Solved: Adding network into BTs BGP autonomous system.

smith606306 · ‎09-30-2010

We are about to implement a new back up to our remote sites. We are using BT IP clear ADSL service and their request is for us to set up a BGP

Autonomous system so we can redistribute into their cloud.On reading up on this it states not to use BGP if you only have one connection leaving your network. We have over a hundred remote sites with 5 subnets in each. We are currently running OSPF.

Can some one guide me in the right direction?

Attached is a basic layout of our network

Jon Marshall · ‎09-30-2010

smith606306 wrote:

We are about to implement a new back up to our remote sites. We are using BT IP clear ADSL service and their request is for us to set up a BGP

Autonomous system so we can redistribute into their cloud.On reading up on this it states not to use BGP if you only have one connection leaving your network. We have over a hundred remote sites with 5 subnets in each. We are currently running OSPF.

Can some one guide me in the right direction?

Attached is a basic layout of our network

Andrew

When you say "on reading up on this" presumably you are not referring to BT literature ?

You are correct in that if you only have one entry and exit point to each site there is no real need for BGP. However from my dealings with BT (although this was a couple of years back) they really only support BGP when you connect to their MPLS network. Sounds like this is still their position. You can use OSPF/static routing etc. but only if the SP supports it and i don't think BT do. It's basically for their ease of administration ie. BGP learned routes from you are automatically redistributed via MP-BGP to the other BT PE devices.

So you will need to run BGP between your CE device and the BT PE device. You will then have to redistribute the BGP routes you receive from their PEs into OSPF running on your CEs. To advertise your local networks you can either redistribute OSPF into BGP on your CE or use "network" statements on your CEs which is what we did.

It's important to understand that with this solution each OSPF process is isolated to each site so you only need one OSPF area per site. As for the BGP AS we used the same AS at all sites and used the "allowas-in 1" command under the router bgp config although if you want you can use separate BGP AS numbers at each site.

Edit - with a 150 sites it may well be pressing BT on whether they support anything else although i suspect that is when they will start offering their managed services ie. they manage the CE device in each site for you.

Jon

View solution in original post

Jon Marshall · ‎10-29-2010

smith606306 wrote:

Thanks. Does anyone have any config. examples or a link to a design guide? I am not getting much help from BT at the minute and the 1st install is soon.

Andrew

Do you mean config for the BGP scenario ?

If so each site has 5 subnets so i would use network statements under BGP config rather than redistribute OSPF into BGP. If you can summarise the networks even better eg.

router bgp 65111

neighbor 1.1.1.1 remote-as 65000 <-- where 65000 is BT AS number

neighbor 1.1.1.1 allowas-in 1 <-- this means you can use the same AS number (65111) in all your sites

network 192.168.1.0 mask 255.255.255.0

network 192.168.2.0 mask 255.255.255.0

etc. for your subnets

note if you are peering with BT on loopbacks which they sometimes do then you would need to do the following in addition to the above -

1) add a route to your ADSL router telling it how to get to the BT loopback eg.

ip route 255.255.255.255 x.x.x.x <-- where x.x.x.x is the IP of the physical interface on the BT PE router

2) add this to your BGP config -

neighbor 1.1.1.1 ebgp-multihop 2

Note also that for the network statements above eg 192.168.1.0 255.255.255.0 etc. to be advertised there must be an exact match in the IGP routing table, so if you do a "sh ip route" you should see a route for 192.168.1.0 with a /24 subnet mask. If you can summarise your networks then you can either -

1) use the "aggregate-address ...." command under your BGP config

or

2) create a static route to null for that summary address on your CE router eg.

ip address 192.168.1.0 255.255.252.0 null0

and then under your bgp config simply do -

network 192.168.1.0 mask 255.255.252.0

and remove the individual /24 network statements.

Under your OSPF config -

router ospf 10

redistribute bgp 65111 subnets

Jon

View solution in original post

Jon Marshall · ‎11-22-2010

smith606306 wrote:

We have installed this on a test network and its working ok. I have given BT a list of all our subnets from remote sites(about 500 in all) and they have entered them into their BGP AS.

I have just realised that as we are migrating from a BT SDSL solution to a BT ADSL solution gradually over the next 4 months there will be a routing problem. As the routes start to appear on our network in the BGP routing tables they will be redistributed into OSPF which means there will now be 2 routes to the subnets as the SDSL circuits will still be live until they are cut over.

We are going to have to put an access-list in with all the subnets in so they are not redistributed onto OSPF immediately and then each site will be taken off the access-list when it has been cut over and on the new service.

Would we set up a distribute liste a route filter or a route map.

Andrew

You can use a route-map under the OSPF config on your routers. One thing that concerns me is how are the 2 networks going to communicate ie.

site1 has been moved over to ADSL

site2 is still on SDSL

Is the SDSL network on MPLS or not. If not do you have a central site that all SDSL links come into ? I ask because as you move sites over to MPLS the non-MPLS sites need to know how to get to these sites. If all the SDSL is coming into one central site then that is the place to move traffic between non MPLS and MPLS. Does this make sense ?

Jon

View solution in original post

Jon Marshall · ‎09-30-2010

smith606306 wrote:

We are about to implement a new back up to our remote sites. We are using BT IP clear ADSL service and their request is for us to set up a BGP

Autonomous system so we can redistribute into their cloud.On reading up on this it states not to use BGP if you only have one connection leaving your network. We have over a hundred remote sites with 5 subnets in each. We are currently running OSPF.

Can some one guide me in the right direction?

Attached is a basic layout of our network

Andrew

When you say "on reading up on this" presumably you are not referring to BT literature ?

You are correct in that if you only have one entry and exit point to each site there is no real need for BGP. However from my dealings with BT (although this was a couple of years back) they really only support BGP when you connect to their MPLS network. Sounds like this is still their position. You can use OSPF/static routing etc. but only if the SP supports it and i don't think BT do. It's basically for their ease of administration ie. BGP learned routes from you are automatically redistributed via MP-BGP to the other BT PE devices.

So you will need to run BGP between your CE device and the BT PE device. You will then have to redistribute the BGP routes you receive from their PEs into OSPF running on your CEs. To advertise your local networks you can either redistribute OSPF into BGP on your CE or use "network" statements on your CEs which is what we did.

It's important to understand that with this solution each OSPF process is isolated to each site so you only need one OSPF area per site. As for the BGP AS we used the same AS at all sites and used the "allowas-in 1" command under the router bgp config although if you want you can use separate BGP AS numbers at each site.

Edit - with a 150 sites it may well be pressing BT on whether they support anything else although i suspect that is when they will start offering their managed services ie. they manage the CE device in each site for you.

Jon

smith606306 · ‎10-29-2010

Thanks. Does anyone have any config. examples or a link to a design guide? I am not getting much help from BT at the minute and the 1st install is soon.

Jon Marshall · ‎10-29-2010

smith606306 wrote:

Thanks. Does anyone have any config. examples or a link to a design guide? I am not getting much help from BT at the minute and the 1st install is soon.

Andrew

Do you mean config for the BGP scenario ?

If so each site has 5 subnets so i would use network statements under BGP config rather than redistribute OSPF into BGP. If you can summarise the networks even better eg.

router bgp 65111

neighbor 1.1.1.1 remote-as 65000 <-- where 65000 is BT AS number

neighbor 1.1.1.1 allowas-in 1 <-- this means you can use the same AS number (65111) in all your sites

network 192.168.1.0 mask 255.255.255.0

network 192.168.2.0 mask 255.255.255.0

etc. for your subnets

note if you are peering with BT on loopbacks which they sometimes do then you would need to do the following in addition to the above -

1) add a route to your ADSL router telling it how to get to the BT loopback eg.

ip route 255.255.255.255 x.x.x.x <-- where x.x.x.x is the IP of the physical interface on the BT PE router

2) add this to your BGP config -

neighbor 1.1.1.1 ebgp-multihop 2

Note also that for the network statements above eg 192.168.1.0 255.255.255.0 etc. to be advertised there must be an exact match in the IGP routing table, so if you do a "sh ip route" you should see a route for 192.168.1.0 with a /24 subnet mask. If you can summarise your networks then you can either -

1) use the "aggregate-address ...." command under your BGP config

or

2) create a static route to null for that summary address on your CE router eg.

ip address 192.168.1.0 255.255.252.0 null0

and then under your bgp config simply do -

network 192.168.1.0 mask 255.255.252.0

and remove the individual /24 network statements.

Under your OSPF config -

router ospf 10

redistribute bgp 65111 subnets

Jon

smith606306 · ‎10-29-2010

When you refer to the neighbor 1.1.1.1 is this the address of the site or the address of the BT interface?

Jon Marshall · ‎10-29-2010

smith606306 wrote:

When you refer to the neighbor 1.1.1.1 is this the address of the site or the address of the BT interface?

Andrew

That is the address of the BGP peer ie. the BT PE router. It is usually the IP address of the interface you are connecting to and it may well be a private address eg. 192.168.x.x rather than a public IP.

Jon

smith606306 · ‎11-22-2010

We have installed this on a test network and its working ok. I have given BT a list of all our subnets from remote sites(about 500 in all) and they have entered them into their BGP AS.

I have just realised that as we are migrating from a BT SDSL solution to a BT ADSL solution gradually over the next 4 months there will be a routing problem. As the routes start to appear on our network in the BGP routing tables they will be redistributed into OSPF which means there will now be 2 routes to the subnets as the SDSL circuits will still be live until they are cut over.

We are going to have to put an access-list in with all the subnets in so they are not redistributed onto OSPF immediately and then each site will be taken off the access-list when it has been cut over and on the new service.

Would we set up a distribute liste a route filter or a route map.

Jon Marshall · ‎11-22-2010

smith606306 wrote:

We have installed this on a test network and its working ok. I have given BT a list of all our subnets from remote sites(about 500 in all) and they have entered them into their BGP AS.

I have just realised that as we are migrating from a BT SDSL solution to a BT ADSL solution gradually over the next 4 months there will be a routing problem. As the routes start to appear on our network in the BGP routing tables they will be redistributed into OSPF which means there will now be 2 routes to the subnets as the SDSL circuits will still be live until they are cut over.

We are going to have to put an access-list in with all the subnets in so they are not redistributed onto OSPF immediately and then each site will be taken off the access-list when it has been cut over and on the new service.

Would we set up a distribute liste a route filter or a route map.

Andrew

You can use a route-map under the OSPF config on your routers. One thing that concerns me is how are the 2 networks going to communicate ie.

site1 has been moved over to ADSL

site2 is still on SDSL

Is the SDSL network on MPLS or not. If not do you have a central site that all SDSL links come into ? I ask because as you move sites over to MPLS the non-MPLS sites need to know how to get to these sites. If all the SDSL is coming into one central site then that is the place to move traffic between non MPLS and MPLS. Does this make sense ?

Jon

smith606306 · ‎11-22-2010

We have static routes to each site for each subnet with a 200 weight on. We are intending to remove these statements when the new connection comes online.

smith606306 · ‎11-30-2010

I can redistribute all the networks from BGP into OSPF but I want to migrate them gradually using a route-map.

the config I have tried and failed with is:

IP access-list standard 26

permit 10.20.196.0 0.0.0.255

route-map BGP_OSPF permit 26

match ip address 26

router ospf 100

redistribute bgp 65169 subnets route-map BGP_OSPF

using this config all the routes still redistribute

can someone please advise me where I am going wrong, should i use distribute-lists or prefix-lists?

smith606306 · ‎12-03-2010

Thanks for your help John.

The config we are going to use is:

router ospf 100
log-adjacency-changes
redistribute static subnets
redistribute bgp 65169 subnets route-map BGP_OSPF
network 10.1.1.0 0.0.0.255 area 0
network 192.168.40.0 0.0.0.15 area 0
default-information originate
!
router bgp 65169
bgp log-neighbor-changes
network 192.168.1.8 mask 255.255.255.252
neighbor 192.168.1.10 remote-as 65000
neighbor 192.168.1.10 update-source GigabitEthernet5/48
!
ip classless
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip http server
!
!
ip prefix-list BGP_OSPF seq 5 permit 10.18.123.0/24
ip prefix-list BGP_OSPF seq 15 permit 10.20.123.0/27
!
route-map BGP_OSPF permit 5
match ip address prefix-list BGP_OSPF
!
route-map BGP_OSPF deny 50
!