Mutual redistribution using same tag (and the same route-map)

bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
I'm reading through the OCG, trying to finalize things before scheduling my route exam, and I'm looking at the problems dealing with multiple redistribution points, and using tags to stop the "second" redistribution. The example uses a separate tag / separate route maps for each direction (as do all the examples I can find online), but I have to ask why? I don't see why on each redistribution router you can't use the same route-map and just apply it in both directions.

route-map DBL_RED deny 100
match tag 10
route-map DBL_RED permit 110
set tag 10

Setting this on each device, under each routing interface logically should work: no matter the direction, if the tag is 10 filter it, otherwise tag it so the other device(s) filter it in the reverse direction. Am I missing something or do the examples just use separate tags to make it easier to understand?

I guess being able to ask questions like these is a sign I'm close to getting ready. Hopefully icon_wink.gif
Latest Completed: CISSP

Current goal: Dunno


  • pham0329pham0329 Member Posts: 556
    how would your router knows which tag belongs to which routes if they're all the same? I don't know if I interpreted your question correctly, but suppose you have EIGRP and OSPF mutual redistribution. You're going to set the OSPF routes with a tag of 10, and EIGRP with the same tag of 10?

    From there, you're going to deny routes with a tag of 10 from being redistributed?
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    Except the match/denial statement is before the set statement.

    At redistribution point 1 - the routes going from eigrp into ospf haven't been tagged yet, so aren't denied (but get tagged). The routes going from ospf into eigrp haven't been tagged yet, so aren't denied (but get tagged).

    Now we have tagged ospf routes in the eigrp domain, and tagged eigrp routes in the ospf domain.

    At redistribution point 2 - the routes that are tagged are kept from returning back into their original routing domain.
    Latest Completed: CISSP

    Current goal: Dunno
  • cisco_troopercisco_trooper Too many Member Posts: 1,442 ■■■■□□□□□□
    You need to use different tags. In this case if you have two routing domains being redistributed at two redistribution points I would use two tag values in my route-map configurations. I would set a tag of 10 for routes redistributed from EIGRP into OSPF and I would set a tag of 20 from routes redistributed from OSPF into EIGRP.

    So you'll have something like:
    router ospf 5
    redistribute eigrp 5 route-map eigrp_to_ospf

    router eigrp 5
    redistribute ospf 5 route-map ospf_to_eigrp

    route-map eigrp_to_ospf deny 10
    match tag 20

    route-map eigrp_to_ospf permit 20
    set tag 10

    route-map ospf_to_eigrp deny 10
    match tag 10

    route-map ospf_to_eigrp permit 20
    set tag 20

    I would be very careful trying to use the same tag for both routing domains. The best case is you have a confusing unconvential configuration for a common deployment. The worst case is the IOS doesn't deal with this the way you expect and you find yourself with routes flapping and connectivity issues. I might lab that up and watch it for a while. I don't know that I ever would have tried such a configuration when I originally went through this material about 3 years ago but I definitely follow your logic. I wouldn't consider this a good practice. What happens when you need to add another router to the mix and you end up with more distribution points or more routing protocols? I'd use a tag per routing domain to keep it clean and to keep it easier to change in the future.
  • pham0329pham0329 Member Posts: 556
    Ah, I misread your post. Yes, that would work...but why? Redistribution is confusing enough, why make it even more confusing by setting/denying the same tag?!
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    Thanks to both of you for replying. I will have to lab it up just to see. I guess it does make sense to use separate tags and route-maps just to make your life easier if and when something does go wrong so if you have to look at a tag for troubleshooting it's actually helpful.
    Latest Completed: CISSP

    Current goal: Dunno
  • Ronald AlonsoRonald Alonso Registered Users Posts: 1 ■□□□□□□□□□
    Is there a LAB example where this can be simulated. I have a few routers and will like to simulate this scenario.
  • KoryKory Member Posts: 43 ■■□□□□□□□□
    RIP EIGRP Redistribution Route Tagging | Redistribution | Labs

    thats a good one, it will let you see the tagging in action. You will need to register to download the GNS3 files, but its a good community to join and if you browse around the lab section you will see that there are loads of excellent labs.
  • powmiapowmia Users Awaiting Email Confirmation Posts: 322
    Using the same tag in each direction works fine, and is a simple enough concept... if a route has been redistributed once, don't re-redistribute it. However, tagging routes based on whether or not they have been redistributed is not an accurate enough description of the route.

    What happens if you decide to add a 3rd protocol to your network? Draw a triangle with OSPF, IS-IS, and EIGRP in the corners. For mutual redistribution amongst all of the protocols:

    1. first you redist OSPF into both IS-IS and EIGRP... ok, fine.
    2. Now redist IS-IS into both OSPF and EIGRP.

    we don't even need to move to step 3 before...

    ... a routing table meltdown, routes originating in OSPF are oscillating between coming into EIGRP directly from OSPF (step 1), and coming in from IS-IS (step 2). If you have been just using the same tags, you have no way of differentiating the origin of the protocol. You need to tell your router not to redistribute the IS-IS routes that originally came from OSPF into EIGRP. The only way to do this, is by using different tags.

    A best practice is to use the Administrative distances:

    route-map FROM-OSPF deny 10
    match tag 90
    route-map FROM-OSPF deny 20
    match tag 115
    route-map FROM-OSPF permit 30
    set tag 110
    route-map FROM-EIGRP deny 10
    match tag 110
    route-map FROM-EIGRP deny 20
    match tag 115
    route-map FROM-EIGRP permit 30
    set tag 90
    route-map FROM-ISIS deny 10
    match tag 90
    route-map FROM-ISIS deny 20
    match tag 110
    route-map FROM-ISIS permit 30
    set tag 115
    router ospf 1
    redist eigrp 100 subnets route-map FROM-EIGRP
    redist isis subnets route-map FROM-ISIS
    router isis
    redist eigrp 100 route-map FROM-EIGRP
    redist ospf 1 route-map FROM-OSPF
    router eigrp 100
    redist ospf 1 metric 1 1 1 1 1 route-map FROM-OSPF
    redist isis metric 1 1 1 1 1 route-map FROM-ISIS


    If you want to be cautious (always) add a "route-map FROM-XXX deny 25" in there... to prevent redistributing the "FROM" protocol if it already has the appropriate tag (meaning it has been redistributed somewhere once before).
Sign In or Register to comment.