07-26-2009 07:04 AM - edited 03-04-2019 05:33 AM
hi
how can we make time-based default route advertisment
i know we have time range ACL, policy-map
redist and so on
but how can we make it
for example if we have two internet routers and third router connected to both of them
we need to make R1 send default route during day time
and router2 send it during night time ?
i have seen it ocnfigured using Kron with EEM
not sure if there is easier way
Thank you
07-26-2009 12:34 PM
Hi,
R1 config:
time-range DAY
periodic daily 8:00 to 18:00
!
access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range DAY
!
route-map Default-route permit 10
match ip address 101
!
router ospf 1
redistribute static subnets route-map Default-route metric 10
!
R2 config:
time-range NIGHT
periodic daily 18:01 to 23:59
periodic daily 0:00 to 7:59
!
access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range NIGHT
!
route-map Default-route permit 10
match ip address 101
!
router ospf 1
redistribute static subnets route-map Default-route metric 10
!
HTH
Laurent.
07-26-2009 01:26 PM
Laurent,
This might work with RIP or EIGRP but certainly not with OSPF. You can not redistribute a default route into OSPF. The only way to make OSPF send the default route is to use the "default-information originate" in its configuration. Visit this link for further information:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml#route0.0
However, this command has an optional route-map parameter that could be used for matching an access list bound to a time range object. So your solution for OSPF will work if you replace the "redistribute static" command with:
default-information originate route-map Default-route metric 10
As a side note, the metric could have been specified in the route map, thereby simplifying the "default-information" command a little.
Best regards,
Peter
07-26-2009 01:48 PM
Thank you guys for the input
that means if i redistribute i need a static default route configured
and if use the case f ospf i think i still need it as the route-map with acl check for existing route
if the value true or fales
am i right in this ?
07-26-2009 02:01 PM
Marwan,
You are correct. For RIP or EIGRP, to be able to redistribute a static default route, it must first be present in your routing table. The route-map here is used to redistribute only the default route, not other static routes, and to redistribute it only in proper times, as the ACL used in the route-map selects only the 0.0.0.0/0 network and references a time object.
The OSPF technically does not "redistribute" a default route, rather, it originates it. However, the command "default-information originate" in OSPF configuration first checks if the default route is present in your routing table, and only then it will inject a default route into the OSPF process. The route-map here is necessary primarily because of the used ACL that in turn references a time object. However, because the "default-information originate" command does not effectively redistribute anything, we do not need to filter out any networks, just match a time object. The ACL used in the route-map could therefore in this case be as simple as:
access-list 101 permit ip any any time-object SOMETHING
Best regards,
Peter
07-26-2009 07:49 PM
i agreew ith now
however normally with ospf if you include the awlays key word with default-information originate
ospf will generate a default route regardless if you have a default route in the routing table or not
but now with time-based ACL it dosnt work
unless i have a default route in the routing table
for example to null0
strrange !!
07-26-2009 11:34 PM
Marwan,
You are correct, the "always" parameter does not have effect if you also use the route-map in the "default-information originate" command. I honestly don't know if that is a bug or a feature :)
In any case, you have found the workaround: define a static default route pointing towards Null0, possibly with a higher administrative distance so that it does not override any existing valid default routes.
Best regards,
Peter
07-27-2009 02:10 PM
to me this static route will not be useful becuase the think is i am learn it for CCIE
you know static route not ton in this case
i think the only way to use the above config with EEM or Kron
thank you guys for your input
07-27-2009 02:27 PM
Hi,
Oh, I see. By the way, good luck in your preparations!
One question yet: was this task required to be solved in OSPF or in some other routing protocol?
Best regards,
Peter
07-28-2009 04:44 AM
Marwan,
I just thought about it again... In order to send a default route in OSPF, you first need to have it in your routing table, as the "always" keyword is ignored if the route-map is used. So I thought: how about starting a phony EIGRP process, say, on a loopback, and using its automatically installed discard route after a summarization to create a default route in your routing table?
Something like this:
interface loopback 255
ip address 192.0.2.1 255.255.255.255
ip summary-address eigrp 65535 0.0.0.0 0.0.0.0 254
router eigrp 65535
no auto
net 192.0.2.1 0.0.0.0
This EIGRP coupled with the summarization will force EIGRP to install a discard route 0.0.0.0/0 via Null0, thereby fulfilling the need to have a default route in your routing table so that the OSPF can propagate it.
Best regards,
Peter
07-27-2009 09:19 PM
Hi,
The configuration you posted here is self explanatory.
But i donot understand the reason for the ACL made in this way
"access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range DAY "
Can you please explain the reason behind using this logic
thanks in advance
Sairam
07-28-2009 04:33 AM
Hi,
For prefixes redistribution into a routing protocol, you can use the following ACL format to exactly match a prefix and his mask:
access-list 101 permit ip host "prefix" host "subnet mask"
You have the same result with a prefix-list.
HTH
Laurent.
07-28-2009 05:11 AM
Hi guys
i want to try it to notice that
if you have time-based ACL
lets say i have a route 10.1.1.0/24
matched thorugh ACL with time-range
and then i have interface within this subnet 10.1.1.0/24
we could redist connected with route-map call the ACL we have
if this ACL become inactive this route will not be removed unless something triger the routing
the easy way you could do clear ip route 10.1.1.0
then it will disapear
again when the ACL time-based become active this need somthign to triger the routing
you could do no redist then redist connected with route-map again
thats why with EEM or Kron yo can autmate the above command to be performed in conjunction with time-based ACL,route-map and redist
with statci default route and redist to ospf with time-based ACL work easy without any autimation ( but i need it without static)
Thank you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: