I was explaining in the previous post what is the difference between optimal and suboptimal path and how to avoid the use of not such a good path in your routed environment. Also there I presented this so call “dirty trick” you can use to force the routing protocol to choose the path that you want, based on the Administrative distance modification.

As I said there is another way (for sure more than one) to do it, using a more elegant approach and from the networking point of view more safe considering the complex routing environment. I will use the same topology like in the previous post to offer you the possibility to compare these 2 methods presented and to choose the one that you understand and fit better to your needs. Also there are some other ways to do it and please feel free to discussed them in the comments section and maybe to present them here in a future post.

We will achive the desired results by setting one community on R1 for the advertised network 192.168.82.1 and dropping the prefixes, marked with the same community, on R2. Please be aware that for this method to work you have to allowed BGP peers to send communities list with the command “neighbor xx.xx.xx.xx send-community …” under “router bgp xxx” process.

Please see the example by clicking the image below:

Optimal path engineer trick

Cisco: Engineer’s trick to avoid suboptimal path
Tagged on:                                     

9 thoughts on “Cisco: Engineer’s trick to avoid suboptimal path

  • January 17, 2009 at 00:10
    Permalink

    Great tutorial, but what if I’ll have already route-map and I’m setting the community for a number of X routes, but the one that I want to drop on the other side is X-2 routes. I hope you understand what I want to say with X and X-2.

    Keep on the good work!

    Reply
  • January 19, 2009 at 23:35
    Permalink

    Hi Tido!

    If you already use community to mark prefixes for different purpose, then you can use extcommunity together with SOO (Site-Of-Origin). Under route-map you can do “set extcommunity soo ASN:nn”. This is just a simple example. Of course your BGP environment has to “send community extended” to be able to use this. I will do a tutorial about this sometime in close future.

    Reply
  • March 21, 2009 at 12:28
    Permalink

    your site is having lot of intersting and knowledgeable material.

    regards
    shivlu jain

    Reply
  • June 15, 2009 at 23:59
    Permalink

    I have configured ip ssh timeout 60 and exec-timeout 5 on VTY lines. Preferred input connection is ssh. How much time can I be idle?
     

    Reply
  • June 16, 2009 at 10:08
    Permalink

    Hi Techie!

    ip ssh timeout = “The time interval that the router waits for the SSH client to respond. This setting applies to the SSH negotiation phase. Once the EXEC session starts, the standard timeouts configured for the vty apply.”

    So, in your case this will be 5 minutes.

    Useful links:
    http://www.cisco.com/en/US/docs/ios/12_2/security/command/reference/srfssh.html#wp1023615
    http://www.cisco.com/en/US/docs/ios/11_3/configfun/command/reference/frconban.html#wp1852

    I hope this reply to your question.

    Reply
  • June 17, 2009 at 01:24
    Permalink

    Ivan, I have checked your link :). I had the idea to google after this phrase and I found another site having this question which made me think for a second of another kind of spam or something…but then I saw that there was just a traceback to your blog :)

    I think you’re right and this is sold as one of the possibilities for the open ended questions in the CCIE exam…

    Reply

Leave a Reply

%d bloggers like this: