Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3599
Views
8
Helpful
23
Replies

EIGRP route filtering, use distribute-list, or ip sumary-address

Go to solution
mbroberson1
Level 3
Level 3

‎03-11-2008 08:35 AM - edited ‎03-05-2019 09:40 PM

I have a situation where I want to filter EIGRP routes being sent to a down stream switch (Layer 3). In this senario we have a 6513 sending routes to a down stream 3560E configured as a EIGRP stub-connected. My question is what is the preferred method to filter the EIGRP routes and only send a EIGRP default route to the downstream 3560E? Is it best to use a distribute list or the ip summary-address command? I know they pretty much do about the same thing. I have heard that a distribute-list is less risky since it does not place a default route to null0 in EIGRP topology route table.

Thanks

Labels:
0 Helpful
23 Replies 23

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to ronbuchalski

‎09-30-2008 01:42 PM

Ron

You are correct that the AD for a summary route in EIGRP of 5 is for the local router only. The neighbor to whom you advertise the summary sees the incoming subnet as a regular advertisement and applies its normal AD for it. There is no benefit (and really no impact at all) to the neighbor when the AD for a summary is 5.

The AD of 5 for a summary route is for the local router. The reason for the default value of 5 is to indicate that this is a configured element and therefore should be more trusted than something that is learned dynamically. However there is a potential impact of this which we should understand. Perhaps an example will help to clarify this. Assume a router A which has several active interfaces and a neighbor on each interface. Assume that a router U is an upstream router and advertises a default route to A. Assume that router S on another interface is a stub router and as such you want to advertise only a default route to it. So you configure a summary-address on the interface for router S. Creation of the summary address 0.0.0.0/0 inserts its prefix into the routing table with AD of 5 and displaces the prefix learned from router U. Now assume router N is a neighbor router but not a stub. You would like to advertise the default route to neighbor N. But since the route in the routing table is from the summary address on interface S you can not advertise the default route to neighbor N. The solution is to configure the summary-address with AD higher than the AD of the learned default route.

HTH

Rick

HTH

Rick

Go to solution
ronbuchalski
Level 1
Level 1
In response to Richard Burts

‎09-30-2008 01:47 PM

Rick,

Thank you for the excellent explanation.

Ron Buchalski

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to ronbuchalski

‎09-30-2008 02:15 PM

Ron

I am glad that you found my explanation helpful. Thanks for the compliment and for the rating.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
ruwhite
Level 7
Level 7
In response to Richard Burts

‎10-01-2008 07:55 AM

An aside--I would never set the AD on the created summary to 255, to prevent building permanent routing loops into the network through the summary.

:-)

Russ

0 Helpful

Go to solution
sachinraja
Level 9
Level 9
In response to ruwhite

‎12-16-2008 11:25 AM

Really interesting post.. I was designing a three tier network with EIGRP and wanted to discuss a very small thing. This is also related to default route advertisement, though my scenario is a little different.. The network looks like:

Corporate WAN -- Dual core routers -- Dual Core switches -- Dual Distribution switches -- access switches...

Core routers have default route towards POP segment which connects to Firewalls/internet etc.. There are actually two or three POP segments in the whole of the WAN, and hence this default route isnt redistributed onto the WAN.. There are some 50 static routes which point to different segments in POP, which is ONLY redistributed into EIGRP, using distribute list..

Now, am designing Core/distribution switches in this network. My question is:

1) Since the core router is redistributing only 50 odd static routes into EIGRP, my Core switch will not get a default route advertisement in.. and so do my distribution/access switches. will summary address or interface based distribute list work well here, just to inject the default route towards the LAN, and not on the WAN ?

The admin here have plans to use dual static default routes internally on the Core/distribution switches, to avoid all these filtering issues, which doesnt seem a good idea to me ! I think we should really avoid static routes, if we run a full fledged dynamic routing protocol like EIGRP..

Any comments ?

Raj

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to sachinraja

‎12-16-2008 11:38 AM

Raj

I agree with you that I would prefer to advertise from upstream toward downstream and avoid static routes on the down stream devices. One of several reasons that I would prefer this is that is communications are disrupted between upstream and downstream and the downstream loses its upstream neighbor then it removes any routes learned from upstream via dynammic routing out of the routing table. But if the downstream has static routes configured and you lose communication with upstream the static routes are likely to remain in the routing table (assuming some type of Ethernet connection, the interface will probably remain "up" even though it has lost communication, and the static route is removed only if the outbound interface goes protocol down).

HTH

Rick

HTH

Rick

Go to solution
sachinraja
Level 9
Level 9
In response to Richard Burts

‎12-16-2008 12:02 PM

Rick

Thanks for the reply..To make life simpler, I'm attaching a sample diagram of the design.. You can see that the default route injection is restricted right on the core router and hence the core/distribution switches do not get it.. I have a standard distribute list on the core router which does this.. All the switches on LAN have dual connectivities, cross connects...

Two solutions now:

1) take default route via eigrp, but have different filters at different places

2) have static routes on the core/distribution switches pointing to next hops

am trying to avoid the second solution.. if so, what is the best way to go about the first solution ?

Raj

0 Helpful

Go to solution
sachinraja
Level 9
Level 9
In response to sachinraja

‎12-16-2008 12:03 PM

Forgot to add the attachment :)

Preview file
60 KB
0 Helpful

Go to solution
rmedvedev
Level 1
Level 1
In response to Richard Burts

‎06-24-2011 02:06 AM

Ok i have some thoughts to share.

Let's consider the following simple scheme:

We have two hub routers each with link to core cloud and to stub router and hub-to-hub interconnection link.

Default route passed from core. Hub routers have configured "ip summary address eigrp n 0.0.0.0 0.0.0.0 250" on

their interfaces facing stub router. Hubs passes default to stub router and all seems ok.

Now let's imagine the following scenario - one of the hubs loses contact with the other hub and the core.

Then the following occurs: hub installs default route to null0 in its routing table and send it to stub who

then sends its traffic to this hub router where it is discarded.

Thus stub router does not use his second link to another hub to forward traffic.

In this case  use of distribution list instead of the summary help us to avoid this undesirable behavior.

And I understand why the guide recommends the use of distribute-list command.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card