CCNP ROUTE Command Guide: Implementing Path Control

Date: Mar 23, 2010 By Hans Roth, Scott Empson. Sample Chapter is provided courtesy of Cisco Press.
This chapter helps you prepare for the CCNP ROUTE exam by covering the following topics related to implementing path control: Offset lists, Cisco IOS IP Service Level Agreements, and Policy routing using route maps. It also uses route maps as a Configuration example.

This chapter provides information concerning the following topics related to implementing path control:

  • Offset lists
  • Cisco IOS IP Service Level Agreements
  • Policy routing using route maps

  • Configuration example: route maps

    NOTE

    Path control is the mechanism that changes default packet forwarding across a network. It is not quality of service (QoS) or MPLS Traffic Engineering (MPLS-TE). Path control is a collection of tools or a set of commands that is able to manipulate the routing protocol forwarding table or to bypass default packet forwarding. The manipulation of routing information may be required to obtain better resiliency, performance, or availability in your network.

    There are other filters or tools available to assist in the manipulation of the routing table. These include

    • Route maps
    • Prefix lists
    • Distribute lists
    • Administrative distance
    • Route tagging

    These are mostly protocol dependent and have been covered in other chapters in this book.

Offset Lists

NOTE

The offset-list command is only applicable to EIGRP and RIP routing protocols. The offset-list command is used to add an offset to incoming and outgoing metrics to routes learned using these protocols. The offset value is added to the metric.

TIP

An offset list with an interface type and number is considered to be extended and will take precedence over an offset list that is not extended. This means that if an entry passes the extended offset list and the normal offset list, the offset of the extended offset list is added to the metric.

Router(config)#router eigrp 11

Enables EIGRP routing process with an autonomous system number of 11.

 
Router(config-router)#offset-list 21 out 10

Applies an offset list of 10 to the delay component (outgoing metrics) of a router to networks matching ACL 21.

 
Router(config-router)#offset-list 21 in 10 fastethernet 0/0

Applies an offset list of 10 to the incoming metrics of routes matching ACL 21 learned from interface FastEthernet 0/0.

Cisco IOS IP Service Level Agreements

NOTE

Cisco IOS IP Service Level Agreements (SLAs) are used to perform network performance measurements within Cisco Systems devices using active traffic monitoring.

TIP

SLAs use timestamp information to calculate performance metrics such as jitter, latency, network and server response times, packet loss, and mean opinion score.

Figure 5-1 shows the network topology for the configuration that follows, which shows the use of Cisco IOS IP SLA functionality for path control.

Figure 5-1

Figure 5-1 Cisco IOS IP Service Level Agreements

Customer requirements:

  • Customer A is multihoming to ISP-1 and ISP-2.
  • The link to ISP-1 is the primary link for all traffic.
  • Customer A is using default routes to the ISPs instead of BGP.
  • Customer A is using static routes with different administrative distances to make ISP-1 the preferred route.

Potential problem: If ISP-1 is having uplink connectivity problems to the Internet, Customer A will still be sending all of its traffic to ISP-1, only to have that traffic lost.

Solution: IOS IP SLA will be used to announce conditionally the default route to ensure reachability of a specific destination.

Follow these steps to configure Cisco IOS IP SLA functionality:

  • Step 1. Define one (or more) probes.
  • Step 2. Define one (or more) tracking objects.
  • Step 3. Define the action on the tracking object(s).
  • Step 4. Verify IP SLA operations.

Step 1: Define One (or More) Probes

R1(config)#ip sla monitor 22

Begins configuration for an IP SLA operation and enters SLA monitor configuration mode. 22 is the operation number and is a number between 1–2147483647.

 
R1(config-sla-monitor)#type echo protocol ipIcmpEcho 10.1.1.1 source-interface fastethernet 0/0

Defines an ICMP Echo operation to destination address 10.1.1.1 through source interface of FastEthernet 0/0 and enters ICMP Echo configuration mode.

 
R1(config-sla-monitor-echo)#frequency 10

Sets the rate at which the operation repeats. Measured in seconds from 1–604800 (7 days).

 
R1(config-sla-monitor-echo)#exit

Exits IP SLA Monitor ICMP Echo configuration mode and returns to global configuration mode.

 
R1(config)#ip sla monitor schedule 22 life forever start-time now

Sets a schedule for IP SLA monitor 22. Packets will be sent out immediately and will continue forever.

Step 2: Define One (or More) Tracking Objects

R1(config)#track 1 sla 22 reachability

Configures the tracking process to track the reachability of IP SLAs operation 22.

NOTE

This command was introduced in Cisco IOS Release 12.4(20)T and replaces the track rtr command.

Step 3: Define the Action on the Tracking Object(s)

R1(config)#ip route 0.0.0.0 0.0.0.0 11.1.1.1 3 track 1

Announces a default route to 11.1.1.1 with an administrative distance of 3 if the tracking object 1 is true.

Step 4: Verify IP SLA Operations

R1#show ip sla configuration

Displays SLA components such as frequency, target address, scheduling, and other parameters.

 
R1#show ip sla statistics 22

Displays number of successful and failed probes, last operation, start time, and last return code for SLA monitor 22.

 
R1#show ip sla statistics 22 detail

Displays more in-depth output for SLA monitor 22.

Policy Routing Using Route Maps

Router(config)#route-map ISP1 permit 20

Creates a route map named ISP1. This route map will permit traffic based on subsequent criteria. A sequence number of 20 is assigned.

NOTE

In route maps, the default action is to permit.

NOTE

The sequence-number is used to indicate what position the route map is to have in a list of route maps configured with the same name.

If no sequence number is given, the first condition in the route map is automatically numbered as 10.

 
Router(config-route-map)#match ip address 1

Specifies the match criteria (the conditions that should be tested); in this case, match addresses filtered using ACL 1.

 
Router(config-route-map)#set ip next hop 6.6.6.6

Specifies that packets that pass a match are output to the router at IP address 6.6.6.6.

 
Router(config-route-map)#set interface serial 0/0/0

Specifies the set actions (what action is to be performed if the match criteria is met); in this case, forward packets out interface serial 0/0/0.

NOTE

If no explicit route exists in the routing table for the destination network address of the packet (that is, the packet is a broadcast packet or destined to an unknown address), the set interface command has no effect and is ignored.

NOTE

A default route in the routing table will not be considered an explicit route for an unknown destination address.

 
Router(config-route-map)#set ip default next hop 6.6.6.6

Defines where to output packets that pass a match clause of a route map for policy routing and for which the Cisco IOS software has no explicit route to a destination.

 
Router(config-route-map)#set default interface serial 0/0/0

Defines where to output packets that pass a match clause of a route map for policy routing and have no explicit route to the destination.

NOTE

This is recommended for point-to-point links only.

 
Router(config-route-map)#exit

Returns to global configuration mode.

 
Router(config)#interface fastethernet 0/0

Moves to interface configuration mode.

 
Router(config-if)#ip policy route-map ISP1

Specifies a route map to use for policy routing on an incoming interface that is receiving the packets that need to be policy routed.

 
Router(config-if)#exit

Returns to global configuration mode.

 
Router(config)#ip local policy route-map ISP1

Specifies a route map to use for policy routing on all packets originating on the router.

TIP

Packets that are generated by the router are not normally policy routed. Using the ip local policy route-map [map-name] command will make these packets adhere to a policy. For example, you may want packets originating at the router to take a route other than the obvious shortest path.

Router(config)#interface fastethernet 0/0

Moves to interface configuration mode.

 
Router(config-if)#ip route-cache policy

Enables fast-switched policy routing.

NOTE

Policy-based routing (PBR) must be configured before PBR fast switching can be enabled. Fast switching of PBR is disabled by default. CEF-switched PBR is enabled by default.

A fast-switched PBR supports all the match commands and most of the set commands except for the following:

  • The set ip default next-hop command is not supported.
  • The set interface command is supported over point-to-point links, unless a route cache entry exists that uses the same interface that is specified in the set interface command in the route map.

NOTE

The ip route-cache policy command is strictly for fast-switched PBR, and therefore not required for a CEF-switched PBR.

Router#show ip policy

Displays route maps that are configured on the interfaces.

 
Router#show route-map 
                  [map-name]

Displays route maps.

 
Router#debug ip policy

Enables the display of IP policy routing events.

 
Router#traceroute

Enables the extended traceroute command, which allows the specification of the source address.

 
Router#ping

Enables the extended ping command, which allows for the specification of the source address.

Configuration Example: Route Maps

Figure 5-2 shows the network topology for the configuration that follows, which demonstrates how to configure route maps using the commands covered in this chapter.

Figure 5-2

Figure 5-2 Network Topology for Route Map Configuration

Assume for this example that you want to enforce the following policy:

  • Internet-bound traffic from 192.168.1.0/24 is to be routed to ISP1.
  • Internet-bound traffic from 172.16.1.0/24 is to be routed to ISP2.
  • All other traffic to be routed normally according to their destination addresses.

Portland Router

Router>enable

Moves to privileged mode.

 
Router#configure terminal

Moves to global configuration mode.

 
Router(config)#hostname Portland

Sets the hostname of this router.

 
Portland(config)#access-list 1 permit 192.168.1.0 0.0.0.255

Creates ACL 1, which will filter out addresses for our first route map.

 
Portland(config)#access-list 2 permit 172.16.1.0 0.0.0.255

Creates ACL 2, which will filter out addresses for our second route map.

 
Portland(config)#access-list 101 permit ip 192.168.1.0 0.0.0.255 172.
16.1.0 0.0.0.255

Creates an extended ACL, resulting in a filter based on both source and destination IP address.

 
Portland(config)#access-list 102 permit ip 172.16.1.0 0.0.0.255 192.168.
1.0 0.0.0.255

Creates an extended ACL, resulting in a filter based on both source and destination IP address.

 
Portland(config)#route-map ISP1 permit 10

Creates a route map called ISP1. This route map will permit traffic based on subsequent criteria. A sequence number of 10 is assigned.

 
Portland(config-route-map)#match ip address 1

Specifies the match criteria—match addresses filtered from ACL 1.

 
Portland(config-route-map)#set interface serial 0/0/0

Specifies the set actions (what action is to be performed if the match criteria is met); in this case, forward packets out interface s0/0.

 
Portland(config-route-map)#exit

Returns to global configuration mode.

 
Portland(config)#route-map ISP2 permit 10

Creates a route map called ISP2.

 
Portland(config-route-map)#match ip address 2

Specifies the match criteria—match addresses filtered from ACL 2.

 
Portland(config-route-map)#set interface serial 0/0/1

Specifies the set actions (what action is to be performed if the match criteria is met); in this case, forward packets out interface s0/1.

 
Portland(config-route-map)#exit

Returns to global configuration mode.

 
Portland(config)#route-map 192To172 permit 10

Creates a route map named 192To172. This route map will permit traffic based on subsequent criteria. A sequence number of 10 is assigned.

 
Portland(config-route-map)#match ip address 101

Specifies the match criteria—match addresses filtered from ACL 101.

 
Portland(config-route-map)#set interface fastethernet 0/1

Specifies the set actions—forward packets out interface FastEthernet 0/1.

 
Portland(config-route-map)#exit

Returns to global configuration mode.

 
Portland(config)#route-map 172To192 permit 10

Creates a route map named 172To192.

 
Portland(config-route-map)#match ip address 102

Specifies the match criteria—match addresses filtered from ACL 102.

 
Portland(config-route-map)#set interface fastethernet 0/0

Specifies the set actions—forward packets out interface FastEthernet 0/0.

 
Portland(config-route-map)#exit

Returns to global configuration mode.

 
Portland(config)#interface serial 0/0/0

Moves to interface configuration mode.

 
Portland(config-if)#description link to ISP1

Sets a locally significant description of the interface.

 
Portland(config-if)#ip address 198.133.219.1 255.255.255.252

Assigns an IP address and netmask.

 
Portland(config-if)#no shutdown

Enables the interface.

 
Portland(config)#interface serial 0/0/1

Moves to interface configuration mode.

 
Portland(config-if)#description link to ISP2

Sets a locally significant description of the interface.

 
Portland(config-if)#ip address 192.31.7.1 255.255.255.252

Assigns an IP address and netmask.

 
Portland(config-if)#no shutdown

Enables the interface.

 
Portland(config)#interface fastethernet 0/0

Moves to interface configuration mode.

 
Portland(config-if)#ip address 192.168.1.1 255.255.255.0

Configures an IP address and netmask.

 
Portland(config-if)#ip policy route-map ISP1

Applies the route map named ISP1 to this interface.

 
Portland(config-if)#ip policy route-map 192To172

Applies the route map named 192To172 to this interface.

 
Portland(config-if)#no shutdown

Enables the interface.

 
Portland(config-if)#exit

Returns to global configuration mode.

 
Portland(config)#interface fastethernet 0/1

Moves to interface configuration mode.

 
Portland(config-if)#ip address 172.16.1.1 255.255.255.0

Configures an IP address and netmask.

 
Portland(config-if)#ip policy route-map ISP2

Applies the route map named ISP2 to this interface.

 
Portland(config-if)#ip policy route-map 172To192

Applies the route map named 172To192 to this interface.

 
Portland(config-if)#no shutdown

Enables the interface.

 
Portland(config-if)#exit

Returns to global configuration mode.

 
Portland(config)#exit

Returns to privileged mode.

 
Portland#copy running-config startup-config

Saves the configuration to NVRAM.