Solved: MPLS

anthony.dyne · ‎08-11-2010

Hi 2 All

I got little idea about MPLS and routing. Can someone help me to find solution to my concern.

We got Two DataCenter and 65 small regional sites.

DC1 connects to DC2 via Fiber and backup link 10MB with Broadband.

In order to have remote branch connectivity DC1 connects to SP MPLS cloud with 20MB all 65 remote sites connects to DC1 using SP MPLS link.

For Lan Segment all sites use OSPF as routing protocol and SP uses BGP for MPLS connectivity.

We plan to connect DC2 to the MPLS cloud with 10MB. Once this link is connected ; routing issues would start.

What would be an ideal way to configure routing so that DC1 or DC2 prefer Fiber as primary connection, broadband as secondary connection and if both are down then MPLS link to communicate. How would I handle the 65 regional office traffic.

Please give me some advice

Best wishes

Anthony

gatlin007 · ‎08-12-2010

Anthony,

You are correct that unconditional mutual redistribution would create some undesirable routing behavior.

If the mutual redistribution is conditional then you'll be fine. For the example environment perhaps the scheme below would work.

It's important that OSPF routes learned from BGP are not allowed to be advertised back into BGP. In order to prevent this give the OSPF routes learned from BGP a unique tag number at redistribution. A route-map used in OSPF to BGP redistribution will prevent those tagged routes from being re-advertised to BGP.

The service provider router (PE) will announce the opposing data center prefixes and these will get redistributed into OSPF as external routes. In this case this is not a problem as the OSPF internal route will always be preferred over an external route.

This scheme will allow the enterprise WAN routers (CE) to announce both data centers prefixes. In order to ensure predicable traffic pathing the BGP attribute AS-Path should be adjusted so each data center receives traffic destined to it directly. Create a prefix-list containing the opposing data center prefixes and increase the AS-Path as the routes are advertised to the PE. This will cause these routes to look unattractive in the MPLS cloud.

If your service provider will accept BGP communities set by you the customer; then there is more flexibility to this.

###################

route-map BGP2OSPF permit 10
set tag 999
exit

route-map OSPF2BGP deny 10
match tag 999
exit

route-map OSPF2BGP permit 20

# This pefix-list should contain all subnets
# from opposing data center
ip prefix-list OtherDataCenter 192.168.1.0/24

route-map OSCAR permit 10
match ip address prefix-list OtherDataCenter
set as-path prepend 3599 3599
exit

router ospf 10
redistribute bgp 3599 subnets route-map BGP2OSPF
exit

router bgp 3599
redistribute ospf 10 match internal external 1 external 2 route-map OSPF2BGP
neigbor 11.11.11.11 route-map OSCAR out
exit

Chris

View solution in original post

gatlin007 · ‎08-11-2010

If both data centers have connections to the MPLS cloud insist each data center have its own unique BGP ASN. At this point you can peer eBGP between DC1 and DC2 over the non-MPLS private line circuit. The p2p circuit between the two data centers will look better in BGP because routes will have a short AS path attribute than routes over the MPLS network. Adjust local-pref and AS-path as needed so that the broadband comes in second in the event of a fiber failure and MPLS third.

Chris

anthony.dyne · ‎08-11-2010

Hi 2 All & Chris,

I didnt understood your 1st line in the reply. SP will configure all our sites in one BGP cloud.

DC1 and DC2 are configured to use OSPF for both links i.e Fiber and Broadband.

what are my best options to overcome my concerns.

Best wishes

Anthony

gatlin007 · ‎08-11-2010

Anthony,

Without a drawing it's difficult to know how your routing will work.

If all WAN circuits terminate on a single router you will have an admin distance issue. eBGP routes form the MPLS cloud will look more attractive at 20 while OSPF routes are 110. Therefore all your traffic will traverse the MPLS network. If this is the case bringing all routes in a eBGP and adjusting local-pref and AS-path is attractive. This is strictly WAN; internet BGP is another issue entirely.

If you terminate the WAN circuits on different routers and redistribute into OSPF then chances are the OSPF routes over the fiber link will look better; however this is highly dependant on your topology.

Chris

jean.moncada · ‎08-11-2010

I would go with the bgp solution Christopher recommended since that would update all routes dynamically between DC1,DC2 and MPLS Cloud and provide the redundancy you are looking for by using as-path prepends and preferences , If you do not want to setup ebgp between DC1 and DC2 then you can do IP SLA tracking but that will require the use of static routes. see http://www.ciscoblog.com/archives/2008/08/dynamic_failove.html for more info regarding this. You would just need to add a higher metric to your DC2 10mb connection to the mpls cloud. But once again it would be better if you setup ebgp between DC1 and DC2.

anthony.dyne · ‎08-11-2010

Hi 2 All , Chris,

This is the connection view, can you guide me what would I need now.

DC1.......................Fiber.......................DC2 /# Sw 4500 at DC1 connects to Sw 4500 at DC2

DC1......................Broadband................DC2 /# Sw 4500 at DC1 connects to Sw 4500 at DC2

DC1......................................MPLS..............SP /# 2811 router at DC1 connects to SP

Sw4500 at DC1 on port fa 0/24 connects to MPLS router 2811 which connects to SP

MPLS Router fa 0/0 connects to Sw4500

MPLS router fa 0/1 connects to SP

DC1................................................................DC2

>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

: :

MPLS MPLS

: :

SP SP

anthony.dyne · ‎08-11-2010

Hi Jean

If I understood your post correctly you advice to run BGP only on the links interface between DC1 and DC2 i.e Fiber and broadband.

LAN Segment would continue using OSPF.

How do I transform the above into configuration. What additional config steps I need on MPLS Router

best wishes

Anthony

gatlin007 · ‎08-11-2010

Anthony,

Is it looking something like this?

If this is the case your internal OSPF routes between the two data centers should look better than external OSPF routes from the MPLS cloud. Adjusting the OSPF cost of interfaces terminating the Fibre and Broadband circuits should allow you to determine which one is preferred. If both the Fibre and broadband circuits go down inter-datacenter traffic should use the MPLS network.

A word of caution in regard to using a LAN switch to terminate WAN circuits. The queuing options available on a LAN switch are not as granular as a WAN router. You may be disappointed in your QoS options in the WAN with that Catalyst 4500.

Chris

anthony.dyne · ‎08-12-2010

Hi2All

Chris i got the same setup as u mentioned. i would get intoTwo Mutual redistribution ; one at DC1 and one at DC2.

This would also cause routing issues? correct me if I m wrong.

Mutual redistribution would inject routing information, something like this

router ospf 10

redistribute bgp 3599 subnets

router bgp 3599

redistribute ospf 10 subnets

best wishes

Anthony

gatlin007 · ‎08-12-2010

Anthony,

You are correct that unconditional mutual redistribution would create some undesirable routing behavior.

If the mutual redistribution is conditional then you'll be fine. For the example environment perhaps the scheme below would work.

It's important that OSPF routes learned from BGP are not allowed to be advertised back into BGP. In order to prevent this give the OSPF routes learned from BGP a unique tag number at redistribution. A route-map used in OSPF to BGP redistribution will prevent those tagged routes from being re-advertised to BGP.

The service provider router (PE) will announce the opposing data center prefixes and these will get redistributed into OSPF as external routes. In this case this is not a problem as the OSPF internal route will always be preferred over an external route.

This scheme will allow the enterprise WAN routers (CE) to announce both data centers prefixes. In order to ensure predicable traffic pathing the BGP attribute AS-Path should be adjusted so each data center receives traffic destined to it directly. Create a prefix-list containing the opposing data center prefixes and increase the AS-Path as the routes are advertised to the PE. This will cause these routes to look unattractive in the MPLS cloud.

If your service provider will accept BGP communities set by you the customer; then there is more flexibility to this.

###################

route-map BGP2OSPF permit 10
set tag 999
exit

route-map OSPF2BGP deny 10
match tag 999
exit

route-map OSPF2BGP permit 20

# This pefix-list should contain all subnets
# from opposing data center
ip prefix-list OtherDataCenter 192.168.1.0/24

route-map OSCAR permit 10
match ip address prefix-list OtherDataCenter
set as-path prepend 3599 3599
exit

router ospf 10
redistribute bgp 3599 subnets route-map BGP2OSPF
exit

router bgp 3599
redistribute ospf 10 match internal external 1 external 2 route-map OSPF2BGP
neigbor 11.11.11.11 route-map OSCAR out
exit

Chris

anthony.dyne · ‎08-12-2010

Chris thanks alot for helping on this post.

Best Wishes

Anthony