07-24-2013 08:07 AM - edited 03-04-2019 08:32 PM
Hello all!
We are building a New Datacenter and extending vlans to this data Center, we route from the core via eigrp to a L3 3750 switch and from there EIGRP to a router for a primary MPLS network using BGP and again to a second, On the router we redisibute BGP into EIGRP with a metric so it favors one network over the other, if we want to route something ovewr the secondary network I have to static route it on the L3 switch and on the router as well because it will still try to turn around. I had a CCIE work with me on this route plan, problem is if I static route something on the L3 switch to the second MPLS router then that hop is always there, so I can't create another route with a AD. Is it better to create an HSRP pair with the 2 MPLS networks? Is there a config example.
Next question is the default route, we will have 2 datacenters advertising the same networks, I know I can create a more specific network so say we advertise 2 /17's instead of a /16. But what about the default route? how can i advertise the default route out one datacenter with a different weight or metric? or do I need to tag a community, and can I match 0.0.0.0 on an ACL?
07-24-2013 08:47 AM
why you dont use eigrp metric/delay to control the path from/to your DC !
also for default route it is not clear if you can share a diagram will be better to understand your setup
07-24-2013 09:29 AM
We will have 2 MPLS providers using BGP.
Each data Center will have an internet connection and advertise 10.100.0.0/16 summary and 0.0.0.0, each data center is connected at layer 2 and sharing the same Vlans. Each of our regional offices will connect to both MPLS clouds with a metric redistibute BGP into EIGRP
DataCenter 1
Single routers connected via EIGRP to a L3 switch and the EIGRP metric controls flow
BGP advertise 0.0.0.0 and 10.100.0.0/16 to the PE router as 65101
DataCenter 2
BGP advertise 0.0.0.0 and 10.100.0.0/16 to the PE router as 65000
Regional offices...
2911 router connected to MPLS network 1 as 65XXX
2821 router connected to MPLS network 2 as 65XXX
both are connected to a 4506 via EIGRP stub license we redist. BGP to EIGRP
How do I control the direction of the default route 0.0.0.0????
Should I use 2 routers in an HSRP type of solution for both providers?
07-24-2013 12:03 PM
from my understanding that each DC is connected to two Providers MPLS and you advertising default route from each DC over both providers
remote sites they are dual connected to both providers
now each provider will receive two default routes one from each DC however base don BGP attributes the Provider BGP cloud will pick one default route ( best ) from one of the DCs and advertise it to the remote sites
remote sites will receive the best selected default route from each MPLS provider
what you need to do is
first make sure from the DC toward the mls provider to use a bgp attribute such as AS path to make the desired DC preferred for the default route
in the remote sites you can prefer which provider to be used by changing the eigrp metrics when you redistribute from BGP to EIGRP
also if you are ruing iBGP between the edge routers you can increase the local preference inbound direction in the preferred router
make sure you have the preferred default route aligned end to end to avoid asymmetrical routing and could break your traffic over two different paths/provider to the Internet
hope this help
07-24-2013 12:30 PM
We don't redistibute EIGRP to BGP we found that the circuit would not fail back to the perferred route.
So the preferred router connected to the preferred circuit is connected to the ethernet handoff with the config of...
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
network 10.100.0.5 mask 255.255.255.255
network 10.101.0.2 mask 255.255.255.255
aggregate-address 10.101.0.0 255.255.0.0 summary-only
aggregate-address 10.100.0.0 255.255.0.0 summary-only
neighbor
no auto-summary
router eigrp 100
distribute-list 1 in
distribute-list prefix p200 out
network 10.0.0.0
redistribute bgp 65000 metric 100000 10 255 1 1500
This router connects to a L3 2750 stack via EIGRP
router eigrp 100
network 10.0.0.0
network 10.1.0.0 0.0.255.255
network 10.100.0.0 0.0.255.255
network 10.254.1.0 0.0.0.3
redistribute static
redistribute connected
The router connected to the secondary network is connected to the L3 switch via eigrp and has the same config as the router above but with a different metric set....
Regional..
Preferred router...
router eigrp 102
network 10.0.0.0
redistribute bgp 65000 metric 10000 1 255 1 1500
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.102.0.0 mask 255.255.0.0
network 10.102.0.1 mask 255.255.255.255
network 10.102.0.10 mask 255.255.255.255
aggregate-address 10.102.0.0 255.255.0.0 summary-only
neighbor
no auto-summary
connected to a 4506 with a stub....
router eigrp 102
network 10.0.0.0
eigrp stub connected summary
again the secondary router has the same config as above but with a different metric.
so do you have an example of setting bgp attribute for the default route?
07-24-2013 03:55 PM
David,
you could use different BGP attributes to make one default route preferred. Depending on the case, one could be better than other. Two examples:
1) AS-PATH Prepends:
making the DC less preferred prepending AS. For example:
route-map PREPEND permit 10
match ip address prefix-list DEFAULT
set as-path prepend 65000 65000 65000
route-map PREPEND permit 20
ip prefix-list DEFAULT permit 0.0.0.0/0
neighbor PE route-map PREPEND out
This would work as long as the regional sites are connected to the same AS as the DC. In case the provider is using Inter-AS connections and doing "remove-private-as" at the NNIs you could have problems.
2) Origin
Origin IGP is better than Incomplete and this is better than EGP
As it is a well-known mandatory it's always propagated.
So, you could set origin incomplete in the less preferred, because as you are using the network statement and this by default gets origin IGP.
route-map ORIGIN permit 10
set origin incomplete
router bgp 65xxx
network 0.0.0.0 route-map ORIGIN
Other option would be to not rely on BGP attributes and use the longest match rule. For this you could split the default route in two parts and advertise the two parts in the preferred DC: 128.0.0.0/1 and 0.0.0.0/1. Be aware to filter both supernets in the other DC. It is less standard way of doing things but it works.
Hope this helps,
Jose.
07-25-2013 08:13 AM
We are not redistibuting EIGRP to BGP, the routers have 2 loopbacks as the 255.255.255.255 addresses and we are agregating the summary as 10.101.0.0/16 and 10.100.0.0/16. If use the prepend commands and add it to the bgp process then the only thing that is advertaised is 0.0.0.0 and 10.100.0.0/16 and 10.101.0.0/16 are gone when doing a show ip bgp on the test regional router.
If I split the default route...
so router bgp 65000
network 0.0.0.0 mask 128.0.0.0
network 128.0.0.0 mask 128.0.0.0
it still prefers the 0.0.0.0 from the other router.
I've done this on our network where I advertised 10.200.0.0 255.255.128.0 and 10.200.128.0 and it works with the aggregate address is there a default route command I am missing???
07-25-2013 09:05 AM
Did you add the 128.0.0.0/1 and 0.0.0.0/1 to the route table ?
By the way, it would be better to generate the aggregate based on the routes from EIGRP. You could redistribute EIGRP to BGP and then do the aggregate with summary-only to suppress the specific prefixes. The loopbacks should not contribute to generate the aggregate, otherwise is the LAN is down you'll continue advertising the aggregate creating a potential black hole.
Best Regards,
Jose.
07-25-2013 09:16 AM
OK, that is what it is. via EIGRP I am advertising a default route. So how do you add 0.0.0.0/1 and 128.0.0.0 to the route table, just a static route?
Our current datacenter is promary right now, this route plan I worked with a CCIE on and this is what he came up with based on what we had and conectivity . Both routers are not an HSRP pair they are connected to a L3 3750 stack with EIGRP and we redist. BGP to EIGRP, obvously with a metric. When we were redist EIGRP into BGP if a circuit went down to a regional office then the circuit would not fail, or only traffic from the office would fail back to the primary and your would have to clear bgp on the back circuit to get it to fail back, this fixed it, but I see what you are saying, if this Datacenter is down, routes will still advertise.
I think I need to have a call with TAc on this as everything is under smartnet.
07-25-2013 09:32 AM
Yes, via static route. I suppose you have a static default for the 0/0 as well.
07-25-2013 09:35 AM
duh, ok I see it before when I did this I had to do a ip route and null 0. even though the route was in eigrp
This router see a EIGRP route so could I do a ip route 0.0.0.0 128.0.0.0 null 0 ?
07-25-2013 09:43 AM
No, you should have a valid next hop, pointing to your Internet router. Otherwise, you will drop a lot of traffic! Adding the route to null0 would make sense if you have the full routing table in your router and you want to advertise just the default.
07-25-2013 09:46 AM
In our network our firewall that has the internet connection is a static route on the L3 switch, so that L3 switch has the default route, and with eigrp I redist. static and connected. so via eigrp the router has a default route, so if I do a null 0, it will pick up the default route from there?
07-25-2013 11:23 AM
Just do the same as you did with the default for the supernets.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide