Dual-point bidirectional re-release control

Lab requirements and application environment:
1. Execute two-way re-release on R5, and then execute two-way re-release on R3
2. analyze the causes and solutions of the second-tier route
3. How can I achieve Load Balancing when R4 is required to go to 1.1.1.1?
4. Ask R4 to go to the next hop of 11.11.11.11 first R3 and R5 for backup. How can this problem be solved?

Experiment debugging process:
R1 Configuration:
Router rip // configure RIP
Version 2
Passive-interface default
No passive-interface Ethernet0/0
Network 1.0.0.0
Network 11.0.0.0
Network 192.168.12.0
No auto-summary
R2 Configuration:
Router rip // configure RIP
Version 2
Passive-interface default
No passive-interface Ethernet0/0
No passive-interface Serial1/0
No passive-interface Serial1/1
Network 2.0.0.0
Network 192.168.12.0
Network 192.168.23.0
Network 192.168.25.0
No auto-summary
R3 Configuration:
Router ospf 1 // configure OSPF
Router-id 3.3.3.3
Redistribute rip metric 1000 metric-type 1 subnets tag 3 route-map 11
// Re-release the RIP of the configuration ROUTE-MPA to OSPF and mark 3
Passive-interface default
No passive-interface Serial1/1
Network 3.3.3.3 0.0.0.0 area 0
Network 192.168.34.0 0.0.0.255 area 0
Distance ospf external 170 // configure the OSPF external region Management distance to 170
Router rip // configure RIP
Version 2
Redistribute ospf 1 metric 5 // re-release OSPF to RIP
Passive-interface default
No passive-interface Serial1/0
Network 192.168.23.0
No auto-summary
Access-list 10 permit 11.11.11.11 // defines the stream of interest
Route-map 11 permit 10 // create ROUTE-MAP
Match ip address 10 // traffic matching
Set metric 500 // set the overhead to 500
Route-map 3 deny 10 // filter matching traffic
Match tag 5 // match the marked traffic
Route-map 3 permit 20 // allow all other traffic to pass
R4 Configuration:
Router ospf 1 // configure OSPF
Router-id 4.4.4
Passive-interface default
No passive-interface Serial1/0
No passive-interface Serial1/1
Network 4.4.4.4 0.0.0.0 area 0
Network 192.168.34.0 0.0.0.255 area 0
Network 192.168.45.0 0.0.0.255 area 0
R5 Configuration:
Router ospf 1 // configure OSPF
Router-id 5.5.5
Redistribute rip metric 1000 metric-type 1 subnets tag 5
// Re-release RIP to OSPF and mark 3
Passive-interface default
No passive-interface Serial1/0
Network 5.5.5.5 0.0.0.0 area 0
Network 192.168.45.0 0.0.0.255 area 0
Distance ospf external 170 // configure the OSPF external region Management distance to 170
Router rip // configure RIP
Version 2
Redistribute ospf 1 metric 5 // redistributes OSPF to RIP
Passive-interface default
No passive-interface Serial1/1
Network 192.168.25.0
No auto-summary
Route-map 5 deny 10 // filter matching traffic
Match tag 3 // match the traffic marked
Route-map 5 permit 20 // allow all other traffic to pass

Analysis of experiment results:
R5 route table:
R 192.168.12.0/24 [120/1] via 192.168.25.1, 00:00:12, Serial1/1
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/2] via 192.168.25.1, 00:00:12, Serial1/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/129] via 192.168.45.2, 00:00:28, Serial1/0
C 192.168.45.0/24 is directly connected, Serial1/0
C 192.168.25.0/24 is directly connected, Serial1/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 192.168.45.2, 00:00:28, Serial1/0
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
O E1 192.168.23.0/24 [110/1128] via 192.168.45.2, 00:00:28, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
R 11.11.11.11 [120/2] via 192.168.25.1, 00:00:12, Serial1/1
O 192.168.34.0/24 [110/128] via 192.168.45.2, 00:00:29, Serial1/0
Route table of R3:
O E1 192.168.12.0/24 [110/1128] via 192.168.34.2, 00:01:53, Serial1/1
1.0.0.0/32 is subnetted, 1 subnets
O E1 1.1.1.1 [110/1128] via 192.168.34.2, 00:01:53, Serial1/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
O 192.168.45.0/24 [110/128] via 192.168.34.2, 00:01:53, Serial1/1
O E1 192.168.25.0/24 [110/1128] via 192.168.34.2, 00:01:53, Serial1/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 192.168.34.2, 00:01:53, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/129] via 192.168.34.2, 00:01:53, Serial1/1
C 192.168.23.0/24 is directly connected, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
O E1 11.11.11.11 [110/1128] via 192.168.34.2. 00:01:53, Serial1/1
C 192.168.34.0/24 is directly connected, Serial1/1
In the preceding routing table, some R5 and R3 routes have the second-best route. The non-direct connection route from R3 to the outside hand over the next hop to R4, which is obviously not the best route, why is there a second-tier route and solution? Let's take a look at it:
The O E1 route shown in the routing table is obviously learned through OSPF. Let's take a look at ospf lsdb.
Type-5 AS External Link States
Link id adv Router Age Seq # Checksum Tag
1.1.1.1 5.5.5.5 499 0x80000001 0x000B26 0
11.11.11.11 5.5.5.5 499 0x80000001 0x003DCB 0
192.168.12.0 5.5.5.5 499 0x80000003 0x00FEBE 0
192.168.23.0 3.3.3.3 484 0x80000001 0x00C5F6 0
192.168.25.0 5.5.5.5 499 0x80000003 0x006F41 0
Obviously, all the routes advertised by R5
Let's take a look at the R4 route table and LSDB:
O E1 192.168.12.0/24 [110/1064] via 192.168.45.1, 00:10:11, Serial1/1
1.0.0.0/32 is subnetted, 1 subnets
O E1 1.1.1.1 [110/1064] via 192.168.45.1, 00:10:11, Serial1/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 192.168.34.1, 00:10:11, Serial1/0
O E1 192.168.25.0/24 [110/1064] via 192.168.45.1, 00:10:11, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/65] via 192.168.45.1, 00:10:11, Serial1/1
O E1 192.168.23.0/24 [110/1064] via 192.168.34.1, 00:10:11, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
O E1 11.11.11.11 [110/1064] via 192.168.45.1, 00:10:11, Serial1/1
Type-5 AS External Link States
Link id adv Router Age Seq # Checksum Tag
1.1.1.1 5.5.5.5 711 0x80000001 0x000B26 0
11.11.11.11 5.5.5.5 711 0x80000001 0x003DCB 0
192.168.12.0 5.5.5.5 711 0x80000003 0x00FEBE 0
192.168.23.0 3.3.3.3 698 0x80000001 0x00C5F6 0
192.168.25.0 5.5.5.5 711 0x80000003 0x006F41 0
From the route table and LSDB, we can see that R4 learned that external routes except (R3 direct connection) are all R5 announcements. Why didn't I receive the announcements from R3? It is clear that R3 has not advertised the other five types of LSA.
We can know that there is no RIP route in the route table on R3. Because the OSPF management distance is 110 and the RIP distance is 120, the OSPF route is better than RIP, therefore, the global routing table only has five OSPF routes, forming the second-best route. Because there is no RIP route in the global routing table, it cannot issue the five-class LSA of those external routes, therefore, Server Load balancer cannot be formed in R4. As for the problem that only R3 produces the second-best route, the reason is that R5 resends the first LSA and sends 5 types of LSA. As R3 learns, the RIP of R3 cannot enter the global route table, there will be no LSA announcement for the five types of routes (only the announcement of direct connection to external routes), so some of the second-best routes on R3 and R5 will be generated.
Solution: 1. filter out external routes on RT3 and RT5
2. Modify the Management Distance of OSPF external routes to make them lower than RIP.
Which method is better?
Method 1:
R5:
Redistribute rip metric 1000 metric-type 1 subnets tag 5 // mark 5 for the re-distributed RIP route on R5
Type-5 AS External Link States
Link id adv Router Age Seq # Checksum Tag
1.1.1.1 5.5.5.5 97 0x80000003 0x0061C8 5
11.11.11.11 5.5.5.5 97 0x80000003 0x00936E 5
192.168.12.0 5.5.5.5 97 0x80000005 0x005561 5
192.168.23.0 3.3.3.3 314 0x80000002 0x00C3F7 0
192.168.25.0 5.5.5.5 97 0x80000005 0x00C5E3 5
R3 receives 5 types of LSA marked by tags
R3:
Route-map 5 deny 10 // create a router-map 5 filter matched route
Match tag 5 // match the route with the 5 mark
Route-map 5 permit 20 // allow other routes to pass through
Router ospf 1
Distribute-list route-map 5 in // filter the Marked route in the OSPF process and install it in the global route table
Now there is no secondary route in the route table of R3.
R 192.168.12.0/24 [120/1] via 192.168.23.1, 00:00:00, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/2] via 192.168.23.1, 00:00:00, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
O 192.168.45.0/24 [110/128] via 192.168.34.2, 00:00:08, Serial1/1
R 192.168.25.0/24 [120/1] via 192.168.23.1, 00:00:00, Serial1/0
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 192.168.34.2, 00:00:08, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/129] via 192.168.34.2, 00:00:08, Serial1/1
C 192.168.23.0/24 is directly connected, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
R 11.11.11.11 [120/2] via 192.168.23.1, 00:00:01, Serial1/0
C 192.168.34.0/24 is directly connected, Serial1/1
The above configuration is also done In R5 to solve the problem:
R3:
Redistribute rip metric 1000 metric-type 1 subnets tag 3 // mark 3 for the redistributed RIP route on R3
R5:
Route-map 3 deny 10 // create a router-map 3 filter matched route
Match tag 3 // match a route with a 3 tag
Route-map 3 permit 20 // allow other routes to pass through
Router ospf 1
Distribute-list route-map 3 in // use the distribution list to filter the marked routes in the OSPF process and install them in the Global route table
There are no secondary routes in the R5 route table:
R 192.168.12.0/24 [120/1] via 192.168.25.1, 00:00:14, Serial1/1
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/2] via 192.168.25.1, 00:00:14, Serial1/1
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/6] via 192.168.25.1, 00:00:14, Serial1/1
C 192.168.45.0/24 is directly connected, Serial1/0
C 192.168.25.0/24 is directly connected, Serial1/1
4.0.0.0/32 is subnetted, 1 subnets
R 4.4.4.4 [120/6] via 192.168.25.1, 00:00:14, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
R 192.168.23.0/24 [120/1] via 192.168.25.1, 00:00:14, Serial1/1
11.0.0.0/32 is subnetted, 1 subnets
R 11.11.11.11 [120/2] via 192.168.25.1, 00:00:14, Serial1/1
R 192.168.34.0/24 [120/6] via 192.168.25.1, 00:00:15, Serial1/1
Now R4 can receive external route announcements for R3 and R5, and it can use Server Load balancer:
O E1 1.1.1.1 [110/1064] via 192.168.45.1, 00:02:48, Serial1/1
[110/1064] via 192.168.34.1, 00:02:48, Serial1/0
O E1 11.11.11.11 [110/1064] via 192.168.45.1, 00:02:48, Serial1/1
[110/1064] via 192.168.34.1, 00:02:48, Serial1/0
Method 2:
R3:
Router ospf 1
Distance ospf external 170 // defines that the OSPF external route management distance is 170
R5:
Router ospf 1
Distance ospf external 170 // defines that the OSPF external route management distance is 170
Now there is no second-class route between R3 and R5, so R4 can go to Server Load balancer.
O E1 1.1.1.1 [110/1064] via 192.168.45.1, 00:00:43, Serial1/1
[110/1064] via 192.168.34.1, 00:00:43, Serial1/0
Which of the above two methods is better? Of course it is method 2, and there are so few configuration commands. If solution 1 is used, can it still go to 1.1.1.1 when the link between R3 and R2 (R5 to R2) is broken? Of course, no, because the OSPF route is filtered out. If method 2 is used, there will be an external OSPF route.
When R4 is required to go to the next hop of 11.11.11.11, R3 and R5 should be backed up first. How can this problem be solved?
Of course, it can also be used for policy routing, but it is generally not used. We can use routing policies to modify the overhead.
The configuration is as follows:
R3:
Access-list 10 permit 11.11.11.11 // create an access control list to define the traffic of interest
Route-map 11 permit 10 // create a route-map
Match ip address 10 // traffic to be matched
Set metric 500 // set an overhead of 500 for matching traffic
Router ospf 1
Redistribute rip metric 1000 metric-type 1 subnets tag 3 route-map 11
This command is a little long, that is, set the overhead to 500 for the route matching route-map, or 1000 for non-matching, and mark 3 for re-release.
If no route is displayed on R4, R3 is used first (Overhead: 500 + S1/0 = 500 + 64 = 564 ):
O E1 11.11.11.11 [110/564] via 192.168.34.1, 00:00:08, Serial1/0
S1/0 is disconnected. R5 is used for master-slave switchover (Overhead: 1000 + S1/1 = 1000 + 64 = 1064 ):
O E1 192.168.23.0/24 [110/1064] via 192.168.45.1, 00:05:58, Serial1/1

This article is from the "Mortal World" blog