown.

Figure 17-11 The Use of a Default Network in a Redistributed Network to Resolve Problems with Path Selection

In this design, every router and, therefore, workstation within the RIP domain sees its own internal networks, but all other networks are accessed via the default route. Router B’s configuration is shown in Example 17-6.

Example 17-6 Router B Configuration

Router A redistributes between RIP and EIGRP and acts as an ABR in OSPF, with the RIP domain acting as a stub network. The default route is configured as a static route on Router A, redistributed into RIP, and propagated throughout the RIP domain. The internal RIP-only routers must be configured to accept a default route with a destination network because it is only reachable via a route default.

The configuration for Router A is shown in Example 17-7.
Example 17-7 Router A Configuration

The redistribution on Router A can now be one-way. EIGRP needs to know all the networks in the RIP domain, but RIP, when configured with a default route, needs no understanding of the outside world. The RIP domain works in a similar fashion as a stub network in OSPF.

Controlling Routing Updates with Filtering
Despite all the mechanisms for controlling and reducing the routing updates on your network, it is sometimes necessary to wield greater and more flexible power. This comes in the form of access lists, which when applied to routing updates are referred to as distribute lists.

The logic used in the distribute list is similar to that of an access list. The process is listed in the following text:
1. The router receives a routing update or is about to send a routing update about one or more networks.
2. The router looks at the appropriate interface involved with the action to check for filtering.
3. The router determines whether a filter is associated with the interface.
4. If a filter is present, the router examines the access list to see if there is a match on any of the networks in the routing update.
5. If there is no filter on the interface, the routing update is sent directly to the routing process as normal.
6. If there is a filter, the route entry is processed according to the distribute list: advertise the route if matched by a permit statement or do not advertise if it is matched by a deny statement.
7. If no match is found in the distribute list, the implicit deny any at the end of the access list will cause the update to be dropped.

Routing updates can be filtered for any routing protocol by defining an access list and applying it to a specific routing protocol. There are some limitations to distribute lists when applied to OSPF. For example, the inbound list prevents routes entering the routing table but does not prevent link-state packets from being propagated.

When creating a routing filter or distribute list, the following steps should be taken:

■ Write out in longhand what you are trying to achieve.
■ Identify the network addresses to be filtered, and create an access list. Permit the networks you want to have advertised.
■ Determine whether you are filtering routing updates coming into the router or updates to be propagated to other routers.
■ Assign the access list using the distribute-list command.

Use the following command syntax to configure the distribute list to filter incoming updates:
Router(config-router)#distribute-list { access-list-number | name} in [ type number]

Table 17-11 explains the options of this command.
Table 17-11 Explanation of the distribute-list in Command Options

Verifying, Maintaining, and Troubleshooting the Implementation of Redistribution and Filtering
The key to maintaining and troubleshooting the redistribution within your network is to have a clear understanding of the network topology from both a physical and a logical perspective. The traffic flows—the peaks and lows in the traffic volume—are also important in truly understanding the connectivity issues within the network. From this vantage point, it is possible to interpret the output presented by the various tools available.

Most of the appropriate commands in tracking redistribution problems are ones that have beenexamined earlier. They include the following:

Verifying, Maintaining, and Troubleshooting the Implementation of Redistribution and Filtering 651
■ show ip protocol
■ show ip route
■ show ip route routing-protocol
■ show ip eigrp neighbors
■ show ip ospf database
In addition to these commands, the trace and extended ping commands are also very useful.

The trace Command

The trace command is invoked from user mode, whereas the extended trace is only available fromthe exec privileged level. This shows the routers that a packet has passed through to reach its destination.

The extended trace test is called by entering the command without any destination. This results in the utility asking a series of questions, allowing you to change the defaults.

The Extended ping Command
To check host reachability and network connectivity, use the ping privileged exec command. The extended ping utility is called by entering the command without any destination. This results in the utility asking a series of questions, allowing you to change the defaults.

Using trace and Extended ping
You do not use trace to determine the path taken, but rather to identify where there is a problem in the network. Where the trace utility fails indicates a good starting point for troubleshooting a complex network.

The trace command is not very useful in reflecting the routing path because path changes are not shown. The extended ping command, however, is very useful because it announces every interface that it traverses if the record option is selected. The limitation is the maximum hops that it can report, which is nine.

It is also possible to specify a source address in the trace or ping commands (as long as it is an interface on the router). This can be useful for testing certain types of access lists, route maps, and so on. Otherwise, the route will choose the source address of its own interface closest to the destination. It is also useful for testing network reachability from the far end.

Foundation Summary
The “Foundation Summary” section of each chapter lists the most important facts from the chapter. Although this section does not list every fact from the chapter that will be on your exam, a wellprepared candidate should, at a minimum, know all the details in each “Foundation Summary” before going to take the exam.

Various methods enable you to control the routing information sent between routers. These methods include the following:

■ Passive interfaces —An interface that does not participate in the routing process. In RIP and IGRP, the process listens but will not send updates. In OSPF and EIGRP, the process neither listens nor sends updates because no neighbor relationship can form.

The interfaces that participate in the interior routing process are controlled by the interface configuration. During configuration, the routing process is instructed via the
network command on which interfaces to use. Because most protocols express the networks at the major boundary, interfaces that have no reason to send this protocol’s
updates propagate the data across the network. This is not only a waste of bandwidth but, in many cases, can also lead to confusion.

■ Default route —A route used if there is no entry in the routing table for the destination network. If the lookup finds no entry for the desired network and no default network is configured, the packet is dropped.

If the routing process is denied the right to send updates, the downstream routers will have a limited understanding of the network. To resolve this, use default routes. Default routes reduce overhead, add simplicity, and can remove loops.

■ Static routes —A route that is manually configured. It takes precedence over dynamic routes learned via a routing process.

If no routing process is configured, static routes might be configured to populate the routing table. This is not practical in a large network because the table cannot learn of
changes in the network topology dynamically. In small environments or for stub networks, however, this is an excellent solution.

■ The null interface —An imaginary interface that is defined as the next logical hop in a static route. All traffic destined for the remote network is carefully routed into a black hole. This can be used in a similar way as the passive interface, but it allows for greater granularity in the denied routes.

It is also used to feed routes into another routing protocol. It allows another mask to be set and, therefore, is useful when redistribution occurs between a routing protocol
that uses VLSM and one that does not. In this way, it aggregates routes as shown in the previous chapter.

■ Distribute lists —Access lists applied to the routing process, determining which networks will be accepted into the routing table or sent in updates.

When communicating to another routing process, it is important to control the information sent into the other process. This control is for security, overhead, and management reasons. Access lists afford the greatest control for determining the traffic flow in the network.

■ Route maps —Complex access lists permitting conditional programming. If a packet or route matches the criteria defined in a match statement, changes defined in the set command are performed on the packet or route in question.

Table 17-13 shows the requirements of automatic redistribution between routing protocols.
Table 17-13 Automatic Redistribution Between Routing Protocols

The following list explains the logic used in a distribute list:

1. The router receives a routing update or is about to send a routing update about one or more networks.
2. The router looks at the appropriate interface involved with the action to check for filtering.
3. The router determines whether a filter is associated with the interface.
4. If a filter is present, the router examines the access list to see if there is a match on any of the networks in the routing update.
5. If there is no filter on the interface, the routing update is sent directly to the routing process, as normal.
6. If there is a filter, the route entry is processed according to the distribute list: advertise the route if matched by a permit statement or do not advertise if it is matched by a deny statement.
7. If no match is found in the distribute list, the implicit deny any at the end of the access list will cause the update to be dropped.

Figure 17-12 shows the decisions that are made when a distribute list is applied to an incoming routing update, and Figure 17-13 shows the decisions made for an outgoing routing update. The logic used in a distribute list is similar to an access list and is summarized in the following chart. Refer to the section “Controlling Routing Updates with Filtering” for a detailed discussion of this subject.

Figure 17-12 Distribute List Logic on an Incoming Update

Figure 17-13 Distribute List Logic on an Outgoing Update

Q&A
As mentioned in the introduction, “All About the CCNP, CCDP, and CCIP Certifications,” you have two choices for review questions. The questions that follow next give you a bigger challenge than the exam itself by using an open-ended question format. By reviewing now with this more difficult question format, you can exercise your memory better and prove your conceptual and factual knowledge of this chapter. The answers to these questions are found in Appendix A.

For more practice with examlike question formats, including questions using a router simulator and multichoice questions, use the exam engine on the CD-ROM.

1. State two of the methods that Cisco recommends for controlling routing protocol traffic.
2. What is the default administrative distance for RIP?
3. State two instances when you do not want routing information propagated.
4. In what instances will EIGRP automatically redistribute?
5. Which command is used to view the administrative distance of a route in the routing table?
6. When is redistribution required?
7. Why does Cisco recommend that you not overlap routing protocols?
8. Why would you want to prevent routing updates across an on-demand WAN link?
9. What is the metric used for in a routing protocol?
10. Give two reasons for using multiple routing protocols.
11. In a very large environment, the various domains might have different requirements, making a single solution inefficient. A clear example is the case of a large multinational corporation, where EIGRP is the protocol used at the access and distribution layers, but BGP is the protocol connecting the core. When implementing redistribution, state one possible problem that you might experience, and explain why it is a problem.
12. Which has a lower administrative distance, IGRP or OSPF?
13. What command is used to configure an outbound route filter?
14. What is a passive interface?
15. What is the purpose of administrative distance?
16. What is the concern of redistributing into a redundant network?
17. What is a default network?
18. Why is it necessary to configure a default metric when redistributing between routing protocols?
19. Which command is used to modify the administrative distance of a route?
20. What is the difference in processing for an inbound and an outbound route filter?

Scenario
The following scenarios and questions are designed to draw together the content of the chapter and to exercise your understanding of the concepts. There is not necessarily a right answer. The thought process and practice in manipulating the concepts are the goals of this section. The answers to the scenario questions are found at the end of this chapter.

Scenario 17-1
Duddleduddle is a large hospital with several sites in the city. Although the sites connect to a centralized patient and administration database, the hospital has fought for local autonomy based on the specialization of the site and the fact that it is its own business unit. An IT group manages the central administration and oversees the other sites. The chief information officer (CIO) who ran this group and the overall network has left because of political wrangling. The new CIO, recently appointed, is attempting to sort out the mess.

This new CIO has the agreement of the other hospital sites that there should be one routing protocol, as opposed to the four that are currently running. In turn, he has agreed to implement filtering to improve the network performance, grant some basic security, and indulge some turf wars.

The first step to creating a single routing protocol network is to redistribute the protocols so that the network can see all the available routes. Unfortunately, the routing protocols are aware of multiple path destinations. Therefore, the implementation must be done not only with consideration to preventing routing loops, but also with optimal path selection.

Figure 17-14 shows the network topology for the hospital Duddleduddle.
Using the figure as reference, complete the following exercises.

1. Issue the configuration commands for the RIP network to be redistributed on Router A into EIGRP.
2. On Router A, ensure that the interfaces running EIGRP do not have RIP updates generated through them or that the RIP interfaces do not have EIGRP updates running through them.
3. The site running IGRP and the site running EIGRP are running different autonomous system numbers. How would you implement a transition to both sites running EIGRP using the same autonomous system number?

Figure 17-14 Topology for the Scenario 17-1 Network

4. The OSPF redistribution into RIP has been implemented, but users are complaining about delays. State the first step that you would take to verify the configuration.
5. The CIO has been asked to submit a transition plan to the board of trustees that includes a reasoned explanation for the need for redistribution. What should it look like?

Scenario Answers
The answers provided in this section are not necessarily the only possible answers to the questions. The questions are designed to test your knowledge and to give practical exercise in certain key areas. This section is intended to test and to exercise skills and concepts detailed in the body of this chapter.

If your answer is different, ask yourself whether it follows the tenets explained in the answers provided. Your answer is correct not if it matches the solution provided in the book, but rather if it has included the principles of design laid out in the chapter.

In this way, the testing provided in these scenarios is deeper: It examines not only your knowledge, but also your understanding and ability to apply that knowledge to problems.

If you do not get the correct answer, refer back to the text and review the subject tested. Be certain also to review your notes on the question to ensure that you understand the principles of the subject.

Scenario 17-1 Answers
1. Issue the configuration commands for the RIP network to be redistributed on Router A into EIGRP.
The commands are as follows:

2. On Router A, ensure that the interfaces running EIGRP do not have RIP updates generated through them or that the RIP interfaces do not have EIGRP updates running through them.

Strictly speaking, the passive-interface command on s0.2 is not required because the interface address is different from that stated in the network command. The same is true for RIP. To ensure this:

3. The site running IGRP and the site running EIGRP are running different autonomous system numbers. How would you implement a transition to both sites running EIGRP using the same autonomous system number?

There are several ways to transition from different autonomous systems to one autonomous system so that IGRP and EIGRP automatically redistribute. The methods include the following:

— Configuring redistribution at both sites, and in a controlled manner during downtime, switching all the routers in the IGRP site to the same autonomous system as that of
EIGRP. Because the prevailing routing protocol is to be EIGRP, it makes sense that IGRP is the protocol to have its autonomous system number changed.

— Another approach, and one favored by many, is to configure EIGRP with the same autonomous system number on all routers at the IGRP site. As part of the configuration, increase the administrative distance of EIGRP to be 200 so that none of the routes is acceptable to the routing process. Then, during downtime on the systems, cut over to the EIGRP process by changing its administrative distance back to the default of 90. This can be done by simply adding the word no in front of the existing command. The beauty of this plan is that everything can be put in place before the cutover; if problems are experienced, it is equally easy to reverse the command to return to the IGRP configuration.

4. The OSPF redistribution into RIP has been implemented, but users are complaining about
delays. State the first step that you would take to verify the configuration.

The first step is to issue the following commands, perhaps on both the OSPF and RIP routers:

— show ip route : To ensure that each routing process sees the appropriate paths. A routing loop might be visible here.
— extended ping : To see the path that is taken to the remote locations. A routing loop could be detected.
— show ip protocols : To see how RIP and OSPF are being redistributed, what the default metrics are, and whether there are any distribute lists impeding the flow of
updates.
— show ip ospf database : To ensure that all the routes are in place. Again, errors leading to a routing loop could be detected here.
— show ip ospf neighbor : To ensure that OSPF can still see the adjacent routers.

5. The CIO has been asked to submit a transition plan to the board of trustees that includes a reasoned explanation for the need for redistribution. What should it look like?

It should include the following:

— The transition would happen at the main site where the centralized records and databases are maintained. This is because this site must be the most stable because it
serves the other sites.
— The next step would be to review the addressing scheme to ensure that it was hierarchical and could support summarization and VLSM.
— The redistribution between IGRP and EIGRP is the easiest to effect and should be performed in accordance to the answer in question 3.
— Because the non-Cisco Systems equipment for RIP and OSPF machines might not support EIGRP, a careful assessment should be done, and plans should be made to
upgrade the equipment as necessary. However, the network administrator should be reminded that it is not necessary for hosts to run RIP. If hosts run RIP, it can lead to a
very unstable network. Therefore, all hosts should be configured with a default gateway address.
— Configure redistribution in the network to ensure the full connectivity throughout the campuses.
— When redistribution is in place, centralization of resources and maintenance of the data and network can be implemented, granting a full exchange of information
throughout the hospital to harness the power of the information available.

No comments yet

Leave a Reply

You must be logged in to post a comment.