BGP traffic engineering - first try at conditional route injection
I'm trying to find a unique BGP solution, not exactly sure yet how to achieve it.I greatly appreciate the input/help.
In short, I want to adv a few /32's (or maybe /29 or /30) for traffic engineering purposes -- BUT those same prefix lengths don't exist in my RIB.Adding them would be dirty/complex and an issue of itself.HA (high availability)/fast convergence is a requirement. I wasn't sure how to do the /32 adv, but came across 'conditional route injection' feature. I haven't yet played with, but not exactly sure it will do what I need...
Specifically, (re route-source) the same router that has the external BGP neighbor (that I want to send /32's to) also is originating the (aggregate, /24) route.And for redundancy, an iBGP neighbor (CORE2) is also originating the same "site" aggregate (both via a BGP network statement & static route to null0).This feature seems to be for a non HA type environment; in HA you'd want to match either one of two sources, etc. ??
Without hacking a diagram, the setup should be easy to follow... we have two "CORE" routers (that due to budget also perform "edge" functions), and two aggregation/data center ("DC") routers/switches (7609) - these make our "SITE."The DC's have a /25 VLAN that I want to match.Each site has its own OSPF process (and the backbone has another); BGP is only on the core, OSPF only on DC.Each core has a transit provider eBGP session, and various SFI/private peering sessions.The routing model is to adv our site aggs (a few /23 and /24's) equally to everyone (pfw length), and then carry the more specific lengths internally (via OSPF).Hence, either core can fail, and the routes we adv remain stable.
Obviously, a more specific (than /25) static route has to point to some HA next hop - sort of a dirty config. I don't like trying to hack that up as much as trying to find a way to originate a more specific in BGP, and let the existing OSPF table complete the internal routing.
The traffic engineering challenge is that we have a 1G and 10G connection with the same provider... the 1G is "special purpose" (free traffic), we pay for the 10G traffic.We adv 3 prefixes over the 10G and only 1 /24 over the 1G.We adv that same /24 equally over the 10G and 1G, else traffic would take one, not both (right now it's equal and split between the 1G and 10G).There are two problems, first the 1G is at capacity now (with the 1x/24) (and second, if the 10G fails - we're totally screwed re capacity).We want to load the 1G, not have it take additional traffic if the 10G fails, and have the 10G backup for the 1G.Hence, I want to adv a few /32's to pull traffic on the 1G alone.
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...
Chapter 1 – Pre-requisite
You have Root or Super Users access privileges of Cisco Prime Infrastructure.
You have access credentials of Cisco DNA Center.
You use Cisco Prime Infrastructure version 3.5 and above which is compatible with Cisco DNA Center v...