Thursday, March 17, 2011

Lab 48 - EIGRP Filtering with Route-Map

Prerequisites: CCNP level skills.

Note!
Use the basic EIGRP configuration (Lab 45 Task 1) in the labs 45-53.

EIGRP filtering can use:
  1. Standard ACL.
  2. Extended ACL.
  3. Prefix-List.
  4. Route-Map.
  5. Administrative Distance.
  6. Passive-Interface.
  7. Offset-List.
  8. Stub Routing.
  9. Selective Stub Routing (stub routing with leak map).
Note!
Rummaging through Cisco web site I've found that route-map can match on the metric range as well.
Source:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/gteigrpr.html

Topology

Pic. 1 - Topology Diagram.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Task 1
Remove 172.16.103.0/24 and 172.16.133.0/24 from EIGRP on R3 ('no network').

Task 2
On R3 redistribute 172.16.103.0/24 into EIGRP with the tag: 170. Also redistribute 172.16.133.0/24 into EIGRP without any tag but apply metric 1000 100 255 1 1500.

Task 3
On R4 filter out EIGRP prefixes based on the TAG 170.

Task 4
On R4 Filter out EIGRP prefixes based on the metric with the values between 2,290,000 and 3,300,000.

Task 5
On R1 filter out EIGRP prefix 172.16.133.0/24. Use route-map and prefix-list.

Lab Solution

Task 1
Remove 172.16.103.0/24 and 172.16.133.0/24 from EIGRP on R3 ('no network').

R3 Configuration:
!
R3(config)#router eigrp 1
R3(config-router)#no network 172.16.103.3 0.0.0.0
R3(config-router)#no network 172.16.133.3 0.0.0.0
R3(config-router)#
!


Task 2
On R3 redistribute 172.16.103.0/24 into EIGRP with the tag: 170. Also redistribute 172.16.133.0/24 into EIGRP without any tag but apply metric 1000 100 255 1 1500.
R3 Configuration:
!
route-map CONN_TO_EIGRP permit 10
 match interface Loopback0
 set tag 170
route-map CONN_TO_EIGRP permit 20
 match interface Loopback1
 set metric 1000 100 255 1 1500
!
router eigrp 1
 redistribute connected route-map CONN_TO_EIGRP
 network 10.1.13.3 0.0.0.0
 network 10.1.123.3 0.0.0.0
 no auto-summary
!

Notice!
During redistribution we can TAG the routes with additional value that can be matched in the route-map.

Verification on R3:
Pic. 2 - Loopback 0 is Tagged.

Pic. 3 - R4's Routing Table.

Task 3
On R4 filter out EIGRP prefixes based on the TAG 170.

R4 Configuration:
!
route-map FILTER_EIGRP deny 10
 match tag 170
route-map FILTER_EIGRP permit 999
!
router eigrp 1
 network 10.1.124.4 0.0.0.0
 network 172.16.104.4 0.0.0.0
 network 172.16.144.4 0.0.0.0
 distribute-list route-map FILTER_EIGRP in
 no auto-summary
!

Verification:
Pic. 4 - R4's Routing Table External Routes.

Notice!
172.16.103.0/24 is removed from the routing table based on the tag filtering (value: 170). Do not confuse the tag with Distance which for External routes is also 170.

Task 4
On R4, also filter out EIGRP prefixes based on the metric with the values between 2,290,000 and 3,300,000.

Notice!
Pic. 4 shows that 172.16.133.0/24 has the metric value: 3100160.

R4 Configuration:
!
route-map FILTER_EIGRP deny 10
 match tag 170
route-map FILTER_EIGRP deny 20
 match metric 2795000 +- 505000
route-map FILTER_EIGRP permit 999
!
router eigrp 1
 network 10.1.124.4 0.0.0.0
 network 172.16.104.4 0.0.0.0
 network 172.16.144.4 0.0.0.0
 distribute-list route-map FILTER_EIGRP in
 no auto-summary
!


Notice!
One of the ways of solving this problem is to use the formula I used:

Metric Range: 2,290,000 to  3,300,000.

Calculation including deviation option
3,300,000 - 2,290,000 = 1,010,000
1,010,000 / 2 = 505,000
2,290,000 + 505,0000 = 2,795,000
This gives me the match metric 2,795,000 +- 505,000 covering the requested range.


Task 5
Before proceeding to the next task, remove the filtering with route-map FILTER_EIGRP on R4.


R4 Configuration:
!
no route-map FILTER_EIGRP
!
router eigrp 1
no distribute-list route-map FILTER_EIGRP in
!




On R1 filter out EIGRP prefix 172.16.133.0/24. Use route-map and prefix-list.

Pic. 5 - R1's Routing Table Before Applying Filter.

R1 Configuration:
!
ip prefix-list R3_L1 seq 5 permit 172.16.133.0/24
!
route-map FILTER_EIGRP deny 10
 match ip address prefix-list R3_L1
route-map FILTER_EIGRP permit 999
!
router eigrp 1
 network 10.1.13.1 0.0.0.0
 network 10.1.123.1 0.0.0.0
 network 10.1.124.1 0.0.0.0
 network 172.16.101.1 0.0.0.0
 distribute-list route-map FILTER_EIGRP in
 no auto-summary
!

Verification:
Pic. 6 - R1's Routing Table After Applying Filter.
Notice!
172.16.133.0/24 has been filtered out.