cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1762
Views
6
Helpful
12
Replies

time-based default-route

Marwan ALshawi
VIP Alumni
VIP Alumni

hi

how can we make time-based default route advertisment

i know we have time range ACL, policy-map

redist and so on

but how can we make it

for example if we have two internet routers and third router connected to both of them

we need to make R1 send default route during day time

and router2 send it during night time ?

i have seen it ocnfigured using Kron with EEM

not sure if there is easier way

Thank you

12 Replies 12

Laurent Aubert
Cisco Employee
Cisco Employee

Hi,

R1 config:

time-range DAY

periodic daily 8:00 to 18:00

!

access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range DAY

!

route-map Default-route permit 10

match ip address 101

!

router ospf 1

redistribute static subnets route-map Default-route metric 10

!

R2 config:

time-range NIGHT

periodic daily 18:01 to 23:59

periodic daily 0:00 to 7:59

!

access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range NIGHT

!

route-map Default-route permit 10

match ip address 101

!

router ospf 1

redistribute static subnets route-map Default-route metric 10

!

HTH

Laurent.

Laurent,

This might work with RIP or EIGRP but certainly not with OSPF. You can not redistribute a default route into OSPF. The only way to make OSPF send the default route is to use the "default-information originate" in its configuration. Visit this link for further information:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml#route0.0

However, this command has an optional route-map parameter that could be used for matching an access list bound to a time range object. So your solution for OSPF will work if you replace the "redistribute static" command with:

default-information originate route-map Default-route metric 10

As a side note, the metric could have been specified in the route map, thereby simplifying the "default-information" command a little.

Best regards,

Peter

Thank you guys for the input

that means if i redistribute i need a static default route configured

and if use the case f ospf i think i still need it as the route-map with acl check for existing route

if the value true or fales

am i right in this ?

Marwan,

You are correct. For RIP or EIGRP, to be able to redistribute a static default route, it must first be present in your routing table. The route-map here is used to redistribute only the default route, not other static routes, and to redistribute it only in proper times, as the ACL used in the route-map selects only the 0.0.0.0/0 network and references a time object.

The OSPF technically does not "redistribute" a default route, rather, it originates it. However, the command "default-information originate" in OSPF configuration first checks if the default route is present in your routing table, and only then it will inject a default route into the OSPF process. The route-map here is necessary primarily because of the used ACL that in turn references a time object. However, because the "default-information originate" command does not effectively redistribute anything, we do not need to filter out any networks, just match a time object. The ACL used in the route-map could therefore in this case be as simple as:

access-list 101 permit ip any any time-object SOMETHING

Best regards,

Peter

i agreew ith now

however normally with ospf if you include the awlays key word with default-information originate

ospf will generate a default route regardless if you have a default route in the routing table or not

but now with time-based ACL it dosnt work

unless i have a default route in the routing table

for example to null0

strrange !!

Marwan,

You are correct, the "always" parameter does not have effect if you also use the route-map in the "default-information originate" command. I honestly don't know if that is a bug or a feature :)

In any case, you have found the workaround: define a static default route pointing towards Null0, possibly with a higher administrative distance so that it does not override any existing valid default routes.

Best regards,

Peter

to me this static route will not be useful becuase the think is i am learn it for CCIE

you know static route not ton in this case

i think the only way to use the above config with EEM or Kron

thank you guys for your input

Hi,

Oh, I see. By the way, good luck in your preparations!

One question yet: was this task required to be solved in OSPF or in some other routing protocol?

Best regards,

Peter

Marwan,

I just thought about it again... In order to send a default route in OSPF, you first need to have it in your routing table, as the "always" keyword is ignored if the route-map is used. So I thought: how about starting a phony EIGRP process, say, on a loopback, and using its automatically installed discard route after a summarization to create a default route in your routing table?

Something like this:

interface loopback 255

ip address 192.0.2.1 255.255.255.255

ip summary-address eigrp 65535 0.0.0.0 0.0.0.0 254

router eigrp 65535

no auto

net 192.0.2.1 0.0.0.0

This EIGRP coupled with the summarization will force EIGRP to install a discard route 0.0.0.0/0 via Null0, thereby fulfilling the need to have a default route in your routing table so that the OSPF can propagate it.

Best regards,

Peter

Hi,

The configuration you posted here is self explanatory.

But i donot understand the reason for the ACL made in this way

"access-list 101 permit ip host 0.0.0.0 host 0.0.0.0 time-range DAY "

Can you please explain the reason behind using this logic

thanks in advance

Sairam

Hi,

For prefixes redistribution into a routing protocol, you can use the following ACL format to exactly match a prefix and his mask:

access-list 101 permit ip host "prefix" host "subnet mask"

You have the same result with a prefix-list.

HTH

Laurent.

Hi guys

i want to try it to notice that

if you have time-based ACL

lets say i have a route 10.1.1.0/24

matched thorugh ACL with time-range

and then i have interface within this subnet 10.1.1.0/24

we could redist connected with route-map call the ACL we have

if this ACL become inactive this route will not be removed unless something triger the routing

the easy way you could do clear ip route 10.1.1.0

then it will disapear

again when the ACL time-based become active this need somthign to triger the routing

you could do no redist then redist connected with route-map again

thats why with EEM or Kron yo can autmate the above command to be performed in conjunction with time-based ACL,route-map and redist

with statci default route and redist to ospf with time-based ACL work easy without any autimation ( but i need it without static)

Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco