Hi Milan,

See the output below:

EIGRP-IPv4 Topology Table for AS(65100)/ID(192.168.1.2)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status

P 192.168.1.0/24, 1 successors, FD is 281600
via Connected, Ethernet0/1
P 200.200.200.0/24, 1 successors, FD is 2611200, tag is 210
via 192.168.1.1 (2611200/2585600), Ethernet0/1

Does the P  mean BGP has redistributed the route but it won't be placed in the routing table? If so, then I think that has achieved my goal. If not, then I would see routing loops

Milan,

Below is show ip route again for  R4-3

I can ping 192.168.1.1 which would suggest BGP is redistributed the routes into R4-3 even though it should deny it with:

route-map bgp2eigrp deny 10
match tag 210
!

Any thoughts?

So as another test I removed all the route-maps and configured EIGRP & BGP on R2-2, as follows:

router eigrp 65100
network 192.168.1.0
redistribute bgp 200 metric 1000 100 255 1 1500

neighbor 200.200.200.1

router bgp 200
bgp log-neighbor-changes
network 200.200.200.0
redistribute eigrp 65100

And on R3-7

router eigrp 65100
network 192.168.2.0

router bgp 300
bgp log-neighbor-changes
network 200.200.201.0
redistribute eigrp 65100 redistribute bgp 300 metric 1000 100 255 1 1500

neighbor 200.200.201.1 remote-as 100

So you would think R5-8 should be able to see 192.168.1.2 (from R4-3) and R4-3 should be able to see 192.168.2.2 (from R5-8)

But the routing table from each area as follows:

R4-3#show ip route

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Ethernet0/1
L 192.168.1.2/32 is directly connected, Ethernet0/1

R5-8#show ip route
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Ethernet0/1
L 192.168.2.2/32 is directly connected, Ethernet0/1
R5-8#

As you can see BGP has redistributed any of the routes even though there isn't any route-maps preventing it from forwarding the routes.

Can you think why is that?

Hi,

the output

P 200.200.200.0/24, 1 successors, FD is 2611200, tag is 210
via 192.168.1.1 (2611200/2585600), Ethernet0/1

means your config on router R2-2 is working as expected:

It's redistributing 200.200.200.0/24 prefix received via eBGP to EIGRP and tagging it as 210.

And this way your router R3-7 should NOT redistribute the same prefix received from the LAN via EIGRP back to BGP (as the EIGRP prefixes tagged with 210 are denied from redistribution to BGP).

That's the purpose of the tagging in this scenario, I guess.

BTW, the route-map names you are using are a little confusing:

router eigrp 65100
 network 192.168.1.0
 redistribute bgp 200 metric 1000 100 255 1 1500 route-map eigrp2bgp

means the route-map eigrp2bgp is applied when  BGP is redistributed into EIGRP...

Best regards,

Milan

supportlan

I can see 210 :-)

However, how can I verify traffic that routing loops will be prevented? Basically, I shouldn't be able to see network 192.168.1.1 in R5-8 and I shouldn't be able to see 192.168.2.2 in R3-3

R2-2#show ip bgp
BGP table version is 10, local router ID is 200.200.200.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
*> 192.168.1.0 0.0.0.0 0 32768 ?
*> 192.168.2.0 200.200.200.1 0 100 300 ?
* 200.200.200.0 200.200.200.1 0 0 100 i
*> 0.0.0.0 0 32768 i
*> 200.200.201.0 200.200.200.1 0 0 100 i
R2-2#

Hi SupportLan,

As you mentioned:

Deny redistribution of EIGRP tagged routes into BGP: You've already done it with your route-map

Could I not simply add another route map on both routers as

route-map bgp2eigrp deny 10
match tag 210

route-map eigrp2bgp permit 10
match route-type internal
set tag 210

route-map bgp2eigrp deny 10
match tag 220

route-map eigrp2bgp permit 10
match route-type internal
set tag 220

The command match route-type internal should take care of any learned routes. 

Or am I off the mark here?

Hi

What you want is to not get all EIGRP 210 tagged routes into R5 right?

For that, you need to filter in and for that you have to use distribute-list and route-map.

However, using match internal in EIGRP won't work as your BGP routes are external types. You follow me?

Thanks