Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

OSPF issue

Dear netpro

i am having one issue with one of my customer running OSPF as PE-CE.

he is advt. me one pool 10.219.1.96/28 from PE1 .

But when I do trace from PE4 it goes to PE3---CE3---PE2---CE1.

Infact it should go directly to PE1-CE1

He is not advt this pool from CE3. When we change redistribution metric to 15 at PE1 to MPBGP problem get resolved .

But this seems to be temporary solution and I am seeking another solution to this issue.

Some output might be useful (Also attached diagram)

PE1#sh ip route vrf CE-M 10.219.1.96

Routing Table: CE-M

Routing entry for 10.219.1.96/28

Known via "ospf 4", distance 110, metric 20

Tag 125, type extern 2, forward metric 1

Redistributing via bgp 1234

Advertised by bgp 1234 match internal external 1 & 2

Last update from 10.254.225.74 on GigabitEthernet2/0/0.187, 03:51:52 ago

Routing Descriptor Blocks:

* 10.254.225.74, from 10.254.225.78, 03:51:52 ago, via GigabitEthernet2/0/0.187

Route metric is 20, traffic share count is 1

Route tag 125

PE4#sh ip route vrf CE-M 10.219.1.96

Routing entry for 10.219.1.96/28

Known via "bgp 1234", distance 200, metric 20, type internal

Redistributing via ospf 6

Advertised by ospf 6 subnets

Last update from 202.123.47.228 10:21:41 ago

Routing Descriptor Blocks:

* PE3 (Default-IP-Routing-Table), from RR, 10:21:41 ago

Route metric is 20, traffic share count is 1

AS Hops 0

PE3#sh ip route vrf CE-M 10.219.1.96

Routing entry for 10.219.1.96/28

Known via "ospf 6", distance 110, metric 20

Tag 125, type extern 2, forward metric 5

Redistributing via bgp xxxx

Advertised by bgp 1234 match internal external 1 & 2

Last update from 10.254.224.110 on GigabitEthernet8/1.318, 04:02:22 ago

Routing Descriptor Blocks:

* 10.254.224.110, from 10.254.225.78, 04:02:22 ago, via GigabitEthernet8/1.318

Route metric is 20, traffic share count is 1

Route tag 125

Regards

mahesh

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: OSPF issue

Mahesh,

I had provided the sample config in a previous post. This need to be done on the router where the route (10.219.1.96/28) gets redistributed into OSPF.

Please refer to the following post for the configuration sample:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Service%20Providers&topic=MPLS&topicID=.ee8558c&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cd2496b/13#selected_message

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
27 REPLIES

Re: OSPF issue

Mahesh,

This is normal, PE4 learns Network 10.219.1.96 from PE3 & PE1, PE4 performs normal BGP best path selection process:

1- The higest Wieght

2- The highest local preference.

3- The Shortest AS-Path.

4- Lowest Origin Code.

5- Lowest med Value

6- prefer the ebgp learned route over the ibgp learned route.

So, if all becomes eually the same, The tie breaker would be the (Lowest Med value).

Why? The OSPF cost is copied into the BGP MED attribute, if you check it you will find that the OSPF learned Networl has cost of 20, and typically being copied into the BGP Med , the result is the same, when you modify the OSPF Cost to lower than 20, The BGP prefer the Lower Med path.

However, In most of the cases, Modifying the OSPF cost is not recommended since it could result in a routing loop, I would therfor recommend to modify the VPNv4 session's local preference for this Network rather than modifying the OSPF Cost.

HTH

Mohamed

Cisco Employee

Re: OSPF issue

Mohamed,

It is actually normal to see the BGP MED being set as the ospf cost. This is how IOS is implemented.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Cisco Employee

Re: OSPF issue

Mahesh,

10.219.1.96/28 is being seen as an E2, which means that the metric is seen as 20 by the RR for the path coming from PE1, PE2 and PE3. Given that the IGP metric to these PEs is probably the same, the selection is probably based on lowest RID.

Try changing the default from E2 to E1. Note that either the path through PE2 -> CE1 or PE1 -> CE1 will be choosen if they have equal cost.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Harold, I saw your posts when I tried to post this, but I was trying to explain what was going on and I could not help myself from posting after writing all this :-) I didn't change anything I had written using information on your posts though.

Cisco Employee

Re: OSPF issue

Not a problem Maria. It is always good to have more than more perspective on a given situation.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Hello,

Ok, this is a hard scenario to comprehend, but I think I am beginning to understand the problem.

When you trace, the packets are forwarded usually in the opposite direction of the route propagation. If you have a look at the diagram you posted (which is very helpful to visualize things and I have to congratulate you on drawing it), you will see what's happening with the route when it first comes from CE1.

CE1 advertises route to both PE1 and PE2. PE2 sends network to CE3, which sends it to PE3. So, PE3 has an OSPF path to the network and so does PE1. 2 routes reach your RR and RR chooses the route via PE3 and passes it to PE4.

If you have followed all this path, you will see that the basic problem is the following: the metric information is lost when you redistribute at various points. When you redistribute from OSPF into MP-BGP, PE uses OSPF metric to set the BGP MED. When PE redistributes routes back from BGP into OSPF, the PE uses MED to set the OSPF metric. When you use default-metric or metric option in redistribute command, this behavior is overridden, because you directly reset the metric.

Local preference might be better than manipulating metrics and MEDs, but you may also consider the following: when you redistribute, you could try not re-setting the metrics. This way you will be able to propagate a metric that reflects the fact that the alternative backup path is less preferred. I think you need to also have a metric-type 1 (external type 1 routes) in OSPF to achieve this metric propagation end-to-end, but honestly this case was so hard for me, I think my head is going to explode right now and I can't decide if it is actually needed (have a look at the "forward metric"'s of the OSPF routes at PE1 and PE3, those are different but the forward metric is not considered in external type 2 routes).

I also think that the MED is not the reason the route is chosen by RR (I think both routes have a metric of 20 propagated as a BGP MED of 20). I think the algorithm goes further down (I don't know your network in more detail, but it could be something like: closest backbone path to BGP next-hop), and you manage to overcome that by forcing the algorithm to stop at an earlier point and decide based on MEDs.

If I made a mistake, I am sorry, but this is not easy, especially without access to routers to see what's going on.

Kind Regards,

M.

Re: OSPF issue

Harold & Maria,

I might be misunderstanding some thing here, The original poster claimed that from PE4 thr route to Network 10.x.x.x is not taking the direct path , rather its taking the path toward the RR.

He said when he redistributed the Network from OSPF into BGP with a cost of 15, the path was choosen.

We are talking about PE4 here, PE4 doesnt know about OSPF and its only has 2 IBGP session with both RR and PE1. The route from PE4 was prefered cause it prefered the lowest MED value because the OSPF cost is copied into the BGP MED attribute.

Also, Cisco doesnt recommend changing the OSPF cost cause its copied into the BGP MED, and could result in a routing loop.

The recommendation has been introduced when RIP and OSPF is involved an being redistributed into BGP. Its also clear when Implementing a sham link to correct customer OSPF backdoor link in MPLS-VPN Scenarios.

Hope I clarified my point,

Mohamed

Cisco Employee

Re: OSPF issue

Mohamed,

I do not think the original poster mentioned anything about the packets from PE4 to CE1 going through the RR. From the attached diagram, it seems like the issue is that the packets goes through PE3 in order to get to CE1, which is a suboptimal path.

PE4 only receives one path and it is the one that has already been selected by the RR.

Since all three path received from PE1, PE2 and PE3 have equal MED (copied from the ospf E2 cost) and that the IGP cost from the RR to the 3 PEs is the same, the best path selection on the RR is based on the lowest RID, which seems to be PE3 in this case. Selection of the best path based on RID in this case is not ideal obviously.

One solution is to use an E1 instead of the E2, which would reflect the internal cost to the ASBR. The internal cost would then be reflected to the BGP MED, which would cause the updates from PE1 and PE2 to be equal as they both have a direct link to CE1 (assuming the PE-CE link cost is the same for both links). RR will then select either PE1 or PE2 based on RID.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Hi Harold,

Pls look at the bellow paragraphs:

--""he is advt. me one pool 10.219.1.96/28 from PE1 .

But when I do trace from PE4 it goes to PE3---CE3---PE2---CE1.

Infact it should go directly to PE1-CE1

He is not advt this pool from CE3. When we change redistribution metric to 15 at PE1 to MPBGP problem get resolved ""--

My previous post was based on the above and the output from (sh ip route 10.x Network),He also mentioned a direct path between PE1-CE1 from PE4.

HTH

Mohamed

Cisco Employee

Re: OSPF issue

Mohamed,

This route is being redistributed at all PEs from ospf to BGP. Here's the show ip route from PE3 showing this:

PE3#sh ip route vrf CE-M 10.219.1.96

Routing entry for 10.219.1.96/28

Known via "ospf 6", distance 110, metric 20

Tag 125, type extern 2, forward metric 5

Redistributing via bgp xxxx <++++++++++++ Redistributed

Advertised by bgp 1234 match internal external 1 & 2 <++++++++++++++++++ Advertised

Last update from 10.254.224.110 on GigabitEthernet8/1.318, 04:02:22 ago

Routing Descriptor Blocks:

* 10.254.224.110, from 10.254.225.78, 04:02:22 ago, via GigabitEthernet8/1.318

Route metric is 20, traffic share count is 1

Route tag 125

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Community Member

Re: OSPF issue

Ok guys,

thanks for your reply. What i want is if My prefix 10.219.1.96/28 is advertised form PE2 to CE3 and when it come back to PE3 it should be ignored if down-bit is set.

Now say it is external route so down-bit might not be there (As per my understanding, not sure) so what is the other mechanism so that my PE3 will ignore this route.

Moreover How will I convert external 2 to external 1.

Please let me know for any more clarity and any more output required from my side

Really happy to see valueable input from guys.

Regards

mahesh

Cisco Employee

Re: OSPF issue

Mahesh,

The down bit will only be set if the routes is redistributed from BGP to OSPF, which should not be the case in your scenario as PE3 receives 10.219.1.96/28 via OSPF.

You can convert from external type 2 (default) to external type 1 by adding some reconfiguration on the redistribute command (where 10.219.1.96/28 is redistributed in OSPF for instance):

redistribute metric-type 1

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Hi Harold,

I know the route is being redistributed and advertised on PE3. what I mean the Route at PE4 is learned via BGP not OSPF.. (My main concern was PE4).

Mahesh,

The (Down-bit) in the LSA header is supported to prevent routing loop, what it does, it will certainely makes sure the packet are never back to the original router.

You can simply disable the (Down-bit) check, the only way to do this is by configuring (Capability vrf-lite) under the OSPF process at your PE.

Since you have a Multi VRf CE router, you need to disable the Down-bit check at your PE.

In order to have E1 route reflected at the ASBR, you will have to set it as External-type 1 when redistributed on your ASBR PE router.

HTH

Mohamed

Cisco Employee

Re: OSPF issue

Mohamed,

That is the point. PE4 learns the route via BGP but only learns one path as the RR has already decided which path coming from PE1, PE2 and PE3 is the best. The issue currently is that the RR considers all of these paths equals and select the best one based on the RID.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Cisco Employee

Re: OSPF issue

Mohamed,

One more thing. Where did you see that the CEs were multi-VRF.

The purpose of the down bit would normally be to prevent a route that has been received from BGP and redistributed into OSPF to be reinjected into BGP. This specific route we are discussing is not redistributed from BGP but rather redistributed from some other protocol on CE1.

By the way, the cisco implementation doesn't use the down bit for the purpose of loop prevention for type 5 LSAs but only for type 3 LSAs. The type 5 LSAs loop prevention is done via the external route tag.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Harold,

I havent seen multi-vrf CE router, I assumed that or why else he wants to disable the down bit check?

The Second point:

I though the Cisco implementation takes the (Down-bit) for both Type-5 & 3 LSAs.

Thanks for the valuable info.

Mohamed

Re: OSPF issue

Harold,

By the way:

"From what you were saying regarding the (Down-bit) which makes sure the route from BGP when gets redistributed is never back, then the book needs to be corrected.

FROM what written and illustrated on the BOOK: The Down bit check has to be disabled in a multi-vrf CE router which should be configured on the PE connecting the Multi-vrf CE router. This doesnt include BGP or any redistribution from BGP to OSPF.

This Harold was shown by a diagram and written as well in (VRF-Lite) Implementation which doesnt include BGP!

Greatly appreciate your clarification,

Mohamed

Cisco Employee

Re: OSPF issue

Hi Mohamed,

Could you please give me a pointer to the book that you are referring to.

The only device that will set the down bit is the PE and as I said it will do it only for summary LSAs (type 3 LSAs).

It is true that if you receive a type 3 LSA on a CE running VRF-lite that you need to disable the down bit check using the command "capability vrf-lite" but this does not apply to type 5 LSAs.

I am still not sure were you saw that the original poster was using VRF-lite on the CE.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Hi Harold,

The book I was referring to is (MPLS Fundamentals), However, its well explained in MPLS VPN Architecture Volume 2 chapter 4 (Virtual router connectivity), while its not in MPLS fundamentals.

Thanks Harold for the info,

Mohamed

Community Member

Re: OSPF issue

Hi all,

Customer is not running multi vrf.

His main agenda is listern what customer is telling "if I have given prefix to PE1 why you are giving me back from PE2 to CE3 and again why your PE3 accepting this route back "

Why unnecessarily my BW from PE3 to CE3 utilised.

Guys I am seeking solution. route tag is the mechanism but my PE is not supporting same.

Does SOO solve this problem. I have also tried same but I can't see any soo cummunity when attached at PE1.

Ultimately what is the solution and solution should not be temporary (As I have already applied temporary solution by reducing metric)

Also provide me config of solution if possible or any link to that document

Regards

Mahesh

Cisco Employee

Re: OSPF issue

Mahesh,

I have already provided you the solution, which is to change the metric-typ from 2 to 1. Did you try it?

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Hello,

I totally agree with Harold. He has provided a good solution at a very early stage in this conversation. I independently thought of the same thing and suggested it, and although I was not very confident at the time, now that I think more clearly, I support Harold's view of this case. Any other solution means more configuration from your side in a non-scalable way. Keeping end-to-end metric information at redistribution points will ensure you will not soon face similar issues with other networks being accessible by any potential backup path that exists now and in the future.

Kind Regards,

M.

p.s. Also note that Harold typically provides good solutions at complex issues and helps everybody here to learn for years now.

And your issue doesn't have to do with SOO. SOO is typically utilized to solve issues with loops in routing information. You do not have such a problem here. Routing information flows correctly. The issue is that routing information does not have enough in it to make an educated decision about the preferred path. You need to inject more details in the routing information so that paths that are not equal are indeed considered as such.

Community Member

Re: OSPF issue

Dear Harold,

Can you provide me config as how can i change metric type 2 to 1. Do I need to do at PE or should I ask customer to do at CE.

Please guide

Regards

mahesh

Silver

Re: OSPF issue

under OSPF process you can use the command given

redistribute static subnets metric-type 1

regards

shivlu jain

Cisco Employee

Re: OSPF issue

Mahesh,

I had provided the sample config in a previous post. This need to be done on the router where the route (10.219.1.96/28) gets redistributed into OSPF.

Please refer to the following post for the configuration sample:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Service%20Providers&topic=MPLS&topicID=.ee8558c&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cd2496b/13#selected_message

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: OSPF issue

Just on thing: if redistribution commands keep resetting the metrics at the PEs, I think the solution will not be effective. What do you think Harold?

Still, even if some work needs to be done in PE redistribution commands (OSPF->BGP and BGP->OSPF), you need those commands anyway on your PEs and it does not increase your overhead much. Note, that you also have the option in other customer cases to consider unequal paths as seemingly equal to satisfy customer load balancing scenarios. And I think you also have the option to set things on the PEs only to avoid customer involvement in some cases.

Cisco Employee

Re: OSPF issue

Maria,

The PE should not reset the metric but just use it to set the MED as the route is redistributed into BGP.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
799
Views
30
Helpful
27
Replies
CreatePlease to create content