Thursday, May 26, 2011

NX-OS Redistribution: what's different?

Hi all,
following the Nexus training course I taught last weeks, I would like to talk a little bit about IPv4 redistribution in NX-OS.

As you may have noticed, the redistribution between routing protocols in NX-OS follows a different logic comparing to IOS, let's try to clarify what is different using a simple two protocols topology.

If you have traditional IOS routers, in this topology you will perform a basic mutual redistribution on R2, something like:

R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 2 
R2(config-router)#router ospf 1 
R2(config-router)#redistribute rip subnets 

In this way you are redistributing:
-the "protocol learned" routes
-the connected routes that ara participating the redistributed protocol

For example, when you perform redistribution of RIP into OSPF on R2, you will redistribute:
-the RIP learned routes:
R2#sh ip route rip is subnetted, 1 subnets
R [120/1] via, 00:00:05, FastEthernet0/0
-the connected interfaces that are running RIP:
R2#sh ip protocols 
Routing Protocol is "rip"

  Routing for Networks:


That's why on R3 you will find all the routes correctly learned through OSPF:
R3#sh ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set is subnetted, 1 subnets
O E2 [110/20] via, 00:01:09, FastEthernet0/0 is subnetted, 1 subnets
O E2 [110/20] via, 00:01:09, FastEthernet0/0 is subnetted, 1 subnets
C is directly connected, Loopback1 is subnetted, 2 subnets
C is directly connected, FastEthernet0/0
O E2 [110/20] via, 00:01:09, FastEthernet0/0

Ok, no surprise until here, but what's different in NX-OS ?
Let's modify the same topology, using a NX-OS L3 device instead of R2:

Obviously the routing protocol configuration is different, but is also different the redistribution logic.

1) redistribution in NX-OS ALWAYS needs a route-map:
In this case we can use a "permit any" prefix list, just to perform a quick and dirty job :-)
I believe the route map limitation was introduced to force network engineer to think about redistribution and possibly try avoid l00ps.

the config may look something like this (I don't have a 7k to test it at the moment...)
ip prefix-list ALL-NETWORKS seq 5 permit le 32 

route-map ALL-NETWORKS permit 10
  match ip address prefix-list ALL-NETWORKS

router ospf 1 
  redistribute rip TEST route-map ALL-NETWORKS

2) redistribution logic is different: with the above configuration ONLY the RIP learned routes are redistributed, NOT the connected routes, even they are participating to the RIP process.
In fact, you are redistributing only the routes that you can see with the "show ip route rip" command.
That's why it's a normal behavior to have R3 receiving only the prefix.
The and routes are NOT redistributed because they are NOT learned via RIP on N7k-2.

To have also the connected N7k-2 routes redistributed into OSPF, you have to perform another redistribution...

3) redistribute CONNECTED need a different command! (can't understand why! the old one was so ugly?)
You need also a route-map to perform the connected redistribution. The config will look something like this:
ip prefix-list CONN seq 5 permit 
ip prefix-list CONN seq 10 permit 

route-map CONN>OSPF permit 10
  match ip address prefix-list CONN

router ospf 1 
  redistribute direct route-map CONN>OSPF
You can also avoid using a prefix list and simply use a match interface on the route-map...

Summary: when you are configuring redistribution in NX-OS, probably you will need to configure a double redistribution, the first for the protocol learned routes and the second for the connected routes.


{ Advertisement mode on }

If you and your company are interested to learn more about NX-OS and Nexus devices, you may consider to attend a NEXUS Advanced Training Course by Europa Networking, having good chances to have me as instructor. :-)

{ Advertisement mode off }


Byas said...

Good to know !!!

rahulabrol said...

Good Post

Network Gear said...


I am beginner on NX-OS and setting up two NX-OS recently.

Can I use following commands to install connected route to ospf netwrok.

interface Ethernet1/1
ip address
ip ospf passive-interface
ip router ospf 1 area
no shutdown

Marco Rizzi said...

@Network Gear:

sure, in that way your connected interface will be advertised as OSPF internal.

JMutie said...