Morning, Am 09.12.2013 um 16:26 schrieb Mark Tinka <mark.ti...@seacom.mu>: > On Monday, December 09, 2013 03:05:17 PM Patrick M. Hausen > wrote: > >> Just to make sure i would not accidentally inject >> anything not belonging to my AS into my IGP. > > Why would you, if you're running IS-IS only on your internal > links?
I do. You asked quite a few questions so instead of answering every single one I will try to summarize where I come from (OSPF) and what I intended to do with IS-IS. OK, picture two or more routers connected by some link (Ethernet) and each of them with some number of external links to customers (DSL/ATM in my case): > int fa0 > description internal link to neighbor router > ip address 192.168.0.1 255.255.255.252 > > router ospf 1 > passive-interface default > no passive interface fa0 > network 192.168.0.1 0.0.0.0 area 0 This enables OSPF on the link to my other router *only*. OSPF does not by default redistribute connected or static routes. The 0.0.0.0 looks insane but keep in mind that it’s an inverted (wildcard) mask so essentially it says /32. Now we add a link to a customer: > int ATM2/0.100 point-to-point > description customer’s DSL > ip unnumbered fa0 > pvc 1/100 In reality I use a loopback interface for the unnumbered interfaces, of course. No we only need to route the customer’s /29. > ip route 192.168.1.64 255.255.255.248 ATM2/0.100 Because of the very narrow configuration of the OSPF process I never need to worry about accidentaly running my IGP on a customer’s link. All I need to distribute that prefix across my network is: > router ospf 1 > redistribute static subnets Now a different layer 2 carrier and slightly different configuration for essentially the same effect but with bridged instead of routed PVCs: > int ATM1/0.100 point-to-point > description different DSL > ip address 192.168.1.73 255.255.255.248 > atm route-bridged ip > pvc 1/100 > encapsulation aal5snap To distribute this I need > router ospf 1 > redistribute connected subnets because OSPF does not by default redistribute connected passive interfaces. But possibly this router runs an external BGP link with an adress belonging to a different AS on *some* interface. Or an RFC 1918 address somewhere for out of band management [1]. So in reality it is: > router ospf 1 > redistribute connected subnets route-map redistribute-ospf With the route map restricting routes to my own /20 as I tried to do with IS-IS. I’ve been doing OSPF for quite some years and IMHO this is a perfectly valid and sane way to run an ISP with subscriber lines. And I know more than one competitor (friendly competition ;-) doing exactly the same. Now … as far as I found out yesterday … IS-IS *does* by default redistribute connected subnets even if they are on passive interfaces. Unless you use > no isis advertise-prefix on the interface level. For static subnets it’s the same as with OSPF. I can perfectly live with that, now that I know. I’m just wondering what the „redistribute connected“ command is for in the context of IS-IS, anyway ;-) Kind regards Patrick [1] getting rid of them currently in favor of official adresses and tight access-lists -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 i...@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/