Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
19059
Views
0
Helpful
4
Replies

How to show detailed routing info on ASA

NickNac79
Level 1
Level 1

‎12-08-2011 07:01 AM - edited ‎03-11-2019 03:00 PM

Hi All,

I want to look at the details of a specific route on an ASA... e.g. on an IOS device I can do a:

DBH2234#sh ip route 10.10.10.0

Routing entry for 10.10.10.0/25

  Known via "ospf 1", distance 110, metric 1100

  Tag 299, type extern 1

  Last update from 10.10.4.87 on GigabitEthernet1/0/41, 00:13:05 ago

  Routing Descriptor Blocks:

  * 10.10.4.87, from 10.10.4.7, 00:13:05 ago, via GigabitEthernet1/0/41

      Route metric is 1100, traffic share count is 1

      Route tag 299

I can see route metric, OSPF tag, distance of the RP etc.  However when I do this on an ASA, all I get is a summary:

FW3_INNER# sh route INSIDE 10.10.10.0

<snip>

Gateway of last resort is not set

O E1 10.10.10.0 255.255.255.128 [110/200] via 10.10.4.129, 0:00:44, INSIDE

Is there any way to get a more detailed view, like IOS?

If not, how can I see the OSPF tag on a given route?

Many Thanks,

Nick

Labels:
0 Helpful
4 Replies 4

varrao
Level 10
Level 10

‎12-08-2011 07:16 AM

Hi Nick,

Not that detailed but there are a couple of commands that you can check on the ASA:

show route

show asp table routing

Here are teh codes that would help you:

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP


       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 


       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2


       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP


       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area


       * - candidate default, U - per-user static route, o - ODR


       P - periodic downloaded static route

Eg:

So you will see an "O" in front of the route if it is learnt through OSPF,

O E1 10.10.10.0 255.255.255.128 [110/200] via 10.10.4.129, 0:00:44, INSIDE

Hope that helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

NickNac79
Level 1
Level 1
In response to varrao

‎12-08-2011 07:23 AM

Hi Varun,

Thanks for replying, unfortunately these don't tell me the OSPF tag on a route.... 

I think the only way I'm going to get this info is to dig in the OSPF database, which isn't ideal as something being in the DB doesn't necessarily mean it is in the routing table :-(

Unless anyone knows of a way to veiw the OSPF tag on a route in the RIB?

Cheers,

Nick

0 Helpful

manish arora
Level 6
Level 6
In response to NickNac79

‎12-08-2011 10:43 AM

Hi Nick,

there are bunch of OSPF commands on ASA that will show you the TAG associated with the Route , please check out the following Link :-

http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html#wp1518345

Manish

0 Helpful

NickNac79
Level 1
Level 1
In response to manish arora

‎12-09-2011 05:48 AM

Hi Manish,

Thanks but that's just pulling info out of the OSPF DB, which may or may not be the information that was used to populate the RIB.

e.g. If OSPF recieves two LSAs for the same prefix, selects one and puts it in the RIB, I've no way of knowing from the OSPF DB which one it is, what the advertising router was, or in the event of multiple OSPF processes running, which process it came from...

Not without going through 5 or 6 different OSPF Database screens and doing the calculations myself, which is very labour intensive.

Plus intra-area and inter-area routes don't appear in the OSPF databse at all! :-)

I was looking for some equivalent to the IOS show ip route command, but I'm beginning to think that it may not exist on ASA :-/

Nick

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card