10-10-2014 07:35 AM - edited 03-04-2019 11:56 PM
Dear All,
Please refer the above diagram. I would like to do mutual redistribution on RTR1 and RTR2 (EIGRP to BGP and BGP to EIGRP and vice versa)
How to do filter to avoid loops.
The primary traffic should flow through dark fiber. If dark fiber fails traffic has to flow through ISP.
Express your best fixes.
Solved! Go to Solution.
10-12-2014 02:38 AM
Hello pramod, Actually I would like to correct myself firstly by saying that, in fact you will not need to filter between eigrp and bgp - oversight on my part. Reason is because both sets of protocols have the AD characteristic change in the type of routes.
If you are running iBGP and by your diagram it looks that way, the routes will have an AD of 200. This is worse than EIGRP D routes metric of 90 and EIGRP D EX routes metric of 170.
This means that EIGRP will always be preferred - i.e. dark fiber links. ONLY if both dark fiber links failed for whatever reason, then iBGP learned routes with metric of 200 will enter the RIB and be used.
eBGP also has its own loop prevention mechanism where it will not use / accept routes, learnt that have the same AS in AS_PATH's attribute. This could cause you a problem in learning the route's back from ebgp.
But iBGP should be OK.
hth
Bilal
CCIE #45032
10-12-2014 04:16 PM
No you don't need to change the AD. The router will automatically prefer any internal routes over eBGP regardless of the AD. If you control BGP on both sides I would move from iBGP to eBGP and put them in different AS numbers.
10-10-2014 07:56 AM
Since your routers use BGP you will automatically experience traffic preferring dark fiber as it is seen as an internal route.
You can use something like distribute list and apply it to your routing protocol.
10-10-2014 09:35 AM
Yes true,
I was actually looking for route-map with filter-list for EIGRP to BGP and BGP to EIGRP.
10-10-2014 09:39 AM
That will work as well. Are you asking for a sample config?
10-10-2014 09:41 AM
yes michael, i am looking for sample route-map config's to put and test which match the above scenario.
10-11-2014 08:22 AM
I may recommend setting TAG's on the routes in a way where you can easily identify where routes are originating from. Denying via matching the TAG set on the routes will make it very easy for you to filter and avoid loops.
If you use EIGRP and all routes are internal routes with AD of 90 this is fine. Dark fiber will be preferred - you might opt to change the EIGRP AD for "D EX" type routes to lower than BGP - this could also stop routing loops. But like i mentioned if i was in this scenario i would use tagging
eg.
tag eigrp routes via R1 - deny those routes on R2 coming in via BGP
tag eigrp routes via R2 - deny those routes on R1 coming in via BGP
Likewise with BGP
In another case you could summarise at BGP outbound but have the more specific routes via EIGRP and infact this might be the cleaner option rather than using route-maps and filtering etc.... In which case you wouldn't need higher BGP AD or Lower EIGRP internal AD either.
hth
Bilal
CCIE #45032
10-11-2014 10:58 PM
Hi Bilal,
This is how i done on RTR1 and RTR2. Is it correct?
route-map EIGRP-TO-BGP deny 5
match metric 250
!
route-map EIGRP-TO-BGP permit 10
match ip address 11
set metric 250
!
route-map BGP-TO-EIGRP deny 5
match tag 5
!
route-map BGP-TO-EIGRP permit 10
set metric 400 20 255 1 1500
set tag 5
router bgp 65XXX
bgp router-id X.X.X.X
bgp log-neighbor-changes
bgp redistribute-internal
redistribute eigrp 1 route-map EIGRP-TO-BGP
router eigrp 1
redistribute bgp 65XXX route-map BGP-TO-EIGRP
10-12-2014 02:38 AM
Hello pramod, Actually I would like to correct myself firstly by saying that, in fact you will not need to filter between eigrp and bgp - oversight on my part. Reason is because both sets of protocols have the AD characteristic change in the type of routes.
If you are running iBGP and by your diagram it looks that way, the routes will have an AD of 200. This is worse than EIGRP D routes metric of 90 and EIGRP D EX routes metric of 170.
This means that EIGRP will always be preferred - i.e. dark fiber links. ONLY if both dark fiber links failed for whatever reason, then iBGP learned routes with metric of 200 will enter the RIB and be used.
eBGP also has its own loop prevention mechanism where it will not use / accept routes, learnt that have the same AS in AS_PATH's attribute. This could cause you a problem in learning the route's back from ebgp.
But iBGP should be OK.
hth
Bilal
CCIE #45032
10-12-2014 09:21 AM
Ok, so for eBGP scenarios, i believe need to change the AD as it's 20 by default?
10-12-2014 11:50 AM
Yes, if the soul purpose of the bgp is for backup then yes, caveat is that RTR1 and RTR2 must be in their own AS - for the reason i stated, bgp's loop prevention mechanism.
hth
Bilal
CCIE #45032
10-12-2014 10:27 PM
Thanks Bilal and Michael.
10-12-2014 04:16 PM
No you don't need to change the AD. The router will automatically prefer any internal routes over eBGP regardless of the AD. If you control BGP on both sides I would move from iBGP to eBGP and put them in different AS numbers.
10-13-2014 12:36 AM
Hi Michael I disagree here. if you do this then eBGP routes will be used with AD of 20, it will achieve the undesired result of routing primarily via the bgp circuit. I believe changing AD on ebgp routes will be necessary. I do agree that AS should be split. If ibgp is used it then it will be fine.
10-13-2014 08:49 AM
Disagree all you like but I have Parmod's exact topology setup in lab. The following config and routing table proves you don't have to change AD on eBGP for the route to be preferred over ANY internal routing protocol.
R1
R1#sh run | s router
router eigrp 1
redistribute bgp 1
passive-interface FastEthernet0/0
network 1.1.1.0 0.0.0.255
network 11.11.11.0 0.0.0.255
network 33.33.33.0 0.0.0.255
no auto-summary
router bgp 1
no synchronization
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 11.11.11.0 mask 255.255.255.0
redistribute eigrp 1
neighbor 11.11.11.12 remote-as 2
no auto-summary
R2
R2(config-router)#do sh run | s router
router eigrp 1
redistribute bgp 2
passive-interface FastEthernet0/0
network 2.2.2.0 0.0.0.255
network 11.11.11.0 0.0.0.255
network 23.23.23.0 0.0.0.255
no auto-summary
router bgp 2
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
network 11.11.11.0 mask 255.255.255.0
redistribute eigrp 1
neighbor 11.11.11.11 remote-as 1
no auto-summary
R1
C 1.1.1.0 is directly connected, Loopback0
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/161280] via 33.33.33.33, 00:01:02, FastEthernet1/0
33.0.0.0/24 is subnetted, 1 subnets
C 33.33.33.0 is directly connected, FastEthernet1/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/156160] via 33.33.33.33, 00:16:44, FastEthernet1/0
4.0.0.0/24 is subnetted, 1 subnets
D 4.4.4.0 [90/158720] via 33.33.33.33, 00:16:44, FastEthernet1/0
23.0.0.0/24 is subnetted, 1 subnets
D 23.23.23.0 [90/33280] via 33.33.33.33, 00:20:14, FastEthernet1/0
43.0.0.0/24 is subnetted, 1 subnets
D 43.43.43.0 [90/30720] via 33.33.33.33, 00:16:45, FastEthernet1/0
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, FastEthernet0/0
R2
D 1.1.1.0 [90/161280] via 23.23.23.42, 00:01:34, FastEthernet1/0
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
33.0.0.0/24 is subnetted, 1 subnets
D 33.33.33.0 [90/33280] via 23.23.23.42, 00:01:34, FastEthernet1/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/158720] via 23.23.23.42, 00:01:34, FastEthernet1/0
4.0.0.0/24 is subnetted, 1 subnets
D 4.4.4.0 [90/156160] via 23.23.23.42, 00:01:36, FastEthernet1/0
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet1/0
22.0.0.0/24 is subnetted, 1 subnets
C 22.22.22.0 is directly connected, Loopback2
43.0.0.0/24 is subnetted, 1 subnets
D 43.43.43.0 [90/30720] via 23.23.23.42, 00:01:37, FastEthernet1/0
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, FastEthernet0/0
If I add passive interface between R2 and R4 then I learn all routes via BGP from R1 (which also tests failover for the fiber link).
R2
B 1.1.1.0 [20/0] via 11.11.11.11, 00:00:04
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/156160] via 11.11.11.11, 00:00:04
4.0.0.0/24 is subnetted, 1 subnets
B 4.4.4.0 [20/158720] via 11.11.11.11, 00:00:04
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet1/0
22.0.0.0/24 is subnetted, 1 subnets
C 22.22.22.0 is directly connected, Loopback2
43.0.0.0/24 is subnetted, 1 subnets
B 43.43.43.0 [20/30720] via 11.11.11.11, 00:00:06
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, FastEthernet0/0
10-13-2014 08:49 AM
Here's EIGRP config for R3 and R4 as well:
R3#sh run | s router
router eigrp 1
network 0.0.0.0
no auto-summary
R4#sh run | s router
router eigrp 1
network 0.0.0.0
no auto-summary
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide