Re-release, routing policy, PBR Policy Routing, and route optimization
Re-release, routing policy, PBR Policy Routing, path optimization, protocol migration I. Re-Release 1. Why re-release is required if it is caused by devices of different vendors; due to network upgrades and resizing-different protocols are applied. 2. Problems exist in re-release. Due to inconsistent protocol features, path calculation and optimization are different. Management Distance is different; metric measurements are inconsistent. algorithms may not be released. Even if published, Path Optimization errors may occur. Route information feedback may occur; 3. Terms and types of re-release single point: One VBR of the two re-release protocols; one-way: Protocol A and Protocol B, only publish Protocol A to Protocol B; Type: single point one-way: if a protocol's route domain is a peripheral network, the route of this peripheral network can be published to the transmission network, but it is not recommended to publish the route of the transmission network protocol to the peripheral network; because the device performance of the peripheral network is usually insufficient, there is no need for so many routes. If the peripheral network needs to access the transmission network, it only needs to have the default value. Single Point bidirectional: both protocols belong to the transmission network, and two-way re-release can be implemented when the device performance is good. Conclusion: Single point of failure (spof) issues exist in the re-release scenarios. There is no redundancy. Multi-Point bidirectional release: redundancy capability; defects: Route feedback and sub-optimal path; 4. What is seed metric? What is the default metric given when other protocols are published into their own protocols? If other protocols are published to the distance vector protocol, the given measurement is infinite by default. When other protocols are published to OSPF, the given metric measurement is 20; 5. Publish various routes into RIP, OSPF, and OSPF. Direct and static routes are released into RIP. The default measurement is 1 hop; publish routes of other dynamic routing protocols into the RIP. The default measurement is infinite. Modify the seed measurement, or manually specify the measurement to modify the seed measurement. If the measurement is manually specified, the seed measurement is also changed, if a metric is manually specified, the priority is manually specified. The direct connection and static release will be carried into the MongoDB. The metric measurement of the output interface will be used as the default measurement; publish routes of other protocols to the OSPF network. By default, the given measurement is infinite. Modify the seed measurement to publish the routes directly and statically to the OSPF network, by default, only main-class network routes are published. The default metric is 20. OE2. subnets must be added to publish subnet routes; 6. When will the re-release route take effect? If it is A directly connected network and is advertised to A certain protocol (A), when Protocol A is published to Protocol B, this direct connection will be re-published and entered. However, if this direct connection is not advertised, it cannot be re-published to Protocol B. If it is not a direct connection network, the route entry is republished to Protocol B only when the route ID of A is described in Protocol A and has been added to the route table. 2. Route policy-route update control-route; 1. It is used to control route information during transmission. When there are many route entries in the re-release or the same protocol, some route entries do not need to be transmitted to other neighbors; you can use this method. 2. The method for implementing the routing policy is ACL, prefix-list prefix list, distribute-list, routemap, and offset-list; ACL ------ by default, it is mainly effective for the IP network layer. When used for data filtering, the anti-subnet mask must be used for matching. If the route entry is defined, yes, no anti-subnet mask can be added ------ the standard ACL used; ACL defect: If you want to match multiple consecutive subnets at a time, you can match the summarized route entries, the anti-subnet mask is required. If an ACL is used to match multiple non-consecutive subnets, the matching range is extended. If the Prefix-list is fixed when the network address with the network Prefix is fixed, it mainly focuses on the prefix length. It can narrow the matched subnet range as much as possible. It only matches the route and cannot be used to match the data traffic. It implicitly rejects all requests at the end, and the matching search is also top-down. It only matches one route: if multiple routes with Discontinuous subnets are matched at one time, the routes with multiple discontinuous subnets are summarized first, and then the length of the prefix is limited by ge and LE. Ge ------ describes the lower limit of the prefix; le ---- upper limit of description; Case 1: One-time match using prefix list: 5.5.5.0/24 and 5.5.6.0/28, subnet shard distribution list with at least 256 addresses: it is used for Route filtering. It does not have the filtering function. It depends on the ACL, prefix list, routemap deny, or permit, if the deny route is not sent or not received, the permit route will be sent or received. It is used for filtering the same protocol route. It can also be used for filtering routing when different protocols are re-published; -The distribution list is used to filter routing information of the same Protocol. The in/out + interface will be used. --- only applicable to the distance vector routing protocol. Deployment: Step 1: define the route to be matched using the ACL or prefix list. If the ACL or prefix list is deny, this route cannot be sent or accepted from this interface. Step 2: call the ACL or prefix list to the distribution list or note: Once the distribution list is used with the interface, the filtering is implemented through the interface; the routing distribution list is used to filter routes during re-release, so the distribution list works with the protocol. The out + Protocol is required; the filtering action occurs in the re-release process. Step 1: Define the routes of interest-define the routes of Protocol A; Step 2: to control the re-release of the route of Protocol A to Protocol B within the distribution list, you must enter Protocol B, the out + A protocol distribution list depends on the ACL and prefix list. Pay attention to the use of the combination interface and Protocol. For filtering of the same Protocol, route update information transmission direction of the in and out plus interfaces; Route-map: can be used to implement Route filtering, Policy Routing, NAT, BGP attribute adjustment, QOS, and security policies; █ Route-map, which has the filtering function, can define the Route and data traffic without relying on the ACL and prefix; then it can also match the ACL or prefix; it has the permit and deny; the routemap table implicitly matches all at the end of the routemap table and rejects all at the same time. It is also a top-down matching process. If routemap is used for re-publishing to implement route filtering, it can directly match the interface, or ACL, prefix list, Route type, Route label, and Route metric; how to deploy; if Route-map works with ACL or prefix list; If routemap is permit, the ACL is also permit, this means that the routes defined by the ACL are allowed to be re-published. The first ACL or prefix List defines the second step of the route, enable routemaop to match the ACL or prefix list. If you only need to re-publish the matched ACL, The routemap does not need to add a blank table item. If routemap is deny, the ACL is permit, the routes defined in the ACL cannot be re-published. Therefore, you need to add an empty table entry at the end to re-publish other undefined routes. If routemap is permit, the ACL is deny; during re-publishing and filtering, permit must be used when the ACL and prefix list define routes. routemap does not consider the ACL and prefix to use deny to define the routes of interest; it is invalid; an empty table item needs to be added; If routemap is deny and ACL is deny, the routes matching the ACL will not be filtered; an empty table item will be added; route filtering is implemented when Protocol A is published to Protocol B: In Protocol B routing mode, router uses routemap to add labels for re-published routes, or add the label ---- route label when the same protocol sends the route; ------- to quickly implement route matching and filtering; if other protocols are published into OSPF, yes, you can manually add tags-add tags to the routes to which some of the clubs are re-published, you do not need to use routemap. If you only need to add a label when re-publishing some routes, you need to use the routemap case. You only need to add a label to 1 when matching 3.3.3.0/24 and 10.1.1.0/24; match the acl to the routemap and call the routemap to the re-release command. Set the label settings of the routes Static Routing for the labels of RIP, OSPF, and Static Routing: to better identify and control the propagation of static routes, you can directly Add tag parameters when deploying static routes. After the static routes are re-published, the original label will be carried automatically (only valid for OSPF and OSPF). If the label is in the same protocol (Distance Vector, in the R1---R2 of the 5.5.5.0/24 routing label, use the method, first define 5.5.5.0/24 with ACL; then use routemap to match the ACL, then settag 5; add empty table items; after, use the distribution list to call routemap; ------ supported by IOS at 12.4T2 or above; routing policy route: policy base route, which is a complex and conditional static route; data can be forwarded to the interface based on the source IP address, packet length, and data import of IP data packets. A specific next hop address or outbound interface can be specified based on the source IP address or packet length; 3. Analysis of PBR design: this design is used for Edge Routers. If multiple ports are connected, the BW of these ports is different from the link status, however, both of them can access the same target network and improve the link utilization through PBR. However, this is static. PBR implementation: In order to achieve PBR, therefore, the common route table cannot be viewed for the data of the policy. The rule must be executed according to the policy. The final policy must be deployed on the Data inbound interface. Deployment: Step 1: use ACL to define the traffic of the policy; do not use the prefix; Step 2: Write PBR entries. Note that no empty table entries are required, traffic that is not matched by routemap will be viewed in the route table for forwarding. Step 3: Call routemap to the interface, which can also be used to set a policy for local traffic; it is used for local Global Implementation, so the first two steps are the same. Supplement: the match all and match anyRoutemap matchall of routemap mean that when all matching conditions must be met, can be executed only. condition: it must be a different type of condition, and the ACL, prefix list, tag, and so on must be matched. Routemap match any: it must be a match of the same type, as long as any condition is met, then, matching ACL1 \ ACL2 \ ACL3 can be executed. 4. Path Optimization 1. Meaning: a sub-optimal path may be generated during re-release, in order to let some traffic go through a specific path and Next Hop; 2. If the same protocol path is preferred, use the following method if it is a distance vector routing protocol, you can use the offset-list offset list. For the offset list, you can add the offset measurement to the original measurement, define the route entry, and define the ACL. In the routing mode, choose 55----ACL; in --- indicates that the update is in; 2 --- offset measurement; F0/0 indicates that the 55 route entry from this interface will increase the offset Measurement 2; if the out is used, this means that metric increases when the route is sent. If no + interface is used, it is deemed that the metric measurement increases when the route entry or transmission of all interfaces is performed. In RIP, the maximum offset is 16. For OSPF, ip ospf cost can be used, or distribution list can be used to suppress unwanted, other tables can be added; OSPF filtering is for the content of the LSA--LSDB database filtering, is not to filter out the LSA within the LSDB, OSPF routing, only OSPF routes may not be added to the IP route table, but may still exist in LSDB. 3. When re-publishing between different protocols, in order to avoid sub-optimal paths, how to change the AD management distance; static route AD change ---------- change the AD at the end; Changes to the RIP route AD: ingress for all RIP routes change ingress for some RIP routes AD change first use ACL to define the route entries to be changed; then enter the route mode from 10.1.1.4 (route information source address) the management distance for the entries defined in ACL 5 sent to is changed to 109. The Management Distance for VPN is changed. The Management Distance for routes in the ingress is changed: change the internal and external one-time; the routing method is the same as the RIP Method for modifying the AD (which is not effective for the external Routing) of some internal routes of VPN; change the OSPF Management Distance. For all routes, change the OSPF Management Distance. For some routes, change the Routing Management Distance between regions and outside regions. the route entries defined in the preceding ACL 5, the management distance is changed to 5. If you want a route entry of OSPF not to be added to the route table, you can use the distribution list; the distribution list in + interface method; ---- the LSA information cannot be filtered;