cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1682
Views
0
Helpful
7
Replies

OSPF - Route selection issue E1/E2

alp1983
Level 1
Level 1

Hi all - first post here!! :-)

 

I'm having an issue with OSPF and the reasoning behind why it is choosing to install a backup E2 route in the routing table over an E1 route and even an E2 route with a lower metric. Briefly, my core switch, if you like, is peered with a border gateway router in the OSPF backbone. This router is running BGP and has dual tunnels into another "cloud router". This router is redistributing in, a "10.0.0.0/24" prefix into the OSPF process - all good so far and this shows as an E2 route without any issue. The core switch is also peered with a CE router which is in turn connected to a PE router which is redistributing in the same network prefix "10.0.0.0/24" from another BGP process. All routers are connected to the OSPF backbone.

 

The MPLS connection needs to be the primary connection. The prefix injected by the border router is supposed to be a backup route but the OSPF process is preferring this over the route across the MPLS cloud. I can't tune it out, no matter what i try. If i shut down the border gateway, the route across the MPLS network is installed, if i then turn it back on, the route is removed and replaced by the router across the VPN.

 

Given that E1 routes are supposed to be preferred to E2 routes, i'm not sure how this can happen. If i change the redistribution to both E1 it makes no difference - even after artificially raising the metrics for the less-preferred route.

 

I've clearly missed something here - i've attached a snapshot of the config (non-production / GNS3)

 

-a

7 Replies 7

Parvesh Paliwal
Level 3
Level 3

Preference is to use E1 routes if there are multiple routers distributing a route to the same AS.

 

I believe the CE router (redistributing the route as E2) is managed by you and can be configured with an E2 type route distribution.

Yes i have full access to the devices - the PE (P-PE1) router is setting the metric type (2) by default as it distributes from the BGP process into the customer VRF. I've tried setting this to E1, it works as expected until the backup path on the (C-BGR1) router comes up and distributes the same prefix into the OSPF process. At this point, the 10.0.0.0 database entry on my core switch  with a next hop of fa0/0 vanishes and the backup route is installed into the routing table - fa0/1.

MPLS based network redistributing from BGP to IGP often skew your administrative distance, this is mostly refereed to as Backdoor Routes.

In order to use the MPLS network as your primary route  you are required to implement a SHAM Link, in essence what this does is to create a tunnel for the transportation of your  LSAs from one side of the network to another.

This can be compared to the  virtual-link command that is used  to establish a virtual link from a remote area to the backbone area.

 

STEPS TO CREATE A SHAM LINK

First of all you need to create a loop back interface on both routers and assign it to the associated vrf.

 

Router 1 Config

PE1(config)#int loopback 100

PE1(config)# description Sham Link For Customer A
PE1(config-if)#vrf forwarding CUST-A
PE1(config-if)#ip add 1.1.1.1 255.255.255.255

 

router ospf vrf CUST-A

area 0 sham-link 1.1.1.1.1 2.2.2.2 cost 10     ( 1.1.1.1 being your local router and 2.2.2.2 your remote )

 

router bgp 100

address-family ipv4 vrf CUST-A

network 1.1.1.1 mask 255.255.255.255

 

Router 2 Config

PE2(config)#int loopback 100

PE2(config)# description Sham Link For Customer A
PE2(config-if)#vrf forwarding CUST-A
PE2(config-if)#ip add 2.2.2.2 255.255.255.255

 

router ospf vrf CUST-A

area 0 sham-link 2.2.2.2 1.1.1.1 cost 10    ( 2.2.2.2 being your local router and 1.1.1.1 your remote )

 

router bgp 100

address-family ipv4 vrf CUST-A

network 2.2.2.2 mask 255.255.255.255

 

 

For verification you can do a show ip ospf sham-links , this will display the sham link as well as the cost.

Routes should be shown as intra area for both links at this point, so cost matters in this case to ensure that the routes takes the sham link instead of the other. sh ip route ospf

You may adjust your cost as needed to ensure that the traffic takes the correct links.

 

Cheers

 

****Remember to rate all helpful posts****

 

 

P.Williams

Thanks for this, i didn't set this up as i didn't think it was a requirement? The backup link doesn't speak to the OSPF process on the other side of the MPLS cloud, it speaks to a foreign BGP AS (this is connected to the OSPF process but only through redistribution) The 10.0.0.0/24 network lives in the BGPAS 64512 - this is where my IPSEC tunnels terminate and where the C-BGR1 device creates a BGP peering.

You need to change the distributed route type to E2 (at C-BGR1) (possibly with higher cost).

It can help
https://ipwithease.com/ospf-external-e1-and-e2-routes/

Already did that - see post #1

I've added some screen shots to show what i'm seeing.

 

From the ASBR on the far side of the MPLS cloud, (C-DXS-1)  i'm redistributing into OSPF 0 from BGP process 65000 the 10.0.0.0/24 prefix as an E1 route + 50 metric. From the ASBR (C-BGR1) that is directly connected to the core switch (C-CSW1) i'm redistributing into OSPF 0, the same prefix from BGP process 65000 as an E1 route + 300 metric.

 

When the backup link is down, the core switch selects the only E1 route available to it (through the MPLS cloud) when the backup link comes up, after a few minutes, this route is replaced with another E1 route of much higher cost. If i change the redistribution to E2 on the backup link, it also chooses this route over the E1 route through he MPLS cloud.

 

-a

Review Cisco Networking for a $25 gift card