cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5755
Views
8
Helpful
63
Replies

Route redistribution from BGP to OSPF and rfc1583

actyler1001
Level 1
Level 1

Hi everyone, I'm experiencing a very frustrating problem with route redistribution from eBGP into OSPF. Consider the below diagram. The goal is to route traffic as directly as possible to the Azure networks 10.24.0.0/16 and 10.25.0.0/16. This was all going well until I connected a non-Area 0 (R5) router to R2 and/or R3. See referenced links A and B in the diagram.

Once R5 brought up an adjacency with R2 and/or R3, R1 and R4 decided the best path to these /16 networks was via R5. An ospf path cost much larger than any direct path. I've attempted to redistribute using External type 1 and type 2, no difference. All ospf areas are "normal".

If I take the link A and B down, all goes back to normal and routing makes sense again. R5 in this case chooses R1 > R2 > 10.25.0.0/16. Also R5 chooses R1 > R3 > 10.24.0.0/16.

R5 is only a member of Area 40. R1, R2, R3, and R4 are all ABRs. R2 and R3, ASBRs.

At first I thought this was a bug. I've managed to make it far up the escalation chain and was finally given the response that this behavior with external routes within ospf is normal while using the default rfc2328 operating mode. I was told that in order to deal with this I would have to enable the older rfc1583 operating mode. On every router in our organization. About 50.

I feel like rolling back to this older rfc is the wrong move. There has to be another way to deal with this, but for the life of me I have yet to come up with a solution. Other than simply NOT connecting my non-Area 0 routers directly to R2 and R3.

 

actyler1001_0-1697399678342.png

 

 

63 Replies 63

My vm have some problems and I need to reinstall it.

So when I reinstall it and add image support compatibility rfc command I will check my idea. 

My idea as I mentioned before only add command on R1 and R2. 

But I need to test it if rfc ver. Is work together or not. 

MHM

If you're planning on trying mixing usage of RFCs, you can, but the cited Cisco paper shows you can create routing loops.

I am absolutely not planning to run different rfc versions of OSPF in our environment.  The goal was to solve this routing problem with redistribution while not enabling rfc1583compatibility.  Moving the ASBR one hop into only Area 0 has resolved this.

"I am absolutely not planning to run different rfc versions of OSPF in our environment."

Nor should you.  Never suggested, by me, mixing usage of RFCs 1583 and 2328 as that can lead to routing loops.

Sidenote: Cisco, though appears to use different defaults for these two RFCs on IOS vs. NXOS!

"The goal was to solve this routing problem with redistribution while not enabling rfc1583compatibility."

Actually OP goal was described to find any other solution other than using older RFC; OP stated reason to avoid having to change 50 routers.

OP also noted you also wanted to not remove the ABR role from your ASBRs.  (Which actually [logically] is what your final selected solution approach was.  [NB:  a fine solution because of the VOD feature available on your ABR/ASBR devices, although requiring device feature upgrade charge.])

An alternative solution, I suggested, was creation of a new OSPF area, that would use (physically) same links as area zero.  Built a lab in CML, appeared to work perfectly.  (NB: you found this approach unacceptable for your actual environment for, I believe/understand, reasons: lack of address space for new area links [i.e. would need about 30 /30  or /31 private IP subnets], non-Cisco device parallel VPN tunnel creation issue, and amount/volume of configuration changes required.)

"Moving the ASBR one hop into only Area 0 has resolved this."

Yup, again a possibly solution noted in OP that you desired to avoid but which you found to actually be YOUR best solution.  (BTW, nothing wrong with ending up back where you started, but besides having a workable alternative to consider, at time of OP, splitting ABR/ASBR thought just [?] of using a VRF, rather than VOD.  [Personally, VOD is likely your best option.])

Review Cisco Networking for a $25 gift card