Time-Based Redistribution... Ahhh, the horror of it all...
The leading question:
"Is it possible (and if so, how) to redistribute or originate a default route based on time of day?"
The short answer is "Sure, why not?"... But the longer answer has to do with how do we warp the forces of the universe to make that happen???
Well, start with what we know. We know we can do time-ranges in access-lists, right? Can we do them in standard access-lists (what we see used for redistribution all the time)?
Rack1R1(config-if)#exit
Rack1R1(config)#access-list 1 permit 172.16.0.0 0.15.255.255 ?
log Log matches against this entry
<cr>Rack1R1(config)#
Nope. There's a bummer. So we will need to use EXTENDED ACL's in order to make this work. So now we are reaching the point of "Yes, it can be done, but it will make my head hurt." as the answer. :)
First, as a little review, check out a blog we did last year providing some information on that sort of thing in conjunction with a distribute-list in different routing protocols.
http://blog.internetworkexpert.com/2008/01/04/using-extended-access-lists-in-a-distribute-list/
After you've had a little time to review that stuff, let's move on with the testing! I have nabbed my routers in a configured state already. I just recently finished with creating more detailed solutions for Mock Lab 4 (it's a fun one!), so that's the topology that I have going right now. Specifics should really matter, I was just hunting for any particular spot of redistribution in order to see what we could accomplish here.
On R3 I happen to have found some redistribution between OSPF and RIP that looks like fun.
R3 Starting:
Rack1R3(config)#do sh run | s router
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
area 123 virtual-link 150.1.1.1 message-digest-key 1 md5 CISCO
redistribute rip metric-type 1 subnets route-map Red-RIP
network 145.1.3.3 0.0.0.0 area 0
network 145.1.13.3 0.0.0.0 area 123
network 145.1.23.3 0.0.0.0 area 123
network 150.1.3.3 0.0.0.0 area 0
router rip
version 2
redistribute ospf 1 metric 7 route-map RIP-R6
passive-interface default
no passive-interface FastEthernet0/0
network 145.1.0.0
distribute-list 11 out FastEthernet0/0
no auto-summary
Rack1R3(config)#Rack1R3(config)#do sh run | s route-map
redistribute rip metric-type 1 subnets route-map Red-RIP
redistribute ospf 1 metric 7 route-map RIP-R6
route-map RIP-R6 permit 10
match ip address prefix-list R4-R5-Link
set metric 2
route-map RIP-R6 permit 20
set metric 10
route-map Red-RIP deny 10
match ip address prefix-list NAT-Route
route-map Red-RIP permit 20
set metric-type type-1
Rack1R3(config)#
All devices have "debug ip routing" turned on.
Rack1R3(config)#do sh clock
*02:02:28.984 UTC Sun Feb 15 2009
Rack1R3(config)#
No NTP is running, so we can deal with the current clock settings. So let's look at our route-maps... The one called RIP-R6 is going from OSPF to RIP.
Rack1R3(config)#do sh ip ro os
51.0.0.0/32 is subnetted, 1 subnets
O E2 51.51.51.51 [110/20] via 145.1.23.2, 3w2d, Serial1/3.23
O E1 204.12.1.0/24 [110/865] via 145.1.23.2, 1w6d, Serial1/3.23
[110/865] via 145.1.13.1, 1w6d, Serial1/2.13
145.1.0.0/16 is variably subnetted, 20 subnets, 2 masks
O IA 145.1.17.0/24 [110/782] via 145.1.13.1, 3w2d, Serial1/2.13
O E1 145.1.5.0/24 [110/865] via 145.1.23.2, 1w6d, Serial1/3.23
[110/865] via 145.1.13.1, 1w6d, Serial1/2.13
O 145.1.7.0/24 [110/783] via 145.1.13.1, 3w2d, Serial1/2.13
O 145.1.12.0/24 [110/845] via 145.1.23.2, 3w2d, Serial1/3.23
[110/845] via 145.1.13.1, 3w2d, Serial1/2.13
O 145.1.48.0/24 [110/847] via 145.1.23.2, 3w2d, Serial1/3.23
[110/847] via 145.1.13.1, 3w2d, Serial1/2.13
O IA 145.1.58.0/24 [110/846] via 145.1.23.2, 3w2d, Serial1/3.23
[110/846] via 145.1.13.1, 3w2d, Serial1/2.13
O E1 145.1.45.5/32 [110/867] via 145.1.23.2, 3w2d, Serial1/3.23
[110/867] via 145.1.13.1, 3w2d, Serial1/2.13
O E1 145.1.45.4/32 [110/865] via 145.1.23.2, 3w2d, Serial1/3.23
[110/865] via 145.1.13.1, 3w2d, Serial1/2.13
O E1 145.1.45.0/24 [110/865] via 145.1.23.2, 3w2d, Serial1/3.23
[110/865] via 145.1.13.1, 3w2d, Serial1/2.13
O 145.1.47.0/24 [110/1782] via 145.1.13.1, 3w2d, Serial1/2.13
O IA 145.1.125.5/32 [110/845] via 145.1.23.2, 3w2d, Serial1/3.23
[110/845] via 145.1.13.1, 3w2d, Serial1/2.13
O IA 145.1.125.1/32 [110/781] via 145.1.13.1, 3w2d, Serial1/2.13
O E1 145.1.125.0/24 [110/867] via 145.1.23.2, 1w6d, Serial1/3.23
[110/867] via 145.1.13.1, 1w6d, Serial1/2.13
O IA 145.1.125.2/32 [110/781] via 145.1.23.2, 3w2d, Serial1/3.23
O IA 192.10.1.0/24 [110/782] via 145.1.23.2, 3w2d, Serial1/3.23
150.1.0.0/16 is variably subnetted, 7 subnets, 3 masks
O 150.1.7.7/32 [110/783] via 145.1.13.1, 3w2d, Serial1/2.13
O 150.1.4.4/32 [110/848] via 145.1.23.2, 3w2d, Serial1/3.23
[110/848] via 145.1.13.1, 3w2d, Serial1/2.13
O 150.1.2.2/32 [110/782] via 145.1.23.2, 3w2d, Serial1/3.23
O 150.1.1.1/32 [110/782] via 145.1.13.1, 3w2d, Serial1/2.13
O IA 150.1.0.0/20 [110/846] via 145.1.23.2, 3w2d, Serial1/3.23
[110/846] via 145.1.13.1, 3w2d, Serial1/2.13
Rack1R3(config)#
We have quite a few OSPF routes, so we can always pick on a few others just to play. But let's change things around momentarily.
Rack1R3(config)#do sh run | in prefix-list
ip prefix-list NAT-Route seq 5 permit 145.1.133.0/24
ip prefix-list R4-R5-Link seq 5 permit 145.1.45.0/24
match ip address prefix-list R4-R5-Link
match ip address prefix-list NAT-Route
Rack1R3(config)#
Right now, we're matching a Prefix List... That will need to change. Let's create a time-range as well.
R3
time-range First12
periodic daily 0:00 to 11:59
exit
access-list 101 permit ip host 145.1.45.0 host 255.255.255.0 time-range First12
route-map RIP-R6 permit 10
no match ip address prefix-list R4-R5-Link
match ip address 101
set metric 2
Rack1R3(config)#do sh access-list 101
Extended IP access list 101
10 permit ip host 145.1.45.0 host 255.255.255.0 time-range First12 (active) (2 matches)
Rack1R3(config)#
So we're active now. This is good. We'll see this route via other paths in this lab, but the metric here is the key. And we'll notice this change as well. Since we started re-advertising the route:
Rack1R6(config-router)#
*Feb 15 03:17:13.656: RT: rip's 145.1.45.0/24 (via 145.1.36.3) metric changed from distance/metric [120/10] to [120/2]
*Feb 15 03:17:13.656: RT: NET-RED 145.1.45.0/24
Rack1R6(config-router)#
Notice the metric change. Now let's go back to R3 and change the time!
Rack1R3#clock set 15:00:00 feb 15 2009
Rack1R3#
*Feb 15 15:00:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 02:22:08 UTC Sun Feb 15 2009 to 15:00:00 UTC Sun Feb 15 2009, configured from console by console.
Rack1R3#Rack1R3(config)#do sh access-list 101
Extended IP access list 101
10 permit ip host 145.1.45.0 host 255.255.255.0 time-range First12 (inactive) (2 matches)
Rack1R3(config)#
Notice that now we are inactive on our time. **Time Passes**
Well, 20 minutes later and still no update. Our problem with this is that change IN THE ROUTING TABLE trigger changes to redistribution. We still learn this route via OSPF and therefore nothing has changed. If we were to trigger a change in OSPF that would lead to a status change, we would see the route withdrawn.
How do you trigger a status change? Clear it.
Rack1R3(config)#do clear ip route 145.1.45.0
Rack1R3(config)#
Feb 15 15:12:28.719: RT: del 145.1.45.0/24 via 145.1.23.2, ospf metric [110/865]
Feb 15 15:12:28.719: RT: del 145.1.45.0/24 via 145.1.13.1, ospf metric [110/865]
Feb 15 15:12:28.719: RT: delete subnet route to 145.1.45.0/24
Feb 15 15:12:28.719: RT: NET-RED 145.1.45.0/24
Feb 15 15:12:28.723: RT: SET_LAST_RDB for 145.1.45.0/24
NEW rdb: via 145.1.13.1Feb 15 15:12:28.723: RT: add 145.1.45.0/24 via 145.1.13.1, ospf metric [110/867]
Feb 15 15:12:28.723: RT: NET-RED 145.1.45.0/24
Feb 15 15:12:28.723: RT: add 145.1.45.0/24 via 145.1.23.2, ospf metric [110/867]
Feb 15 15:12:28.723: RT: NET-RED 145.1.45.0/24
Feb 15 15:12:28.723: RT:ospf's 145.1.45.0/24 (via 145.1.13.1) metric changed from distance/metric [110/867] to [110/865]
Feb 15 15:12:28.723: RT: del 145.1.45.0/24 via 145.1.23.2, ospf metric [110/867]
Feb 15 15:12:28.723: RT: NET-RED 145.1.45.0/24
Feb 15 15:12:28.723: RT: NET-RED 145.1.45.0/24
Feb 15 15:12:28.727: RT: add 145.1.45.0/24 via 145.1.23.2, ospf metric [110/865]
Feb 15 15:12:28.727: RT: NET-RED 145.1.45.0/24
Rack1R3(config)#
From R3's perspective, notice that it comes back just as it was before.
Rack1R6(config-router)#
*Feb 15 03:32:27.576: RT: rip's 145.1.45.0/24 (via 145.1.36.3) metric changed from distance/metric [120/2] to [120/10]
*Feb 15 03:32:27.576: RT: NET-RED 145.1.45.0/24
Rack1R6(config-router)#
On R6 though, it changed because the criteria changed. What if we change the clock and do it again? (By the way, subsequent 'clear ip route' commands on R3 make no difference on R6 as long as the time range is still inactive)
Rack1R3(config)#do clock set 3:00:00 feb 15 2009
Rack1R3(config)#
Rack1R3(config)#
Feb 15 03:00:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 15:14:57 UTC Sun Feb 15 2009 to 03:00:00 UTC Sun Feb 15 2009, configured from console by console.
Rack1R3(config)#
Rack1R3(config)#do sh access-list 101
Extended IP access list 101
10 permit ip host 145.1.45.0 host 255.255.255.0 time-range First12 (active) (2 matches)
Rack1R3(config)#
Back to active now. Clearing....
Rack1R6(config-router)#
*Feb 15 03:35:24.672: RT: rip's 145.1.45.0/24 (via 145.1.36.3) metric changed from distance/metric [120/10] to [120/2]
*Feb 15 03:35:24.672: RT: NET-RED 145.1.45.0/24
Rack1R6(config-router)#
Back to a metric of 2 on R6. So the redistribution is happening again... So.... Can the router trigger itself? Do we have mechanisms to do so? You betchya! But it's not perfectly simple! But then again, you would be a CCIE if everything were always simple! Or more importantly, EVERYONE would be a CCIE if it were simple!
We can use EEM (Embedded Event Manager, complicated) or KRON (time scheduler, easier) to trigger things. My vote is kron! In the unix world you'd know this as cron.
R3
kron policy-list ChgRedist
cli clear ip route 145.1.45.0
exit
kron occurrence Midnight at 0:00 recurring
policy-list ChgRedist
kron occurrence Noon at 12:00 recurring
policy-list ChgRedist
exit
Rack1R3(config)#do sh kron schedule
Kron Occurrence Schedule
Midnight inactive, will run again in 0 days 20:55:41 at 0 :00 on
Noon inactive, will run again in 0 days 08:55:41 at 12:00 onRack1R3(config)#
Rack1R3(config)#do clock set 11:58:00 feb 15 2009
Feb 15 11:58:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 03:05:50 UTC Sun Feb 15 2009 to 11:58:00 UTC Sun Feb 15 2009, configured from console by console.
Rack1R3(config)#do sh kron schedule
Kron Occurrence Schedule
Midnight inactive, will run again in 0 days 12:01:55 at 0 :00 on
Noon inactive, will run again in 0 days 00:01:55 at 12:00 onRack1R3(config)#
Rack1R3(config)#do deb kron all
All kron debug flags are onRack1R3(config)#
Now we just wait and see! (Pretend you've been staring at this for two minutes now!)
Rack1R3(config)#
Feb 15 11:59:59.999: Major 1, Minor 0
Feb 15 11:59:59.999: Timer Event Noon
Feb 15 11:59:59.999: Kron delay for next Noon 60000
Feb 15 11:59:59.999: Call parse_cmd 'clear ip route 145.1.45.0'
Feb 15 11:59:59.999: RT: del 145.1.45.0/24 via 145.1.23.2, ospf metric [110/865]
Feb 15 11:59:59.999: RT: del 145.1.45.0/24 via 145.1.13.1, ospf metric [110/865]
Feb 15 11:59:59.999: RT: delete subnet route to 145.1.45.0/24
Feb 15 11:59:59.999: RT: NET-RED 145.1.45.0/24
Feb 15 12:00:00.003: Kron CLI return 0
''
Feb 15 12:00:00.003: Major 4, Minor 7
Feb 15 12:00:00.003: Respond to end of CLI Process
Feb 15 12:00:00.003: RT: SET_LAST_RDB for 145.1.45.0/24
NEW rdb: via 145.1.13.1Rack1R3(config)#
Feb 15 12:00:00.003: RT: add 145.1.45.0/24 via 145.1.13.1, ospf metric [110/867]
Feb 15 12:00:00.003: RT: NET-RED 145.1.45.0/24
Feb 15 12:00:00.003: RT: add 145.1.45.0/24 via 145.1.23.2, ospf metric [110/867]
Feb 15 12:00:00.003: RT: NET-RED 145.1.45.0/24
Feb 15 12:00:00.003: RT: ospf's 145.1.45.0/24 (via 145.1.13.1) metric changed from distance/metric [110/867] to [110/865]
Feb 15 12:00:00.007: RT: del 145.1.45.0/24 via 145.1.23.2, ospf metric [110/867]
Feb 15 12:00:00.007: RT: NET-RED 145.1.45.0/24
Feb 15 12:00:00.007: RT: NET-RED 145.1.45.0/24
Feb 15 12:00:00.007: RT: add 145.1.45.0/24 via 145.1.23.2, ospf metric [110/865]
Feb 15 12:00:00.007: RT: NET-RED 145.1.45.0/24
Rack1R3(config)#
That looks like the router magically did what we wanted it to on R3! And on R6:
Rack1R6(config-router)#
*Feb 15 03:43:46.695: RT: rip's 145.1.45.0/24 (via 145.1.36.3) metric changed from distance/metric [120/2] to [120/10]
*Feb 15 03:43:46.695: RT: NET-RED 145.1.45.0/24
Rack1R6(config-router)#
Bingo! Exactly what you wanted.
Rack1R3(config)#do sh kron sched
Kron Occurrence Schedule
Midnight inactive, will run again in 0 days 11:58:24 at 0 :00 on
Noon inactive, will run again in 0 days 23:59:24 at 12:00 onRack1R3(config)#
And in 12 hours'ish we'll see the process reverse itself. So yes, you CAN have redistribution on a timed basis, it's just not necessarily a pretty thing!