Solved

iBGP OSPF interaction

Posted on 2007-12-03
9
1,205 Views
Last Modified: 2009-12-16
Hi there! I've got a question regarding iBGP and OSPF. A bit confused really...Hope someone can clear it up.

Here's what we got:


ISP1  ISP2                 ISP1  ISP2
     |  |                              |   |
     |  |                              |   |
   Router1 -------------  Router2

Now router1 amd 2 are running iBGP and OSPF. I've got the following links between us and ips1 and 2:


Router1 --- isp1 - 195.xx.xx.xx/29
Router1 --- isp2 - 87.xx.xx.164/30

Similar for router 2:

Router2 --- isp1 - 195.xx.xx.xx/29
Router2 --- isp2 - 87.xx.xx.200/30

OSPF is running between the 2 routers (For iBGP TCP connection), only one interface is included in ospf (only the one that connects the 2 routers) which makes sense. I didn't set this up, but just trying to understand why under ospf, the subnets connected to isp1 and 2 are included in the network statement on both routers?

 I am not sure what the purpose is but wouldn't we be ok just by including our network subnet in the network statement and not the whole lot especially since we are using 'no synchronisation' under BGP? We are advertising only 2 subnets (see below) in BGP.

i.e.

router ospf 10
net 195.xx.xx.xx/29  (does this need to be here??)
net 87.xx.xx.164/30   (does this need to be here??)
net 91.x.x.x/23 (our network)
net net 195.x.x.x/24 (our network)

Similar setup on both routers for OSPF. Just trying to understand the interaction of iBGP and OSPF. I hope I have explained this well enough?

0
Comment
Question by:mmbecks7
  • 5
  • 4
9 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 250 total points
ID: 20396635
Thsi is done because BGP will not modify the next hop attribute unless to do so. So, routes recieved
from ISP1 and ISP2 will have a next hop of the IP address of the interface of ISP1 and ISP2 routers.
When your routers receive route information from ISP1 and ISP2 the next HOP will not change no matter how many routers into your network you go. So, for your routers to know how to get to the next hop or even better for your router to install those routes, the next hop must be reachable.

Example. lets say the connection to ISP1 and ISP2 goes down on router 2, router two has a route for isp1 via BGP from router1, however the next hop will be the ISP1 peering interface. Router 2 will not know how to get there unless the interface is in OSPF.

make sense?

harbor235 ;}
0
 
LVL 32

Expert Comment

by:harbor235
ID: 20396668
Oops typo:

This is done because BGP will not modify the next hop attribute unless told do so. So, routes recieved
from ISP1 and ISP2 will have a next hop address  of the IP addresses of the peering interfaces of each ISP1 and ISP2 router.  When your routers receive route information from ISP1 and ISP2 the next HOP will not change no matter how many routers into your network you go. So, for your routers to know how to get to the next hop or even better for your routers to install those routes, the next hop must be reachable.

Example. lets say the connection to ISP1 and ISP2 goes down on router 2, router two has a route for isp1 via BGP from router1, however the next hop will be the ISP1 peering interface. Router 2 will not know how to get there unless the interface is in OSPF.

make sense?

harbor235 ;}


0
 

Author Comment

by:mmbecks7
ID: 20396760
Thanks for that! Yes that makes complete sense :) If we were using 'neighbor xx.xx.xx.xx next-hop-self' with our peers for both iBGP and eBGP would we then not need to do this? Or will this still be needed?

Also, Could we use static routes instead of ospf, e.g?

many thanks
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 32

Expert Comment

by:harbor235
ID: 20397233
next-hop-self will modify this behavior and is a viable solution. However, a dynamic routing protocol is far superior to static routing. There are failure scenarios with static routing that potentially will black hole your traffic, what you have in place is a solid configuration, why do you wish to change it?

Ideally, you want a configuration that will give you high availability, your configuration does that.
You may think about adding a weighted static route tied to an interface, this would allow you to route traffic even though BGP faled but your connection is still up.

Without further details I would say your config is fine. The one thing that sticks out to me is that you have two connections per router (ISP1 and ISP2), are they geographically diverse? You have the cross
connect between Router 1 and router 2, from my perspective and a limited view of your configuration I do not see why you need 4 external connections, 2 should be fine. Again, do not change anything , there may be a reason for this.

harbor235 ;}
0
 

Author Comment

by:mmbecks7
ID: 20397874
No I won't be changing it lol Just wanted to satisfy my curiousity :) So it wouldn't harm to have the next-hop-self command and also include all above interfaces in ospf?

Using static routes - Would I need to setup a static route to each interface (the one to isp1 and one to isp2?) - Just out of curiousity :)

Regarding your question, yes the 2 providers are geographically diverse (but we are getting full routes from isp1 and parital from isp2 (cheaper :)) and we are running hsrp on the routers.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 20400771
If you have the peering interfaces in OSPF there is no need to use the next-hop-self, but it should not hurt anything.

As far as the statics go , I would as statics as a backup to routes not in your BGP table (maybe because of filtering on BGP down). I would add a static to each peering router with a different cost, this will give you 3 possible failover links, I would also track the interface so if the interface goes down the route is withdrawn.

harbor235 ;}
0
 

Author Comment

by:mmbecks7
ID: 20407537
Many thanks for your help! This clarified my doubts!
0
 

Author Comment

by:mmbecks7
ID: 20407546
I was wondering if u provide consultancy services? :)
0
 
LVL 32

Expert Comment

by:harbor235
ID: 20407559

If you like here is my outside email address.

harbor235@gmail.com

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WiFi Routers with Guest Network capability 14 75
Issues cloning my HDD to SSD 12 90
Windows 10 - Devices and Printers slow loading 29 136
Public DNS  Vs BGP 20 26
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question