Boson exam question - OSPF domain back-up

wavewave Member Posts: 342
I struck this in a Boson Ex Sim Max ROUTE exam this morning and I'm sure based on the diagram that route tagging could be a correct answer. See attached question and diagram.

The explanation states that prefix based filtering must be used because that's the only way the domains could be backed up. So essentially if Router A's link to OSPF AS 1 goes down it would need to accept the redistributed route from Router B and start routing traffic through B.

If I'm tagging all routes from AS 1 as they are redistributed into AS 2 on both routers then when Router A redistributes to router B, Router B won't redistribute those routes back into AS 1. Good.

Then if Router A loses it's link to AS 1 and therefore a route to 10.1.0.0/16 it will still receive 10.1.0.0/16 redistributed from Router B. Isn't that essentially "Backing up the other domain" ?



The question links to this page on Cisco's site: OSPF Redistribution Among Different OSPF Processes  [IP Routing] - Cisco Systems

It states "However, because the prefixes are denied from the routing table, the domains can not back up each other."

I don't understand why they can't back up each other - do you ?

ROUTE Passed 1 May 2012
SWITCH Passed 25 September 2012
TSHOOT Passed 23 October 2012
Taking CCNA Security in April 2013 then studying for the CISSP

Comments

  • wavewave Member Posts: 342
    I think Boson have said tagging can't be used based on this config on the Cisco page:

    router ospf 1
    redistribute ospf 2 subnet tag 1
    distribute-list 1 route-map filter_domain2 in
    !
    route-map filter_domain2 deny 10
    match tag 2
    route-map filter_domain2 permit 20

    router ospf 2
    redistribute ospf 1 subnet tag 2
    distribute-list 1 route-map filter_domain1 in
    !
    route-map filter_domain1 deny 10
    match tag 1
    route-map filter_domain1 permit 20

    But if there was no distribute list and there was simply a route map like this - I'm pretty sure it would work:


    router ospf 1
    redistribute ospf 2 subnet route-map TAG
    !
    route-map TAG deny 10
    match tag 2
    route-map TAG permit 20
    set tag 2
    !
    router ospf 2 redistribute ospf 1 subnet route-map TAG

    !
    route-map TAG deny 10
    match tag 2
    route-map TAG
    permit 20
    set tag 2



    ROUTE Passed 1 May 2012
    SWITCH Passed 25 September 2012
    TSHOOT Passed 23 October 2012
    Taking CCNA Security in April 2013 then studying for the CISSP
  • Nate--IRL--Nate--IRL-- Member Posts: 103 ■■□□□□□□□□
    I would have gone with Tagging too. Tagging seems always to be the best option for Multi-point redistribution in my opinion. The question says select the "Best option", surely that is too subjective?

    Nate
  • wavewave Member Posts: 342
    I would have gone with Tagging too. Tagging seems always to be the best option for Multi-point redistribution in my opinion. The question says select the "Best option", surely that is too subjective?

    Agreed.

    After reading the Cisco documentation I linked to if you added a distribute-list or something else to prevent routes getting into the routing table, sure it won't work. But I think they need to review this question and possibly change the radio buttons to check boxes and rephrase it.

    The explanation says tagging will prevent loops but the domains won't back up each other. I disagree with the last part.

    ROUTE Passed 1 May 2012
    SWITCH Passed 25 September 2012
    TSHOOT Passed 23 October 2012
    Taking CCNA Security in April 2013 then studying for the CISSP
  • wavewave Member Posts: 342
    So I logged a ticket with Boson, and this is their response:


    "Cisco refers to the process of tagging routes during redistribution and then filtering them with a distribute list as "tag-based filtering." With a tag-based filtering configuration, if one of the ASBRs loses connectivity to an AS, it will still receive routes for disconnected AS from its neighbors. However, the distribute list will prevent the router from entering those routes into its routing table. You can see the LSAs for those routes by issuing the show ip ospf database command. The routes will be listed as Type 5 AS External.

    This is why even though Routers A and B have connection to both ASs and each other, if RouterB lost its connection to one of the ASs, it would no longer enter its routes into its routing table. By contrast, Cisco refers to the process of filtering routes during redistribution as "prefix-based filtering." With prefix-based filtering, there is no distribute list to prevent a router from entering advertised routes into its routing table. Instead, a route map is supplied as a parameter to the redistribution command to determine which routes should be injected into the particular routing protocol. Prefix-based filtering can use prefix lists, ACLs, or tags. Which you would use depends on the granularity of your filtering needs."

    I disagree so have responded:

    Where does Cisco document "tag-based filtering" and say that it can't be used without a distribute list? Because one can have two ASBRs back-up each other in just the same way as the prefix-list example simply by leaving the distribute list out.

    I don't see why it isn't an acceptable answer. The question asks for the "best" response where there are several ways to achieve exactly the same result.

    The method of route tagging for redistribution I explained is outlined on page 408 of the Cisco Press Implementing IP Routing (ROUTE) Foundation Learning Guide

    ROUTE Passed 1 May 2012
    SWITCH Passed 25 September 2012
    TSHOOT Passed 23 October 2012
    Taking CCNA Security in April 2013 then studying for the CISSP
Sign In or Register to comment.