Routing with dual MPLS/BGP WANs

Unanswered Question

I am in the midst of installing a 2nd MPLS WAN to our branches and running into a bit of a problem.


In branches in which both MPLS clouds terminate into a single router I am getting a problem in which routes are swinging through the branch rather than one of the headend routers.


Is there a way to restrict advertisement of restricting advertisement to same AS marked networks? I would never want one of my branches to route any traffic other than their regional networks.


Right now I am getting intermittent route loops where a network goes around both MPLS clouds and never terminates.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
Loading.

I am running EIGRP as my IGP both at the core and at the branches.


Here is an example. This router is running BGP and EIGRP and is learning 192.168.52.0/24 from a GRE/VPN tunnel.


Routing entry for 192.168.52.0/24

Known via "bgp 65002", distance 20, metric 0

Tag 1803, type external

Redistributing via eigrp 1

Advertised by eigrp 1 metric 10000 1 255 1 1500

bgp 65002 (self originated)

Last update from 172.20.56.1 1w3d ago

Routing Descriptor Blocks:

* 172.20.56.1, from 172.20.56.1, 1w3d ago

Route metric is 0, traffic share count as 1

AS Hops 4

Route tag 1803


So instead of taking the direct path through the tunnel it goes out through MPLS1 to a single router branch then off to MPLS2 back to another hub router and then back to original hub router via EIGRP...


Known via "eigrp 1", distance 170, metric 258816

Tag 1803, type external

Redistributing via eigrp 1

Advertised by bgp 65002

Last update from 10.250.11.4 on FastEthernet1/0, 19:24:22 ago

Routing Descriptor Blocks:

* 10.250.11.4, from 10.250.11.4, 19:24:22 ago, via FastEthernet1/0

Route metric is 258816, traffic share count is 1

Total delay is 110 microseconds, minimum bandwidth is 10000 Kbit

Reliability 255/255, minimum MTU 1500 bytes

Loading 1/255, Hops 1


Hub 1, I assume, is choosing to go through the WAN because the administrative cost is lower for a BGP learned route than an EIGRP learned route.


I really don't want this sort of thing to happen ever.





bjornarsb Sun, 05/13/2007 - 09:53

Hi,


As far as I can see you either need to manipulate the EIGRP metrics or run EBGP on your branches.


The actual cisco advice is to run EBGP between the CE and the PE. Then its a lot more easier to influence routing with parameters like for instance Local Preference.



HTH


Regards,

Bjornarsb

I do run EBGP at the branches. In the branches in question they are configured as follows..


router bgp 65002

bgp log-neighbor-changes

neighbor 172.21.109.81 remote-as 1803

neighbor 172.26.171.1 remote-as 13979

!

address-family ipv4

neighbor 172.21.109.81 activate

neighbor 172.26.171.1 activate

no auto-summary

no synchronization

network 172.21.109.80 mask 255.255.255.252

network 192.168.71.0

network 192.168.171.0

network 208.0.248.104 mask 255.255.255.252

exit-address-family

!


Here is one of the head routers...

router bgp 65002

bgp log-neighbor-changes

neighbor 172.20.56.1 remote-as 1803

!

address-family ipv4

redistribute static route-map PavoniaDMZ

neighbor 172.20.56.1 activate

auto-summary

no synchronization

network 10.250.11.0

network 151.139.0.0

network 170.61.0.0

network 172.17.0.0

network 172.18.0.0

network 172.20.0.0

network 172.20.56.0

network 172.21.0.0

network 172.22.0.0

network 172.23.0.0

network 172.24.0.0

network 172.27.0.0

network 172.30.0.0

network 192.168.52.0

network 192.168.54.0

network 192.168.252.0

network 199.105.176.0

network 208.134.161.0

exit-address-family


It is configured the same way on the other hub router but it is pointing to AS 13979.




mohammedmahmoud Sun, 05/13/2007 - 10:41

Hi,


We need to see where you do the redistribution between EBGP and EIGRP, please post a topology and the configuration of one of the affected routers and one of the hub routers, this might be a mutual redistribution problem.


BR,

Mohammed Mahmoud.

I posted that information upthread. Sorry, I thought I had responded to you.


I suspect it is a mutual redistribution problem.


So my topology is as follows.


Branchrouter1(AS65002)---MPLS1(AS1803)---HUB1---CoreNetwork1(AS65002)


Branchrouter1(AS65002)---MPLS2(AS13979)---HUB2---CoreNetowrk1(AS65002)


The 2 HUBS are connected via EIGRP but NOT BGP. They are both redistributing the same networks.


Should I create an IBGP connection between the 2 HUBS?



Here is what I get when I do sho commands


sho ip route 192.168.52.0

Routing entry for 192.168.52.0/24

Known via "bgp 65002", distance 200, metric 258816, type internal

Redistributing via eigrp 1

Last update from 10.250.11.5 00:02:18 ago

Routing Descriptor Blocks:

* 10.250.11.5, from 10.250.11.5, 00:02:18 agosho ip eigrp 1 topology 192.168.52.0

IP-EIGRP (AS 1): Topology entry for 192.168.52.0/24

State is Passive, Query origin flag is 1, 1 Successor(s), FD is 256256

Routing Descriptor Blocks:

172.20.56.1, from Redistributed, Send flag is 0x0

Composite metric is (256256/0), Route is External

Vector metric:

Minimum bandwidth is 10000 Kbit

Total delay is 10 microseconds

Reliability is 255/255

Load is 1/255

Minimum MTU is 1500

Hop count is 0

External data:

Originating router is 10.150.200.13 (this system)

AS number of route is 65002

External protocol is BGP, external metric is 0

Administrator tag is 1803 (0x0000070B)


sho ip bgp 192.168.52.0

BGP routing table entry for 192.168.52.0/24, version 25172

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Advertised to update-groups:

1

Local

10.250.11.5 from 10.250.11.5 (172.26.252.2)

Origin incomplete, metric 258816, localpref 100, valid, internal, bes



Route metric is 258816, traffic share count is 1

AS Hops 0



mohammedmahmoud Sun, 05/13/2007 - 11:30

Hi,


As far as i understand EIGRP is only implemented between HUB1 and HUB2, why not running iBGP and then we can play with BGP, and remove the EIGRP redistribute problem, and what do you mean by "They are both redistributing the same networks" ?


HTH, please do rate all helpful replies,

Mohammed Mahmoud.

mohammedmahmoud Sun, 05/13/2007 - 12:54

Hi,


Lets build up the case logically, the branch routers run eBGP with both MPLS clouds, while each of the head routers run eBGP with only one of the MPLS clouds.


Both MPLS clouds send the routes to the branch routers, but the problem is that routing loops occur at the branch router.


Am i correct till now ?


Please send FULL routing configuration for the 2 hub routers and one of the affected branch routers.



HTH,

Mohammed Mahmoud.

Actions

This Discussion