Tagging routes... why, exactly?
Yeah, I don't get it. I hope it's not so blatantly obvious that I feel silly, but I can't find any real value to tagging redistributed routes.
IE...
route-map OSFP-into-EIGRP permit 10
match ip next-hop 10.22.150.1
set tag 5
What's the tag do?
If I do a "sh ip eig topo 10.22.151.0 255.255.255.0 | in tag" then sure, the output says "Administrator tag is 5", but is there any real value to this number? I don't see how it matters.
Preciate your thoughts.
IE...
route-map OSFP-into-EIGRP permit 10
match ip next-hop 10.22.150.1
set tag 5
What's the tag do?
If I do a "sh ip eig topo 10.22.151.0 255.255.255.0 | in tag" then sure, the output says "Administrator tag is 5", but is there any real value to this number? I don't see how it matters.
Preciate your thoughts.
There are only 10 kinds of people... those who understand binary, and those that don't.
CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110
Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110
Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
Comments
-
Plazma Member Posts: 503Tag's are great.. but they're locally significant (kinda like some BGP Community's/DLCI's). It's mostly to make your life a bit easier and to create a sort of mnomonic to remember.
In your example , since routes are tagged 5 , if you wanted to deny this set routes to somewhere else, you could simply setup another route map to do that based on the tag value.
route-map DENY-NH-10.22.150.1 20
match tag 5
All in all, it's just another way to do things.CCIE - COMPLETED! -
ColbyG Member Posts: 1,264Tags are used to prevent routing loops with mutual redistribution. Take a look at this doc:
Redistributing Routing Protocols - Cisco Systems -
vinbuck Member Posts: 785 ■■■■□□□□□□Tags are really handy to deny external routes in OSPF. Since external routes are propogated throughought the OSPF domain, you can assign a tag (Since I work in the SP world, I assign tags by geographic region) and then deny or permit anything inbound that is marked with that tag wherever you need to. This is especially helpful if you use an IGP like OSPF to run iBGP and need to limit OSPF external routes to certain portions of the network.
The big benefit is that you don't have to keep up with multiple distribute lists and corresponding ACLs when you add an external route - you just tag the route and if there are distribute lists already in place to block that tag, then you're good to goCisco was my first networking love, but my "other" router is a Mikrotik... -
mikearama Member Posts: 749Sure, I can see how you could set up a route-map to match the tag... but why go to that extra step?
I mean, in my example, I just created a "permit" route map. So I want this route to be redistributed. Otherewise, I wouldn't have matched it, and it would have been omitted by the implicit deny. If they're only locally significant, then I don't see when I would want to permit the route to be redistributed into another protocol, just to turn around and use the tag to deny it.
What am I missing?There are only 10 kinds of people... those who understand binary, and those that don't.
CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110
Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project. -
Plazma Member Posts: 503Well think about it from an ISP perspective.. you may have a whole metric ton of routes you have to deal with.. and you can't really filter all of them, but you can be more selective.. marking specific prefixes with tags, and then redistributing only those tagged routes.
Sure you can do it a variety of ways.. it's just another way available to you.CCIE - COMPLETED! -
networker050184 Mod Posts: 11,962 ModThe tag is just an arbitrary string of bits to match on. Sure you could make a gigantic prefix-list to match on the routes your want, but its much easier to apply a tag to them on redistribution and match on that tag. Same with communities in BGP.An expert is a man who has made all the mistakes which can be made.
-
jimbarino Member Posts: 8 ■□□□□□□□□□I actually just used tags in a customer installation. They wanted each site to have a backup default route that pointed them to another site on the WAN in case their local firewall went down. The kicker was that they wanted the west coast sites to back each other up, while the other sites went to the DC on the East Coast. So I had three sites injecting default routes into OSPF, and each site had to pick which one it wanted (used an SLA on the static default, so if it couldn't get to the far side of the firewall that route went away). I suppose I couldhave filtered by source, but I found it easier to just tag the default route at the source, then filter based on that tag at the destination."An inconvenience is only an adventure wrongly considered; an adventure is an inconvenience rightly considered."
- G.K. Chesterton