cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
926
Views
0
Helpful
8
Replies

Dual homed connection to WAN via eBGP (backup) and OSPF (active)

ibnu sina
Level 1
Level 1

Hello Expert,

I need help please,

I have the topology as shown the attachment.

As you see I've dual homed connection for VPN IP via the different ISP's

R2 <==> ISP01<==> R12  (Primary / Active Link) via OSPF

R2 <==> ISP02 <==>R12  (Backup Link) via eBGP

My Question:

If I disabled / shutdown port in R12 that directly connected to R7-ISP01 then the traffic automatically through R5-ISP02  or via e-BGP

but from perspective R2 traffic still through R9-ISP01 or via OSPF (It's mean Asymmetric route).

Could you help me, How to create symmetric route for the both perspective the routers (R2 and R12)???

its mean when primary link (OSPF) is failed, automatically the traffic using backup link from R2 and R12 via eBGP

Notes: I've solution for this issue but it's manually, I should put the command "clear ip ospf process" in router R2 (if primary link / OSPF in router R12 is failed ) so the traffic consistently via e-BGP

 

Verification when normal condition (Active link):

R2#traceroute 2.2.2.2 source loopback 0

Type escape sequence to abort.

Tracing the route to 2.2.2.2

  1 172.16.24.1 40 msec 60 msec 44 msec ==> via ISP01

  2 11.1.89.8 [MPLS: Labels 16/23 Exp 0] 68 msec 84 msec 60 msec

  3 172.16.24.9 [MPLS: Label 23 Exp 0] 48 msec 68 msec 60 msec

  4 172.16.24.10 60 msec 104 msec 56 msec

  5 192.168.10.2 92 msec *  96 msec

R11#traceroute 1.1.1.1 source loopback 0 ==> from LAN

Type escape sequence to abort.

Tracing the route to 1.1.1.1

  1 192.168.10.1 40 msec 68 msec 36 msec

  2 172.16.24.9 24 msec 32 msec 56 msec ==> via ISP01

  3 11.1.78.8 [MPLS: Labels 17/24 Exp 0] 64 msec 44 msec 36 msec

  4 172.16.24.1 [MPLS: Label 24 Exp 0] 132 msec 28 msec 32 msec

  5 172.16.24.2 76 msec *  864 msec

 

_______________________________________________________________________________________________

 

R2 Configuration :

interface Loopback0
 ip address 1.1.1.1 255.255.255.255

!
interface FastEthernet0/0 ==> ISP02-R3
 ip address 172.16.140.2 255.255.255.252
 ip ospf cost 1
 duplex auto
 speed auto
!

interface FastEthernet0/1.1
 encapsulation dot1Q 101
 ip address 172.16.24.2 255.255.255.252
!
interface FastEthernet0/1.2 ==> ISP01-R9
 encapsulation dot1Q 102
 ip address 172.16.24.14 255.255.255.252
!

router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 172.16.24.0 0.0.0.3 area 0
 network 172.16.24.12 0.0.0.3 area 0

router bgp 64510
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 neighbor 172.16.140.1 remote-as 200
 !
 address-family ipv4
  neighbor 172.16.140.1 activate
  neighbor 172.16.140.1 soft-reconfiguration inbound
  distance bgp 250 250 250
  no auto-summary
  no synchronization
  network 1.1.1.1 mask 255.255.255.255
  network 172.16.140.0 mask 255.255.255.252
 exit-address-family
!

R12 Configuration:

interface Loopback0
 ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0 ==> ISP02-R5
 ip address 172.16.140.10 255.255.255.252
 duplex auto
 speed auto
!
interface FastEthernet0/1 ==> ISP01-R7
 ip address 172.16.24.10 255.255.255.252
 duplex auto
 speed auto
!
interface FastEthernet1/0 ==> LAN
 ip address 192.168.10.1 255.255.255.252
 speed auto
 full-duplex
!

router ospf 1
 router-id 6.6.6.6
 log-adjacency-changes
 redistribute bgp 64500 metric 300 subnets
 network 6.6.6.6 0.0.0.0 area 0
 network 172.16.24.8 0.0.0.3 area 0
 network 192.168.10.0 0.0.0.3 area 0
!
router bgp 64500
 bgp router-id 6.6.6.6
 bgp log-neighbor-changes
 neighbor 172.16.140.9 remote-as 200
 !
 address-family ipv4
  redistribute ospf 1 match internal external 1 external 2
  neighbor 172.16.140.9 activate
  neighbor 172.16.140.9 soft-reconfiguration inbound
  distance bgp 250 250 250
  no auto-summary
  no synchronization
  network 6.6.6.6 mask 255.255.255.255
  network 172.16.140.8 mask 255.255.255.252
 exit-address-family
!

 

Thanks :)

8 Replies 8

Jon Marshall
Hall of Fame
Hall of Fame

Not sure I understand

If you shut the interface on R12 to ISP1 then that should mean that R12 is no longer advertising any routes via OSPF to ISP1.

So R2 should not be receiving a route for 2.2.2.2 from ISP1.

Are you saying it still has a route in the OSPF table via ISP1 ?

Even if it did, which it shouldn't, traffic wouldn't get back to R11 because you have shut the interface.

Jon

Thank you Jon, I appreciate it.

for exam: (detail you can see the attachment)

- When I shutdown interfaces between R12 and R7 (via ISP1), so the traffic from LAN (2.2.2.2) automatically through via eBGP (ISP2). My expectation is all the traffic from R2 going back to ISP2  but in real,the traffic from R2 still through via ISP1 (Asymmetric route)

- When I apply command "no shutdown" interfaces between R12 and R7, so the traffic going back to the primary link (via OSPF) from persepective R12 and R2 and ISP2 to be standby / backup links.

 

FYI : I used this command "distance bgp 250 250 250" to force eBGP to be backup link, as we know OSPF AD is 110

When you shut the interface down then the route for 2.2.2.2 can no longer be advertised to ISP1.

Are you saying that R2 still has a route via ISP1 ?

And even if it did have a route there should be no communication because you have shut the interface down ? 

How are you testing this.

Can you answer the above questions so we can clarify what is happening.

Jon

Hi Marshal,

I am a colleague of Ibnu.

in my understanding, Ibnu want if interface R12 facing to R7 (ISP1) is down then the route will go to ISP2, OR if interface R2 facing to R9 (ISP1) is down the all traffic will go to ISP2.

so if one of our link is down to ISP1 (either R2 or R12) then it will go to ISP2. How to make it?how to manipulate it?

"Are you saying that R2 still has a route via ISP1 ?" Yes.

As I said above, either R2 or R12 interface facing to ISP1 is down then it should go to ISP2.

 

Hi Paul,

"After checking your topology's you've posted - I can see on R2/12 looks like they are peering over ospf via ISP1 MPLS network -  is this correct"

yes, it is correct.

"You say you physically shut down R12 isp1 facing interface and R2 is seeing 2.2.2.2 originating R11 from ISP1 as a proffered path?" yes

Does R2 have any route summarization or static routing towards ISP1? --> No, only OSPF.

 

Many thanks for your help.

--

komar

Komar

If you are dynamically exchanging routes via OSPF which you are then when you shut either interface you mention the routes should no longer be exchanged so the BGP link should automatically be used.

You say the route is still there. If so you need to work out why that is the case because it shouldn't be.

I notice from the diagram you are running EIGRP in ISP1 so are you redistributing OSPF into EIGRP and then EIGRP into OSPF within ISP1 ?

If so I would have a look at that first because there may be an issue with the way that is working.

In addition I still haven't had an answer about the actual traffic flow.

Is it safe to say that even if there is still a route via ISP1 that nothing works because it can't as you have shut the interface ?

Jon

 

Hello

 

From R2

Can you post the routing table Before and after R12 ISP1 facing interface is shut down.

I am interested to see why R2 still sees ISP1 as a valid path to R11 2.2.2.2 when the physical and ospf adjacency between these two rtrs should be down

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Edited


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello

After checking your topology's you've posted - I can see on R2/12 looks like they are peering over ospf via ISP1 MPLS network -  is this correct

Also R12 is performing mutual redistribution via ISP2 - BGP-OSPF

You say you physically shut down R12 isp1 facing interface and R2 is seeing 2.2.2.2 originating R11 from ISP1 as a proffered path?

So my understating is that once that ISP1 facing interface on R12 is shut down the ospf adjacency to r2 will drop.

 

Does R2 have any route summarisation or static routing towards ISP1?



res

Paul


 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Review Cisco Networking for a $25 gift card