distance ip-address wildcard-mask [ip-standard-acl | ip-extended-acl | access-list-name]
access-list option assumes that AD can be changed per IP subnet. Let's see how it works in RIPv2, EIGRP and OSPF.
I have very simple topology here
R1-------------------R2
Router R1 advertises 2 networks into RIP which we can see on R2:
R2#show ip route rip
R 192.168.200.0/24 [120/1] via 192.168.12.1, 00:00:11, FastEthernet0/0
R 192.168.100.0/24 [120/1] via 192.168.12.1, 00:00:11, FastEthernet0/0
Both routes have administrative distance 120 as it is default for RIP. Let's change AD for 192.168.100.0/24 R2#conf t
R2(config)#access-list 10 permit 192.168.100.0 0.0.0.255
R2(config)#router rip
R2(config-router)#distance 150 192.168.12.1 0.0.0.0 10
R2(config-router)#end
Now, we'll give it some time since RIP is notoriously slow to converge protocol and check
R2#show ip route rip
R 192.168.200.0/24 [120/1] via 192.168.12.1, 00:00:02, FastEthernet0/0
R 192.168.100.0/24 [150/1] via 192.168.12.1, 00:00:02, FastEthernet0/0
As you can see, 192.168.100.0/24 now has administrative distance 150
2. EIGRP
Now I configure EIGRP between my two routers
R2#show ip route eigrp
D 192.168.200.0/24 [90/156160] via 192.168.12.1, 00:00:13, FastEthernet0/0
D 192.168.100.0/24 [90/156160] via 192.168.12.1, 00:00:13, FastEthernet0/0
And repeat:
R2(config)#router eigrp 1
R2(config-router)#distance 150 192.168.12.1 0.0.0.0 10
R2(config-router)#end
Unlike RIP, EIGRP converges almost instantly:
R2#show ip route eigrp
D 192.168.200.0/24 [90/156160] via 192.168.12.1, 00:00:02, FastEthernet0/0
D 192.168.100.0/24 [150/156160] via 192.168.12.1, 00:00:02, FastEthernet0/0
3. OSPF
R2#show ip route ospf
O 192.168.200.0/24 [110/2] via 192.168.12.1, 00:00:17, FastEthernet0/0
O 192.168.100.0/24 [110/2] via 192.168.12.1, 00:00:17, FastEthernet0/0
In case of OSPF IP address in distance command should be router-id of OSPF neighbor from which route is learned.
R2#conf t
R2(config)#router ospf 1
R2(config-router)#distance 150 1.1.1.1 0.0.0.0 10
R2(config-router)#end
R2#sho ip route ospf
O 192.168.200.0/24 [110/2] via 192.168.12.1, 00:02:55, FastEthernet0/0
O 192.168.100.0/24 [150/2] via 192.168.12.1, 00:02:55, FastEthernet0/0
Once again, AD has changed to 150 for 192.168.100.0/24
Let's consider more complex OSPF scenario:
R2 and R3 advertise 192.168.100.0/24 and 192.168.200.0/24 to R4.
R4#sho ip route ospf | begin 192.168.200.0
O 192.168.200.0/24 [110/2] via 192.168.34.3, 00:00:10, FastEthernet0/0
[110/2] via 192.168.24.2, 00:00:10, FastEthernet0/1
O 192.168.100.0/24 [110/2] via 192.168.34.3, 00:00:10, FastEthernet0/0
[110/2] via 192.168.24.2, 00:00:10, FastEthernet0/1
Both paths are equal and R4 will use both of them by default. Now, for some hard to explain reason we want to use R3 as our primary path to 192.168.100.0/24. It should be easy, all we need to do is to apply our access-list 10 from above to routes we receive from R2 (OSPF router-id 2.2.2.2):
R4#conf t
R4(config)#router ospf 1
R4(config-router)#distance 150 2.2.2.2 0.0.0.0 10
R4(config-router)#end
We can not use "ip ospf cost" command since it affects all routes coming via that interface. Routing check:
R4#sho ip route ospf | begin 192.168.100.0
O 192.168.100.0/24 [150/2] via 192.168.34.3, 00:15:07, FastEthernet0/0
[150/2] via 192.168.24.2, 00:15:07, FastEthernet0/1
Hmm, 192.168.100.0/24 still has AD of 150 for both next hops. What happened? After doing a lot of digging I found this post from Mike Timm. Cisco bug CSCeh44993 prevents modifying administrative distance per route per neighbor in OSPF. Alas, Cisco decided not to fix it and make it a feature.
No comments:
Post a Comment