I have (3) sites connected via MPLS and currently we are doing static routes between three sited. We are designing and configuring OSPF between these sites. Once the OSPF is functional we will be calling our MPLS provider to setup a BGP routing from each CE to PE router. The question is regarding redistribution of OSPF into BGP. In this scenrio, do I need to redistribute one way only such as redistribute OSPF into BGP or two-way redistribution. I don't think that I will need to redistribute BGP into OSPF.
You definitely needs to redistribute OSPF into BGP
If you only have one exit router, having a default information originate under the OSPF process should be sufficient.
Thanks! The MPLS router doesn't provide Internet service. We have a Juniper Firewall that connects directly to the Internet. In short, the MPLS router is only for Internal connection between our three sites. In this case, I don't think I will need to announce default route into our MPS router managed by ISP. Right!
The default route does not automatically implies Internet connectivity but the ability to forward all routes to a device hence minimizing the routing table.
Do you have a Juniper FW at each location?
Does the Juniper FW inject the default route into OSPF?
If the MPLS router is just for internal connectivity (not the main GW out of your network), then you will need to redistribute BGP into OSPF.
Below is one of the configs from MPLS router. yes, we have Juniper at each location and currently the Juniper doesn't inject the default router into OSPF. We will do that once OSPF is in place. The MPLS routers are basically to connect 3 sites. The config below can shed some more lights. The goal is to enable OPSF at each sites and redistribute OSPF into BGP so we can move away from static routes. We want to stay away from redistributing BGP into OSPF. As far as I understand, If you have a MPLS router that currently configured for site to site connetivity as well as the Internet then basically one has two choices either redistribute full BGP or partial BGP into your network or simply default route to ISP. Since we are not using MPLS router for Internet connectivity, I am trying to understand whether we need to redistribute BGP into OSPF for site-to-site connectivity or just simply redistribute OSPF into BGP so the MPLS router can learn internal routes and distribute to other sites and vice versa.
description connection to LAN
ip address 10.1.52.101 255.255.255.0
no ip redirects
no ip proxy-arp
ip route-cache flow
no ip mroute-cache
no cdp enable
service-policy output LAN-EGRESS
description connection to PE Router
ip address 188.8.131.52 255.255.255.252
no ip redirects
no ip proxy-arp
ip route-cache flow
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
service-module t1 fdl both
no cdp enable
service-policy output CE_EGRESS
router bgp 65009
no bgp log-neighbor-changes
network 10.0.0.0 mask 255.255.255.0
neighbor 184.108.40.206remote-as 7018
neighbor 220.127.116.11 default-originate
ip route 0.0.0.0 0.0.0.0 10.0.0.251
You will only have few routes in BGP (subnets learned from remote locations) so redistributing BGP into OSPF is not a big deal.
Without redistributing BGP into OSPF, your internal OSPF routers won't know to reach the MPLS router when sending traffic towards the remote locations. This step is needed for the whole routing design to work.
I noticed you are peering with itself, any reasons for that? There is also a default route being injected into BGP, why?
I also noticed you have a network 10.0.0.0 mask 255.255.255.0 under BGP.
You need to make sure you have 10.0.0.0/24 in your routing table, else it won't be advertised with BGP.
If you want to advertise your LAN subnet on BGP, the correct network statement is:
network 10.1.52.0 mask 255.255.255.0
Thank you Edison for your great explanation. The configuration was put in place by ISP and am not comfortable with it. I am designing everything from scratch. Once I complete the design I would like to share with you to get your feedback. Would you mind giving me your personal email address where I can share the information and get your feedback if you are okay with that.
I will design/configure in phases. In first, phase I am going to configure OSPF between two locations that are connected via Ethernet Hand off (100MB). In 2nd phase, I will confiugre MPLS/BGP since this connectivity is only for the back up if the primary connection goes down.
I have two sites. Main site has Cisco 4500 layer III switch and the Colo has Cisco 3560 Layer III Swith with the following VLANs.
Interface vlan 2
ip address 10.2.2.1/24 connects to the Ethernet Hands off circuit to colo
interface vlan 3
ip address 10.41.1.1/24 (Server Farm)
Interface Vlan 4
ip address 10.42.1.1/24 (Users)
Interface Vlan 5-11 connect to different resources
Interface Vlan 2
ip address 10.2.2.2/24-----connects to the Main site through Ethernet Circuit
interface vlan 2
ip address 10.21.1.1/24 (Server Farm)
Here is what I will do:
I will put ip subnet (10.2.2.0/24) connection between two sites in OSPF area 0
For all the VLANs in Main site will put on OSPF area 1
For all the VLANs in Colo will put on OSPF area 2
Later, when I enable OSPF between each site internal switch and MPLS router, and do two-way redistribution, should I put those interface on both sites of the MPLS circuit in a different area such as AREA 3 for the main site, and AREA 4 for the Colo or shoud they be part of AREA 0 or I can just put in the same LAN AREA 1 for the main site AREA 2 for the Colo.
Feedback will be appreciated.
I don't recommend enabling OSPF on the Ethernet Handoff.
I recommend configuring BGP and BGP Best Path Algorithm will be used for primary/backup purposes.
Per your design, it will automatically choose the Ethernet line over the MPLS because it has a shorter AS Path length.
You didn't mention the device being used for the MPLS connection but if the device is other than the one used on the Ethernet hand-off, then I recommend configuring iBGP between them.
You can still run OSPF in the LAN and redistribute from OSPF into BGP as needed (either with redistribution or network statement).
From BGP into OSPF, you have 2 choices. Either redistribute BGP into OSPF or configure a default information originate under the OSPF process so all traffic will be forwarded upstream to these devices while limiting the size of the OSPF routing table.
First of all Thanks for your continuing feedback.
Our MPLS routers are separate than Ethernet Hand off cirucit routers. Ethernet Handoff is just a layer II circuit between our two switches and I won't need to do any configuration there.
My idea was to enable ospf between our two switches connected via Ethernet Handoff. and then configure ospf on our MPLS routers. Once this is in place then we will redistribute BGP-OSPF and OSPF-BGP on our MPLS routers. I thought this is the preferred method after reading some design books, but you are suggesting that you wouldn't recommend that and instead enable BGP into our switches and inteconnect them with MPLS router through IBGP. Any reasons, you would suggest this type of design. I thought BGP is not a preferred choice for internal connectivty.
Your ethernet handoff is not an internal connectivity, is a MAN/WAN connection.
Running OSPF via one connection while BGP via another connection can bring some interesting design issues with route filtering, traffic engineering, among other things.
You will have better control if BGP separates your locations.
I'm not saying your current proposal will not work but you will be limited.