Republish, redistribute and redistribute:
When there are two routing protocols or different processes of the same in a network;
Protocols, processes, databases and information are independent and not shared;
Redistributing technology can share routing entries between two protocols or two processes to achieve the accessibility of the whole network;
Focus:
1. ASBR - autonomous system boundary router (protocol boundary router)
The republishing action can only be completed by ASBR, which works between two protocols or two processes at the same time;
2. Seed metric - initial metric - because different protocols have different metric calculation parameters and different maximum values;
Therefore, when publishing protocol A to protocol B, ASBR will clear the measurement of the entry in protocol A, but artificially add A starting measurement value, and then share the routing entry in protocol B; The start metric can be superimposed based on the internal protocol B;
Rules:
1. When publishing A protocol to B protocol, the command configuration is carried out in B protocol on ASBR;
2. When publishing A protocol to B protocol, all routes directly connected to A protocol on ASBR and all routes learned by ASBR through A protocol are shared in B protocol;
Noun:
Single point multipoint unidirectional bidirectional
Configuration command:
Three aspects
A protocol publishing B: publishing a dynamic routing protocol to another dynamic routing protocol
Or publish process A of the same protocol to process B
Static - > b protocol republishes the static handwritten route on ASBR to a dynamic routing protocol
Direct connection - > b protocol republishes the direct connection entries on ASBR that are not declared to a dynamic routing protocol to this protocol
Rip:
A–>B
[r4]rip 1 [r4-rip-1]import-route ospf 1 [r4-rip-1]import-route ospf 1 cost 2 You can modify the default seed metric, which is 0 by default;
Static – > b
[r4-rip-1]import-route static The default value is 0; The default static route cannot be carried out through republishing;
Direct connection – > b
[r4]ospf 1 [r4-ospf-1]import-route direct The default value is 0; Note: the route learned by other dynamic routing protocols is republished to enter rip At the same time, it will also ASBR Not working on RIP Route republished to RIP;If they publish some of the same routing entries, it is preferable to republish the direct connection;
OSPF:
A–>B
[r4]ospf 1 [r4-ospf-1]import-route rip 1
The default import route has a priority of 150; Class 5 or 7 LSA sharing;
The default seed metric is 1; Type 2;
Type 2 means that the cost value only displays the seed measurement, and does not display the total measurement after accumulation along the way; However, the route selection is based on the total measurement (seed measurement + accumulation along the way);
[r4-ospf-1]import-route rip 1 type 1 Modification type [r4-ospf-1]import-route rip 1 cost 2 type 1 Both type and seed metrics are modified
Type 1 shows the total measurement; Type 1 is better than type 2 in route selection;
Static – > b
[r4-ospf-1]import-route static
The default seed metric is 1; Type 2;
The default route cannot be imported when the static route is republished; Only special commands can be used to import the default routes generated by ASBR from other protocols
[r4-ospf-1]default-route-advertise
Direct connection – > b
[r4-ospf-1]import-route direct
The default seed metric is 1; Type 2;
Multipoint bidirectional republication
Multipoint bidirectional republication: between two routing protocols or two processes of the same protocol, multiple ASBR s are used for republication to realize link backup and improve network stability and efficiency;
In multi-point two-way republication, after the republication of the first ASBR is completed, it may republish the routing entries to protocol B, which will affect other absrs and refresh their routing tables; It causes routing entries to be published from protocol A to protocol B, and then return to protocol A - routing feedback - resulting in serious poor routing;
Solution: in the eigrp protocol of cisco system, there will be no route feedback when the eigrp protocol is republished with other protocols by default - the rip priority in cisco system is 120 ospf 110 eigrp 90, but the priority of the route republished into the eigrp part is 170;
Due to different priorities, the first ASBR cannot affect the routing table of the other ASBR after republishing, so there is no routing feedback;
In the Huawei system, since there is no eigrp, Huawei also uses the method of double priority in ospf protocol;
The routing priority normally generated by ospf is 10, and the route generated by republishing the incoming class 5 / 7 LSA is 150;
Note: in ospf protocol, the default working mode of loopback is based on 32-bit host routing; Therefore, in multi-point bidirectional republication, when the loopback interface belonging to ospf protocol on ASBR is republished, ospf is passed as 32 bits, and other protocols will share according to the actual mask of the interface; If the masks are inconsistent, it will lead to routing problems. Configure the loopback interface as a 32-bit host route, or modify the working mode of the loopback interface in ospf protocol
In the rip protocol, due to the horizontal segmentation of the interface, when the redistributed route and the local normal learning route have the same measurement, the load will be balanced, resulting in the failure of normal routing and wrong Routing - routing strategy
Due to the republication protocol, in the process of republishing route entries, the original measurement value will be cleared and A new starting measurement value will be added; Therefore, in multi-point two-way republication, after protocol A route is published to protocol B, the routing from protocol B to protocol A may be poor - routing strategy;
Routing policy:
Noun:
Control level: the flow of routing protocol information transmitted by dynamic routing protocol, and the direction is the flow direction of control level
Data level: the router uses the generated routing table to forward the user data traffic; The direction is opposite to the control level
Routing strategy: when the traffic at the control level enters or leaves the router interface, grab the traffic; Modifying or discarding the content will eventually affect the generation of routing table and interfere with the routing of router;
[1] Grab flow
1) ACL access control list
ACL is designed to deal with the restriction of data level traffic; It can also be used to capture the flow at the control level;
However, because the design of ACL is based on data level traffic, it does not pay attention to the subnet mask in the data packet; So that it may not be able to match accurately when grasping the flow of the control layer;
2) Prefix list – it is specially used to capture the traffic at the control level and accurately match the subnet mask
[r1]ip ip-prefix aa permit 1.1.1.0 25
Customize a list named aa to capture the traffic of network number 1.1.1.0/25;
The default step of the serial number is 10 for easy insertion
[r1]ip ip-prefix aa index 13 permit 3.3.3.0 24 [r1]ip ip-prefix aa permit 4.4.4.0 24 less-equal 26 Mask length 24 to 26 [r1]ip ip-prefix aa permit 5.5.5.0 24 greater-equal 30 Mask length 30 to 32 [r1]ip ip-prefix aa permit 5.5.5.0 24 greater-equal 26 less-equal 30 26 To 30 length<=ge<=le.
Matching rule: match one by one from top to bottom; If the previous item matches, the previous item will be executed, and the next item will not be viewed; By default, all are implicitly rejected;
[r1]ip ip-prefix aa permit 0.0.0.0 0 less-equal 32 Allow all
[2] Routing policy - modify the parameters in the traffic control layer
1) The offset list of cisco is a routing strategy in cisco system, but not in Huawei system; Instead, the distance vector protocol such as RIP is dedicated to the operation of modifying the measurement; In cisco, the offset list can only be used in distance vector protocols such as RIP and eigrp, and so can Huawei; Under cisco, ACL can only be used to serve it; Under Huawei, ACL and prefix list are OK;
[r1]ip ip-prefix aa permit 2.2.2.0 24 Grab using prefix list;ACL Can also
[r1]interface GigabitEthernet 0/0/1 Interface for flow transmission at control level
[r1-GigabitEthernet0/0/1]rip metricin ip-prefix aa 2 Flow in, matching prefix list aa,Metric plus 2
metricout 2000 2 Flow out, matching acl 2000,Metric plus 2
The strategy is hop by hop, and the effect can be superimposed; The multiple interfaces through which the traffic passes in the whole path are configured with measurement increase, and finally the total increase measurement;
2) Distribution list under cisco; Huawei is a filtering strategy;
First use ACL or prefix list to match traffic; Then, the transmission of routing entries is limited on the input or output interface of control level traffic;
[r2]ip ip-prefix qq deny 2.2.2.0 24 [r2]ip ip-prefix qq permit 0.0.0.0 0 less-equal 32 [r2]rip 1 [r2-rip-1]filter-policy ip-prefix qq ? export Specify an export policy Exit direction import Specify an import policy Entry direction [r2-rip-1]filter-policy ip-prefix qq export GigabitEthernet 0/0/0
Remember: if ACL is used to define traffic, all commands are allowed at the end of Huawei ACL, but all commands must be manually configured in the filtering policy;
Note: OSPF protocol cannot be called in the outgoing direction normally, because the topology update used by OSPF cannot restrict the transmission of topology in the same area; Normally, it can only be called in the incoming direction, which does not affect the synchronization of the database, but only does not load the route calculated by the LSA into the route table;
If you want to call the exit, you can call the 3 / 4 / 5 / 7 lsa on ABR/ASBR;
3) cisco's route map Huawei routing strategy
1. Catch traffic - both acl and prefix list
[r2-acl-basic-2000]rule 1 permit source 1.1.1.0 0.0.0.0 [r2-acl-basic-2000]q [r2]acl 2001 [r2-acl-basic-2001]rule permit source 1.1.2.0 0.0.0.0 [r2-acl-basic-2001]q [r2]ip ip-prefix a permit 1.1.3.0 24 [r2]ip ip-prefix b permit 1.1.4.0 24
2. Routing strategy
[r2]route-policy huawei deny node 10 Create a file named huawei For the routing policy of, the major action is reject, and the sequence number is 10 [r2-route-policy]if-match acl 2000 Match one ACL [r2-route-policy]q [r2]route-policy huawei permit node 20 list huawei No. 20, large action is allowed [r2-route-policy]if-match acl 2001 Match one ACL [r2-route-policy]apply cost-type type-1 Define the small action as the modification measurement type, which is type 1; [r2-route-policy]q [r2]route-policy huawei permit node 30 [r2-route-policy]if-match ip-prefix a Match prefix list [r2-route-policy]apply cost 7 [r2-route-policy]q [r2]route-policy huawei permit node 40 [r2-route-policy]if-match ip-prefix b [r2-route-policy]apply cost-type type-1 [r2-route-policy]apply cost 8 [r2-route-policy]q [r2]route-policy huawei permit node 50 Empty table, all are allowed; [r2-route-policy]q
3. Called when republishing
[r2]ospf 1 [r2-ospf-1]import-route rip 1 route-policy Huawei
Configuration Guide:
1. Even if you want to reject a traffic, you must use allow when fetching, and then reject it in the routing policy;
2. Match one by one from top to bottom. The previous match is executed according to the previous one. You will no longer view the next one. All items are implicitly rejected at the end
3. In a rule, if there is no traffic matching, it is to match all; If there is no application, only the current large action is performed on the matching traffic;
Therefore, a large action is allowed, and an empty table means that all actions are allowed;
4. Or relationship with
Or relationship is the relationship between each site (each serial number);
No. 10 does not match the flow, and then No. 20;
[r3]ip ip-prefix a permit 1.1.1.0 24 [r3]acl 2000 [r3-acl-basic-2000]rule permit sou 12.1.1.2 0.0.0.0
route-policy huawei permit node 10
if-match ip-prefix a
If match IP next hop ACL 2000 and relationship - the matched traffic must meet these two conditions at the same time;
apply cost 10
Apply cost-type-1 and type-1, and perform two operations at the same time
The above is the target network number of routing entry 1.1.1.0/24, and the next hop of this entry is 12.1.1.2;
Summary or relationship with:
Items are matched one by one based on the site number (serial number) from top to bottom. The previous matching is executed according to the previous one, and the next - or relationship is not viewed
In each sequence number, match all traffic at the same time, and perform all small actions at the same time - relationship with