• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2498
  • Last Modified:

OSPF and BGP Routing config advice

I need some advice and help on the best way to construct proper routing for a DS3 MPLS circuit.  The DS3 is replacing all my P2P T1's.  Right now, I run OSPF for me LAN & P2P WAN's.  6509 is my core and I deploy 1751V & 2811's at the WAN.  The HQ end of the P2P T1's are into 2621.  The 2621's will go away when the circuit is moved to the DS3 and terminated into the 6509.

The 6509 OSPF is:

router ospf 1
 log-adjacency-changes
 network 172.20.0.0 0.0.255.255 area 0
 network 192.168.0.0 0.0.255.255 area 0

The 192.168.xx s are my data VLANs and the 172.20.xx are for Voice.  I will be constructing QoS maps to tag the traffic.  I will be running Voice across DS3 to remotes.

The remotes OSPF is simple:
interface Serial0/0
 description T1
 ip address 192.168.255.250 255.255.255.252
 no fair-queue
 service-module t1 clock source internal
 service-module t1 remote-alarm-enable
 service-module t1 fdl att
!
router ospf 1
 log-adjacency-changes
 redistribute connected
 network 192.168.255.248 0.0.0.3 area 0

(The F/E interface is 192.168.13.254)

The ISP wants to run BGP on the MPLS and based on the parameters they provided I came up with the followng for the remote router.:

router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 172.20.13.0 mask 255.255.255.0
 network 192.168.13.0
 neighbor xx.xx.xx.xx remote-as 12345
 neighbor xx.xx.xx.xx version 4
 neighbor xx.xx.xx.xx soft-reconfiguration inbound  no auto-summary

I assume that the xx.xx.xx.xx will be the IP that the ISP will provide.
The network statements are the internal subnets I need to route.  

I guess I am confused as to what is needed.  I was always taught not to mix interior and exterior routing protocols.  But I want to utilize them to avoid coding static routes.  So I need to ensure that all the routes are know at the core and the remotes.  any suggestions and examples would be appreciated.  I have never worked with BGP before....
Thx
0
NYGatorFan
Asked:
NYGatorFan
  • 5
  • 5
1 Solution
 
Don JohnstonInstructorCommented:
Something doesn't make sense. I've never done (or heard) of using BGP with private addresses. BGP is used primarily when connecting to the internet. Private addresses aren't allowed on the internet.
0
 
NYGatorFanAuthor Commented:
Frame relay was across public network and I have seen private IP's.  I received late today the public IP pair that they want me to use.  I assume their side of the pair is what I code in the "neighbor" statements.  

I have to figure that the internal private IP's may be encapsulated in the MPLS Layer 2 VPN (??).  
0
 
Don JohnstonInstructorCommented:
You've pretty much got it figured out.

In BGP, the network statements define the network you want to advertise. The neighbor statements define the routers you will be exchanging updates with.

You are correct that mixing IGPs and EGPs can cause issues. The biggest is when you try to redistribute a large BGP table into an interior protocol. Most of the time either a default route is used or the exterior routes are filtered before redistributing them into the interior protocol.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
NYGatorFanAuthor Commented:
That is what I am trying to figure out here.  I imagine my service provider will prefix the routes so I don't see their whole network.  So if you don't want to code statics, how do you get around thqat except by redistributing?

I don't understand a few things here...
- Do I need to run OSPF and BGP at the remotes?  Why not jsut use BGP with the network stmts?
- At the core, I need to run BGP in rder to talk to my remotes.  And I need to run OSPF to route my interior VLANs.  I also run OSPF on the remotes who have not yet been migrated from the P2P T1 to the MPLS DS3 circuit.
- How do redistribute the BGP routes into my OSPF?

0
 
Don JohnstonInstructorCommented:
>Do I need to run OSPF and BGP at the remotes?
You can. That's what is typically done.

>Why not jsut use BGP with the network stmts?
You could do that too. That'd be a pretty unusual setup though.

>How do redistribute the BGP routes into my OSPF?
In your OSPF config, include the line "redistribute BGP 65000"
If you have subnetted networks, you'll need to add "subnets" to the end.
0
 
NYGatorFanAuthor Commented:
>>Do I need to run OSPF and BGP at the remotes?
>You can. That's what is typically done.

I don't understand the reason to run both OSPF and BGP at the remotes....won't they be advertising the same subnets back into the core?

>>How do redistribute the BGP routes into my OSPF?
>In your OSPF config, include the line "redistribute BGP 65000"
>If you have subnetted networks, you'll need to add "subnets" to the end.

I do have subnets....  all are Class C's.  But am I going to need to be specific on the BGP etwork statements?  Below is what I have in the 6509 at the moment (the DS3 is not turned up yet)

!
router ospf 1
 log-adjacency-changes
 network 172.20.0.0 0.0.255.255 area 0
 network 192.168.0.0 0.0.255.255 area 0
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 172.20.0.0
 network 192.168.0.0 mask 255.255.0.0
 neighbor 1.1.1.1 remote-as 99999
 neighbor 1.1.1.1  version 4
 neighbor 1.1.1.1  soft-reconfiguration inbound
 no auto-summary
!

As you can see, I mask the the 192.168 and 172.20 as Class B's even though the subnets are class C's

SInce OSPF and BGP seem to be adverstiding the same subnets on my core.  Will this cause me trouble?  Thinking about it, it seems to make some sense to use the actual Class C subnets in the BGP  network statements at the  REMOTE locations.  But the OSPF "redistribute connected" is still going to be broadcasting the remote into my Area 0.
0
 
Don JohnstonInstructorCommented:
I think you're missing the function of the network statements.

In OSPF, the network statements define which CONNECTED networks are classified as OSPF. It also defines which interfaces your will be sending and receiving OSPF updates on. These statements DO NOT define which networks you will be advertising.

In BGP, the network statement performs a completely different function. It defines which network (in your routing table) you will be advertising.

>I don't understand the reason to run both OSPF and BGP at the remotes....

Because OSPF is an interior routing protocol. IGP's are better in multipath (relatively) small networks than EGP's.

>won't they be advertising the same subnets back into the core?
No, because you won't be running OSPF into the core.

>I do have subnets....  all are Class C's.
You mean that you have class A or B addresses with a /24 mask? Then yes, you'll the "subnets" keyword. Otherwise, OSPF will only advertise classful networks.

>But am I going to need to be specific on the BGP etwork statements?
Absolutely! The network that you specify MUST exist in the routing table EXACTLY as configured in the network statement. Otherwise you could be advertising a network that you don't know about.

What is the IP of the MPLS link?
0
 
NYGatorFanAuthor Commented:
On my core 6509, sh ip route ospf displays the remote's subnet and the router interface it needs to go through to reach it.  That is because I have redistribute connected. So if I understand what you are telling me, coding the same subnet in a BGP network statement is going to broadcast that same subnet in its routing table.  I don't know BGP admin distance value but i assume it would be preferred over OSPF's 110??   So I guess I am still confused what you mean that I won't be running OSPF into the core.  I am doing that now so it seems.  

I don't have the IP of the MPLS link....they just give me the IP of the BGP neighbor.
0
 
Don JohnstonInstructorCommented:
You are correct. OSPF is (currently) running through the "Core" to the remote sites.

But it sounds like your MPLS provider is going to require you to run BGP. So we're comparing apples to oranges. You may be running OSPF over your T1's now, but "The ISP wants to run BGP on the MPLS" which means no more OSPF.
0
 
NYGatorFanAuthor Commented:
I basically found my own solution.

At the remote site, I no longer need to run OSPF.  I removed OSPF and coded the following BGP:

router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 172.20.13.0 mask 255.255.255.0
 network 192.168.130.0 mask 255.255.255.0
 neighbor 1.1.1.1 remote-as 99999
 neighbor 1.1.1.1  version 4
 neighbor 1.1.1.1  soft-reconfiguration inbound
 no auto-summary

At my core, I still needed my OSPF for my LANs and other remotes not converted over into the MPLS / DS3 cloud.

But I needed the following routes and BGP statements:  
These routes were referred to as "Black Hole Routes".  Meant to fool BGP.  My remotes will be a more exact match because they wil lbe advertising Class C (/24) networks into my core.
ip route 192.168.0.0 255.255.0 0 null0
ip route 172.20.0.0 255.255.0.0 null0

router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 172.20.0.0 mask 255.255.0.
 network 192.168.0.0 mask 255.255.00
 neighbor 1.1.1.3 default-originate  
 neighbor 1.1.1.3 remote-as 99999
 neighbor 1.1.1.3  version 4
 neighbor 1.1.1.3  soft-reconfiguration inbound
 no auto-summary

The gotcha for me was the "neighbor default-originate" statement.  From the remote, I could access everything in the HQ location.  But I could not access the internet.   My called my ISP and the guy said that with BGP you need to redistribute the default route of the "hub" location.  I Googled "BGP default route" and found this statement. When I added it, I could see the internet from the remote location.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now