cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
725
Views
0
Helpful
7
Replies
Highlighted
Beginner

Unable to redistribue from BGP to OSPF

Hi everybody

This is a 3750X with ip services.

I spend already some time researching and still nothing.

This is my issue:

I have this route that exists in the routing table learned via BGP but is not redistributed into OSPF!!!

VAN-DMZ-SW#show ip route vrf c1  172.18.254.0

Routing Table: c1

Routing entry for 172.18.254.0/28

  Known via "bgp 65055", distance 20, metric 0

  Tag 65058, type external

  Redistributing via ospf 2

  Last update from 172.18.14.129 00:07:47 ago

  Routing Descriptor Blocks:

  * 172.18.14.129, from 172.18.14.129, 00:07:47 ago

      Route metric is 0, traffic share count is 1

      AS Hops 2

      Route tag 65058

      MPLS label: none

VAN-DMZ-SW#show ip bgp vpnv4 vrf c1 172.18.254.0

BGP routing table entry for 172.18.0.253:2:172.18.254.0/28, version 17158

Paths: (1 available, best #1, table c1)

  Not advertised to any peer

  65058 65002

    172.18.14.129 from 172.18.14.129 (10.85.2.2)

      Origin IGP, metric 0, localpref 100, valid, external, best

This is the OSPF process config:

router ospf 2 vrf c1

router-id 172.18.0.253

redistribute bgp 65055 metric-type 1 subnets tag 201

network 172.18.0.16 0.0.0.7 area 0

network 172.18.0.253 0.0.0.0 area 0

distribute-list OSPF-Routes-for-VRF-C1 in

The OSPF database does not include it. The only entry came from another device in the network. The route I want is obviously not being passed to other devices which are OSPF neighbours of this one.

VAN-DMZ-SW#show ip ospf 2 database | i 172.18.254.0

172.18.254.0    172.18.0.254    918         0x80000B9A 0x0035FD 3489725984

My local ospf process is only originating a route based on a loopback interface.

VAN-DMZ-SW#show ip ospf 2 database | i 172.18.0.253

            OSPF Router with ID (172.18.0.253) (Process ID 2)

172.18.0.253    172.18.0.253    1033        0x8000002D 0x009F87 2

Any ideas??

7 REPLIES 7
Highlighted
Beginner

Hi,

You need to add the "capability vrf-lite" command under OSPF.

Sent from Cisco Technical Support iPhone App

Highlighted
Beginner

If possible can you include the configurations for bgp (including each address-family), the distribute lists, the vrfs?

Sent from Cisco Technical Support iPhone App

Highlighted
Engager

Hello, as Kenneth mentioned.

The OSPF Support for Multi-VRF on CE Routers feature provides the capability of suppressing provider edge (PE) checks that are needed to prevent loops when the PE is performing a mutual redistribution of packets between the OSPF and BGP protocols. When VPN routing and forward (VRF) is used on a router that is not a PE (that is, one that is not running BGP), the checks can be turned off to allow for correct population of the VRF routing table with routes to IP prefixes.

capability vrf-lite enables VRF-Lite on the Multi-VRF CE router running OSPF.
With Multi-VRF CE, the CE router acts as a PE router and performs the checks for down bits and domain tags.

try to add it in the CEs OSPF

router ospf 2 vrf c1
capability vrf-lite

Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
Highlighted

Thanks everybody for your help.

No, vrf-lite did not fix this issue. In fact, I have the same configuration at a different place and works great. There is something related to this particular BGP entry or neighbour.

router bgp 65055

no bgp default ipv4-unicast

bgp log-neighbor-changes

!

address-family ipv4 vrf c1

aggregate-address 207.194.242.64 255.255.255.224 summary-only

redistribute connected

redistribute ospf 2 vrf c1 match internal external 1

neighbor 172.18.14.129 remote-as 65058

neighbor 172.18.14.129 version 4

neighbor 172.18.14.129 activate

neighbor 172.18.14.129 send-community

neighbor 172.18.14.129 route-map C1-VAN-IN in

neighbor 172.18.14.129 route-map C1-OUT out

exit-address-family

Highlighted

It seems that there may be some confusion, at least for me :-)

Is thist setup for VRF Lite or MP-BGP, such as for use with L3VPN MPLS?

In your setup do you have a CE,PE,P routers such as below:

CE----PE---P---PE---CE

vrfs on the PEs and MP BGP between the PE's and the P router?

If so, the you will need to activate the address-family vpnv4 and send both communtities on those routers.

Highlighted

Maybe its not allowed because you redistribute ospf into bgp, and try to setup to redistribute bgp into ospf.

That would mean that the paths would be redistributing between ospf and bgp till infinity.

I am not sure if you are allowed to do that.

Try stopping redistribution of OSPF into BGP and see if BGP will start redistribute into OSPF.

Highlighted

It works now.

Probably a Cisco bug

I destroyed everything: ospf, bgp, interfaces and even the vrf. After creating these again, all magically works.

I'm using ver 12.2(58)SE2 in case somebody has the same issue.

Really appreciated your help.

This was not an MPLS environment. I just use vrfs for security. This is a L3 switch working with my FW and interconnecting many 3rd parties; each with a separate vrf.