Issues with Multiple Redistribution Points
The issues revolve around the concept that a route in one domain can be advertised into another domain, and then back into the original routing domain. This problem does not occur, at least with default settings, when EIGRP is one of the two routing protocols
The twice-redistributed route then has a better metric than the route that was advertised only internal to that routing domain.
Prevent routing domain loops with higher metrics
One easy method of preventing the domain loop problem is to assign purposefully high metric values when redistributing routes.
Note that OSPF actually defeats the domain loop problem without using the higher metrics. OSPF always prefers internal routes over E1 routes, and E1 routes over E2 routes, before even considering the metrics.
Preventing Routing Domain Loops with Administrative Distance
Each router associates an administrative distance (AD) with every route it considers to be added to the routing table. Recall that when a router must consider multiple routes from different sources for the exact same prefix/length, the first item considered by the router is not the metric, but rather the AD. The lower the AD, the better the route.
Note that the AD is a local setting on a router and cannot be advertised to neighboring routers.
The reason that the default EIGRP AD settings work well can be summarized generically as follows:
For each of the two routing protocols, the AD used for internal routes for one routing protocol is better than the AD used for external routes by the other routing protocol.
When comparing EIGRP’s and OSPF’s defaults, both of the generic criteria are met:
- EIGRP internal AD 90 < OSPF external AD 110
- OSPF internal AD 110 < EIGRP external AD 170
Likewise, when redistributing between EIGRP and RIP:
- EIGRP internal AD 90 < RIP external AD 120
- RIP internal AD 120 < EIGRP external AD 170
Redistribute between OSPF and RIP
When redistributing between OSPF and RIP, the default AD settings do not defeat the domain loop problem. However, Cisco IOS supports the definition of different AD settings for all routing protocols. With EIGRP, the internal and external AD settings can be overridden, although the defaults work well for the prevention of domain loops. OSPF can be configured to use a different AD for external routes, intra-area routes, and interarea routes. RIP, which does not have a concept of internal and external routes, can only be set with a single AD value.
Following table list the commands to set AD value:
| Protocol | Command |
| RIP | distance ad-value |
| EIGRP | distance eigrp internal-ad external-ad |
| OSPF | distance ospf {external ad-value} { intra-area ad-value } { inter-area ad-value } |
To defeat the OSPF-RIP domain loop problem by setting AD, just configure the AD for OSPF external routes using the distance ospf external ad-value command in OSPF configuration mode. The actual AD value does not matter much, but it should be higher than RIP’s AD on that same router. For example, the distance ospf external 130 command in OSPF configuration mode results in the following, assuming that all other AD values are
set to their defaults:
- RIP internal AD 120 < OSPF external AD 130
- OSPF internal AD 110 < RIP external AD 120
Domain Loop Problems with More Than Two Routing Domains
The steps noted in the figure are as follows:
Step 1. Router R9 advertises a route for network 172.20.0.0/16 from the RIP domain into the EIGRP domain, where the route is treated with (default) AD 170 as an external route.
Step 2. Router RD1 redistributes this EIGRP external route into OSPF, where it is treated as an E2 route, AD 110, by default.
Step 3. Router RD2 uses the AD 110 E2 route, rather than the AD 170 EIGRP external route, as its best route for 172.20.0.0/16. As a result, RD2 can then redistribute that OSPF route back into EIGRP as an external route.
Step 4. Router R4 learns of two external routes for 172.20.0.0/16, and the routes tie based on AD (170). R4 might have a better EIGRP metric through RD2, depending on the metrics used at redistribution, preferring this long route through the OSPF domain as shown.
This is just one example case for such problems, but the problem exists, because the obviously better route and the longer domain loop route are both external routes.
Use Per-route AD setting
You should use the following command on the router into which another routing protocol’s routes will be advertised.
Syntax: distance distance type5-LSA-adv-router wc-mask [ acl-number-or-name ]
- Fist, the type5-LSA-adv-router is the router-ID of the router that advertise the external link. It is the R1 in the example above.
- Then, the distance is the Administrative Distance. Note that the AD must be bigger than the external AD of the routing domain, into which another routing protocol’s routes are advertised.
- wc-mask is the wild card mask, typically 0.0.0.0 when you have only one redistributing router.
- ACL-number-or-name: is the acl with permit clause and the prefix which will be advertised into the domain.
For example:
RD2(config)# router ospf 2 RD2(config-router)# distance 171 1.1.1.1 0.0.0.0 match-172-20 RD2(config-router)# ip access-list standard match-172-20 RD2(config-std-nacl)# permit host 172.20.0.0
Preventing Domain Loops by Filtering Subnet While Redistributing
Following are the steps as listed in the figure:
Step 1. Router R9 advertises a route for network 172.20.0.0/16 from the RIP domain into the EIGRP domain.
Step 2. Routers RD1 and RD2 both redistribute this EIGRP external route into OSPF.
Step 3. Both RD1 and RD2 flood the route advertisement for the OSPF external route throughout the OSPF domain.
Step 4. Both RD1 and RD2 apply a route map to their redistribution from OSPF into EIGRP, filtering routes with prefix 172.20.0.0.
The configuration itself uses the same methods and commands as included earlier in the section “Filtering Redistributed Routes with Route Maps.”
Preventing Domain Loops by Filtering on Route Tag Using Distribute Lists
A route tag is a unitless 32-bit integer that most routing protocols can assign to any given route.
Scenario 1 of route tag, determine routing according to Origin:
The two routers on the left each redistribute routes from the smaller companies into the EIGRP domain, which is a public area.
The routers apply a route tag of 1 to each route from OSPF domain company 1 (command set tag 1) and a tag of 2 to routes redistributed from OSPF domain company 2 (command set tag 2). The actual numbers do not matter, as long as they are unique.
On the right, the routers know that the routes from OSPF domain company 1 have route tag 1, and only these routes should be redistributed into the right part of OSPF domain company 1. So, when redistributing into OSPF domain company 1, the route map makes a comparison of the route tag (command match tag 1 ) and allows only those routes.
Similarly, when redistributing into right part of OSPF domain company 2 from public EIGRP domain, the match tag 2 command would be used.
Scenario 1 of route tag, preventing routing loop
The following is the routing protocol configuration on RD1
RD1(config)# route-map set-tag-11 permit 10
RD1config-route-map)# set tag 11………..
RD1(config)#router ospf 2
RD1(config-router)# router-id 3.3.3.3
RD1(config-router)# log-adjacency-changes
RD1(config-router)# redistribute eigrp 1 subnets route-map set-tag-11
RD1(config-router)# network 172.30.0.0 0.0.255.255 area 0
!
The following is the routing protocol configuration on RD2
RD2(config)#route-map stop-tag-11 deny 10
RD2(config-route-map)# match tag 11 //mapping theset tag 11on RD1
!
RD2(config)# route-map stop-tag-11 permit 20RD2(config-route-map)# //empty, so all other routes match this condition, will be allowed.
!
RD1(config)#router eigrp 1
RD1(config-router)#redistribute ospf 2 metric 1000 200 255 1 1500 route-map stop-tag-11
RD1(config-router)#network 172.16.0.0
RD1(config-router)#no auto-summary
!