Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2957
Views
34
Helpful
35
Replies

Can BGP play nicely with OSPF

Go to solution
trodecke
Level 1
Level 1

‎09-01-2009 05:23 AM - edited ‎03-04-2019 05:54 AM

We have a somewhat diverse network. On the "legacy" side (consisting of a dark and leased fiber "MAN", PPP circuits, and a gig fiber based LAN) we have OSPF. On the "New" side we have MPLS as a replacement for our Frame Relay infrastructure. Our telco only supports BGP as a routing protocol so we have BGP across the MPLS. The problem we're having is maintaining a consistent routing table across the BGP/OSPF boundaries. We do not redistribute OSPF into BGP. We control BGP announcements with network statements and prepending. We do however redistribute BGP into OSPF. The tricky part is that we have 4 "shared" entry points into the BGP and OSPF networks. We have 4 DS3 connections coming from the MPLS cloud going to 4 of our major data centers. We also have 4 leased fiber connections going to each of those major data centers. The leased fiber is a rung so the fiber entry point to the data centers is one VLAN. We use 3845s for the DS3 connections. The WAN side has BGP and the LAN side has OSPF. The BGP side uses one AS # for the whole shebang. We've not been able to come up with a consistently stable way to get the BGP routes into OSPF and the OSPF routes into BGP. What typically happens is what I've started calling the "Self Serving Routing Loop". Router A gets a route through OSPF and in turn, via a network statement, injects that route ingo BGP. The MPLS network, via BGP, then sends that route to Router B which dutifully picks it up and drops it into OSPF. OSPF then updates Router A which starts the process all over again. Since Router A thinks Router B is destination for the route through BGP and Router B thinks Router A is a good destination through OSPF, we wind up with a routing loop.

My question is, what is the preferred way of keeping a consistent routing table between OSPF and BGP when there are 4 shared entry points into each network? Using eBGP for the MPLS and iBGP for the LAN/MAN isn't an option due to the costs of upgrading 80+ devices to Advanced Enterprise. I apologize if this my explanation is confusing.

Labels:
0 Helpful
35 Replies 35

Go to solution
trodecke
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 10:06 AM

Thanks Edison, that's pretty much what is happening. I'm looking for something on Cisco's site talking about the tagging with some examples. I can see the route map coming in (the redistribution statement in OSPF) but I can't quite figure out how we're going to get other BGP routers to not insert those routes back into BGP.

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to trodecke

‎09-01-2009 10:17 AM

A quick search didn't turn up a clear example on tagging, I'll have to dig further. The best I could find is explained here:

http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080531fd2.shtml#tags

Basically, the idea is this:

1) All routers will redistribute from BGP into OSPF.

2) During redistribution, those routers will apply an unique tag (you mentioned you only wanted to tag routes from the MPLS - are there any other routes? more on that after you reply with more info).

Router A

router ospf x

redistribute bgp xx subnets tag 1

Router B

router ospf x

redistribute bgp xx subnets tag 2

Router C

router ospf x

redistribute bgp xx subnets tag 3

3) You want to redistribute OSPF routes that were not learned from the MPLS. Those OSPF routes aren't tagged so:

route-map OSPF->BGP deny 10

match tag 1

route-map OSPF->BGP deny 20

match tag 2

route-map OSPF->BGP deny 30

match tag 3

route-map OSPF->BGP permit 40

router bgp xx

redistribute ospf xx route-map OSPF->BGP

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Edison Ortiz

‎09-01-2009 11:09 AM

Edison

You see, that's why i never underestimate you :-)

Thanks

Jon

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎09-01-2009 09:45 AM

Redistribution will be part of the new design.

You need redistribution from OSPF into BGP to dynamically process the tag from OSPF. You can't do that while explicitly entering the network statements under BGP.

0 Helpful

Go to solution
johnspaulding
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 10:19 AM

You have alot of options you could do with this design as far as redundancy + load balancing too. Depends on the design you want. You could mutual redistribute BGP & OSPF on the routers with a well planed out route-map policy for tagging.

0 Helpful

Go to solution
trodecke
Level 1
Level 1
In response to johnspaulding

‎09-01-2009 10:40 AM

I agree and I believe this is the direction that we're going to go. I just need to start fleshing out some of the details of the overall plan and see what, if any, obstacles I come up with.

To Edison - We haven't really had a problem yet where a BGP only connection was involved in a routing loop. What we've had issues with is an OSPF only connection getting involved in a routing loop when Router A inserts the route into BGP which updates Router B which takes that route and drops it back into OSPF, etc. I'm doing my thinking now around what the route map statements need to be.

Thanks for all your help on this, all three of you. You've been very helpful in getting me to think about alternative solutions to the very manualy intensive route-map/static list config I had been thinking about.

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to trodecke

‎09-01-2009 10:49 AM

Terry,

I fully understand your scenario. I actually finished doing a design just like that one and worked quite well.

BTW, unlike Novell forums, we do rate helpful posts here - so how about it ? :)

___

Edison.

Go to solution
trodecke
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 12:52 PM

OK, here's what we've come up with. Again, it's bare bones but I believe it gets the point across. Does this somewhat match what you were trying to tell me? Do you think it will work? Are there any improvements you would make on this? Thanks.

************** Router A ****************

router ospf 1

redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 1111

network 10.X.X.X 0.0.255.255 area 0

router bgp XXXXX

redistribute ospf 1 subnets route-map OSPF-BGP

neighbor A.A.A.A remote-as YYYYY

neighbor A.A.A.A soft-reconfiguration inbound

neighbor A.A.A.A route-map myroutes out

no auto-summary

route-map myroutes permit 10

match ip address prefix-list mine

route-map myroutes permit 20

set as-path prepend XXXX XXXXX XXXXX

route-map OSPF-BGP deny 10

match tag 1111

route-map OSPF-BGP deny 20

match tag 2222

route-map OSPF-BGP deny 30

match tag 3333

route-map OSPF-BGP deny 40

match tag 4444

route-map OSPF-BGP permit 50

ip prefix-list mine seq 10 permit 1.1.1.1

ip prefix-list mine seq 20 permit 11.11.11.11

************** Router B ****************

router ospf 1

redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 2222

network 10.Y.Y.Y 0.0.0.255 area 0

router bgp XXXXX

redistribute ospf 1 subnets route-map OSPF-BGP

neighbor B.B.B.B remote-as YYYYY

neighbor B.B.B.B soft-reconfiguration inbound

neighbor B.B.B.B route-map myroutes out

no auto-summary

route-map myroutes permit 10

match ip address prefix-list mine

route-map myroutes permit 20

set as-path prepend XXXX XXXXX XXXXX

route-map OSPF-BGP deny 10

match tag 1111

route-map OSPF-BGP deny 20

match tag 2222

route-map OSPF-BGP deny 30

match tag 3333

route-map OSPF-BGP deny 40

match tag 4444

route-map OSPF-BGP permit 50

ip prefix-list mine seq 10 permit 2.2.2.2

ip prefix-list mine seq 20 permit 22.22.22.22

************** Router C ****************

router ospf 1

redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 3333

network 10.Z.Z.Z 0.0.0.255 area 0

router bgp XXXXX

redistribute ospf 1 subnets route-map OSPF-BGP

neighbor C.C.C.C remote-as YYYYY

neighbor C.C.C.C soft-reconfiguration inbound

neighbor C.C.C.C route-map myroutes out

no auto-summary

route-map myroutes permit 10

match ip address prefix-list mine

route-map myroutes permit 20

set as-path prepend XXXX XXXXX XXXXX

route-map OSPF-BGP deny 10

match tag 1111

route-map OSPF-BGP deny 20

match tag 2222

route-map OSPF-BGP deny 30

match tag 3333

route-map OSPF-BGP deny 40

match tag 4444

route-map OSPF-BGP permit 50

ip prefix-list mine seq 10 permit 3.3.3.3

ip prefix-list mine seq 20 permit 33.33.33.33

************** Router D ****************

router ospf 1

redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 4444

network 10.1.1.0 0.0.255.255 area 0

router bgp XXXXX

redistribute ospf 1 subnets route-map OSPF-BGP

neighbor D.D.D.D remote-as YYYYY

neighbor D.D.D.D soft-reconfiguration inbound

neighbor D.D.D.D route-map myroutes out

no auto-summary

route-map myroutes permit 10

match ip address prefix-list mine

route-map myroutes permit 20

set as-path prepend XXXX XXXXX XXXXX

route-map OSPF-BGP deny 10

match tag 1111

route-map OSPF-BGP deny 20

match tag 2222

route-map OSPF-BGP deny 30

match tag 3333

route-map OSPF-BGP deny 40

match tag 4444

route-map OSPF-BGP permit 50

ip prefix-list mine seq 10 permit 4.4.4.4

ip prefix-list mine seq 20 permit 44.44.44.44

BTW - The BGP and OSPF only routers will be configured normally, with either regular BGP or regular OSPF statements. Thanks.

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to trodecke

‎09-01-2009 01:10 PM

Terry,

You got the concept, nice job.

BTW, no need to include the metric-type 2 on the redistribution, it's done by default.

OSPF into BGP does not need 'subnets' you need 'subnets' from BGP into OSPF.

0 Helpful

Go to solution
trodecke
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 01:20 PM

Thanks Edison. I was typing into notepad as I don't have router next to me to play with right now. I'm a complete newb on BGP. We've got someone working for us that previously worked for an ISP and is very familiar with BGP. He would have caught my boo boo. :)

Again, thanks for all your help!

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to trodecke

‎09-01-2009 01:22 PM

Glad to be of help man and don't be a stranger.

I also check the semi-private forum from time to time...

__

Edison.

0 Helpful

Go to solution
johnspaulding
Level 1
Level 1
In response to trodecke

‎09-01-2009 01:10 PM

Yeah that looks pretty solid..So the end result would be any routes being redistributed FROM BGP into OSPF will not be redistributed BACK into BGP to its neighbors.I would check this route-map out real quick:

route-map myroutes permit 10

match ip address prefix-list mine

route-map myroutes permit 20

set as-path prepend XXXX XXXXX XXXXX

You need to put the as-path prepend under the myroutes permit 10 statement or else your going to allow all routes outbound to your neighbors. so like this

route-map myroutes permit 10

match ip address prefix-list mine

set as-path prepend XXXX XXXXX XXXXX

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to johnspaulding

‎09-01-2009 01:15 PM

John,

I think the logic from Terry is that he does not want to prepend his own routes while prepending what's not his (everything else).

0 Helpful

Go to solution
trodecke
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 01:17 PM

That's correct.

0 Helpful

Go to solution
johnspaulding
Level 1
Level 1
In response to Edison Ortiz

‎09-01-2009 01:29 PM

Edi,

Thanks for clearing that up. Im trying to read through all of these post that I got lost :)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card