8 Replies Latest reply: Jul 2, 2015 5:39 PM by JTS RSS

    Using distance command in OSPF to affect path selection

    Mike Timm

      As a mentor for several people going through the Cisco 360 learning program, I get asked some pretty darn good questions.  A recent one related to the self paced lessons.  Specifically in the IGP Lab 2 there was a requirement to modify the administrative distance of a specific route for just one advertising router (task 1.10).  That is to say that two different routers were advertising equal cost paths for a specific route and the requirement was to manipulate path selection for the route using administrative distance.  The problem was that the suggested solution in the answer key was not working and the mentor guide also showed that it did not work when the data for the mentor guide was captured on 12.2(25)SEE2.  So I had to go digging.

       

      Being a Cisco employee I have resources that others outside of Cisco do not have.  First I have unrestricted access to the IOS bug database and the Cisco TAC Service Request database.  Second I have direct lines of communications to other Cisco employees that work on these technologies on a day to day basis.  So after setting up the lab on my own and determining that the distance command for OSPF can only change the administrative distance for specific routes for all advertising routers, I went searching for bugs that relate to what I was seeing.

       

      The first bug I found was CSCin41604 which does not provide much information externally but internally I can see where the OSPF developers state that modifying the AD for just a specific neighbor is not supported in OSPF.  I wasn't satisfied with that answer because at one point it had to have worked for it to be added to the lab scenario.  So I went and asked someone who works in the Cisco TAC who I knew would be the most likely person to know the answer.

       

      It just so happens my instincts on who to ask were 100% correct.  Not only did she know the answer, she filed the bug that changed the behavior!  CSCeh46993 modifies OSPF to make it impossible to change the administrative distance for routes from just one advertising router within one OSPF process.  I've contacted the Cisco 360 folks and they are going to update the lab scenario, answer key and mentor guide. 

        • 1. Re: Using distance command in OSPF to affect path selection
          Andrew Bruce Caslow

          Mike,

           

          I want to commend you for not only investigating this issue but also for initiating dialogue on this issue that is very confusing for many.  I would like to attempt to list some characteristics of the Cisco IOS distance command and get your feedback on what I write:

           

          1). The distance command is designed to provide a route selection parameter for a single prefix that is learned from two or more route sources. Route sources include: Connected routes, static routes, dynamic routing protocols such as RIP, OSPF, EIGRP, BGP.

           

          2). The distance command is not designed to provide a route selection parameter for a single prefix that is learned from the very same route source. For routing protocols, the parameter to use for route selection for a single prefix that is learned from one and only one dynamic routing protocol is the routing protocol metric.

           

          The IOS distance command can be used in a number of different ways. Here are some:

           

          1). distance XXX - this sets the distance for all routes selected by a given routing protocol

          2). distance XXX Y.Y.Y.Y M.M.M.M - this sets the distance for all routes learned from a specific source-router within the specified routing domain. For distance vector routing protocols, the specified "source-router" is identified by the updated source address that is assigned to a common subnet of the router configured with this version of the distance command. For link-state routing protocols, the specified "source-router" is the RID of the link-state router that origininated the route. This router could be several hops away.

          3). distance XXX Y.Y.Y.Y M.M.M.M<ACL> this is identical to the previous version of the command but it is applied to only a subset of routes that match the ACL.

           

          I look forward to continuing this dialogue on the distance command and perhaps other topics related to controlling and manipulating the insertion of routes in a routing table.

          • 2. Re: Using distance command in OSPF to affect path selection
            redbear

            Hi Andrew,

             

            Thanks for detailed explaination. I did some testing for using distance command in EIGRP but seems it dosen't work.. I would LabR1(192.168.0.3) prefer the D EX routes coming from 192.168.0.1. The IOS is 12.1(3r)T2.

             

            interface FastEthernet0/0

            ip address 192.168.0.3 255.255.255.0

            duplex auto

            speed auto

            !

            router eigrp 100

            network 192.168.0.0 0.0.0.255

            distance 165 192.168.0.1 0.0.0.0

            no auto-summary

             

             

            LabR1#sh ip ei topology

            IP-EIGRP Topology Table for AS(100)/ID(192.168.0.3)

             

            Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

                   r - reply Status, s - sia Status

             

             

            P 192.168.249.0/24, 2 successors, FD is 258816

                     via 192.168.0.1 (258816/256256), FastEthernet0/0

                     via 192.168.0.2 (258816/256256), FastEthernet0/0

            P 192.168.248.0/25, 2 successors, FD is 258816

                     via 192.168.0.1 (258816/256256), FastEthernet0/0

                     via 192.168.0.2 (258816/256256), FastEthernet0/0

            P 192.168.0.0/24, 1 successors, FD is 28160

                     via Connected, FastEthernet0/0

            P 10.53.192.0/18, 2 successors, FD is 258816

                     via 192.168.0.1 (258816/256256), FastEthernet0/0

                     via 192.168.0.2 (258816/256256), FastEthernet0/0

            LabR1#sh ip route

            Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

                   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

                   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

                   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

                   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

                   * - candidate default, U - per-user static route, o - ODR

                   P - periodic downloaded static route

             

            Gateway of last resort is 192.168.0.2 to network 0.0.0.0

             

                 192.168.0.0/16 is variably subnetted, 3 subnets, 2 masks

            D EX    192.168.249.0/24 [170/258816] via 192.168.0.2, 00:03:34, FastEthernet0/0

                                    [170/258816] via 192.168.0.1, 00:03:34, FastEthernet0/0

            D EX    192.168.248.0/25 [170/258816] via 192.168.0.2, 00:03:34, FastEthernet0/0

                                    [170/258816] via 192.168.0.1, 00:03:34, FastEthernet0/0

            C       192.168.0.0/24 is directly connected, FastEthernet0/0

                 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

            D EX    10.53.192.0/18 [170/258816] via 192.168.0.2, 00:03:35, FastEthernet0/0

                                   [170/258816] via 192.168.0.1, 00:03:35, FastEthernet0/0

             

            LabR1#sh ver

            Cisco Internetwork Operating System Software

            IOS (tm) C2600 Software (C2600-IS-M), Version 12.1(5)T10,  RELEASE SOFTWARE (fc2)

            TAC Support: http://www.cisco.com/tac

            Copyright (c) 1986-2001 by cisco Systems, Inc.

            Compiled Wed 08-Aug-01 08:52 by ccai

            Image text-base: 0x80008088, data-base: 0x8101AD48

             

            ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

             

            LabR1 uptime is 7 weeks, 2 hours, 42 minutes

            System returned to ROM by power-on

            System image file is "flash:c2600-is-mz.121-5.T10"

             

            cisco 2621 (MPC860) processor (revision 0x600) with 44032K/5120K bytes of memory.

            Processor board ID JAD05510QQH (3631309888)

            M860 processor: part number 0, mask 49

            Bridging software.

            X.25 software, Version 3.0.0.

            2 FastEthernet/IEEE 802.3 interface(s)

            32K bytes of non-volatile configuration memory.

            16384K bytes of processor board System flash (Read/Write)

             

            Configuration register is 0x2102

             

            LabR1#

            • 3. Re: Using distance command in OSPF to affect path selection
              andyo.ua

              this form of distance command (distance AD SOURCE MASK ACL) doesnt touch D EX routes. To influ D EX U must use distance INTERNAL EXTERNAL or othe technics.

              Cheers

              • 4. Re: Using distance command in OSPF to affect path selection
                fallegretti

                More digging.

                 

                The command does work, but not as described in the documentation, not as expected:

                 

                 

                R2#sh run | sec ospf

                router ospf 1

                router-id 136.10.2.2

                log-adjacency-changes

                passive-interface Loopback0

                network 136.10.2.2 0.0.0.0 area 0

                network 136.10.24.2 0.0.0.0 area 0

                network 136.10.25.1 0.0.0.0 area 0

                network 136.10.100.2 0.0.0.0 area 0

                neighbor 136.10.100.6 cost 56

                neighbor 136.10.100.5 cost 56

                R2#sh ip ospf neigh

                 

                Neighbor ID     Pri   State           Dead Time   Address         Interface

                136.10.4.4        0   FULL/  -        00:00:31    136.10.24.4     Serial1/1.24

                136.10.5.5        0   FULL/  -        00:00:35    136.10.25.2     Serial1/2

                136.10.6.6        0   FULL/  -        00:01:57    136.10.100.6    Serial1/1.256

                136.10.5.5        0   FULL/  -        00:01:39    136.10.100.5    Serial1/1.256

                R2#sh ip ospf int bri

                Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C

                Lo0          1     0               136.10.2.2/24      1     LOOP  0/0

                Se1/1.24     1     0               136.10.24.2/29     64    P2P   1/1

                Se1/2        1     0               136.10.25.1/30     64    P2P   1/1

                Se1/1.256    1     0               136.10.100.2/27    64    P2MP  2/2

                 

                R2#sh ip route ospf

                     136.10.0.0/16 is variably subnetted, 15 subnets, 6 masks

                O       136.10.6.6/32 [110/57] via 136.10.100.6, 00:10:19, Serial1/1.256

                O       136.10.5.5/32 [110/57] via 136.10.100.5, 00:10:19, Serial1/1.256

                O       136.10.4.4/32 [110/65] via 136.10.24.4, 00:10:19, Serial1/1.24

                 

                R2#

                 

                Let's say I want to change the admin distance for routes received from 136.10.100.6, acccording to documentation I would do

                 

                R2#conf t

                Enter configuration commands, one per line.  End with CNTL/Z.

                R2(config)#router ospf 1

                R2(config-router)#distance 109 136.10.100.6 0.0.0.0

                 

                Let's have a look:

                R2(config-router)#do sh ip route ospf

                     136.10.0.0/16 is variably subnetted, 15 subnets, 6 masks

                O       136.10.6.6/32 [110/57] via 136.10.100.6, 00:00:36, Serial1/1.256

                O       136.10.5.5/32 [110/57] via 136.10.100.5, 00:00:36, Serial1/1.256

                O       136.10.4.4/32 [110/65] via 136.10.24.4, 00:00:36, Serial1/1.24

                 

                 

                nothing, admin distance is still 110

                 

                Look what happens now:

                 

                R2(config-router)#no distance 109 136.10.100.6 0.0.0.0

                R2(config-router)#distance 109 136.10.100.6 255.255.255.0

                R2(config-router)#do sh ip route ospf

                     136.10.0.0/16 is variably subnetted, 15 subnets, 6 masks

                O       136.10.6.6/32 [109/57] via 136.10.100.6, 00:00:35, Serial1/1.256

                O       136.10.5.5/32 [110/57] via 136.10.100.5, 00:00:35, Serial1/1.256

                O       136.10.4.4/32 [110/65] via 136.10.24.4, 00:00:35, Serial1/1.24

                 

                 

                Weird, the admin distance has changed for 136.10.100.6,let's carry on, let's see where it breaks

                 

                R2(config-router)#no distance 109 136.10.100.6 255.255.255.0

                R2(config-router)#distance 109 136.10.100.6 255.255.254.0

                R2(config-router)#do sh ip route ospf

                     136.10.0.0/16 is variably subnetted, 15 subnets, 6 masks

                O       136.10.6.6/32 [109/57] via 136.10.100.6, 00:00:02, Serial1/1.256

                O       136.10.5.5/32 [110/57] via 136.10.100.5, 00:00:02, Serial1/1.256

                O       136.10.4.4/32 [110/65] via 136.10.24.4, 00:00:02, Serial1/1.24

                 

                 

                It works if the wild card mask is 255.255.254.0, let's try the third octect .252

                 

                R2(config-router)#no distance 109 136.10.100.6 255.255.254.0

                R2(config-router)#distance 109 136.10.100.6 255.255.252.0

                 

                 

                R2(config-router)#do sh ip route ospf

                     136.10.0.0/16 is variably subnetted, 15 subnets, 6 masks

                O       136.10.6.6/32 [110/57] via 136.10.100.6, 00:00:03, Serial1/1.256

                O       136.10.5.5/32 [110/57] via 136.10.100.5, 00:00:03, Serial1/1.256

                O       136.10.4.4/32 [110/65] via 136.10.24.4, 00:00:03, Serial1/1.24

                 

                 

                It doesn't. Don't ask, I have no idea, this is one for Cisco to answer.

                Mike I'd like to know if your contacts a Cisco have a view about this.

                • 5. Re: Using distance command in OSPF to affect path selection
                  Tom Lukas

                  MIke I have to thank you. I spend whole day figuring out why is the distance command not behaving as I would expect and made me crazy. Your message matches my results and is the one information I searched whole day.

                  • 6. Re: Using distance command in OSPF to affect path selection
                    Thiyagu VG

                    Make sure you used the right "IP Source Adddress". That is your IP address which you mentioned in the command(136.10.100.6) should be Router ID.

                     

                    I've tested this in my similar setup and its working.

                     

                    Kindly test and let us know.

                     

                    Cheers,

                    ThiyaguVG.

                    • 7. Re: Using distance command in OSPF to affect path selection
                      Benoit

                      Has this bug been fixed? And if so, in which version?

                      • 8. Re: Using distance command in OSPF to affect path selection
                        JTS

                        ThiyaguVG had the answer.

                         

                        indeed, the Cisco documentation appears to be misleading... unclear at least.

                         

                        Cisco documentation reads as follows:

                        distance weight [ ip-address wildcard-mask [ access-list name ] ]

                        > weight = desired AD value

                        > ip-address = (Optional) IP address in four-part dotted-decimal notation.

                        > wild-card mask = (Optional) Wildcard mask in four-part, dotted-decimal format. A bit set to 1 in the wildcard-mask argument instructs the software to ignore the corresponding bit in the address value.

                        > access-list name = (Optional) Name of an IP access list to be applied to incoming routing updates.

                         

                        when i labbed this, the command works when used as follows:

                        distance weight [ ip-address wildcard-mask [ access-list name ] ]

                        > weight = desired AD value

                        > ip-address = OSPF router ID (RID) of the node originating the prefix you wish to modify

                        > wild-card mask = wild-card mask of the OSPF RID from the above

                        > access-list name = (Optional) use an ACL to selectively filter on the prefixes

                         

                        for example, i issued this command on R1 in order to filter a route from R5.

                        R5 is advertising 3 routes 192.168.15.1, 192.168.15.2 and 192.168.15.3.

                        i want to raise the AD of 192.168.15.2 but leave the other 2 routes (192.168.15.1 and 192.168.15.3) unchanged.

                        in this example, let's say the OSPF RID of R1 = 1.1.1.1 and the OSPF RID of R5 = 5.5.5.5.

                         

                        BEFORE:

                        R01#sh ip route 192.168.15.2

                        Routing entry for 192.168.15.2/32

                          Known via "ospf 1", distance 110, metric 20

                          Tag 10155, type extern 2, forward metric 1065

                          Last update from 192.168.123.3 on Tunnel123, 00:00:09 ago

                          Routing Descriptor Blocks:

                          * 192.168.123.3, from 5.5.5.5, 00:00:09 ago, via Tunnel123

                              Route metric is 20, traffic share count is 1

                              Route tag 10155

                         

                        R01(config)#ip access-list standard TEST_ACL

                        R01(config-std-nacl)#permit host 192.168.15.2

                         

                        R01(config-router)# distance 254 5.5.5.5 0.0.0.0 TEST_ACL

                        R01(config-router)#


                        AFTER verification...


                        R01#sh ip route 192.168.15.1

                        Routing entry for 192.168.15.1/32

                          Known via "ospf 1", distance 110, metric 20

                          Tag 10155, type extern 2, forward metric 1065

                          Last update from 192.168.123.3 on Tunnel123, 00:11:14 ago

                          Routing Descriptor Blocks:

                          * 192.168.123.3, from 5.5.5.5, 00:21:16 ago, via Tunnel123

                              Route metric is 20, traffic share count is 1

                              Route tag 10155

                         

                        R01#sh ip route 192.168.15.2

                        Routing entry for 192.168.15.2/32

                          Known via "ospf 1", distance 254, metric 20

                          Tag 10155, type extern 2, forward metric 1065

                          Last update from 192.168.123.3 on Tunnel123, 00:00:05 ago

                          Routing Descriptor Blocks:

                          * 192.168.123.3, from 5.5.5.5, 00:00:05 ago, via Tunnel123

                              Route metric is 20, traffic share count is 1

                              Route tag 10155

                         

                        R01#sh ip route 192.168.15.3

                        Routing entry for 192.168.15.3/32

                          Known via "ospf 1", distance 110, metric 20

                          Tag 10155, type extern 2, forward metric 1065

                          Last update from 192.168.123.3 on Tunnel123, 00:11:20 ago

                          Routing Descriptor Blocks:

                          * 192.168.123.3, from 5.5.5.5, 00:00:05 ago, via Tunnel123

                              Route metric is 20, traffic share count is 1

                              Route tag 10155