OSPF Distance Command question

Answered Question
Jun 21st, 2008

Hi everyone,

I have a home lab setup with three 3640 routers, easily named and connected as "Top", "Left", and "Right". They are connected in a triangle, with the top router on the top and the other two on the bottom. Each router has 2 serial cables connecting it to the other 2 routers, and each router has a loopback configured.

The link on the bottom is RIPv2, and the left side and right side links are running OSPF. I am redistributing from RIP to OSPF on the 2 bottom routers so that the top router can reach the bottom link. Everything is hunky-dory, except that suboptimal routes are being introduced due to OSPF having a lower AD than RIP - so the left router will reach the right router's loopback via the top router - taking a longer path through 2 serial ports because the OSPF route is preferred over the shorter RIP route. Fine - I understand this.

My idea was this - why not configure an access list permitting the RIP routes (the bottom serial link and the bottom two routers' loopbacks), and then apply a distance command of 125 in ospf using that access-list. I read in the CCNP book that this is a good way to prevent suboptimal routes from being installed in the routing table.

What happened, in effect, was this:

before distance command, the top router would reach the left router's loopback via it's serial connection to the left router.

after the distance command, the top router had 2 equal cost paths to the left router's loopback, one via the left router and the other via the right router.

the right router originated an LSA advertising the left router's loopack address via itself when I configured the distance command.

Here are the pertinent details of the routing table:

Before:

O E1 172.16.3.0 [110/84] via 172.16.2.2, 00:05:50, Serial1/0

After:

O E1 172.16.3.0 [110/84] via 172.16.6.2, 00:00:20, Serial1/1

[110/84] via 172.16.2.2, 00:00:20, Serial1/0

172.16.2.2 is the left router

172.16.6.2 is the right router with the distance command configured.

Any help would be greatly appreciated. Also any advice on a perhaps better way to avoid suboptimal routes that does not involve originating routes that a router should really not originate.

Cheers and thanks in advance.

Sincerely,

Jim Woodward

I have this problem too.
0 votes
Correct Answer by lee.reade about 8 years 6 months ago

Hi Jim,

The reason that the top only has one route for either left or right loopback prior to configuring the distance command, is because the other router uses the route from the top to get to the other router loopback.

IE. Left will use the route to right loopback, that it learns from top, which in turn learns it from right. Right will use route route to left loopback which it learns from top, which top learns from left.

This is because left and right have two possible routes to each others loopback, one via rip AD 120, and one via ospf AD 110, so ospf wins!

When you config the distance command, ospf does not win, rip does, so both left and right redistribute all their rip routes, which include each others loopbacks, into ospf, so top now has two routes to left and right loopback.

Always remember the golden rule, that a router will only redistribute a route from one protocol to another, if it is using that route! In this case, left is not using the route via rip to right loopback, so it does not redistribute right loopback into ospf, and vice versa!

HTH,

Cheers,

LR

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
lee.reade Mon, 06/23/2008 - 02:13

Hi Jim,

Another way to do this would be to do the distance command on the left&right, lowering the AD for the other rip routers loopback below 110, say 105.

Also, when reditributing the rip loopbacks into ospf, you should use a route-map and match the remote router loopback and set the metric to something higher than default (20) say 25, that way top will have one route to left loopback via left ospf metric 20, and one route to right loopback via right ospf metric 20, should either left or right link fail, then top will install the other ospf route with metric 25 to the loopbacks.

You can verify the routes are in fact in the ospf database on the top router, with different metrics using;

show ip ospf database external

Let me know if this helps.

Cheers

LR

jamesawoodward Mon, 06/23/2008 - 19:13

Hi LR,

(to be honest, I reposted this in the LAN Switching & Routing forum, so it's over there as well)

I'm sorry if I wasn't clear before. The loopbacks are not part of the OSPF process, they are in fact part of the RIP network. So the Left loopback, the Right loopback, and the Serial connection between the two routers comprise the RIP network.

OSPF area 0 is the Top router's loopback and the link btwn. the Top and Left routers.

OSPF area 172.16.6.0 is the link btwn. the Top and Right routers (as, I'm sure you guessed, the 172.16.6.0) subnet.

Both RIP routers are redistributing RIP into OSPF, metric-type 1, metric 55 (arbitrarily chosen by me). The Top router has 2 equal-cost paths to the serial link btwn. the two RIP routers - perfect.

The right router loses it's RIP route to the left router's RIP network loopback address, and vice versa, and instead installs the lower AD (but longer) OSPF route into its routing table.

My goal is this: that the left router reach the right router and the right router's loopback via RIP (1 hop) instead of via OSPF (2 serial links distance). And vice versa, for the right router to access the left router and it's loopback via the RIP Serial link btwn. them instead of the long way through OSPF via the Top router.

Here is the sho ip route for 172.16.5.1 (the right router's loopback) from the top router, before a distance command:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:06, Serial1/1

Here is the OSPF LSA for that route, pre-distance command:

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 975

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

This is the command configured on the middle router to block the right router's loopback from being installed into it's routing table via OSPF. the distance command does work for the left router - the OSPF route is replaced by the RIP route. the command:

Middle (config)# router ospf 1

Middle (config-router)# distance 125 172.16.5.1 0.0.0.0 1

Middle (config)# access-list 1 permit 172.16.5.1

Here are the effects this distance command has on the top router's routing table and the OSPF LSDB:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:10, Serial1/1

[110/119] via 172.16.2.2, 00:00:10, Serial1/0

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 17

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.3.1

LS Seq Number: 80000001

Checksum: 0x4F2B

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

Routing Bit Set on this LSA

LS age: 757

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

It's that first LSA entry for 172.16.5.1 which is being advertised by 172.16.3.1 (the left router that the distance command was configured on) that bugs me.

I hope this explanation is not too wordy, and I hope it helps.

Cheers.

Jim

**********

Above is more info on my setup, situation, and results.

To respond to your thoughts:

- do distance on the left & right, lowering teh AD for teh other rip routers loopback to 105

----> are you saying to do the distance command under RIP? And not under OSPF? because that's just brilliant!! I didn't think of that!

- when redistributing rip loopbacks . . . set metric to . . . 25 ...

-----> Okay, the left and right routers are both ASBRs, and are doing the redistribution. The top router is in both OSPF areas, but he just sits there and gets the redistributed RIP routes into OSPF. So I'm assuming you mean to configure the route-maps on the 2 bottom routers (left and right) - right? I can't see why this helps, or why it is necessary (at least in this small home-lab setup) for the following reasons:

RIP is running on both left and right, including both loopbacks. if the left router link to the top router goes down (I just tested this), I can still get to the Left router's loopback (from the Top router) via the Right router.

I'm sure there is something I'm not understanding. I really appreciate your help!!

Thanks a lot!

Jim Woodward

jamesawoodward Mon, 06/23/2008 - 19:15

Hi LR,

(to be honest, I reposted this in the LAN Switching & Routing forum, so it's over there as well)

I'm sorry if I wasn't clear before. The loopbacks are not part of the OSPF process, they are in fact part of the RIP network. So the Left loopback, the Right loopback, and the Serial connection between the two routers comprise the RIP network.

OSPF area 0 is the Top router's loopback and the link btwn. the Top and Left routers.

OSPF area 172.16.6.0 is the link btwn. the Top and Right routers (as, I'm sure you guessed, the 172.16.6.0) subnet.

Both RIP routers are redistributing RIP into OSPF, metric-type 1, metric 55 (arbitrarily chosen by me). The Top router has 2 equal-cost paths to the serial link btwn. the two RIP routers - perfect.

The right router loses it's RIP route to the left router's RIP network loopback address, and vice versa, and instead installs the lower AD (but longer) OSPF route into its routing table.

My goal is this: that the left router reach the right router and the right router's loopback via RIP (1 hop) instead of via OSPF (2 serial links distance). And vice versa, for the right router to access the left router and it's loopback via the RIP Serial link btwn. them instead of the long way through OSPF via the Top router.

Here is the sho ip route for 172.16.5.1 (the right router's loopback) from the top router, before a distance command:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:06, Serial1/1

Here is the OSPF LSA for that route, pre-distance command:

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 975

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

This is the command configured on the Left router to block the right router's loopback from being installed into it's routing table via OSPF. the distance command does work for the left router - the OSPF route is replaced by the RIP route. the command:

Left (config)# router ospf 1

Left (config-router)# distance 125 172.16.5.1 0.0.0.0 1

Left (config)# access-list 1 permit 172.16.5.1

Here are the effects this distance command has on the top router's routing table and the OSPF LSDB:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:10, Serial1/1

[110/119] via 172.16.2.2, 00:00:10, Serial1/0

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 17

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.3.1

LS Seq Number: 80000001

Checksum: 0x4F2B

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

Routing Bit Set on this LSA

LS age: 757

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

It's that first LSA entry for 172.16.5.1 which is being advertised by 172.16.3.1 (the left router that the distance command was configured on) that bugs me.

I hope this explanation is not too wordy, and I hope it helps.

Cheers.

Jim

**********

Above is more info on my setup, situation, and results.

To respond to your thoughts:

- do distance on the left & right, lowering teh AD for teh other rip routers loopback to 105

----> are you saying to do the distance command under RIP? And not under OSPF? because that's just brilliant!! I didn't think of that!

- when redistributing rip loopbacks . . . set metric to . . . 25 ...

-----> Okay, the left and right routers are both ASBRs, and are doing the redistribution. The top router is in both OSPF areas, but he just sits there and gets the redistributed RIP routes into OSPF. So I'm assuming you mean to configure the route-maps on the 2 bottom routers (left and right) - right? I can't see why this helps, or why it is necessary (at least in this small home-lab setup) for the following reasons:

RIP is running on both left and right, including both loopbacks. if the left router link to the top router goes down (I just tested this), I can still get to the Left router's loopback (from the Top router) via the Right router.

I'm sure there is something I'm not understanding. I really appreciate your help!!

Thanks a lot!

Jim Woodward

jamesawoodward Mon, 06/23/2008 - 19:17

Hi LR,

(to be honest, I reposted this in the LAN Switching & Routing forum, so it's over there as well)

I'm sorry if I wasn't clear before. The loopbacks are not part of the OSPF process, they are in fact part of the RIP network. So the Left loopback, the Right loopback, and the Serial connection between the two routers comprise the RIP network.

OSPF area 0 is the Top router's loopback and the link btwn. the Top and Left routers.

OSPF area 172.16.6.0 is the link btwn. the Top and Right routers (as, I'm sure you guessed, the 172.16.6.0) subnet.

Both RIP routers are redistributing RIP into OSPF, metric-type 1, metric 55 (arbitrarily chosen by me). The Top router has 2 equal-cost paths to the serial link btwn. the two RIP routers - perfect.

The right router loses it's RIP route to the left router's RIP network loopback address, and vice versa, and instead installs the lower AD (but longer) OSPF route into its routing table.

My goal is this: that the left router reach the right router and the right router's loopback via RIP (1 hop) instead of via OSPF (2 serial links distance). And vice versa, for the right router to access the left router and it's loopback via the RIP Serial link btwn. them instead of the long way through OSPF via the Top router.

Here is the sho ip route for 172.16.5.1 (the right router's loopback) from the top router, before a distance command:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:06, Serial1/1

Here is the OSPF LSA for that route, pre-distance command:

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 975

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

This is the command configured on the Left router to block the right router's loopback from being installed into it's routing table via OSPF. the distance command does work for the left router - the OSPF route is replaced by the RIP route. the command:

Left (config)# router ospf 1

Left (config-router)# distance 125 172.16.5.1 0.0.0.0 1

Left (config)# access-list 1 permit 172.16.5.1

Here are the effects this distance command has on the top router's routing table and the OSPF LSDB:

Top#sho ip route

O E1 172.16.5.1/32 [110/119] via 172.16.6.2, 00:00:10, Serial1/1

[110/119] via 172.16.2.2, 00:00:10, Serial1/0

Top#sho ip ospf dat ext 172.16.5.1

OSPF Router with ID (172.16.1.1) (Process ID 1)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 17

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.3.1

LS Seq Number: 80000001

Checksum: 0x4F2B

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

Routing Bit Set on this LSA

LS age: 757

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 172.16.5.1 (External Network Number )

Advertising Router: 172.16.5.1

LS Seq Number: 80000001

Checksum: 0x4137

Length: 36

Network Mask: /32

Metric Type: 1 (Comparable directly to link state metric)

TOS: 0

Metric: 55

Forward Address: 0.0.0.0

External Route Tag: 0

It's that first LSA entry for 172.16.5.1 which is being advertised by 172.16.3.1 (the left router that the distance command was configured on) that bugs me.

I hope this explanation is not too wordy, and I hope it helps.

Cheers.

Jim

**********

Above is more info on my setup, situation, and results.

To respond to your thoughts:

- do distance on the left & right, lowering the AD for the other rip routers loopback to 105

----> are you saying to do the distance command under RIP? And not under OSPF? because that's just brilliant!! I didn't think of that!

- when redistributing rip loopbacks . . . set metric to . . . 25 ...

-----> Okay, the left and right routers are both ASBRs, and are doing the redistribution. The top router is in both OSPF areas, but he just sits there and gets the redistributed RIP routes into OSPF. So I'm assuming you mean to configure the route-maps on the 2 bottom routers (left and right) - right? I can't see why this helps, or why it is necessary (at least in this small home-lab setup) for the following reasons:

RIP is running on both left and right, including both loopbacks. if the left router link to the top router goes down (I just tested this), I can still get to the Left router's loopback (from the Top router) via the Right router.

I'm sure there is something I'm not understanding. I really appreciate your help!!

Thanks a lot!

Jim Woodward

lee.reade Mon, 06/23/2008 - 20:02

Hi Jim,

OK, so this is quite straight forward to fix, first issue, sub-optimal routing;

You have the distance command working, ie the rip routes are preferred to the ospf route, so this should be done on both left&right routers.

The reason top has two routes to both loopbacks is nothing to do with distance command on left&right, its to do with the metric you are redistributing the rip routes into ospf with! so if you create a route-map on left&right, and specify the first match entry 10 to match access-list already used for ospf distance, and the set the metric to 100, then add another entry 20 to the route-map, this will mean that top will have a route to left loop via left using the metric you specified, and another via right with metric 100, and vice versa.

eg. left

route-map rip2ospf per 10

mat ip address 1

set metric 100

route-map rip2ospf per 10

access-list 1 permit rightloopback mask

Let me know if this helps.

Cheers

LR

LR

jamesawoodward Tue, 06/24/2008 - 05:53

Hi Lee,

I am not sure about the distance command having nothing to do with the alternate routes. As I put in my post above, the top router only has one route to the right router's loopback pre distance command - via the right router. redistribution on both left and right routers has already been configured at this point. Also, there is only one LSA for the 192.168.5.1 stub network (the right router's loopback address) before the distance command is configured, but after redistribution takes place.

When I configure the distance command on the left router for the right router's loopback, then the top router's routing table and the LSDB change. After the distance command is configured, the top router then shows 2 equal cost paths to the right router's loopback, and the LSDB shows two entries for the 172.16.5.1 loopback, one from each the left and right routers.

I am not at home right now, but will try your route-map suggestion later.

Thanks for your help!! I appreciate it!

Jim Woodward

Correct Answer
lee.reade Wed, 06/25/2008 - 00:00

Hi Jim,

The reason that the top only has one route for either left or right loopback prior to configuring the distance command, is because the other router uses the route from the top to get to the other router loopback.

IE. Left will use the route to right loopback, that it learns from top, which in turn learns it from right. Right will use route route to left loopback which it learns from top, which top learns from left.

This is because left and right have two possible routes to each others loopback, one via rip AD 120, and one via ospf AD 110, so ospf wins!

When you config the distance command, ospf does not win, rip does, so both left and right redistribute all their rip routes, which include each others loopbacks, into ospf, so top now has two routes to left and right loopback.

Always remember the golden rule, that a router will only redistribute a route from one protocol to another, if it is using that route! In this case, left is not using the route via rip to right loopback, so it does not redistribute right loopback into ospf, and vice versa!

HTH,

Cheers,

LR

jamesawoodward Wed, 06/25/2008 - 14:18

Hi Lee,

I feel like the blind man who has just been made to see. Thank you so much!

If I understand this correctly . . .

the left router has two routes to the right router's loopback - one via Rip, one via OSPF (through the top router). It is redistributing from Rip to OSPF, but it only redistributes RIP routes that are currently installed in the routing table (ie - the serial link to the right router, and it's own loopback). Once I configure the distance command in OSPF to force the left router to install the Rip route to the right router's loopback, the OSPF route in the routing table is replaced by the Rip route. Now that the rip route to that loopback is in the routing table, it is then redistributed into OSPF (only now because it is in the routing table, but not before because it wasn't). Now that it is being redistributed into OSPF, and because it has the same metric as the direct route from the right router, they are both installed in the top router's routing table.

It makes sense!! What a beautiful, beautiful 'smack self in forehead with palm of hand' moment!

And the route map to control distribution is applied on the routers doing the redistribution, so I would create a route map on each router, matching the other router's loopback address, setting the metric to higher than 20, and removing the "metric 55" in my redistribute command. This way, the top router will install only the direct route to each router's loopback, and will install the alternate route if the optimal route goes down. Absolutely fantastic!

Do you see anything wrong in my logic or my method? Please let me know. I will happily check the "Solved my problem" checkbox and award a well-earned (and patiently, too) 5 stars. Cheers mate!

Jim Woodward

lee.reade Wed, 06/25/2008 - 23:29

Hi Jim,

You have got it 100%!

Glad to be of service.

Cheers,

LR

Actions

This Discussion