orus
asked on
Need assistance w/ traffic engineering (OSPF vs BGP)
Background: SL-CE and Colo-CE (our hot site), are interconnected via two WAN technologies. Metro ethernet (100mbps) and MPLS. Note that in my lab, metro ethernet runs at 100mb full and mpls runs at 10mb half
MPLS runs eBGP to provider and the Metro ethernet runs OSPF amongst our various devices. On our MPLS CE's, we are redistributing OSPF into BGP and BGP into OSPF. This is private MPLS with no internet routes
My issue:
My issue is that I need the routing table to look a bit differently in the Colo-CE. It is currently learning the subnets from our headquarters via OSPF. But I want it to learn them via BGP.
In production, the Colo CE's routing table looks like this:
B 172.16.16.0/24 [20/0] via 65.115.131.181, 3w3d
B 172.16.12.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.13.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.14.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.15.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.10.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.11.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.1.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.2.0/24 [20/0] via 65.115.131.181, 7w0d
B 172.16.3.0/24 [20/0] via 65.115.131.181, 7w0d
In my lab, it looks like this:
O IA 172.16.16.0 [110/3] via 172.16.100.2, 10:07:02, FastEthernet0/1
O IA 172.16.12.0 [110/3] via 172.16.100.2, 10:07:02, FastEthernet0/1
O IA 172.16.13.0 [110/3] via 172.16.100.2, 10:07:02, FastEthernet0/1
O IA 172.16.14.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.15.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.10.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.11.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.1.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.2.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
O IA 172.16.3.0 [110/3] via 172.16.100.2, 10:07:03, FastEthernet0/1
It is obviously learning the routes via OSPF, from a device on its LAN. What do I need to do to change this. Play with the metrics during redistribution? Could it be that the results in my lab are what is to be expected? And maybe our production is the one messed up?
I've attached configs from my lab. I can provide production if necessary, but they are very close
our headquarters sl-ce
Current configuration : 3558 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sl-mpls-ce
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 172.17.35.1 255.255.255.0
!
interface FastEthernet0/0
ip address 63.238.101.222 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.1.252 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
redistribute bgp 65100 metric 100 metric-type 1 subnets route-map ospfmap
network 172.16.1.0 0.0.0.255 area 1
!
router bgp 65100
no synchronization
bgp log-neighbor-changes
network 63.238.101.220 mask 255.255.255.252
network 172.16.1.0 mask 255.255.255.0
network 172.17.35.0 mask 255.255.255.0
redistribute ospf 1 match internal
neighbor 63.238.101.221 remote-as 209
neighbor 63.238.101.221 default-originate route-map defaultroute
neighbor 63.238.101.221 route-map bgp-inbound-filter in
neighbor 63.238.101.221 route-map colo out
no auto-summary
!
ip forward-protocol nd
!
ip as-path access-list 100 permit ^65100$
!
ip http server
no ip http secure-server
!
ip access-list standard aclospfmap
permit 63.238.101.220 0.0.0.3
permit 65.115.131.180 0.0.0.3
permit 63.238.101.176 0.0.0.3
permit 63.238.101.180 0.0.0.3
permit 63.238.101.216 0.0.0.3
permit 63.238.192.244 0.0.0.3
permit 63.148.199.16 0.0.0.3
permit 63.232.176.48 0.0.0.3
permit 172.16.201.0 0.0.0.255
permit 172.16.202.0 0.0.0.255
permit 172.16.203.0 0.0.0.255
permit 172.16.60.0 0.0.0.255
permit 172.16.36.0 0.0.0.255
permit 172.16.37.0 0.0.0.255
permit 172.16.70.0 0.0.0.255
permit 172.16.71.0 0.0.0.255
permit 172.16.65.0 0.0.0.255
permit 10.10.50.0 0.0.0.255
permit 10.80.8.0 0.0.1.255
ip access-list standard bgppermit
permit any
ip access-list standard colo
permit 172.16.100.0 0.0.0.3
permit 172.16.101.0 0.0.0.255
permit 172.16.102.0 0.0.0.255
permit 172.16.103.0 0.0.0.255
permit 172.16.104.0 0.0.0.255
ip access-list standard defaultroute
permit 0.0.0.0
ip access-list standard locallyadvertisednetworks
permit 172.16.0.0 0.0.15.255
permit 63.238.101.220 0.0.0.3
permit 172.17.35.0 0.0.0.255
ip access-list standard noprepend
permit any
ip access-list standard ospfpermit
permit any
!
!
route-map bgp-inbound-filter deny 10
description ***If any traffic comes in with an AS of 65100 (our as) deny it***
match as-path 100
!
route-map bgp-inbound-filter deny 20
description ***Do not accept advertised routes, that contain networks local to us***
match ip address locallyadvertisednetworks
!
route-map bgp-inbound-filter permit 30
description ***Allow all other traffic***
match ip address bgppermit
!
route-map colo permit 10
description ***Prepend colo network advertisements***
match ip address colo
set as-path prepend 65100 65100 65100
!
route-map colo permit 20
description ***Do not prepend any other traffic***
match ip address noprepend
!
route-map defaultroute permit 10
description ***Advertise a default route into BGP***
match ip address defaultroute
!
route-map ospfmap deny 10
description ***Do not redistribute into OSPF***
match ip address aclospfmap
!
route-map ospfmap permit 20
match ip address ospfpermit
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
colo-ce
Current configuration : 3743 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname colo-ce-mpls
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 20
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback102
ip address 172.16.102.1 255.255.255.0
!
interface FastEthernet0/0
ip address 65.115.131.182 255.255.255.252
speed auto
half-duplex
!
interface FastEthernet0/1
ip address 172.16.100.1 255.255.255.0
duplex auto
speed auto
!
router ospf 1
router-id 172.16.100.1
log-adjacency-changes
redistribute static
redistribute bgp 65102 metric 100 metric-type 1 subnets route-map bgp-into-ospf
network 172.16.100.0 0.0.0.255 area 2
!
router bgp 65102
no synchronization
bgp log-neighbor-changes
network 65.115.131.180 mask 255.255.255.252
network 172.16.100.0 mask 255.255.255.0
network 172.16.102.0 mask 255.255.255.252
redistribute ospf 1 match internal
neighbor 65.115.131.181 remote-as 209
neighbor 65.115.131.181 default-originate route-map default-originate
neighbor 65.115.131.181 route-map filter-bgp-in in
neighbor 65.115.131.181 route-map filter-bgp-out out
no auto-summary
!
ip forward-protocol nd
!
ip as-path access-list 100 permit ^65102$
!
ip http server
no ip http secure-server
!
ip access-list standard aclospfmap
permit 63.238.101.220 0.0.0.3
permit 65.115.131.180 0.0.0.3
permit 63.238.101.176 0.0.0.3
permit 63.238.101.180 0.0.0.3
permit 63.238.101.216 0.0.0.3
permit 63.238.192.244 0.0.0.3
permit 63.148.199.16 0.0.0.3
permit 63.232.176.48 0.0.0.3
permit 172.16.201.0 0.0.0.255
permit 172.16.202.0 0.0.0.255
permit 172.16.203.0 0.0.0.255
permit 172.16.60.0 0.0.0.255
permit 172.16.36.0 0.0.0.255
permit 172.16.37.0 0.0.0.255
permit 172.16.70.0 0.0.0.255
permit 172.16.71.0 0.0.0.255
permit 172.16.65.0 0.0.0.255
permit 10.10.50.0 0.0.0.255
permit 10.80.8.0 0.0.1.255
ip access-list standard dontprepend
permit 172.16.100.0 0.0.0.3
permit 172.16.101.0 0.0.0.255
permit 172.16.102.0 0.0.0.255
permit 172.16.103.0 0.0.0.255
permit 172.16.104.0 0.0.0.255
permit 65.115.131.180 0.0.0.3
ip access-list standard doprepend
permit 172.16.0.0 0.15.255.255
ip access-list standard locallyadvertisednetworks
permit 172.16.100.0 0.0.0.3
permit 172.16.101.0 0.0.0.255
permit 172.16.102.0 0.0.0.255
permit 172.16.103.0 0.0.0.255
permit 172.16.104.0 0.0.0.255
permit 65.115.131.180 0.0.0.3
ip access-list standard match-default
permit 0.0.0.0
ip access-list standard permit-bgp
permit any
!
!
route-map filter-bgp-out permit 10
description identify advertisements to be excluded from prepension
match ip address dontprepend
!
route-map filter-bgp-out permit 20
description match all other advertisements and prepend
match ip address doprepend
set as-path prepend 65102 65102 65102
!
route-map default-originate permit 10
description define criteria for which to originate default
match ip address match-default
set as-path prepend 65102 65102 65102
!
route-map bgp-into-ospf deny 10
description deny routes redistributed from bgp
match ip address aclospfmap
!
route-map bgp-into-ospf permit 20
description permit all other routes into ospf from bgp
match ip address permit-bgp
!
route-map filter-bgp-in deny 10
description deny any routes sourced from our AS
match as-path 100
!
route-map filter-bgp-in deny 20
match ip address locallyadvertisednetworks
!
route-map filter-bgp-in permit 30
match ip address permit-bgp
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
!
end
colo-ce-mpls#
show ip route from Colo-CE
Gateway of last resort is 65.115.131.181 to network 0.0.0.0
65.0.0.0/30 is subnetted, 1 subnets
C 65.115.131.180 is directly connected, FastEthernet0/0
172.17.0.0/16 is variably subnetted, 5 subnets, 2 masks
O IA 172.17.1.33/32 [110/2] via 172.16.100.2, 3d17h, FastEthernet0/1
B 172.17.35.0/24 [20/0] via 65.115.131.181, 00:33:08
O IA 172.17.1.31/32 [110/2] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.17.1.1/32 [110/2] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.17.1.101/32 [110/1] via 172.16.100.2, 1d21h, FastEthernet0/1
172.16.0.0/24 is subnetted, 25 subnets
O E1 172.16.200.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.202.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.60.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.36.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.37.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O IA 172.16.32.0 [110/66] via 172.16.100.2, 1d17h, FastEthernet0/1
O IA 172.16.33.0 [110/67] via 172.16.100.2, 3d17h, FastEthernet0/1
O IA 172.16.34.0 [110/67] via 172.16.100.2, 3d17h, FastEthernet0/1
O IA 172.16.31.0 [110/12] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.16.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.12.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.13.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.14.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.15.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.10.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.11.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.1.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.2.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
O IA 172.16.3.0 [110/3] via 172.16.100.2, 1d21h, FastEthernet0/1
C 172.16.100.0 is directly connected, FastEthernet0/1
O 172.16.101.0 [110/2] via 172.16.100.2, 1d21h, FastEthernet0/1
C 172.16.102.0 is directly connected, Loopback102
O E1 172.16.70.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.71.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 172.16.65.0 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
192.168.81.0/32 is subnetted, 1 subnets
B 192.168.81.1 [20/0] via 65.115.131.181, 1d14h
B 192.168.80.0/24 [20/0] via 65.115.131.181, 1d14h
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.13.0/24 [20/0] via 65.115.131.181, 1d14h
O E1 10.10.50.0/24 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
O E1 10.80.8.0/23 [110/103] via 172.16.100.2, 1d17h, FastEthernet0/1
B 192.168.0.0/24 [20/0] via 65.115.131.181, 1d14h
63.0.0.0/30 is subnetted, 2 subnets
B 63.238.101.220 [20/0] via 65.115.131.181, 00:33:46
B 63.148.199.16 [20/0] via 65.115.131.181, 1d14h
B* 0.0.0.0/0 [20/0] via 65.115.131.181, 00:33:15
colo-ce-mpls#
colo-ce-mpls#
show ip bgp from colo-ce
*> 0.0.0.0 65.115.131.181 0 209 65100 i
*> 10.10.13.0/24 65.115.131.181 0 209 65107 i
*> 63.148.199.16/30 65.115.131.181 0 209 ?
*> 63.238.101.220/30
65.115.131.181 0 209 ?
*> 65.115.131.180/30
0.0.0.0 0 32768 i
* 172.16.1.0/24 65.115.131.181 0 209 65100 i
*> 172.16.100.2 3 32768 ?
* 172.16.2.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.3.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.10.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.11.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
Network Next Hop Metric LocPrf Weight Path
* 172.16.12.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.13.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.14.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.15.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.16.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 3 32768 ?
* 172.16.31.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 12 32768 ?
* 172.16.32.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 66 32768 ?
* 172.16.33.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 67 32768 ?
* 172.16.34.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 67 32768 ?
*> 172.16.100.0/24 0.0.0.0 0 32768 i
*> 172.16.101.0/24 172.16.100.2 2 32768 ?
* 172.17.1.1/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 2 32768 ?
Network Next Hop Metric LocPrf Weight Path
* 172.17.1.31/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 2 32768 ?
* 172.17.1.33/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 2 32768 ?
* 172.17.1.101/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 1 32768 ?
*> 172.17.35.0/24 65.115.131.181 0 209 65100 i
*> 192.168.0.0 65.115.131.181 0 209 65107 ?
*> 192.168.80.0 65.115.131.181 0 209 65107 ?
*> 192.168.81.1/32 65.115.131.181 0 209 65107 ?
colo-ce-mpls#
When you redistribute from OSPF into BGP, the OSPF metric becomes the metric listed in your BGP routing table.
The administrative distance of eBGP is 20 while OSPF is 110, so the router should always prefer BGP over OSPF when both have identical routes. What I don't have to review is the outputs of show config, show ip route and show ip bgp from your lab router (with the original redistribute command).
The administrative distance of eBGP is 20 while OSPF is 110, so the router should always prefer BGP over OSPF when both have identical routes. What I don't have to review is the outputs of show config, show ip route and show ip bgp from your lab router (with the original redistribute command).
ASKER
Mike,
here are the requested files. Are you saying that when I redistribute OSPF into BGP, the redistributed OSPF routes receive a metric of 20?
here are the requested files. Are you saying that when I redistribute OSPF into BGP, the redistributed OSPF routes receive a metric of 20?
sh ip bgp of sl-ce
sl-mpls-ce#show ip bgp
BGP table version is 51, local router ID is 172.16.1.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.13.0/24 63.238.101.221 0 209 65107 i
*> 63.148.199.16/30 63.238.101.221 0 209 ?
*> 63.238.101.220/30
0.0.0.0 0 32768 i
*> 65.115.131.180/30
63.238.101.221 0 209 ?
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*> 172.16.2.0/24 172.16.1.1 110 32768 ?
*> 172.16.3.0/24 172.16.1.1 110 32768 ?
*> 172.16.10.0/24 172.16.1.1 110 32768 ?
*> 172.16.11.0/24 172.16.1.1 110 32768 ?
*> 172.16.12.0/24 172.16.1.1 110 32768 ?
*> 172.16.13.0/24 172.16.1.1 110 32768 ?
*> 172.16.14.0/24 172.16.1.1 110 32768 ?
*> 172.16.15.0/24 172.16.1.1 110 32768 ?
*> 172.16.16.0/24 172.16.1.1 110 32768 ?
*> 172.16.31.0/24 172.16.1.1 110 32768 ?
Network Next Hop Metric LocPrf Weight Path
*> 172.16.32.0/24 172.16.1.1 110 32768 ?
*> 172.16.33.0/24 172.16.1.1 110 32768 ?
*> 172.16.34.0/24 172.16.1.1 110 32768 ?
* 172.16.100.0/24 63.238.101.221 0 209 65102 i
*> 172.16.1.1 110 32768 ?
* 172.16.101.0/24 63.238.101.221 0 209 65102 ?
*> 172.16.1.1 110 32768 ?
*> 172.17.1.1/32 172.16.1.1 110 32768 ?
*> 172.17.1.31/32 172.16.1.1 110 32768 ?
*> 172.17.1.33/32 172.16.1.1 110 32768 ?
*> 172.17.1.101/32 172.16.1.1 110 32768 ?
*> 172.17.35.0/24 0.0.0.0 0 32768 i
*> 192.168.0.0 63.238.101.221 0 209 65107 ?
*> 192.168.80.0 63.238.101.221 0 209 65107 ?
*> 192.168.81.1/32 63.238.101.221 0 209 65107 ?
sl-mpls-ce#
ASKER
sh run attached and sh ip route of SL-CE
sl-mpls-ce#sh run
Building configuration...
Current configuration : 3605 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sl-mpls-ce
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 informational
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 172.17.35.1 255.255.255.0
!
interface FastEthernet0/0
ip address 63.238.101.222 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.1.252 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
redistribute bgp 65100 metric 100 metric-type 1 subnets route-map ospfmap
network 172.16.1.0 0.0.0.255 area 1
!
router bgp 65100
no synchronization
bgp log-neighbor-changes
network 63.238.101.220 mask 255.255.255.252
network 172.16.1.0 mask 255.255.255.0
network 172.17.35.0 mask 255.255.255.0
redistribute ospf 1 metric 110 match internal
neighbor 63.238.101.221 remote-as 209
neighbor 63.238.101.221 default-originate route-map defaultroute
neighbor 63.238.101.221 route-map bgp-inbound-filter in
neighbor 63.238.101.221 route-map colo out
no auto-summary
!
ip forward-protocol nd
!
ip as-path access-list 100 permit ^65100$
!
ip http server
no ip http secure-server
!
ip access-list standard aclospfmap
permit 63.238.101.220 0.0.0.3
permit 65.115.131.180 0.0.0.3
permit 63.238.101.176 0.0.0.3
permit 63.238.101.180 0.0.0.3
permit 63.238.101.216 0.0.0.3
permit 63.238.192.244 0.0.0.3
permit 63.148.199.16 0.0.0.3
permit 63.232.176.48 0.0.0.3
permit 172.16.201.0 0.0.0.255
permit 172.16.202.0 0.0.0.255
permit 172.16.203.0 0.0.0.255
permit 172.16.60.0 0.0.0.255
permit 172.16.36.0 0.0.0.255
permit 172.16.37.0 0.0.0.255
permit 172.16.70.0 0.0.0.255
permit 172.16.71.0 0.0.0.255
permit 172.16.65.0 0.0.0.255
permit 10.10.50.0 0.0.0.255
permit 10.80.8.0 0.0.1.255
ip access-list standard bgppermit
permit any
ip access-list standard colo
permit 172.16.100.0 0.0.0.3
permit 172.16.101.0 0.0.0.255
permit 172.16.102.0 0.0.0.255
permit 172.16.103.0 0.0.0.255
permit 172.16.104.0 0.0.0.255
ip access-list standard defaultroute
permit 0.0.0.0
ip access-list standard locallyadvertisednetworks
permit 172.16.0.0 0.0.15.255
permit 63.238.101.220 0.0.0.3
permit 172.17.35.0 0.0.0.255
ip access-list standard noprepend
permit any
ip access-list standard ospfpermit
permit any
!
!
route-map bgp-inbound-filter deny 10
description ***If any traffic comes in with an AS of 65100 (our as) deny it***
match as-path 100
!
route-map bgp-inbound-filter deny 20
description ***Do not accept advertised routes, that contain networks local to us***
match ip address locallyadvertisednetworks
!
route-map bgp-inbound-filter permit 30
description ***Allow all other traffic***
match ip address bgppermit
!
route-map colo permit 10
description ***Prepend colo network advertisements***
match ip address colo
set as-path prepend 65100 65100 65100
!
route-map colo permit 20
description ***Do not prepend any other traffic***
match ip address noprepend
!
route-map defaultroute permit 10
description ***Advertise a default route into BGP***
match ip address defaultroute
!
route-map ospfmap deny 10
description ***Do not redistribute into OSPF***
match ip address aclospfmap
!
route-map ospfmap permit 20
match ip address ospfpermit
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
no login
!
!
end
sl-mpls-ce#
Gateway of last resort is 172.16.1.254 to network 0.0.0.0
65.0.0.0/30 is subnetted, 1 subnets
B 65.115.131.180 [20/0] via 63.238.101.221, 01:41:27
172.17.0.0/16 is variably subnetted, 5 subnets, 2 masks
O IA 172.17.1.33/32 [110/2] via 172.16.1.1, 3d21h, FastEthernet0/1
C 172.17.35.0/24 is directly connected, Loopback0
O IA 172.17.1.31/32 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O IA 172.17.1.1/32 [110/1] via 172.16.1.1, 4d00h, FastEthernet0/1
O IA 172.17.1.101/32 [110/21] via 172.16.1.1, 4d00h, FastEthernet0/1
172.16.0.0/24 is subnetted, 24 subnets
O E1 172.16.200.0 [110/101] via 172.16.1.254, 01:56:00, FastEthernet0/1
O E1 172.16.202.0 [110/101] via 172.16.1.215, 01:56:00, FastEthernet0/1
O E1 172.16.60.0 [110/101] via 172.16.1.254, 01:56:00, FastEthernet0/1
O E1 172.16.36.0 [110/101] via 172.16.1.215, 01:56:00, FastEthernet0/1
O E1 172.16.37.0 [110/101] via 172.16.1.254, 01:56:00, FastEthernet0/1
O IA 172.16.32.0 [110/66] via 172.16.1.1, 01:56:05, FastEthernet0/1
O IA 172.16.33.0 [110/67] via 172.16.1.1, 3d21h, FastEthernet0/1
O IA 172.16.34.0 [110/67] via 172.16.1.1, 3d21h, FastEthernet0/1
O IA 172.16.31.0 [110/12] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.16.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.12.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.13.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.14.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.15.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.10.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.11.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
O 172.16.2.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O 172.16.3.0 [110/2] via 172.16.1.1, 4d00h, FastEthernet0/1
O IA 172.16.100.0 [110/22] via 172.16.1.1, 02:33:56, FastEthernet0/1
O IA 172.16.101.0 [110/22] via 172.16.1.1, 02:33:56, FastEthernet0/1
O E1 172.16.70.0 [110/101] via 172.16.1.215, 01:56:01, FastEthernet0/1
O E1 172.16.71.0 [110/101] via 172.16.1.254, 01:56:01, FastEthernet0/1
O E1 172.16.65.0 [110/101] via 172.16.1.215, 01:56:01, FastEthernet0/1
192.168.81.0/32 is subnetted, 1 subnets
B 192.168.81.1 [20/0] via 63.238.101.221, 01:41:29
B 192.168.80.0/24 [20/0] via 63.238.101.221, 01:41:29
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.13.0/24 [20/0] via 63.238.101.221, 01:41:31
O E1 10.10.50.0/24 [110/101] via 172.16.1.215, 01:56:03, FastEthernet0/1
O E1 10.80.8.0/23 [110/101] via 172.16.1.215, 01:56:03, FastEthernet0/1
B 192.168.0.0/24 [20/0] via 63.238.101.221, 01:41:31
63.0.0.0/30 is subnetted, 2 subnets
C 63.238.101.220 is directly connected, FastEthernet0/0
B 63.148.199.16 [20/0] via 63.238.101.221, 01:41:31
O*E1 0.0.0.0/0 [110/101] via 172.16.1.254, 01:56:03, FastEthernet0/1
sl-mpls-ce#
ASKER
On the SL-CE router I just did some testing
When redistributing ospf into BGP, if I make the metric anything less than 110, the routes show up as OSPF routes in other devices. If I make the metric 110 or higher, they show as B
When redistributing ospf into BGP, if I make the metric anything less than 110, the routes show up as OSPF routes in other devices. If I make the metric 110 or higher, they show as B
No the BGP metric (used for MED) is derived from the calculated OSPF metric when you redistribute into BGP from OSPF. So if you set the default metric to 375, then the MED in show ip bgp will be 375. If you don't set a default metric then it will be whatever it was in OSPF. If no MED is set then the default is 0, which is considered best.
But I can't figure out where you're seeing differences. In both routing tables the same routes are going to OSPF and to BGP. What am I missing in the comparision?
But I can't figure out where you're seeing differences. In both routing tables the same routes are going to OSPF and to BGP. What am I missing in the comparision?
Which other devices? Are these devices learning routes from OSPF directly and also from routes redistributed from BGP? The same thing happens the other direction-- a BGP MED value will become an OSPF metric.
Just to clarify, which router exactly is displaying routes from the wrong protocol? Show me show ip bgp and sho ip route from THAT router before and after your metric change.
Just to clarify, which router exactly is displaying routes from the wrong protocol? Show me show ip bgp and sho ip route from THAT router before and after your metric change.
ASKER
Its kind of a wacky setup. We have several mpls sites, all of which peer ebgp to provider. We also use metro ethernet for some sites. Our headquarters AND our hotsite BOTH have mpls and metro ethernet.
Metro ethernet runs ospf. So the other mpls sites will know about the metro ethernet sites, we are redistributing them
Also, since colo is our backup site, are advertising our headquarters too, but prepending it. We are redistributing ospf at our headquarters AND our backup site
Metro ethernet runs ospf. So the other mpls sites will know about the metro ethernet sites, we are redistributing them
Also, since colo is our backup site, are advertising our headquarters too, but prepending it. We are redistributing ospf at our headquarters AND our backup site
ASKER
Colo is backup site, sl is headquarters. Im on the road, but you can see sh ip bgp of colo before metric change, in the origimal post, after metric change, its in original post
Thx
Thx
ASKER
Im sorry i mean in my original post, you cAn see sh ip bgp BEFORE metric change
ASKER
After metric change, 172.16.1.0 etc show 20/0 in routing table
ASKER
The colo is the one showimg wrong routes
ASKER
before metric change
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 65.115.131.181 0 209 65100 i
*> 10.10.13.0/24 65.115.131.181 0 209 65107 i
*> 63.148.199.16/30 65.115.131.181 0 209 ?
*> 63.238.101.220/30
65.115.131.181 0 209 ?
*> 65.115.131.180/30
0.0.0.0 0 32768 i
* 172.16.1.0/24 65.115.131.181 0 209 65100 i
*> 172.16.100.2 130 32768 ?
* 172.16.2.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.3.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.10.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.11.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
Network Next Hop Metric LocPrf Weight Path
* 172.16.12.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.13.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.14.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.15.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.16.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.31.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.32.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.33.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.16.34.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
*> 172.16.100.0/24 0.0.0.0 0 32768 i
*> 172.16.101.0/24 172.16.100.2 130 32768 ?
* 172.17.1.1/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
Network Next Hop Metric LocPrf Weight Path
* 172.17.1.31/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.17.1.33/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
* 172.17.1.101/32 65.115.131.181 0 209 65100 ?
*> 172.16.100.2 130 32768 ?
*> 172.17.35.0/24 65.115.131.181 0 209 65100 i
*> 192.168.0.0 65.115.131.181 0 209 65107 ?
*> 192.168.80.0 65.115.131.181 0 209 65107 ?
*> 192.168.81.1/32 65.115.131.181 0 209 65107 ?
colo-ce-mpls#
Gateway of last resort is 65.115.131.181 to network 0.0.0.0
65.0.0.0/30 is subnetted, 1 subnets
C 65.115.131.180 is directly connected, FastEthernet0/0
172.17.0.0/16 is variably subnetted, 5 subnets, 2 masks
O IA 172.17.1.33/32 [110/2] via 172.16.100.2, 00:00:23, FastEthernet0/1
B 172.17.35.0/24 [20/0] via 65.115.131.181, 00:00:17
O IA 172.17.1.31/32 [110/2] via 172.16.100.2, 00:00:23, FastEthernet0/1
O IA 172.17.1.1/32 [110/2] via 172.16.100.2, 00:00:23, FastEthernet0/1
O IA 172.17.1.101/32 [110/1] via 172.16.100.2, 00:00:24, FastEthernet0/1
172.16.0.0/24 is subnetted, 25 subnets
O E1 172.16.200.0 [110/103] via 172.16.100.2, 00:00:19, FastEthernet0/1
O E1 172.16.202.0 [110/103] via 172.16.100.2, 00:00:19, FastEthernet0/1
O E1 172.16.60.0 [110/103] via 172.16.100.2, 00:00:19, FastEthernet0/1
O E1 172.16.36.0 [110/103] via 172.16.100.2, 00:00:19, FastEthernet0/1
O E1 172.16.37.0 [110/103] via 172.16.100.2, 00:00:20, FastEthernet0/1
O IA 172.16.32.0 [110/66] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.33.0 [110/67] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.34.0 [110/67] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.31.0 [110/12] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.16.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.12.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.13.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.14.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.15.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.10.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.11.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.1.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.2.0 [110/3] via 172.16.100.2, 00:00:25, FastEthernet0/1
O IA 172.16.3.0 [110/3] via 172.16.100.2, 00:00:26, FastEthernet0/1
C 172.16.100.0 is directly connected, FastEthernet0/1
O 172.16.101.0 [110/2] via 172.16.100.2, 2d04h, FastEthernet0/1
C 172.16.102.0 is directly connected, Loopback102
O E1 172.16.70.0 [110/103] via 172.16.100.2, 00:00:21, FastEthernet0/1
O E1 172.16.71.0 [110/103] via 172.16.100.2, 00:00:21, FastEthernet0/1
O E1 172.16.65.0 [110/103] via 172.16.100.2, 00:00:21, FastEthernet0/1
192.168.81.0/32 is subnetted, 1 subnets
B 192.168.81.1 [20/0] via 65.115.131.181, 00:00:20
B 192.168.80.0/24 [20/0] via 65.115.131.181, 00:00:20
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.13.0/24 [20/0] via 65.115.131.181, 00:00:20
O E1 10.10.50.0/24 [110/103] via 172.16.100.2, 00:00:21, FastEthernet0/1
O E1 10.80.8.0/23 [110/103] via 172.16.100.2, 00:00:21, FastEthernet0/1
B 192.168.0.0/24 [20/0] via 65.115.131.181, 00:00:22
63.0.0.0/30 is subnetted, 2 subnets
B 63.238.101.220 [20/0] via 65.115.131.181, 00:00:22
B 63.148.199.16 [20/0] via 65.115.131.181, 00:00:22
B* 0.0.0.0/0 [20/0] via 65.115.131.181, 00:00:22
colo-ce-mpls#
ASKER
after
Gateway of last resort is 65.115.131.181 to network 0.0.0.0
65.0.0.0/30 is subnetted, 1 subnets
C 65.115.131.180 is directly connected, FastEthernet0/0
172.17.0.0/16 is variably subnetted, 5 subnets, 2 masks
B 172.17.1.33/32 [20/0] via 65.115.131.181, 01:51:55
B 172.17.35.0/24 [20/0] via 65.115.131.181, 01:51:55
B 172.17.1.31/32 [20/0] via 65.115.131.181, 01:51:55
B 172.17.1.1/32 [20/0] via 65.115.131.181, 01:51:55
B 172.17.1.101/32 [20/0] via 65.115.131.181, 01:51:55
172.16.0.0/24 is subnetted, 25 subnets
O E1 172.16.200.0 [110/103] via 172.16.100.2, 01:53:11, FastEthernet0/1
O E1 172.16.202.0 [110/103] via 172.16.100.2, 01:53:11, FastEthernet0/1
O E1 172.16.60.0 [110/103] via 172.16.100.2, 01:53:11, FastEthernet0/1
O E1 172.16.36.0 [110/103] via 172.16.100.2, 01:53:11, FastEthernet0/1
O E1 172.16.37.0 [110/103] via 172.16.100.2, 01:53:11, FastEthernet0/1
B 172.16.32.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.33.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.34.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.31.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.16.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.12.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.13.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.14.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.15.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.10.0 [20/0] via 65.115.131.181, 01:51:56
B 172.16.11.0 [20/0] via 65.115.131.181, 01:51:57
B 172.16.1.0 [20/0] via 65.115.131.181, 01:51:57
B 172.16.2.0 [20/0] via 65.115.131.181, 01:51:57
B 172.16.3.0 [20/0] via 65.115.131.181, 01:51:57
C 172.16.100.0 is directly connected, FastEthernet0/1
O 172.16.101.0 [110/2] via 172.16.100.2, 2d04h, FastEthernet0/1
C 172.16.102.0 is directly connected, Loopback102
O E1 172.16.70.0 [110/103] via 172.16.100.2, 01:53:12, FastEthernet0/1
O E1 172.16.71.0 [110/103] via 172.16.100.2, 01:53:12, FastEthernet0/1
O E1 172.16.65.0 [110/103] via 172.16.100.2, 01:53:12, FastEthernet0/1
192.168.81.0/32 is subnetted, 1 subnets
B 192.168.81.1 [20/0] via 65.115.131.181, 01:51:57
B 192.168.80.0/24 [20/0] via 65.115.131.181, 01:51:57
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.13.0/24 [20/0] via 65.115.131.181, 01:51:57
O E1 10.10.50.0/24 [110/103] via 172.16.100.2, 01:53:13, FastEthernet0/1
O E1 10.80.8.0/23 [110/103] via 172.16.100.2, 01:53:14, FastEthernet0/1
B 192.168.0.0/24 [20/0] via 65.115.131.181, 01:51:58
63.0.0.0/30 is subnetted, 2 subnets
B 63.238.101.220 [20/0] via 65.115.131.181, 01:51:59
B 63.148.199.16 [20/0] via 65.115.131.181, 01:51:59
B* 0.0.0.0/0 [20/0] via 65.115.131.181, 01:51:59
colo-ce-mpls#
colo-ce-mpls#sh ip bgp
BGP table version is 30, local router ID is 172.16.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 65.115.131.181 0 209 65100 i
*> 10.10.13.0/24 65.115.131.181 0 209 65107 i
*> 63.148.199.16/30 65.115.131.181 0 209 ?
*> 63.238.101.220/30
65.115.131.181 0 209 ?
*> 65.115.131.180/30
0.0.0.0 0 32768 i
*> 172.16.1.0/24 65.115.131.181 0 209 65100 i
*> 172.16.2.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.3.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.10.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.11.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.12.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.13.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.14.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.15.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.16.0/24 65.115.131.181 0 209 65100 ?
Network Next Hop Metric LocPrf Weight Path
*> 172.16.31.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.32.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.33.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.34.0/24 65.115.131.181 0 209 65100 ?
*> 172.16.100.0/24 0.0.0.0 0 32768 i
*> 172.16.101.0/24 172.16.100.2 130 32768 ?
*> 172.17.1.1/32 65.115.131.181 0 209 65100 ?
*> 172.17.1.31/32 65.115.131.181 0 209 65100 ?
*> 172.17.1.33/32 65.115.131.181 0 209 65100 ?
*> 172.17.1.101/32 65.115.131.181 0 209 65100 ?
*> 172.17.35.0/24 65.115.131.181 0 209 65100 i
*> 192.168.0.0 65.115.131.181 0 209 65107 ?
*> 192.168.80.0 65.115.131.181 0 209 65107 ?
*> 192.168.81.1/32 65.115.131.181 0 209 65107 ?
colo-ce-mpls#
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
redistribute ospf 1 metric 110 match internal
That made Colo-CE see the subnets at SL-CE, as BGP, not OSPF. My question is, what is the lowest metric I could have used to accomplish this? I tried redistribute ospf 1 metric 10 match internal and they stayed as OSPF routes in Colo-CE