cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1038
Views
0
Helpful
5
Replies

Same network advertise at different places

Hasmurizal_2
Level 1
Level 1

Hi guys,

I'm having difficulties in trying to resolve this particular issue. The problem arises when users at CE 1 wanted to access network from CE3, but CE3 and CE4 is advertising the same network. There are several ways i think it should resolve the issue, such as using GRE tunnel point2point. But i'm reluctant to use the tunnel concept as user may affected by the mtu-sizing problem, multiple tunnels creation and such.

Please take note that PE to PE communication using BGP. PE to CE using OSPF with all network advertise under area 0. PE-CE having mutual redistribution. No stub configuration created between PE-CE.

I was thinking to use ebgp-multihop, since CEs are not directly connected, i could create another BGP AS, just for CE to CE communicate. But i'm not sure though. Is it possible to do since peering neighbors will create bgp next-hop to the peering router interfaces.

In an example, CE1 (lo0 1.1.1.1) & CE3 (lo0 3.3.3.3), both configured accordingly on the BGP/Ebgp-multihop. So if i do"show ip bgp" at CE1 router, my next-hop will show 2.2.2.2 for my advertise network at CE3. By right my traffic from CE1 should go to 2.2.2.2 as the next-hop. Since the traffic needs to go to PE(Could), the particular PE would then change the next-hop of my original traffic, as at PE level they may see that CE4 is having the same advertise network with better cost/metric.

Pls advice does ebgp-multihop can choose my next-hop router? can ospf can be sagregated by multiple area topology? Pls advice.

regards,

Rizal

2 Accepted Solutions

Accepted Solutions

Edison Ortiz
Hall of Fame
Hall of Fame

ebgp multi-hop will not work because the traffic won't be tunneled and the PE will still take part of the routing decision.

The next-hop on the ebgp multi-hop will reflect the IP address of the remote CE but a recursive lookup will be performed and guess what? the next hop to that next-hop is the PE router anyway. The PE router will determine the best path - if the destination has conflicting address - anything can happen.

You can implement NAT from the conflicted source to solve this issue

If you have access to the PE, you can have CE3 and CE4 part of a different VRF and only import the 'interested' VRF into CE1.

Regards,

Edison.

View solution in original post

Given all the caveats, I will agree that P2P GRE will be the simplest solution to this problem (along with the static route).

Regards,

Edison.

View solution in original post

5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

ebgp multi-hop will not work because the traffic won't be tunneled and the PE will still take part of the routing decision.

The next-hop on the ebgp multi-hop will reflect the IP address of the remote CE but a recursive lookup will be performed and guess what? the next hop to that next-hop is the PE router anyway. The PE router will determine the best path - if the destination has conflicting address - anything can happen.

You can implement NAT from the conflicted source to solve this issue

If you have access to the PE, you can have CE3 and CE4 part of a different VRF and only import the 'interested' VRF into CE1.

Regards,

Edison.

Hi Edison,

Thanks for the info, and its confirm just as what I suspected. The nature for this particular user is that they no ideas on routing, and what are we inherite is the case of result work for many years, plus mambo-jumbo design and planning. sigh..

NAT would not be the best solution as some network shared are DIO/defaul-route for internet access. One vrf with multiple DIOs are not going to work. We did tought of vrf saperation, My other unit is controlling the PE level, where as my side is just view only. May i know how extranet with DENY particular prefix work? can you assist me with some example or notes perhaps.

Other than that, if we could have DMVPN Tunnel at CE3 and DMVPN Tunnel at CE4, (or just simple p2p gre tunnel), i'm guessing static route via tunnel at CE1, would solve the routing issue right. Should we introduce iBGP via tunnel?

Regards,

Rizal

Given all the caveats, I will agree that P2P GRE will be the simplest solution to this problem (along with the static route).

Regards,

Edison.

Hi Edison,

thanks. in simple term, will try to resolve via P2P GRE, If not P2MultiPoint GRE.

Cheers!

Rizal

Hi,

while i was reading RFC 4577 & some others notes, and thread from netpro, i did stumble upon domain-id and domain-tag. Since this is to be done on PE, will PE1 stop receiving the same prefix from PE2 (matching prefix, with same domain-tag = prefix drop)

Review Cisco Networking for a $25 gift card