Re: IBGP and OSPF with default-information originate

pbrown · ‎01-19-2006

This may be hard to describe.

I have EBGP to the ISP. I then have IBGP through a firewall to an internal router. The outside router delivered a default route to the inside router via BGP.

B* 0.0.0.0/0 [200/0] via 66.150.172.1, 00:21:26

I want to use a route map to to a conditional defaulr route into OSPF. I have done this exact thing before on three other networks. The route map looks like this.

access-list 10 permit 0.0.0.0

access-list 20 permit 66.150.172.1

route-map check-default permit 10

match ip address 10

match ip next-hop 20

It doesn't work. I am running IOS version 12.4 and the others were 12.3.

Here is the router section

router ospf 1

log-adjacency-changes

network 10.3.0.0 0.0.255.255 area 0

network 192.168.1.0 0.0.0.255 area 0

default-information originate route-map CHECK-DEFAULT

!

router bgp 16933

no synchronization

bgp log-neighbor-changes

neighbor 66.150.172.1 remote-as 16933

neighbor 66.150.172.1 description INAP-EDGE1

neighbor 66.150.172.1 version 4

neighbor 66.150.172.1 soft-reconfiguration inbound

no auto-summary

Any ideas? I can force the advertisement of a default by either adding the always statement to OSPF or adding a static default. Neither of these are attractive.

Thanks,

Patrick

olorunloba · ‎01-19-2006

I wonder also, as I cannot see anything worng with your config. But I also wonder why you want to configure the conditional advertisement. Are there other sources of default route on this router?. If not, OSPF by default will not originate the default route into the OSPF database if the default route does not exist in the routing table. The exception is when the always clause is included in the command.

If the Internal BGP router is just obtaining the default from one source, just using default-information originate command should be sufficient to achieve your goal.

pbrown · ‎01-19-2006

You are right in that I should not need a route map at all. The problem is that the 'default-information originate' command is not working even though there is a default route via BGP on the router. It only works when I add a static default. I haven't had this problem before. Since when does OSPF care about the origin of the default route?

I also have a second BGP link in a different site that delivers a BGP default route for use when the primary link fails.

Thanks for the quick reply,

Patrick

pkhatri · ‎01-19-2006

Hi Patrick,

Can you confirm that the next-hop of the default (as displayed in 'sh ip ro') is indeed 66.150.172.1.

Seeing that this is being learned via BGP (which does not change the BGP default), there is a possibility that the route is being installed in the routing table with a BGP next-hop address that points to the actual next-hop address of the EBGP neighbor it was learned from in the first place, and not the address of your IBGP peer. If that is the case, you might need to change ACL 20 to match on that EBGP peer's IP address.

Hope that helps - pls rate the post if it does.

Paresh.

pbrown · ‎01-19-2006

That is the correct next hop. There is a static route that routes traffic to that subnet to the inside interface of the firewall. The firewall is a Watchguard (yuk) and is a NAT boundary between the two BGP routers. There is a static NAT entry allowing BGP to peer with the inside router.

interface FastEthernet0/1

description Link to firewall

ip address 192.168.1.14 255.255.255.252

ip route 66.150.172.0 255.255.255.248 192.168.1.13

--Patrick

russ · ‎02-02-2006

You maybe running into something similar to bug id CSCef24703.

The fix is to configure "bgp redistribute-internal" under router bgp.