Hi Madhu,

All good here ;) How are you?

Checking the configuration snippets you have posted, I don't see why the configuration should not work. However, I have a couple of doubts. Would you mind answering these questions for me?

1. How is the TAG-REDIST route-map exactly used in your redistribution? In particular, is it used in the redistribution from RIP to OSPF, or from OSPF to RIP, or perhaps in both directions?
2. With RIP, are you using RIPv2? RIPv1 does not support route tags.
3. The show ip route 2.2.2.0/24 output from R3 shows that the route does not have a tag. So if you perform RIP-to-OSPF redistribution on R3, as suggested from the output, this route won't be dropped because it does not have the tag 10 you are looking for in your route-map; it will be redistributed. Can perhaps this explain the behavior?

Please let me know, and feel welcome to ask further!

Best regards,
Peter

Hi Peter,

Thanks for taking time to look at it.

This is the topology.

I have 1.1.1.0/24 and 2.2.2.0/24 on R1 and I redistribute them to RIP(redistribute connected with a metric of 6). R3 is redistributing all the rip routes to OSPF with the route-map TAG-REDIST . I use this route-map to avoid routing loops because R4 is redistributing OSPF back to RIP with a lower metric. So at both R3 and R4 I use route-map TAG-REDIST to avoid loops. It is tagging both 1.1.1.0/14 and 2.2.2.0/24. However what I am trying to see if I can block 2.2.2.0./24 getting redistributed to OSPF with my prefix-list CUSTOMER-ROUTES while 1.1.1.0/24 gets the tag 10.  But It seems not happening. It is setting tag 10 to both routes and advertising to R5.

Config on R3

==========

R3#sh run | s router

router ospf 1

log-adjacency-changes

redistribute rip subnets route-map TAG-REDIST

network 192.168.35.0 0.0.0.255 area 0

router rip

version 2

network 192.168.23.0

no auto-summary

R3#

R3#sh run | s route-map

redistribute rip subnets route-map TAG-REDIST

route-map TAG-REDIST deny 10

match ip address prefix-list CUSTOMER_ROUTES

match tag 10

route-map TAG-REDIST permit 20

set tag 10

R3#

R3#sh run | s prefix-l

ip prefix-list CUSTOMER_ROUTES seq 5 permit 2.2.2.0/24

R3#

On R5

=====

R5#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

O E2 192.168.12.0/24 [110/20] via 192.168.35.3, 00:25:37, FastEthernet0/0

     1.0.0.0/24 is subnetted, 1 subnets

O E2    1.1.1.0 [110/20] via 192.168.35.3, 00:25:37, FastEthernet0/0

     2.0.0.0/24 is subnetted, 1 subnets

O E2    2.2.2.0 [110/20] via 192.168.35.3, 00:25:37, FastEthernet0/0     >>>>>>> I don't need this route to receive here.

C    192.168.45.0/24 is directly connected, FastEthernet0/1

O E2 192.168.24.0/24 [110/20] via 192.168.35.3, 00:25:37, FastEthernet0/0

O E2 192.168.23.0/24 [110/20] via 192.168.35.3, 00:25:37, FastEthernet0/0

C    192.168.35.0/24 is directly connected, FastEthernet0/0

R5#

R5#show ip route 1.1.1.0

Routing entry for 1.1.1.0/24

  Known via "ospf 1", distance 110, metric 20

  Tag 10, type extern 2, forward metric 1

  Last update from 192.168.35.3 on FastEthernet0/0, 00:26:26 ago

  Routing Descriptor Blocks:

  * 192.168.35.3, from 192.168.35.3, 00:26:26 ago, via FastEthernet0/0

      Route metric is 20, traffic share count is 1

      Route tag 10

R5#show ip route 2.2.2.0

Routing entry for 2.2.2.0/24

  Known via "ospf 1", distance 110, metric 20

  Tag 10, type extern 2, forward metric 1

  Last update from 192.168.35.3 on FastEthernet0/0, 00:26:31 ago

  Routing Descriptor Blocks:

  * 192.168.35.3, from 192.168.35.3, 00:26:31 ago, via FastEthernet0/0

      Route metric is 20, traffic share count is 1

      Route tag 10

R5#

On R4

====

R4#sh run | s router

router ospf 1

log-adjacency-changes

network 192.168.45.0 0.0.0.255 area 0

router rip

version 2

redistribute ospf 1 metric 2 route-map TAG-REDIST

network 192.168.24.0

no auto-summary

R4#

route-map TAG-REDIST deny 10

match tag 10

route-map TAG-REDIST permit 20

set tag 10

R4#

To answer your questions

1. How is the TAG-REDIST route-map exactly used in your redistribution? In particular, is it used in the redistribution from RIP to OSPF, or from OSPF to RIP, or perhaps in both directions?

            As I said above I use this for RIP-to-OSPF on R3 and OSPF-to-RIP at R4.

1. With RIP, are you using RIPv2? RIPv1 does not support route tags. -  Yes I use RipV2
2. The show ip route 2.2.2.0/24 output from R3 shows that the route does not have a tag. So if you perform RIP-to-OSPF redistribution on R3, as suggested from the output, this route won't be dropped because it does not have the tag 10 you are looking for in your route-map; it will be redistributed. Can perhaps this explain the behavior? Yes, it does not have a tag of 10 at R3, but I am wondering won't it match the prefix list and drop?

   route-map TAG-REDIST deny 10

   match ip address prefix-list CUSTOMER_ROUTES

   match tag 10

   route-map TAG-REDIST permit 20

   set tag 10

Not sure I explained it well.  Let me know if it's unclear.

PS: This is not any production set up, Just labbing it up for some studies :)

Thanks,

Madhu.

Hello Madhu,

Thank you for the response!

Yes, it does not have a tag of 10 at R3, but I am wondering won't it match the prefix list and drop?

I think this is the key to explain the behavior.

If you have a route-map section that has two match lines, one for a prefix-list and the other for a tag, they act as a logical AND. They both must be met before the route is declared to match the whole route-map section. Since in your case, the route does match the prefix-list but does not match the tag, this does not count as a match for the route-map section, and the route proceeds to the next section.

However what I am trying to see if I can block 2.2.2.0./24 getting redistributed to OSPF with my prefix-list CUSTOMER-ROUTES while 1.1.1.0/24 gets the tag 10.  But It seems not happening. It is setting tag 10 to both routes and advertising to R5.

Indeed - but given your current route-map, that is expected. You are trying to implement a different logic than the one in your route-map. Your route-map says: "Drop all routes matching CUSTOMER-ROUTES and having a tag of 10; permit and tag anything else."

But you seem to be trying to implement this: "Drop all routes matching CUSTOMER-ROUTES or having a tag of 10; permit and tag anything else." This would be done by making each side of the or operator a separate route-map section:

route-map TAG-REDIST deny 10
 match ip address prefix-list CUSTOMER_ROUTES

route-map TAG-REDIST deny 15
 match tag 10

route-map TAG-REDIST permit 20
 set tag 10

Would this make sense? Please try it out, and feel welcome to ask further!

Best regards,
Peter

Thank you so much Peter. It works now :) I was under the impression its the OR operation. Thanks for explaining it in detail.

R3#sh run | s route-map

redistribute rip subnets route-map TAG-REDIST

route-map TAG-REDIST deny 10

match ip address prefix-list CUSTOMER_ROUTES

route-map TAG-REDIST deny 15

match tag 10

route-map TAG-REDIST permit 20

set tag 10

R3#

R5#sh ip route 2.2.2.0

% Network not in table

R5#show ip route 1.1.1.0
Routing entry for 1.1.1.0/24
  Known via "ospf 1", distance 110, metric 20
  Tag 10, type extern 2, forward metric 1
  Last update from 192.168.35.3 on FastEthernet0/0, 01:20:40 ago
  Routing Descriptor Blocks:
  * 192.168.35.3, from 192.168.35.3, 01:20:40 ago, via FastEthernet0/0
      Route metric is 20, traffic share count is 1
      Route tag 10

R5#

Regards,

Madhu.

Thanks a lot, very useful.