time-based default-route

Unanswered Question
Jul 26th, 2009


how can we make time-based default route advertisment

i know we have time range ACL, policy-map

redist and so on

but how can we make it

for example if we have two internet routers and third router connected to both of them

we need to make R1 send default route during day time

and router2 send it during night time ?

i have seen it ocnfigured using Kron with EEM

not sure if there is easier way

Thank you

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Laurent Aubert Sun, 07/26/2009 - 12:34


R1 config:

time-range DAY

periodic daily 8:00 to 18:00


access-list 101 permit ip host host time-range DAY


route-map Default-route permit 10

match ip address 101


router ospf 1

redistribute static subnets route-map Default-route metric 10


R2 config:

time-range NIGHT

periodic daily 18:01 to 23:59

periodic daily 0:00 to 7:59


access-list 101 permit ip host host time-range NIGHT


route-map Default-route permit 10

match ip address 101


router ospf 1

redistribute static subnets route-map Default-route metric 10




Peter Paluch Sun, 07/26/2009 - 13:26


This might work with RIP or EIGRP but certainly not with OSPF. You can not redistribute a default route into OSPF. The only way to make OSPF send the default route is to use the "default-information originate" in its configuration. Visit this link for further information:


However, this command has an optional route-map parameter that could be used for matching an access list bound to a time range object. So your solution for OSPF will work if you replace the "redistribute static" command with:

default-information originate route-map Default-route metric 10

As a side note, the metric could have been specified in the route map, thereby simplifying the "default-information" command a little.

Best regards,


Marwan ALshawi Sun, 07/26/2009 - 13:48

Thank you guys for the input

that means if i redistribute i need a static default route configured

and if use the case f ospf i think i still need it as the route-map with acl check for existing route

if the value true or fales

am i right in this ?

Peter Paluch Sun, 07/26/2009 - 14:01


You are correct. For RIP or EIGRP, to be able to redistribute a static default route, it must first be present in your routing table. The route-map here is used to redistribute only the default route, not other static routes, and to redistribute it only in proper times, as the ACL used in the route-map selects only the network and references a time object.

The OSPF technically does not "redistribute" a default route, rather, it originates it. However, the command "default-information originate" in OSPF configuration first checks if the default route is present in your routing table, and only then it will inject a default route into the OSPF process. The route-map here is necessary primarily because of the used ACL that in turn references a time object. However, because the "default-information originate" command does not effectively redistribute anything, we do not need to filter out any networks, just match a time object. The ACL used in the route-map could therefore in this case be as simple as:

access-list 101 permit ip any any time-object SOMETHING

Best regards,


Marwan ALshawi Sun, 07/26/2009 - 19:49

i agreew ith now

however normally with ospf if you include the awlays key word with default-information originate

ospf will generate a default route regardless if you have a default route in the routing table or not

but now with time-based ACL it dosnt work

unless i have a default route in the routing table

for example to null0

strrange !!

Peter Paluch Sun, 07/26/2009 - 23:34


You are correct, the "always" parameter does not have effect if you also use the route-map in the "default-information originate" command. I honestly don't know if that is a bug or a feature :)

In any case, you have found the workaround: define a static default route pointing towards Null0, possibly with a higher administrative distance so that it does not override any existing valid default routes.

Best regards,


Marwan ALshawi Mon, 07/27/2009 - 14:10

to me this static route will not be useful becuase the think is i am learn it for CCIE

you know static route not ton in this case

i think the only way to use the above config with EEM or Kron

thank you guys for your input

Peter Paluch Mon, 07/27/2009 - 14:27


Oh, I see. By the way, good luck in your preparations!

One question yet: was this task required to be solved in OSPF or in some other routing protocol?

Best regards,


Peter Paluch Tue, 07/28/2009 - 04:44


I just thought about it again... In order to send a default route in OSPF, you first need to have it in your routing table, as the "always" keyword is ignored if the route-map is used. So I thought: how about starting a phony EIGRP process, say, on a loopback, and using its automatically installed discard route after a summarization to create a default route in your routing table?

Something like this:

interface loopback 255

ip address

ip summary-address eigrp 65535 254

router eigrp 65535

no auto


This EIGRP coupled with the summarization will force EIGRP to install a discard route via Null0, thereby fulfilling the need to have a default route in your routing table so that the OSPF can propagate it.

Best regards,


snarayanaraju Mon, 07/27/2009 - 21:19


The configuration you posted here is self explanatory.

But i donot understand the reason for the ACL made in this way

"access-list 101 permit ip host host time-range DAY "

Can you please explain the reason behind using this logic

thanks in advance


Laurent Aubert Tue, 07/28/2009 - 04:33


For prefixes redistribution into a routing protocol, you can use the following ACL format to exactly match a prefix and his mask:

access-list 101 permit ip host "prefix" host "subnet mask"

You have the same result with a prefix-list.



Marwan ALshawi Tue, 07/28/2009 - 05:11

Hi guys

i want to try it to notice that

if you have time-based ACL

lets say i have a route

matched thorugh ACL with time-range

and then i have interface within this subnet

we could redist connected with route-map call the ACL we have

if this ACL become inactive this route will not be removed unless something triger the routing

the easy way you could do clear ip route

then it will disapear

again when the ACL time-based become active this need somthign to triger the routing

you could do no redist then redist connected with route-map again

thats why with EEM or Kron yo can autmate the above command to be performed in conjunction with time-based ACL,route-map and redist

with statci default route and redist to ospf with time-based ACL work easy without any autimation ( but i need it without static)

Thank you


This Discussion