07-28-2009 12:09 PM - edited 03-04-2019 05:34 AM
I have two main networks connected to an MPLS cloud.
Network A is the corporate facility it has its own internet.
Network B is the collocation facility it also has its own internet.
On the MPLS cloud I have 100 remote sites that use the internet out of corporate.
I would like to use the internet out the colo site for the remote locations and have the corporate site be the backup.
The BGP configurations for corporate and colo is below.
Corporate router BGP setup
router bgp 65001
network 0.0.0.0 mask 0.0.0.0
network 172.16.0.0 mask 255.255.254.0 ( I do not want to prepend the 172.16.0.0/23 network)
redistribute static metric 254
neighbor 152.176.58.193
remote-as 65000
Colo router BGP setup
router bgp 65001
network 0.0.0.0 mask 0.0.0.0
network 172.16.11.0 mask 255.255.255.0
no auto-summary
neighbor 147.225.85.213 remote-as 65000
I believe the best solution is to perform a BGP prepend at the corporate site.
Can someone assist me with a sample route-map using the above information that applies to corporate?
Thanks a lot
Juan
Solved! Go to Solution.
08-03-2009 07:04 AM
The IP source address will be your neighbor IP so if your neighbor is 172.16.11.1 and you want to change the distance for all routes coming from that neighbor, the syntax is:
distance 254 172.16.11.1 0.0.0.0
Keep in mind, all BGP routes - eBGP and iBGP will be modified to the new administrative distance.
HTH,
__
Edison.
07-28-2009 01:19 PM
ip prefix-list Quad0 permit 0.0.0.0/0
route-map Quad0
match ip address prefix-list Quad0
set ip as-path prepend 65001 65001
router bgp 65001
neighbor x.x.x.x route-map Quad0 out
HTH,
__
Edison.
07-29-2009 07:49 AM
Edison,
Thanks a lot for your input.
Quick question:
The 65001 AS is the one the ISP assigned to me which is the same for all my sites.
I use this one not the one that is configured to my neighbor BGP peer x.x.x.x 65000?
Can you also provide me a link that I can review more of the theory regarding this kind of setup?
Kind regards,
Juan
07-29-2009 09:02 AM
Hello Juan,
your own AS number is the only safe choice for prepending in real world scenario:
the reason is that eBGP has a built loop avoidance mechanism that says:
"don't accept BGP routes if their BGP AS path attribute already contains my AS number"
so if you would prepend your peer AS number you would get a negative effect: prepended routes would be silently discarded on peer side.
Hope to help
Giuseppe
07-29-2009 10:24 AM
Couldn't find a good Cisco link at the moment but Google turns up a good book online with a portion freely available at this link http://tinyurl.com/ksycqu
Giuseppe has addressed your other query.
HTH,
__
Edison.
07-30-2009 12:28 PM
Great link thank you.
I made the changes and all went well.
I still have one small issue and I'm not sure how to overcome it.
Here is a quick breakdown of the hardware.
At corporate I have a Cisco layer 3 switch running OSPF only. From this switch I have a Metro E to the Colo to another Layer 3 switch that runs OSPF/BGP.
At Corporate I have a router that connects to the MPLS.
This router has a leg into the layer 3 switch and runs OSPF / BGP
At the colo my layer 3 switch runs both OSPF/BGP.
Everything routes the way it should but when I add the main local networks at corporate BGP configuration (network 172.16.0.0/23) and at colo (172.16.11.0/24) The routes get advertise on the MPLS cloud like they should but that path is not the Metro E anymore (THis is 50 Mbps) it is the MPLS 9 Mbps.
These two networks I would like to keep them on the Metro E segment.
If you care to review here is my protocol configuration for corporate and colo. I have tried several things and non seem to work.
The main goal is to use the Metro E link as the primary between colo and corp.
Remote sites use colo as primary for internet and 172.16.11.0/24
Remote site use corp only for 172.16.0.0/23
Remote sites use corp as secondary for internet.
Corp use MPLS as secondary for internet out colo.
CORP-ADT-RT-001#show run | be router
router ospf
network 172.16.9.10 0.0.0.0 area 0
network 192.168.200.254 0.0.0.0 area 0
redistribute bgp subnets metric 100
!
ip prefix-list MATCHALL seq 10 permit 0.0.0.0/0 le 32
ip prefix-list NOPREPEND seq 10 permit 172.0.0.0/23
!
route-map PREPEND permit 1
match ip address prefix-list NOPREPEND
set metric 10
route-map PREPEND permit 10
match ip address prefix-list MATCHALL
set as-path prepend 65001 65001 65001 65001
!
router bgp 65001
no auto-summary
no synchronization
distance bgp 100 100 100
network 0.0.0.0 mask 0.0.0.0
network 152.176.58.192 mask 255.255.255.252
redistribute static metric 254
neighbor 152.176.58.193
no default-originate
route-map PREPEND out
soft-reconfiguration inbound
remote-as 65000
!
COLO-CSC-SW-001#show run | be router
router ospf 1
log-adjacency-changes
redistribute bgp 65001 metric 50 subnets
network 172.16.9.0 0.0.0.7 area 0
network 172.16.11.0 0.0.0.255 area 0
network 172.16.12.9 0.0.0.0 area 0
network 172.16.13.0 0.0.0.255 area 0
network 192.168.200.252 0.0.0.0 area 0
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
neighbor 147.225.85.213 remote-as 65000
no auto-summary
!
In anycase thanks a lot for your help.
Regards,
Juan
07-31-2009 08:10 AM
eBGP routes will be preferred over the OSPF routes due to the Administrative Distance (eBGP = 20 - OSPF = 110)
If you want to want to choose the OSPF link over the BGP link, you will have to decide to either increase the eBGP AD or decrease the OSPF AD.
You can also send summaries on BGP while keeping the specific routes on OSPF but this requires some planning to avoid any subnet overlapping.
HTH,
__
Edison.
07-31-2009 11:48 AM
Thanks again Edison and makes perfect sense because.
The BGP distance command is what I should use.
Should I configure the distance for the neighbor or the distance for external, internal, and local?
If I configure the distance for external, internal, and local is it fine to make the distance 120 for all of them or should I apply different values?
Thanks a lot
Juan
07-31-2009 11:59 AM
Per neighbor administrative distance isn't allowed in IOS, you need to change the administrative distance globally (affecting all incoming BGP routes) under the BGP process.
By default, External is 20 and iBGP and local are 200. Leave the last 2 as 200 and change eBGP to 120.
HTH,
__
Edison.
07-31-2009 12:02 PM
Edison,
I will try these changes and give you an update next week.
Thank so much for your assistance.
During this process I'm also studying for my CCNP and with your assistance a lot of light bulbs are flashing as I read the redistribution chapters and BGP.
Much appreciated.
Regards,
Juan
07-31-2009 12:06 PM
Glad to be of help on your current network issue and good luck on your studies.
Feel free to post back on these forums whenever you run into a problem with your Cisco products.
Regards,
07-31-2009 12:51 PM
Hello Edison,
Actually, I believe that there is a way to define something akin' to per-neighbor administrative distance.
See the BGP command "distance" (no "distance bgp"). It allows you to set an administrative distance for a defined source of information and possibly for networks announced by that source. You can define a different administrative distance individually for each neighbor, thereby overriding the default iBGP and eBGP administrative distance.
As an example, the command
distance 254 10.0.12.2 0.0.0.0
will assign the administrative distance of 254 to all routes advertised from the BGP peer 10.0.12.2.
Best regards,
Peter
07-31-2009 01:05 PM
Peter,
Yes, that's one option.
08-01-2009 05:08 AM
you could also send summary roue thorugh bgp and keep ospf more spicific this way the more spicific will be chosen regardless the AD number
08-02-2009 03:12 PM
if colo and corp with the same BGP AS goes through the cloud for each other i believe isp is using as-overide?
should admin distance be changed to prefer OSPF, it will fix both sites to use metro-E backdoor, but it will affect remote site's to go through OSPF route as well, due to remote ip redistribute into OSPF.
per neighbor admin distance is feasible but not practical if there are a lot of remote ip.
would this come down to ip address design as per Marwan's suggestion, provided both sites can summarise the routes.
if there is a better solution please let me know.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide