Configure DMVPN and get rid of this crap. Crazy that an ISP is not using L3 VPN to hide other customers but get the problem resolved by isolating the domans.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Gheorghe Sent: Tuesday, November 16, 2010 8:25 AM To: [email protected] Subject: [OSL | CCIE_RS] RIP filtering based on tags Guys, Here is a situation I am dealing with, maybe you can give me some ideeas. It's a real-life scenario, but it's all about routing, so I don't think I am violating any of the mailing list rules. We have a customer HQ connected to many branches over a very stange ISP connection. By "strange" I mean the ISP is running RIP with the customer routers and also RIP between it's core routers all the way to the branches. The situation becomes even weirder: both the customer and the ISP are using the same address space, something like 192.168.0.0/16. The ISP is offering the same transport service to many other customers, and announced all the customer of the situation, including the fact that if any of the customer routes will interfere with the internal addresing, it will be dropped. The problem that arises from this situation is that the customer we are talking about (the one with the overlapping address space) has problems every time the ISP changes it's topoplogy or assignes new addresses or connects a new client. The temporary solution is a manual distribute list that filters those "evil routes". But I would like to offer them an automated filtering solutions. My ideea is tagging the routes from the branches, at the redistribution in the RIP process, and filtering all others at the HQ, based on that tag. So only my tagged routes should be accepted. Topology: HQ ---------(RIP)-------- PE router -----------(RIP)------ ISP cloud -----------(RIP)---------- branches So the HQ router is running RIP with the first PE router, and learns ALL the routes from it (the branch routes and also the other internal WAN ISP routes we don't care about). The metric for the routes is random, so the only option I am thinking is filtering based on tags. BUT, what options do I have of doing this on the HQ router ? The distribute-list feature does not support route-maps options as far as I know. Excluded possible solutions: another routing protocol / internal ISP RIP manipulations. Daniel G.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
