cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1078
Views
0
Helpful
3
Replies

Moving from OSPF to BGP internally

Steven Williams
Level 4
Level 4

We are kicking ospf to the curb here in our network upgrade soon. To try and eliminate the excessive redistribution we have going on we are going to run iBGP instead of OSPF. I feel like I could be configuring iBGP right now as it stands since the AD is 200 and ospf AD is 110, so OSPF routes would be preferred. Then when it comes time to convert we can shut down OSPF and iBGP routes will take over. Yes I know I am going to need some route reflectors, but this will be a lot easier in the long run the more we move to SDWAN (Since our SDWAN provider only supports static or eBGP on the LAN and WAN side). Anyone move from OSPF to BGP? Any gotchas with it? Anything you learned after you did it that makes you think you shouldnt have?

3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Steven,

be aware that you still need OSPF to advertise loopback interfaces with iBGP

iBGP sessions are normally used using source interface loopback so that they survive a single link failure.

Once you have deployed your route reflector servers and all the iBGP sessions in address family ipv4 unicast you just need to :

add BGP network statements for routes redistributed into OSPF in a router Rx

on the same router Rx you can remove the redistribute statements if all the OSPF redistributed routes are advertised in iBGP.

However, you will not able to remove OSPF totally, it will provide you network infrastructure connectivity using only internal LSAs.

At the end all services related prefixes will be advertised by iBGP and OSPF provide the way for iBGP sessions to establish and stay up.

 

Hope to help

Giuseppe

 

So yes I played with the loopback thing, and what I came to the conclusion of is OSPF/EIGRP or static. But I am not doing any of those. I am using interface IPs for the peering since my core is active/active symmetrical. I have ECMP running from Core Switches to Core Firewalls (Firewalls running active/active). No real "meshing" going on per say. So iBGP from Core switches to Core Palos then iBGP from Core Palos to Edge firewalls, User core (4500x) and a Layer 3 switch for a secure segment. 

 

Palo Altos server as route reflectors. 

 

Screen Shot 2019-06-10 at 7.59.21 AM.png

Hello Steven,

I understand you are not running a service provider network so iBGP sessions on physical interfaces may work for you.

The only note is about what you are receiving from ISP(s): if you receive  full BGP tables using loopback can reduce the number of BGP sessions and the number of prefixes to manage in memory, when it is  compared to iBGP sessions on physical interfaces.

 

Hope to help

Giuseppe

 

 

Review Cisco Networking for a $25 gift card