09-20-2024 05:58 AM
Hello Team,
I have a topology as below;
I have point to point connections to multiple partners who have different unique prefixes - to avoid overlapping of subnets.
They need to access my internal resources - in this case vlan 50 and 70 for respective services.
Internally, am using ospf 20 for dynamic routing.
I peer to partners differently, some with ospf, some with eigrp, some with bgp.
how do i configure the IOS router, to advertise to them my subnets/specific prefix services, and receive theirs and be able to route them to internal respective services?
say partner 1 uses ospf 200 to peer with me at ios router level? how do i take my internal ospf 20 learned routes to him/her, how do i receive routes from him/her ospf 200 , and make sure downstream devices know those routes, such that traffic from vlan50/70 can get to remote partners and they can get to them.
Your insights on this will be much appreciated?
Solved! Go to Solution.
09-20-2024 06:20 AM
Hello @fmugambi
To connect your internal VLANs (50 and 70) to multiple partners using different routing protocols, you need to employ route redistribution on your router to ensure your internal routes (OSPF 20) are advertised to each partner and their routes are learned and propagated within your network.
For each partner, you will redistribute routes between your internal OSPF 20 process and the partner's protocol, whether it is OSPF, EIGRP, or BGP. For an OSPF peer like Partner 1, configure OSPF 200 for external peering and redistribute routes between OSPF 20 (internal) and OSPF 200 (external). You'll allow your internal OSPF 20 routes (VLAN 50 and 70) to be shared with Partner 1 and their routes to be imported into OSPF 20 for internal routing.
Optionally, you can use route maps to filter and control which routes are advertised. For EIGRP or BGP peers, similar steps apply where routes are redistributed between OSPF 20 and the respective partner protocol. For example, in EIGRP, routes from OSPF 20 would be redistributed into EIGRP with appropriate metrics, while BGP peers would receive your internal routes via BGP. You can also filter and summarize routes if needed, to optimize the exchange.
--
Example configuration for an OSPF peering with Partner 1:
router ospf 20
network 192.168.50.0 0.0.0.255 area 0
network 192.168.70.0 0.0.0.255 area 0
router ospf 200
network <your-router-peer-ip> <wildcard-mask> area <area-number>
redistribute ospf 20 subnets
router ospf 20
redistribute ospf 200 subnets
ip prefix-list ADVERTISE_TO_PARTNER1 permit 192.168.50.0/24
ip prefix-list ADVERTISE_TO_PARTNER1 permit 192.168.70.0/24
route-map ADVERTISE_TO_PARTNER1 permit 10
match ip address prefix-list ADVERTISE_TO_PARTNER1
router ospf 200
redistribute ospf 20 subnets route-map ADVERTISE_TO_PARTNER1
This ensures "bi-directional routing" between your internal networks and your partners using different routing protocols.
09-20-2024 06:56 AM
Your situation might benefit from using VRFs.
Since you don't have overlapping network addresses, as M02@rt37 describes, you don't need VRFs, but I believe VRFs would be a better strategic approach.
09-20-2024 06:20 AM
Hello @fmugambi
To connect your internal VLANs (50 and 70) to multiple partners using different routing protocols, you need to employ route redistribution on your router to ensure your internal routes (OSPF 20) are advertised to each partner and their routes are learned and propagated within your network.
For each partner, you will redistribute routes between your internal OSPF 20 process and the partner's protocol, whether it is OSPF, EIGRP, or BGP. For an OSPF peer like Partner 1, configure OSPF 200 for external peering and redistribute routes between OSPF 20 (internal) and OSPF 200 (external). You'll allow your internal OSPF 20 routes (VLAN 50 and 70) to be shared with Partner 1 and their routes to be imported into OSPF 20 for internal routing.
Optionally, you can use route maps to filter and control which routes are advertised. For EIGRP or BGP peers, similar steps apply where routes are redistributed between OSPF 20 and the respective partner protocol. For example, in EIGRP, routes from OSPF 20 would be redistributed into EIGRP with appropriate metrics, while BGP peers would receive your internal routes via BGP. You can also filter and summarize routes if needed, to optimize the exchange.
--
Example configuration for an OSPF peering with Partner 1:
router ospf 20
network 192.168.50.0 0.0.0.255 area 0
network 192.168.70.0 0.0.0.255 area 0
router ospf 200
network <your-router-peer-ip> <wildcard-mask> area <area-number>
redistribute ospf 20 subnets
router ospf 20
redistribute ospf 200 subnets
ip prefix-list ADVERTISE_TO_PARTNER1 permit 192.168.50.0/24
ip prefix-list ADVERTISE_TO_PARTNER1 permit 192.168.70.0/24
route-map ADVERTISE_TO_PARTNER1 permit 10
match ip address prefix-list ADVERTISE_TO_PARTNER1
router ospf 200
redistribute ospf 20 subnets route-map ADVERTISE_TO_PARTNER1
This ensures "bi-directional routing" between your internal networks and your partners using different routing protocols.
09-20-2024 06:56 AM
Your situation might benefit from using VRFs.
Since you don't have overlapping network addresses, as M02@rt37 describes, you don't need VRFs, but I believe VRFs would be a better strategic approach.
09-20-2024 07:15 AM
Adding to other post, as per the design i do not see any loops which Layer 3 part, but if you running redistribution each IGBP nd BGP, then you need to bit cautious with filters applied based on the requirement.
Also use VRF with partners as suggest also benigicial and running Different IGP or BGP proces that can be controlled and easy to troubleshooting point of view.
what IOS router you have, make sure it has support of that features of VRF.
09-20-2024 07:24 AM
Hello @fmugambi ,
>> I peer to partners differently, some with ospf, some with eigrp, some with bgp.
There are different caveats for each possible combination.
M02@rt37 has covered the case of two OSPF processes PID 20 that is internal and PID 200 towards a customer.
For EIGRP you need to set the default seed metric to be able to redistribute OSPF 20 subnets into EIGRP
router eigrp 100
redistribute ospf 20 route-map ADVERTISE_TO_PARTNER1
default-metric 10000 1500 1 1 1
For BGP is even simpler you can use network command under bgp to advertise the local prefixes because they are in the routing table via OSPF 20.
router bgp 65000
address-family ipv4 unicast
network 192.168.50.0
network 192.168.70.0
they will be advertised to all eBGP peers .
under router ospf 20
you will need
redistribute bgp 65000 subnets
redistribute eigrp 1000 subnets
I would suggest to have the internal subnets advertised in OSPF 20 by FW-DC not using redistribute external but using network area commands.
Hope to help
Giuseppe
09-21-2024 03:30 AM - edited 09-22-2024 10:53 PM
MHM
09-21-2024 08:39 AM - edited 09-21-2024 08:39 AM
Hello
Regarding OSPF,, The ISP ospf process id is locally significant to the ISP it should make no difference on the prefix advertisement towards your IOS rtr if your rtr and the ISP OSPF share the same area ( ie: area 0 backbone area)
So much so between the ios rtr and the core/fw you could make that a totally ospf stub ospf area, which would result in all intra area routes would still continue be advertised between the internal rtrs of the stub area but(core & Fw) with an addition of a single default route for external reachability, this will then protect the core & fw route tables and ospf database from being populated with a large amount of unnecessary routes and lsa's it doesnt really require from the active redistribution of IOS rtr already mentioned from others
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide