Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

CCNP - Route redistribution - Simulating routing loops

Objective

Teaching CCNP ROUTE courses and describing the problematic of two-way routing redistribution I need an example describing the case which point out to the process of creating a routing loop. This example shows how such routing loop may arise using badly configured redistribution process andusing bad seed metric. The topology with two redisitributing routers creates routing feedback (two way, multipoint redistribution). The loop is created for packets routed from the ospf network to the 3.0.0.0/8 destination network.

Topology

Three routers with two routing domains, EIGRP AS 1 and OSPF area 0.

Dynamips/GNS3 topology

        [[ROUTER R1.1]]
                model = 2691
                console = 3411
                f0/0 = R1.2 f0/0
                f0/1 = R1.2 f0/1

        [[ROUTER R1.2]]
                model = 2691
                console = 3412

        [[ROUTER R1.3]]
                model = 2691
                console = 3413
                s1/0 = R1.1 s1/0
                s1/1 = R1.2 s1/1

IPv4 addressing

R3 loop: 3.0.0.0/8: EIGRP external network

R3-R1: 10.0.31.0/24, serial line s1/0 to s1/0  , (EIGRP RD)

R3-R2: 10.0.32.0//24, serial line s1/1 to s1/1  (EIGRP RD)

R1-R2: 10.0.12.0//24, fastEthernet line fa0/1 to fa0/1 (OSPF RD)

R1-R2: 10.0.21.0//24, fastEthernet line fa0/0 to fa0/0  (EIGRP RD)

R1 loop: 1.0.0.0/8  (OSPF RD)

Prerequisities

Fully configured and worked:

  • EIGRP routing within EIGRP routing domain AS 1
  • Redistriution of 1.0.0.0/8 nework as the external net (seen within EIGRP as D EX)
  • OSPF routing within OSPF routing domain with single area 0

The configuration still does not solve the redistribution between EIGRP and OSPF. The 3.0.0.0/8 network is seen within R1 and R2 routing table as D EX (EIGRP external):

R1# sh ip route 3.0.0.0
Routing entry for 3.0.0.0/8
  Known via "eigrp 1", distance 170, metric 2297856, type external
  Redistributing via eigrp 1
  Last update from 10.0.31.3 on Serial1/0, 00:03:04 ago
  Routing Descriptor Blocks:
  * 10.0.31.3, from 10.0.31.3, 00:03:04 ago, via Serial1/0
      Route metric is 2297856, traffic share count is 1
      Total delay is 25000 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
 

Configuration of mutual two-way/multi-point redistribution - creating the loop

Now  I will configure mutual both-way redistribution on R1/R2 routers. The configuration is similar for both R1 and R2 routers and looks like the following from R1:

router eigrp 1
redistribute ospf 1 metric 1544 2000 255 1 1500
router ospf 1
redistribute eigrp 1 subnets

As the EIGRP seed metric I have configured the EIGRP metrics of Serial line, i.e. BW 1544Kbps, delay 2000 mikroseconds, reliability 255, load 1 and MTU 1500. 

After choosing that bad EIGRP seed metric I easily did a loop!

Why? It works following. The R1 had the 3.0.0.0/8 route within its routing table as D EX learned from R3 over the S1/0 interface, and it is marked as an EIGR D EX route. The redistribution process is searching for Eigrp routes within the R1 routing table. Once it find them, it will redistribute them into OSPF. And that the R1 router exactly do. It sent the 3.0.0.0/8 route as LSA5 (R1 becomes an ASBR) into the OSPF area 0.

The R2 router has therefore two choices, an EIGRP update saying that the 3.0.0.0/8 route is reachable over S1/1 interface (sending the packets correctly to R3) or an update over OSPF saying that the route for 3.0.0.0/8 network is reachable over the R1 OSPF neighbor. The R2 will select the route over R2 thanks to better Administrative distance of internal OSPF (110) compared to External EIGRP (170).

R2#sh ip route 3.0.0.0
Routing entry for 3.0.0.0/8
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 10
  Redistributing via eigrp 1
  Advertised by eigrp 1 metric 1544 2000 255 1 1500
  Last update from 10.0.12.1 on FastEthernet0/1, 00:23:40 ago
  Routing Descriptor Blocks:
  * 10.0.12.1, from 10.0.31.1, 00:23:40 ago, via FastEthernet0/1
      Route metric is 20, traffic share count is 1
Now the redistrution process of R2 will do the routing feedback which will create the routing loop. The redistribution from EIGRP to OSPF will insert the link bettween R3 to R1 as the R2 now about it over EIGRP, and the fa0/0 link R1 to R2 as it is insert into EIGRP routing and the link is part of EIGRP routing domain.
But not 3.0.0.0/8 route itself, because the R2 router does not have 3.0.0.0/8 as the EIGRP route within its routing table. 
R2# sh ip route eigrp
     10.0.0.0/24 is subnetted, 4 subnets
D       10.0.31.0 [90/2195456] via 10.0.21.1, 00:52:23, FastEthernet0/0
 
But the redistribution from OSPF to EIGRP insert three routes as the router has some OSPF routes and one directly connected ospf network. And among them is our 3.0.0.0/8 route which comes over R3 to R1 to R2 path.
R2#sh ip route ospf
O    1.0.0.0/8 [110/11] via 10.0.12.1, 00:41:25, FastEthernet0/1
O E2 3.0.0.0/8 [110/20] via 10.0.12.1, 00:38:48, FastEthernet0/1
 
So the redistribution process will takes the 3.0.0.0/8 route and insert it again into EIGRP process (a norigin network), but with bad defined seed metric. Next the R2 router sent the EGIRP update to both of its neighbors, R3 and R1.
 
R3 does not accept the update as the R3 is inserting the 3.0.0.0/8 route into eigrp and the net is seen as router directly connected network.
R3#sh ip route

Gateway of last resort is not set

D EX 1.0.0.0/8 [170/2681856] via 10.0.32.2, 00:11:13, Serial1/1
               [170/2681856] via 10.0.31.1, 00:11:13, Serial1/0
C    3.0.0.0/8 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 4 subnets
D EX    10.0.12.0 [170/2681856] via 10.0.32.2, 00:11:13, Serial1/1
                  [170/2681856] via 10.0.31.1, 00:11:13, Serial1/0
C       10.0.31.0 is directly connected, Serial1/0
D       10.0.21.0 [90/2195456] via 10.0.32.2, 00:11:13, Serial1/1
                  [90/2195456] via 10.0.31.1, 00:11:13, Serial1/0
C       10.0.32.0 is directly connected, Serial1/1
 
But the situation is different on the R1 router. Now the R1 has two sources saying that the 3.0.0.0/8 route is accesible over them. We can observe it showing the Eigrp topology database:
 
R1#sh ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(10.0.31.1)
...
P 3.0.0.0/8, 1 successors, FD is 2195456
        via 10.0.21.2 (2195456/2169856), FastEthernet0/0
        via 10.0.31.3 (2297856/128256), Serial1/0
... 
or a better view
R1# sh ip eigrp topology 3.0.0.0
IP-EIGRP (AS 1): Topology entry for 3.0.0.0/8
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2195456
  Routing Descriptor Blocks:
  10.0.21.2 (FastEthernet0/0), from 10.0.21.2, Send flag is 0x0
      Composite metric is (2195456/2169856), Route is External
      Vector metric:
        Minimum bandwidth is 1544 Kbit
        Total delay is 21000 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 1
      External data:
        Originating router is 10.0.32.2
        AS number of route is 1
        External protocol is OSPF, external metric is 20
        Administrator tag is 0 (0x00000000)
  10.0.31.3 (Serial1/0), from 10.0.31.3, Send flag is 0x0
      Composite metric is (2297856/128256), Route is External
      Vector metric:
        Minimum bandwidth is 1544 Kbit
        Total delay is 25000 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 1
      External data:
        Originating router is 1.0.0.3
        AS number of route is 0
        External protocol is Connected, external metric is 0
        Administrator tag is 0 (0x00000000)
The database shows that from the R1 router point of view it may choose tha path over 10.0.21.2, ie. R2 or over  10.0.31.3, ie R3. The R1 router will use the route with better metric (2195456) and it is the route back over R2, which is than inserted into its routing table:
R1#sh ip route

Gateway of last resort is not set
C    1.0.0.0/8 is directly connected, Loopback0
D EX 3.0.0.0/8 [170/2195456] via 10.0.21.2, 01:02:02, FastEthernet0/0
     10.0.0.0/24 is subnetted, 4 subnets
C       10.0.12.0 is directly connected, FastEthernet0/1
C       10.0.31.0 is directly connected, Serial1/0
C       10.0.21.0 is directly connected, FastEthernet0/0
D       10.0.32.0 [90/2195456] via 10.0.21.2, 00:18:41, FastEthernet0/0

The Proof

Following these steps we realize the loop. Te loop is created for packets originate within OSPF routing domain and targetted only to the 3.0.0.0/8 destinations.

As a proof we will do ping and traceroute from the R1 loop interface.

R1#ping 3.0.0.1 sour loop 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 1.0.0.1
.....
Success rate is 0 percent (0/5)

or better description using the traceroute:

R1#traceroute 3.0.0.1 source lo 0

Type escape sequence to abort.
Tracing the route to 3.0.0.1
  1 10.0.21.2 20 msec 20 msec 20 msec
  2 10.0.12.1 20 msec 36 msec 20 msec
  3 10.0.21.2 40 msec 48 msec 36 msec
  4 10.0.12.1 40 msec 52 msec 40 msec
  5 10.0.21.2 56 msec 56 msec 60 msec
  6 10.0.12.1 64 msec 76 msec 60 msec
  7 10.0.21.2 80 msec 76 msec 80 msec
... <continues>
Where we can observe that the ICMP Packet is going arround within the loop between R1 (IP address 10.0.12.1) and R2 (IP address 10.0.21.2) routers.

 

Protection

Protection is achieved using correct seed metric values or using a kind or routes filtering.

Groups: