Showing results for 
Search instead for 
Did you mean: 

Redistributing OSPF and BGP and floating static routes

We're having a hard time getting floating static routes to work. We use the floating static route technique to utilize a VPN connection as a backup connection to our branch sites. When all that was involved was OSPF we didn't have a problem. Recently though we started using a different MPLS provider that required us to use BGP on their MPLS links. To accomodate this we added a new router at the Corp HQ (2811) to handle the new MPLS connections. BGP is configured on this router only for the WAN circuit, OSPF on the LAN side. We redistribute BGP into OSPF and vice versa.

Under normal conditions this works well. When the MPLS connection fails at one of our branch locations it (the remote branch) switches to the VPN connection immediately and the network re-converges in less than 2 seconds. The problem we're having is when the MPLS connection comes back online the MPLS router at the HQ (the trunk router) never re-inserts the remote branch's subnet into OSPF. OSPF seems to override what's in BGP on that router. To force the connection back to the MPLS connection we have to remove the static route to the remote branch on the VPN router.

Here's the redistribute commands on the MPLS router at HQ;

router ospf 1

redistribute bgp 65016 subnets


router bgp 65016

redistribute ospf 1 match internal external 1 external 2

Any thoughts? Thanks.


This may mostly be due to the mutual redistribution with redundant paths.

The only important thing to note with BGP is that administrative distance does not play a role in BGP path selection.

Its better that you post your network topology. It will help in understanding and giving solutions to your problem


Hi Royalblues,

I didn't post a diagram as I didn't think a text file would translate well. I can add a Visio file if that would help. Please let me know.

Sure that would do...

converting to JPEG would reallt help


Router A - redistributes OSPF and BGP

Router B - BGP on main connection only. Default route pointing to VPN router with a cost of 111

Router C - OSPF with static route to Router B via VPN with cost of 150 (used to be 111 but was changed for TS purposes)

When the primary connection for router B fails it switches to the backup VPN connection to router C without any problems and the network is updated with the new info. When the primary connection comes back up though, router A never updates OSPF with the new route. Or at least if it does it never overrides OSPF. All traffic to router B goes down the VPN connection while all traffic from router B comes down the primary connection.



Is the static route at Router C default or specific static routes for remote sites??

If specific then,As i understand 4rm the scenario the static route at C which is being redistributed to OSPF,hence a external route, is having less metric than with the same external routes learn via the redistribution of BGP into OSPF..

As both end the redistribution into ospf is with default metric,make the redistribution at Router C of static route with higher cost than default value(20).

"redistribute static metric 100 subnet"

Lets hear what others have to say abt this..

arun :)

Router C has specific (Class C) static routes with the other end of the VPN tunnel as it's next hop.

I'll verify when I get in tomorrow but I believe we already have the metric in the redistribution statement. We've also placed a metric on the static route statement itself.

I'll let you know what I find. Thanks!

ok thats good..

then check if the static metric propagaing in the ospf domain is less than one redistributed via bgp..if so try to make more ..


I checked and the metric is there. It was set to 111 to be one higher than OSPF but we even bumped it up to 150 hoping that would help. Here's the OSPF and static route statements for router C;

router ospf 1



redistribute static metric 150 subnets

network area 0

network area 1


ip route 111

ip route 111

ip route 150

When it should fail back (the primary connection comes up), I can see the route to the remote branch in the BGP tables on router A but it doesn't have the ">" symbol next to it saying it's the best route. It would rather take OSPF's word for it (and go through a minimum of 3 extra routers) to get to the remote subnet.


OK.. :(

Can u just provide with the config and routing table and bgp table outputs of the routers..


Here are the "sh run", "sh ip route", "sh ip bgp", and "sh ip bgp sum" on all the routers. These files have been cleansed where necessary and the actual IP addresses of the BGP connections have been changed though it should still be clear. Thanks!