Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1164
Views
0
Helpful
5
Replies

Switching over between BGP and OSPF

tigerpaws
Level 1
Level 1

‎05-02-2018 04:32 PM - edited ‎03-05-2019 10:23 AM

Hello,

I have a question that I hope someone would be able to help.  Basically, I have a router (D1) that has two links to two different remote routers (Core-RT and NRR1).  D1 runs OSPF with Core-RT while D1 runs EBGP with NRR1.  When I ping a host (MMS) on another router (Node1) that connects to Core-RT, OSPF will be the used as the preferred routing protocol because D1 learns that host via OSPF routing process.  When I shutdown the OSPF link between D1 and the Core-RT, the link switches to use BGP between D1 and NRR1 as expected because it is the only path available.  It takes about 20 to 24 pings dropped before D1 can detect that the OSPF path is no longer available before switching over to BGP.

When I bring back the OSPF link, the ping continues to traverse the BGP link to reach to the host unless I either (1) perform a "clear ip bgp *" on D1 or (2) perform a "shutdown" on the link that connects between D1 and NRR1 to force the traffic originated from D1 to use OSPF.

My question is is there a way to configure D1's BGP routing process to trigger the switchover from BGP to OSPF sooner instead of performing either one of the actions above?

Below are the configuration files for D1, Core-RT and NRR1 along with the topology.  Thank you in advance.

-----------------------------------------------------------------------------------

!

hostname DUCE1-RR1

!

interface Loopback0

description "D1 - Router Loopback IP Address"

ip address 11.11.11.11 255.255.255.255

ip ospf 100 area 0

!

interface Ethernet0/0

description "Link to WAN - Router"

ip address 10.10.100.1 255.255.255.0

!

interface Ethernet0/1

description "Link to S1 - Core Router"

ip address 10.10.110.1 255.255.255.0

ip ospf 100 area 0

!

interface Ethernet0/2

description "Link to D1 - Workstation #1"

ip address 10.10.120.1 255.255.255.0

ip ospf 100 area 0

!

router ospf 100

router-id 11.11.11.11

redistribute bgp 400 subnets

!

router bgp 400

bgp router-id 11.11.11.11

bgp log-neighbor-changes

network 11.11.11.11 mask 255.255.255.255

redistribute ospf 100

neighbor 10.10.100.2 remote-as 300

neighbor 10.10.100.2 update-source Ethernet0/0

neighbor 10.10.100.2 allowas-in

!

end

 

D1-RR1#

---------------------------------------------------------------------------------------

!

hostname Core-RT

!

interface Loopback0

description "S1 Core Router Loopback IP Address"

ip address 2.2.2.2 255.255.255.255

ip ospf 100 area 0

!

interface Ethernet0/0

description "Link to S1U-SW - Switch"

ip address 10.10.150.2 255.255.255.0

ip ospf 100 area 0

!

interface Ethernet0/1

description "Link to S1 - RSW"

ip address 10.10.30.2 255.255.255.0

ip ospf 100 area 0

!

interface Ethernet0/2

description "Link to D1 - Router"

ip address 10.10.110.2 255.255.255.0

ip ospf 100 area 0

!

interface Ethernet1/0

description "Link to WAN - Router"

ip address 10.10.20.2 255.255.255.0

!

router ospf 100

router-id 2.2.2.2

redistribute bgp 400 metric-type 1 subnets route-map BGP-To-OSPF

!

router bgp 400

bgp router-id 2.2.2.2

bgp log-neighbor-changes

bgp redistribute-internal

network 2.2.2.2 mask 255.255.255.255

network 10.10.20.0 mask 255.255.255.0

redistribute ospf 100 route-map OSPF-To-BGP

neighbor 10.10.10.1 remote-as 400

neighbor 10.10.10.1 update-source Ethernet0/1

neighbor 10.10.20.1 remote-as 300

neighbor 10.10.20.1 update-source Ethernet1/0

neighbor 10.10.20.1 allowas-in

!

route-map OSPF-To-BGP permit 10

match ip address 1

!

route-map BGP-To-OSPF permit 20

match ip address 2

!

!

access-list 1 remark Access List to Control OSPF-To-BGP Traffic

access-list 1 permit 1.1.1.1 log

access-list 1 permit 4.4.4.4 log

access-list 1 permit 25.25.25.25 log

access-list 1 permit 20.20.20.0 log

access-list 1 permit 10.10.10.0 0.0.0.255 log

access-list 1 permit 10.10.30.0 0.0.0.255 log

access-list 1 permit 10.10.129.0 0.0.0.255 log

access-list 1 permit 10.10.110.0 0.0.0.255 log

access-list 1 permit 10.10.120.0 0.0.0.255 log

access-list 1 permit 10.10.150.0 0.0.0.255 log

access-list 1 permit 10.10.151.0 0.0.0.255 log

access-list 1 permit 192.168.1.0 0.0.0.255 log

access-list 1 deny any log

access-list 2 remark Access List to Control BGP-To-OSPF Traffic

access-list 2 permit 3.3.3.3 log

access-list 2 permit 11.11.11.11 log

access-list 2 permit 20.20.20.20 log

access-list 2 permit 25.25.25.25 log

access-list 2 permit 10.10.20.0 0.0.0.255 log

access-list 2 permit 10.10.100.0 0.0.0.255 log

access-list 2 permit 10.10.110.0 0.0.0.255 log

access-list 2 permit 10.10.120.0 0.0.0.255 log

access-list 2 permit 10.10.150.0 0.0.0.255 log

access-list 2 permit 192.168.1.0 0.0.0.255 log

access-list 2 deny any log

!

end

 

Core-RT#

----------------------------------------------------------------------------------------

!

hostname NRR1

!

interface Loopback0

description "WAN Router Loopback IP Address"

ip address 3.3.3.3 255.255.255.255

!

interface Ethernet0/1

description "Link to D1 - Router 1"

ip address 10.10.100.2 255.255.255.0

!

router bgp 300

bgp router-id 3.3.3.3

bgp log-neighbor-changes

network 3.3.3.3 mask 255.255.255.255

network 10.10.20.0 mask 255.255.255.0

network 10.10.100.0 mask 255.255.255.0

neighbor 10.10.20.2 remote-as 400

neighbor 10.10.20.2 update-source Ethernet1/0

neighbor 10.10.100.1 remote-as 400

neighbor 10.10.100.1 update-source Ethernet0/1

!

end

 

NRR1#

----------------------------------------------------------------------------------------

BGPv4_and_OSPF_Route_Refresh_Question.png

 

Labels:
0 Helpful
5 Replies 5

cofee
Level 5
Level 5

‎05-02-2018 05:50 PM

You can look into using BFD (bidirectional forwarding detection) to use either with ospf or bgp, it works with both.

 

Below is the link for BFD configuration with BGP:

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16/irg-xe-16-book/bgp-support-for-bfd.html

0 Helpful

tigerpaws
Level 1
Level 1
In response to cofee

‎05-02-2018 06:49 PM

Hello cofee,

 

Thanks for your reply.  I have enabled OSPF bfd on the interfaces between D1 and the Core-RT and BGP bfd on the interfaces between D1 and NRR1 and noted that I still have to perform the "clear ip bgp *" command in order to force the traffic to switch over to the OSPF link when the OSPF link came back up after a simulated link failure. 

 

Thanks again.

0 Helpful

cofee
Level 5
Level 5
In response to tigerpaws

‎05-03-2018 09:55 AM - edited ‎05-03-2018 09:59 AM

I think the default values used by BFD is quite fast and it shouldn't take that long to failover from one protocol to another, but did you try tweaking the default BFD parameters to make convergence more faster? It's also possible that it has nothing to do with slow convergence and may be there is some dependency/conflict between the routing protocols you are using, but hard to tell without labbing it.

 

I haven't had a chance to lab your topology and it's quite large.

0 Helpful

tigerpaws
Level 1
Level 1
In response to cofee

‎05-03-2018 11:02 AM

Thanks coffee.  I am thinking of writing EEM scripts to make the router D1 to switch to OSPF link as soon as it comes back online.  The challenge is I have no experience in writing EEM...

 

 

0 Helpful

cofee
Level 5
Level 5
In response to tigerpaws

‎05-03-2018 06:48 PM - edited ‎05-03-2018 07:03 PM

Hi,

It appears to be an issue with the Ethernet module used in GNS3. I have discovered that even after shutting down the directly connected Ethernet interface on the remote router, the neighboring router was still showing interface to be up/up which shouldn't happen and protocol should be down. Because of this it BGP takes too long to detect the connection failure, but on a real device this won't happen as link failure detection will happen pretty fast.

 

OSPF experiences the same fate but slightly faster in convergence because the dead timer on broadcast interfaces is 40 seconds. You shouldn't have this problem if you use serial interfaces in gns3.

 

If you want test my theory then telnet into D1 either from core-rt or nrr1 and ping host mms with a continuous ping, then access D1 from console and shut down either the bgp link or the OSPF link and you will notice failover will happen much faster.

 

On a side note, you mentioned that D1 router is learning a given prefix from OSPF and ebgp and it's installing the OSPF route. If you think about it that shouldn't happen because ebgp AD is 20 and OSPF is 110, so it should install the ebgp route and not OSPF. The reason it's not installing ebgp route is because you are redistributing OSPF prefixes into bgp, and when redistributed routes appear in the RIB they win over the prefixes advertised by the ebgp neighbor because of the weight value.

 

Check the bgp table on D1 and you will see redistributes routes are preferred. 

 

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card