12-05-2013 03:43 PM - edited 03-04-2019 09:46 PM
12-06-2013 01:48 PM
Jon
Np. I have been frustrated by their insistence in implementing this with 2 days notice and not having access to their devices or config to align with.
The plan for tonight is to swing off their current network onto this AVPN. Their current network is mostly L2.
Their hope was to simply connect the L3 switch to the AVPN Gi0/0 interface and all would be well! My preference would be to implement this and do some testing, then bring on the production network.
I am going to make the changes on the AVPN router now and then at 22:00 CST we start their migration onto the AVPN network.
You are right, we are not using iBGP. We are using EIGRP. Their tech stated that to make his lab scenario for this to work, he needed to implement this statement in bgp "bgp redistribute-internal".
One other question. My bgp currently has redistribute static command. I would want to remove that since the only static would be the Tunnel default gateway, correct?
12-06-2013 01:49 PM
When would it be safe to remove the Network commands from BGP?
12-06-2013 01:51 PM
Sorry
1 other thing
After implementing the eigrp config on the AVPN router, only the following show inrun config
router eigrp 10
network 10.40.x.101 0.0.0.0
redistribute bgp 61111 metric 10000 10 255 1 1500 route-map BGP-to-EIGRP
Is this ok, or am I not implementing this command correctly?
12-06-2013 02:55 PM
Steve
You should add "no auto-summary" to the EIGRP config. Other than that it's fine as long as 10.40.x.101 is the interface connecting to L3 switch.
If you are not seeing routes then do "sh ip eigrp neighbor" on the WAN router. It should show one neighbor and that should be the L3 switch.
Regarding bgp redistribute-internal. It is used to redistribute IBGP into an IGP. I am a little worried they had to use that to get it to work because i can't see any IBGP anywhere. Your peering with the AVPN cloud is EBGP from your config and this is what you would expect when connecting to an MPLS network. I just can't see where IBGP would be used in your setup.
You know i've got this horrible feeling after all this they are going to tell you they actually wanted a completely different setup and you need to do it again.
One last thing. It's 23.00 here in the UK. How long do you need me around in case you have any problems ? If you do want me around that's fine just say, just want a rough idea.
Jon
12-06-2013 04:00 PM
They tell me they want something else and I will probably lose my job based on my response
Dude! You have been more than helpfull. I have the config and more confidence to make this work.
Thank for everything
12-06-2013 04:46 PM
Steve
One final point and it is my last point.
router eigrp 10
no auto-summary
eigrp stub connected static
network 10.0.0.0 0.255.255.255
network 172.16.0.0 0.0.240.255
network 192.168.0.0 0.0.255.255
They are using the eigrp stub feature on the L3 switch. I have not used this in a while so can't remember how the routes are seen by the WAN router.. They should be internal ie. AD 90 but you need to check because if they are not they will not get redistributed because we are only matcing internal routes.
From memory i am pretty sure the connected routes are AD 90, it's the static i am worried about but there shouldn't be any statics on the L3 switch anyway.
If worse comes to the worse you can either -
1) remove the route-map for EIGRP to BGP redisitribution
or
2) change the last permit statement to allow any routes as you did before.
But I don't think you'll need to, it's really a just in case.
Jon
12-06-2013 03:54 PM
Steve
Sorry but i'm shattered so i'm signing off now. I hope it goes alright. I'll check in tomorrow to see how it's going or went.
Hope it goes well.
Jon
12-06-2013 02:05 PM
Steve
You need to be able to do a "sh ip route" on the WAN router and see EIGRP internal routes for all your sites subnets. If you are already doing BGP to EIGRP redistribution you will see EIGRP routes but they should all be external EIGRP ie. you should see an EX for each route so don't confuse these with the internal routes.
Once you see those routes you can add the redistribute EIGRP and remove the network commands. Before you do either -
1) "sh ip bgp neighbor x.x.x.x advertised-routes"
the routes you should see will be the ones beig advertised by the network commands under BGP.
2) when you remove the network commands and add EIGRP to BGP redistribution you then need to do -
clear ip bgp x.x.x.x soft out
3) then you should run 1) again and see if you are seeing the routes being advertised.
Jon
12-07-2013 12:05 AM
Jon
We are "good_2_go". The config did get changed a little. I found during this that thet L3 management subnet still needed to be advertised with the network statement under BGP. As of right now, their network has been successfully moved over to the AVPN cloud. This management vlan was the only vlan at the sites that did not get redistributed from EIGRP to BGP.
12-07-2013 04:53 AM
Steve
Great news. Not sure why the management subnet was not showing up unless it is not connected or was not covered by a network statement under EIGRP config as this should have been advertised by the L3 switch.
Many thanks for all the ratings and glad we got there in the end.
Jon
12-12-2013 07:09 AM
Jon
Couldn't have got there w/olut you. Many thanks
1 question about the asymetric routing across the tunnel Is the reason this works because ..
Site_4#
interface Tunnel0
description GRE2_Site_5
ip address 10.254.0.10 255.255.255.252
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source 172.16.250.5
tunnel destination 172.16.251.1
!
interface Multilink1
ip address 172.16.250.5 255.255.255.252
ip access-group Permit_Monitor in
ppp chap hostname Site_4 WAN
ppp multilink
ppp multilink group 1
no cdp enable
service-policy output COS_Profile
Gateway of last resort is 10.254.0.9 to network 0.0.0.0
The Site_4 WAN ip address is the peer with the AT&T PER router that BGP advirtises routes to.
The Site_4 WAN ip address is the Source address of the GRE tunnel so the same ip address is the SOURCE for both
paths.
The reverse is the same at Site_5
So is it asymetric IF the same SOURCE address is used for both paths?
12-12-2013 08:06 AM
edited
12-06-2013 02:46 PM
Steve
Sorry, i missed this one.
One other question. My bgp currently has redistribute static command. I would want to remove that since the only static would be the Tunnel default gateway, correct?
Yes you do.
Jon
12-06-2013 08:41 AM
Jon
If I lose AVPN link to site 1, I will also lose the GRE tunnel becuase the tunnel uses the AVPN link to get across. The GRE tunnels is not for redundacy, just for segmenattion.
12-06-2013 08:46 AM
Steve
If I lose AVPN link to site 1, I will also lose the GRE tunnel becuase the tunnel uses the AVPN link to get across. The GRE tunnels is not for redundacy, just for segmenattion.
Yes of course it would, my mistake.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide