01-09-2019 03:22 AM - edited 03-05-2019 11:10 AM
Hi all - first post here!! :-)
I'm having an issue with OSPF and the reasoning behind why it is choosing to install a backup E2 route in the routing table over an E1 route and even an E2 route with a lower metric. Briefly, my core switch, if you like, is peered with a border gateway router in the OSPF backbone. This router is running BGP and has dual tunnels into another "cloud router". This router is redistributing in, a "10.0.0.0/24" prefix into the OSPF process - all good so far and this shows as an E2 route without any issue. The core switch is also peered with a CE router which is in turn connected to a PE router which is redistributing in the same network prefix "10.0.0.0/24" from another BGP process. All routers are connected to the OSPF backbone.
The MPLS connection needs to be the primary connection. The prefix injected by the border router is supposed to be a backup route but the OSPF process is preferring this over the route across the MPLS cloud. I can't tune it out, no matter what i try. If i shut down the border gateway, the route across the MPLS network is installed, if i then turn it back on, the route is removed and replaced by the router across the VPN.
Given that E1 routes are supposed to be preferred to E2 routes, i'm not sure how this can happen. If i change the redistribution to both E1 it makes no difference - even after artificially raising the metrics for the less-preferred route.
I've clearly missed something here - i've attached a snapshot of the config (non-production / GNS3)
-a
01-09-2019 04:00 AM
Preference is to use E1 routes if there are multiple routers distributing a route to the same AS.
I believe the CE router (redistributing the route as E2) is managed by you and can be configured with an E2 type route distribution.
01-09-2019 04:08 AM - edited 01-09-2019 04:09 AM
Yes i have full access to the devices - the PE (P-PE1) router is setting the metric type (2) by default as it distributes from the BGP process into the customer VRF. I've tried setting this to E1, it works as expected until the backup path on the (C-BGR1) router comes up and distributes the same prefix into the OSPF process. At this point, the 10.0.0.0 database entry on my core switch with a next hop of fa0/0 vanishes and the backup route is installed into the routing table - fa0/1.
01-09-2019 04:08 AM
MPLS based network redistributing from BGP to IGP often skew your administrative distance, this is mostly refereed to as Backdoor Routes.
In order to use the MPLS network as your primary route you are required to implement a SHAM Link, in essence what this does is to create a tunnel for the transportation of your LSAs from one side of the network to another.
This can be compared to the virtual-link command that is used to establish a virtual link from a remote area to the backbone area.
STEPS TO CREATE A SHAM LINK
First of all you need to create a loop back interface on both routers and assign it to the associated vrf.
Router 1 Config
PE1(config)#int loopback 100
PE1(config)# description Sham Link For Customer A
PE1(config-if)#vrf forwarding CUST-A
PE1(config-if)#ip add 1.1.1.1 255.255.255.255
router ospf vrf CUST-A
area 0 sham-link 1.1.1.1.1 2.2.2.2 cost 10 ( 1.1.1.1 being your local router and 2.2.2.2 your remote )
router bgp 100
address-family ipv4 vrf CUST-A
network 1.1.1.1 mask 255.255.255.255
Router 2 Config
PE2(config)#int loopback 100
PE2(config)# description Sham Link For Customer A
PE2(config-if)#vrf forwarding CUST-A
PE2(config-if)#ip add 2.2.2.2 255.255.255.255
router ospf vrf CUST-A
area 0 sham-link 2.2.2.2 1.1.1.1 cost 10 ( 2.2.2.2 being your local router and 1.1.1.1 your remote )
router bgp 100
address-family ipv4 vrf CUST-A
network 2.2.2.2 mask 255.255.255.255
For verification you can do a show ip ospf sham-links , this will display the sham link as well as the cost.
Routes should be shown as intra area for both links at this point, so cost matters in this case to ensure that the routes takes the sham link instead of the other. sh ip route ospf
You may adjust your cost as needed to ensure that the traffic takes the correct links.
Cheers
****Remember to rate all helpful posts****
01-09-2019 04:16 AM
01-09-2019 04:30 AM
01-09-2019 04:53 AM
Already did that - see post #1
01-09-2019 06:50 AM
I've added some screen shots to show what i'm seeing.
From the ASBR on the far side of the MPLS cloud, (C-DXS-1) i'm redistributing into OSPF 0 from BGP process 65000 the 10.0.0.0/24 prefix as an E1 route + 50 metric. From the ASBR (C-BGR1) that is directly connected to the core switch (C-CSW1) i'm redistributing into OSPF 0, the same prefix from BGP process 65000 as an E1 route + 300 metric.
When the backup link is down, the core switch selects the only E1 route available to it (through the MPLS cloud) when the backup link comes up, after a few minutes, this route is replaced with another E1 route of much higher cost. If i change the redistribution to E2 on the backup link, it also chooses this route over the E1 route through he MPLS cloud.
-a
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide