09-01-2009 05:23 AM - edited 03-04-2019 05:54 AM
We have a somewhat diverse network. On the "legacy" side (consisting of a dark and leased fiber "MAN", PPP circuits, and a gig fiber based LAN) we have OSPF. On the "New" side we have MPLS as a replacement for our Frame Relay infrastructure. Our telco only supports BGP as a routing protocol so we have BGP across the MPLS. The problem we're having is maintaining a consistent routing table across the BGP/OSPF boundaries. We do not redistribute OSPF into BGP. We control BGP announcements with network statements and prepending. We do however redistribute BGP into OSPF. The tricky part is that we have 4 "shared" entry points into the BGP and OSPF networks. We have 4 DS3 connections coming from the MPLS cloud going to 4 of our major data centers. We also have 4 leased fiber connections going to each of those major data centers. The leased fiber is a rung so the fiber entry point to the data centers is one VLAN. We use 3845s for the DS3 connections. The WAN side has BGP and the LAN side has OSPF. The BGP side uses one AS # for the whole shebang. We've not been able to come up with a consistently stable way to get the BGP routes into OSPF and the OSPF routes into BGP. What typically happens is what I've started calling the "Self Serving Routing Loop". Router A gets a route through OSPF and in turn, via a network statement, injects that route ingo BGP. The MPLS network, via BGP, then sends that route to Router B which dutifully picks it up and drops it into OSPF. OSPF then updates Router A which starts the process all over again. Since Router A thinks Router B is destination for the route through BGP and Router B thinks Router A is a good destination through OSPF, we wind up with a routing loop.
My question is, what is the preferred way of keeping a consistent routing table between OSPF and BGP when there are 4 shared entry points into each network? Using eBGP for the MPLS and iBGP for the LAN/MAN isn't an option due to the costs of upgrading 80+ devices to Advanced Enterprise. I apologize if this my explanation is confusing.
Solved! Go to Solution.
09-01-2009 10:06 AM
Thanks Edison, that's pretty much what is happening. I'm looking for something on Cisco's site talking about the tagging with some examples. I can see the route map coming in (the redistribution statement in OSPF) but I can't quite figure out how we're going to get other BGP routers to not insert those routes back into BGP.
09-01-2009 10:17 AM
A quick search didn't turn up a clear example on tagging, I'll have to dig further. The best I could find is explained here:
http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080531fd2.shtml#tags
Basically, the idea is this:
1) All routers will redistribute from BGP into OSPF.
2) During redistribution, those routers will apply an unique tag (you mentioned you only wanted to tag routes from the MPLS - are there any other routes? more on that after you reply with more info).
Router A
router ospf x
redistribute bgp xx subnets tag 1
Router B
router ospf x
redistribute bgp xx subnets tag 2
Router C
router ospf x
redistribute bgp xx subnets tag 3
3) You want to redistribute OSPF routes that were not learned from the MPLS. Those OSPF routes aren't tagged so:
route-map OSPF->BGP deny 10
match tag 1
route-map OSPF->BGP deny 20
match tag 2
route-map OSPF->BGP deny 30
match tag 3
route-map OSPF->BGP permit 40
router bgp xx
redistribute ospf xx route-map OSPF->BGP
09-01-2009 11:09 AM
Edison
You see, that's why i never underestimate you :-)
Thanks
Jon
09-01-2009 09:45 AM
Redistribution will be part of the new design.
You need redistribution from OSPF into BGP to dynamically process the tag from OSPF. You can't do that while explicitly entering the network statements under BGP.
09-01-2009 10:19 AM
You have alot of options you could do with this design as far as redundancy + load balancing too. Depends on the design you want. You could mutual redistribute BGP & OSPF on the routers with a well planed out route-map policy for tagging.
09-01-2009 10:40 AM
I agree and I believe this is the direction that we're going to go. I just need to start fleshing out some of the details of the overall plan and see what, if any, obstacles I come up with.
To Edison - We haven't really had a problem yet where a BGP only connection was involved in a routing loop. What we've had issues with is an OSPF only connection getting involved in a routing loop when Router A inserts the route into BGP which updates Router B which takes that route and drops it back into OSPF, etc. I'm doing my thinking now around what the route map statements need to be.
Thanks for all your help on this, all three of you. You've been very helpful in getting me to think about alternative solutions to the very manualy intensive route-map/static list config I had been thinking about.
09-01-2009 10:49 AM
Terry,
I fully understand your scenario. I actually finished doing a design just like that one and worked quite well.
BTW, unlike Novell forums, we do rate helpful posts here - so how about it ? :)
___
Edison.
09-01-2009 12:52 PM
OK, here's what we've come up with. Again, it's bare bones but I believe it gets the point across. Does this somewhat match what you were trying to tell me? Do you think it will work? Are there any improvements you would make on this? Thanks.
************** Router A ****************
router ospf 1
redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 1111
network 10.X.X.X 0.0.255.255 area 0
router bgp XXXXX
redistribute ospf 1 subnets route-map OSPF-BGP
neighbor A.A.A.A remote-as YYYYY
neighbor A.A.A.A soft-reconfiguration inbound
neighbor A.A.A.A route-map myroutes out
no auto-summary
route-map myroutes permit 10
match ip address prefix-list mine
route-map myroutes permit 20
set as-path prepend XXXX XXXXX XXXXX
route-map OSPF-BGP deny 10
match tag 1111
route-map OSPF-BGP deny 20
match tag 2222
route-map OSPF-BGP deny 30
match tag 3333
route-map OSPF-BGP deny 40
match tag 4444
route-map OSPF-BGP permit 50
ip prefix-list mine seq 10 permit 1.1.1.1
ip prefix-list mine seq 20 permit 11.11.11.11
************** Router B ****************
router ospf 1
redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 2222
network 10.Y.Y.Y 0.0.0.255 area 0
router bgp XXXXX
redistribute ospf 1 subnets route-map OSPF-BGP
neighbor B.B.B.B remote-as YYYYY
neighbor B.B.B.B soft-reconfiguration inbound
neighbor B.B.B.B route-map myroutes out
no auto-summary
route-map myroutes permit 10
match ip address prefix-list mine
route-map myroutes permit 20
set as-path prepend XXXX XXXXX XXXXX
route-map OSPF-BGP deny 10
match tag 1111
route-map OSPF-BGP deny 20
match tag 2222
route-map OSPF-BGP deny 30
match tag 3333
route-map OSPF-BGP deny 40
match tag 4444
route-map OSPF-BGP permit 50
ip prefix-list mine seq 10 permit 2.2.2.2
ip prefix-list mine seq 20 permit 22.22.22.22
************** Router C ****************
router ospf 1
redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 3333
network 10.Z.Z.Z 0.0.0.255 area 0
router bgp XXXXX
redistribute ospf 1 subnets route-map OSPF-BGP
neighbor C.C.C.C remote-as YYYYY
neighbor C.C.C.C soft-reconfiguration inbound
neighbor C.C.C.C route-map myroutes out
no auto-summary
route-map myroutes permit 10
match ip address prefix-list mine
route-map myroutes permit 20
set as-path prepend XXXX XXXXX XXXXX
route-map OSPF-BGP deny 10
match tag 1111
route-map OSPF-BGP deny 20
match tag 2222
route-map OSPF-BGP deny 30
match tag 3333
route-map OSPF-BGP deny 40
match tag 4444
route-map OSPF-BGP permit 50
ip prefix-list mine seq 10 permit 3.3.3.3
ip prefix-list mine seq 20 permit 33.33.33.33
************** Router D ****************
router ospf 1
redistribute bgp XXXXX subnets metric 120 metric-type 2 tag 4444
network 10.1.1.0 0.0.255.255 area 0
router bgp XXXXX
redistribute ospf 1 subnets route-map OSPF-BGP
neighbor D.D.D.D remote-as YYYYY
neighbor D.D.D.D soft-reconfiguration inbound
neighbor D.D.D.D route-map myroutes out
no auto-summary
route-map myroutes permit 10
match ip address prefix-list mine
route-map myroutes permit 20
set as-path prepend XXXX XXXXX XXXXX
route-map OSPF-BGP deny 10
match tag 1111
route-map OSPF-BGP deny 20
match tag 2222
route-map OSPF-BGP deny 30
match tag 3333
route-map OSPF-BGP deny 40
match tag 4444
route-map OSPF-BGP permit 50
ip prefix-list mine seq 10 permit 4.4.4.4
ip prefix-list mine seq 20 permit 44.44.44.44
BTW - The BGP and OSPF only routers will be configured normally, with either regular BGP or regular OSPF statements. Thanks.
09-01-2009 01:10 PM
Terry,
You got the concept, nice job.
BTW, no need to include the metric-type 2 on the redistribution, it's done by default.
OSPF into BGP does not need 'subnets' you need 'subnets' from BGP into OSPF.
09-01-2009 01:20 PM
Thanks Edison. I was typing into notepad as I don't have router next to me to play with right now. I'm a complete newb on BGP. We've got someone working for us that previously worked for an ISP and is very familiar with BGP. He would have caught my boo boo. :)
Again, thanks for all your help!
09-01-2009 01:22 PM
Glad to be of help man and don't be a stranger.
I also check the semi-private forum from time to time...
__
Edison.
09-01-2009 01:10 PM
Yeah that looks pretty solid..So the end result would be any routes being redistributed FROM BGP into OSPF will not be redistributed BACK into BGP to its neighbors.I would check this route-map out real quick:
route-map myroutes permit 10
match ip address prefix-list mine
route-map myroutes permit 20
set as-path prepend XXXX XXXXX XXXXX
You need to put the as-path prepend under the myroutes permit 10 statement or else your going to allow all routes outbound to your neighbors. so like this
route-map myroutes permit 10
match ip address prefix-list mine
set as-path prepend XXXX XXXXX XXXXX
09-01-2009 01:15 PM
John,
I think the logic from Terry is that he does not want to prepend his own routes while prepending what's not his (everything else).
09-01-2009 01:17 PM
That's correct.
09-01-2009 01:29 PM
Edi,
Thanks for clearing that up. Im trying to read through all of these post that I got lost :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide