Would like to know your inputs about this issue that I'm facing right now. So I do have 1 Cisco router configured as ezvpn client and I also have another private circuit with bgp connected to it. Both Peering (from bgp/ezvpn server) advertised a default route now since route from ezvpn has administrative distance of 1 and bgp has 20.
What would be the best solution for this?
- If i change the distance from bgp then it should be lower that 1 (not sure the minimum distance in bgp) but I think this is not the best solution.
- Set this command "reverse-route distance xx" on ezvpn but I'm not quite sure if this should be configure on server or client ezvpn (still checking).
Simple network diagram will be helpful. So basically your goal is prefer default route coming from BGP peer on private circuit? Not sure if I get it correctly.
What routing protocol are you running between ezvpn client and server?
Here's a simple representation of the scenario. Yes, I want to prefer BGP over vpn. No routing protocol running between ezvpn server and client. Thanks
| Site A/Client Router
Ezvpn Server ---------------- |
SITE-A#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via "static", distance 1, metric 0, candidate default path
Routing Descriptor Blocks:
* directly connected, via Virtual-Access1, permanent (from ezvpn server)
Route metric is 0, traffic share count is 1
Route tag 109
SITE-A#sh ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0, version 2
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
192.168.100.1 from 192.168.100.1 (192.168.100.1)
Origin IGP, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0
I tried configuring reverse-route on server but some how it only changes the routes received from client not the AD being send. So I need to change on client side for received routes from ezvpn server.
Would like to know how/possible we can modify the metric on Easyvpn client other than adding new entries/more specific routes or changing it to split vpn (not sure if this will be the last resort interms of design and implementation).