Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Design Question - Redundancy between 2 Routers (CEs)

Hello Guys,

I have a question regarding the link redundancy between 2 CEs, let's say we have the following scenario 

 

 CE1 _ __ _ _ _ _ _ _ _ __ _ _ _ _ _ _ _ _ _  10G link  running EBGP _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _  PE1

   _                                                                                                                                                                                         _ 

  One 10G link L2 tunk, and Three 1G links L3 between CEs                                                                                        _

   _                                                                                                                                                                                          _   

  CE2 _ __ _ _ _ _ _ _ _ __ _ _ _ _ _ _ _ _ _  10G link  running EBGP_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _  PE2

 

2 CEs connected to 2 PEs with 10G for each PE-CE connectivity using EBGP (L3 connectivity). now between the CEs there is One 10G Link used as L2 trunk and Three 1G Links used as L3 Trunk. 

Now let's say the link between PE1-CE1 goes down, all the traffic will be shifted to the link between PE2-CE2, now when CE2 receives the traffic from EBGP, will it use the L2 trunk or L3 trunk to send the traffic to CE1 using the L3 links through iBGP ?

 

Just to give an example, let's say there is an X device and Y device behind the CEs:

The X device is connected to the CEs using L2 connectivity (Multiple VRRP groups with CE1 being the Active for 50% and CE2 being the activity for the other 50%). Also we have the Y device which is connected to the CEs using L3 connectivity (OSPF), and then the CEs connect to the PEs using EBGP.

so now let's assume the ebgp link between CE1-PE1 goes, down, the traffic will be shifted and sent through CE2-PE2, now when CE2 receives the traffic, would CE2 send the traffic, in which it is acting as the Master for, directly out to internal network and only the rest of the traffic (the 50% where CE1 is the master for) will be sent through the ibgp link ?

or would the ibgp link carry all the traffic to CE1 anyway, and then CE2 will send it's concerned traffic to internal network and CE1 will send it's concerned traffic to internal network. 

We are using Cisco asr 1006 as CEs and we are connected to the same provider 2 CEs to 2 PEs. 

I would really appreciate if someone gives be a better idea from design point of view on how traffic moves between the links between CEs in case there is a failure between one of the CE links to external devices (PEs, or X and Y devices in our example).

 

Many thanks for the help. 

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Blue

so let me make sure i

so let me make sure i understand things right, outbound traffic has nothing to do with inbound traffic in this case, so even if internal network use CE1 as Master for outbound traffic, CE2 can still send inbound traffic to the internal network and does not have to send it through CE1, right ? 

Basically yes as long as CE2 has directly connected interfaces or sees the OSPF routes as the preferred routes to non connected networks then traffic should be sent direct.

Quick way to check is to look at the IP routing table on CE2 to see what it thinks are the best routes for the internal networks.

But that is only for inbound traffic.

In terms of whether you have enough bandwidth it comes down to what Joseph was saying about the outbound traffic. If CE1 is the VRRP master and the CE1 to PE1 link fails then traffic will have to traverse the link to CE2.

Again as Joseph was saying with HSRP/GLBP you can track the CE to PE interface and if it fails then you can switch the active router to the other CE so all traffic is sent direct.

I had a very quick look at VRRP Cisco document and it suggests you can track an interface but i have never done it with VRRP so can't say for sure how it works.

In terms of your OSPF routing we don't have enough information to say what would happen. For example are you receiving BGP routes from the PEs and then redistributing them into OSPF or doing something different ?

So as far as i can see you need to take into account outbound traffic but your inbound traffic should not be an issue.

But like i say worth checking the IP routing table to be sure.

Jon

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Ah, just saw all the new posts.  When you mentioned VRRP, I got in my mind outbound traffic, totally overlooked you were asking about inbound.

 

However, Jon picked up on that, and as he notes, inbound traffic shouldn't transit the other CE, it should go directly to the destination (this is implied by using a FHRP [oh, and VRRP isn't exactly like HSRP, although both are FHRPs]).

 

As whether your links between the CE are enough, well again, inbound shouldn't transit the other CE.  Outbound, because VRRP might still split traffic, and that's why I mentioned router redirection, tracking and IGP route injection, all to avoid the need for outbound traffic to transit the CE without an active path to its own eBGP peer.

 

Also keep in mind, on ingress your bandwidth limitation will be your single remaining CE-PE link.  For egress, you've lost half your outbound bandwidth.  So any traffic that would normally transit the CE with the failed path to its PE is going to go to the remaining CE.  Again, whether some or all of the traffic starts with the failed path CE depends on your internal routing and/or FHRP setup.

 

As you're using next hop self, even though iBGP is only peering on the L3 Etherchannel (for redundancy, I would suggest peering iBGP on loopbacks), I believe the L2 trunk would be used if your IGP sees it as the better path to the other CE's loopback.  This because generally IGPs, such as your OSPF, have a better AD than iBGP.  (If you don't use loopbacks, I believe next hop would be the interface IP, and your IGP would then see the L2 as the better path.)

 

NB: I don't work much with BGP, so I'm not 100% sure what iBGP shows as next hop for peering on the interface with and without an loopback (assuming the latter is also in your IGP).

23 REPLIES
Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

iBGP, usually relies on the local routing to determine how traffic gets to its next hop.  It also depends on what IPs you use to peer the two CE routers on and what you advertize as the next hop.  For example, you could peer your two CE routers on interface IPs on the same subnet, or you might peer them on loopback IPs.  The next hop could be the PE's interface IP or it might be the CE loopback.  How were you going to setup your iBGP?

You also mention VRRP.  I know HSRP and GLBP support tracking, not sure about VRRP.  But if VRRP does, with failure of a CE path to the PE, ideally you would want to shift your gateway to the CE that has the active path outbound (to avoid bouncing traffic off the CE w/o an outbound path).

 

Or if VRRP supports duplicate IPs on the same subnet as HSRPv2 and GLBP do, you can have the CE router issue redirects to the other CE's virtual gateway.

You mention OSPF.  If you have other OSPF routers behind your CEs, how you inject routes, can be changed with loss of the a CE<>PE path.  If that's done, all traffic should flow just to the CE with the active outbound path.

 

Worst case would be, half your traffic is still sent to CE w/o path to its PE.  It then needs to send that traffic to its peer CE.  This would be automatic with iBGP, but path used depends on your configuration.  You could insure a path, or you can use "default" interior routed path.

 

Best case, CE that loses its path to its PE no longer receives any outbound interior traffic.

New Member

Thanks for your reply.

Thanks for your reply. Actually im making an audit on existing network and i am trying to provide a list of best practises to be applied.

we are using Cisco asr 1006 to connect to PEs of one provider and here is the scenario:

1) Between PEs and CEs we have 1+1 10G links used for some services and then another 3+3 aggregated 1G ports used for other services, and between PEs and CEs we are running EBGP peering directly with interfaces (not loopback)

2) Between the 2 CEs we have 2 aggregated 10G L2 trunk, and 3 aggregated L3 ports running iBGP.

3) the iBGP peering on the L3 etherchannel IPs which are IPs on the same subnet (not loopback)

4) iBGP is using next-hop-self 

5) CEs advertising exactly the same networks to PE1 and PE2. 

6) internal network connectivity as i explained we have some L2 connectivity (which is the majority) using VRRP multiple group with CE1 being the active for some routes and CE2 being the active for the others (VRRP is exactly like HSRP it's just not Cisco proprietary). 

for the sites that run OSPF with internal network, there is a separate aggregated 1G links (etherchannel) that run OSPF between CEs and use the same area with internal network.

 

Now my first observation is

1) is 3+3 aggregated 1G links enough for ibgp connectivity between CEs ? 

2) isn't 2+2 aggregated 10G links too much for L2 trunk between CEs ?

 

Thank you,

 

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Ah, just saw all the new posts.  When you mentioned VRRP, I got in my mind outbound traffic, totally overlooked you were asking about inbound.

 

However, Jon picked up on that, and as he notes, inbound traffic shouldn't transit the other CE, it should go directly to the destination (this is implied by using a FHRP [oh, and VRRP isn't exactly like HSRP, although both are FHRPs]).

 

As whether your links between the CE are enough, well again, inbound shouldn't transit the other CE.  Outbound, because VRRP might still split traffic, and that's why I mentioned router redirection, tracking and IGP route injection, all to avoid the need for outbound traffic to transit the CE without an active path to its own eBGP peer.

 

Also keep in mind, on ingress your bandwidth limitation will be your single remaining CE-PE link.  For egress, you've lost half your outbound bandwidth.  So any traffic that would normally transit the CE with the failed path to its PE is going to go to the remaining CE.  Again, whether some or all of the traffic starts with the failed path CE depends on your internal routing and/or FHRP setup.

 

As you're using next hop self, even though iBGP is only peering on the L3 Etherchannel (for redundancy, I would suggest peering iBGP on loopbacks), I believe the L2 trunk would be used if your IGP sees it as the better path to the other CE's loopback.  This because generally IGPs, such as your OSPF, have a better AD than iBGP.  (If you don't use loopbacks, I believe next hop would be the interface IP, and your IGP would then see the L2 as the better path.)

 

NB: I don't work much with BGP, so I'm not 100% sure what iBGP shows as next hop for peering on the interface with and without an loopback (assuming the latter is also in your IGP).

Hall of Fame Super Blue

I think i may be interpreting

I think i may be interpreting this slightly differently than Joseph but you seem to be talking about traffic coming from the PEs going to the internal network.

If so VRRP is irrelevant because it only comes into play for traffic from the internal network out via the CEs to the the PEs.

For inbound traffic CE2 should just forward the traffic directly to the internal devices, assuming it has routes to the internal network. Nothing to do with VRRP or BGP.

For outbound traffic Joseph has explained what happens with VRRP and it 's not clear what happens with OSPF without more details.

One other thing. Not sure what you mean by a L3 trunk ?

Jon

New Member

Dear Jon,Thanks for your

Dear Jon,

Thanks for your reply, kindly check my previous post, i appreciate your feedback and input as well. 

 

Thanks,

 

Hall of Fame Super Blue

I did and you still seem to

I did and you still seem to be talking about inbound not outbound traffic so the same applies.

Only traffic going outbound is relevant in terms of either BGP routes or VRRP unless you are running VRRP between the CEs and PEs which you aren't by the sounds of it.

That said as you haven't clarified i'll leave this thread to Joseph as he seems to understand what you are asking better than me.

Which happens quite often smiley

Jon

New Member

Thanks Jon, Regarding the

Thanks Jon, 

Regarding the inbound and outbound traffic. 

most of the outbound traffic will be going out using VRRP, and there is 2+2 10G L2 trunk between the CEs so i believe the existing links between the CEs will be enough to carry the outbound traffic in case of any failure. Even for the devices that run ospf between the internal network and CEs, there is a L3 aggregated links running  ospf on the same area.

 

Now my main confusion is on the inbound traffic:

to summarize my confusion, let's say the link between PE1 and CE1 fails, and it was carrying 3 gig of traffic, now those 3 gig will be shifted to the link between PE2 and CE2 (let's assume the link between PE2 and CE2 was already carrying 2gig traffic), so the 3 gig will be added to the 2 gig which will be a total of 5 gig traffic going through PE2 and CE2 link.

Now let's assume 3.5 gig of those 5 gig traffic will be forwarded to internal network through CE 1 (since it is the active VRRP for them, and 1.5 gig will be forwarded to internal network through CE2 since it is the active VRRP for them).

so when CE2 receives the 5 gig traffic will it forward the 1.5 gig traffic directly to internal network and then only the 3.5 gig traffic will go through the ibgp link between the 2 CEs to CE1 ? or would all 5 gig traffic go through ibgp link between the 2 CEs to CE1 ? even though only 3.5  gig will be forwarded by CE1 to internal network ?

 

Hall of Fame Super Blue

Now let's assume 3.5 gig of

Now let's assume 3.5 gig of those 5 gig traffic will be forwarded to internal network through CE 1 (since it is the active VRRP for them, and 1.5 gig will be forwarded to internal network through CE2 since it is the active VRRP for them).

This is the bit i am trying to clarify.

Why would the traffic from CE2 be sent to CE1 to get to the internal network ie. CE2 is connected to the same internal network so it should just send it direct unless you are saying CE2 will have most of the internal network routes pointing to CE1 ? 

So -

1) VRRP is only relevant to the internal network ie. you don't have VRRP between the PEs and CEs so it doesn't matter which CE is the VRRP master

2) BGP routes. If CE2 sees the best path to the internal network via CE1 then yes it would send traffic across the link but i would have thought CE2 would have either directly connected or OSPF routes pointing directly to the internal network and not via CE1.

It may be that i am misunderstanding how you have this setup but i can't see from what you have described why CE2 would not simply use it's LAN interface for any inbound traffic.

Jon

New Member

Thanks Jon, Things are

Thanks Jon, 

Things are starting to make sense to me now, i just never thought of things from design point of view. 

btw, CE2 has directly connected/ospf to internal network. 

so let me make sure i understand things right, outbound traffic has nothing to do with inbound traffic in this case, so even if internal network use CE1 as Master for outbound traffic, CE2 can still send inbound traffic to the internal network and does not have to send it through CE1, right ? 

 

if this is the case, then is 3+3 1 G aggregated L3 etherchannel enough between the CEs even though we are running 10G links with the PEs? since both CEs have connectivity to internal networks and they can send traffic directly without going through iBGP link ?

 

 

 

Hall of Fame Super Blue

so let me make sure i

so let me make sure i understand things right, outbound traffic has nothing to do with inbound traffic in this case, so even if internal network use CE1 as Master for outbound traffic, CE2 can still send inbound traffic to the internal network and does not have to send it through CE1, right ? 

Basically yes as long as CE2 has directly connected interfaces or sees the OSPF routes as the preferred routes to non connected networks then traffic should be sent direct.

Quick way to check is to look at the IP routing table on CE2 to see what it thinks are the best routes for the internal networks.

But that is only for inbound traffic.

In terms of whether you have enough bandwidth it comes down to what Joseph was saying about the outbound traffic. If CE1 is the VRRP master and the CE1 to PE1 link fails then traffic will have to traverse the link to CE2.

Again as Joseph was saying with HSRP/GLBP you can track the CE to PE interface and if it fails then you can switch the active router to the other CE so all traffic is sent direct.

I had a very quick look at VRRP Cisco document and it suggests you can track an interface but i have never done it with VRRP so can't say for sure how it works.

In terms of your OSPF routing we don't have enough information to say what would happen. For example are you receiving BGP routes from the PEs and then redistributing them into OSPF or doing something different ?

So as far as i can see you need to take into account outbound traffic but your inbound traffic should not be an issue.

But like i say worth checking the IP routing table to be sure.

Jon

New Member

Many thanks Jon, now it's

Many thanks Jon, now it's clear to me. 

I would double check the OSPF routing but i beleive we are redistribution BGP routes into OSPF, but i would cross check and let you know.

"In terms of whether you have enough bandwidth it comes down to what Joseph was saying about the outbound traffic. If CE1 is the VRRP master and the CE1 to PE1 link fails then traffic will have to traverse the link to CE2." 

in this scenario, the traffic will traverse to CE2 through the L2 trunk between CEs (Not the L3 aggregated links, right ? since VRRP is L2 technology. 


 

 

Hall of Fame Super Blue

in this scenario, the traffic

in this scenario, the traffic will traverse to CE2 through the L2 trunk between CEs (Not the L3 aggregated links, right ? since VRRP is L2 technology. 

Correct, the traffic should use the L2 trunk not the L3 links <-- this is incorrect. It assumed VRRP failover but there is no tracking so there is no failover. The traffic would use the L3 links.

Edit - just seen your comment about checking the BGP configuration so rather than confuse the issue i will wait until you confirm one way or the other.

Jon

New Member

Hi Jon,No confusion at all,

Hi Jon,

No confusion at all, you and joseph have been very helpful and i really was confused before this discussion. 

I am out of town and will check the BGP configuration right after the weekend. 

but out of topic for now and just for my knowledge, your previous post stated an interesting point regarding the internal bgp redistribution. 

in our case, if there was redistribution between BGP and OSPF, is there a need to redistribute internal as well?

Since both CEs are adjacent  through OSPF, and both have connectivity to internal network; 

In case CE1-PE1 fails, the traffic will be sent through CE2-PE2 link and then redistributed to OSPF on CE2, and CE2 should be able to send them to internal network or to CE1 through OSPF (not iBGP) since OSPF routes have better AD than internal iBGP routes. 

Am i right here, or we still have to configure redistribute internal BGP if that is the case.

 

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Redistribution requirements depends on what each routing protocol needs to "know" about the other.

 

In many setups like yours, BGP would just generate an OSPF default, so any OSPF taffic with an unknown destination IP would come to the CEs.

 

Conversely, the OSPF routes are picked up (not redistributed) by BGP although aggregation of those routes is often done.  (NB: BGP might pick up internal routes using static route statements to null.)

Hall of Fame Super Blue

I think i understand the

In case CE1-PE1 fails, the traffic will be sent through CE2-PE2 link and then redistributed to OSPF on CE2, and CE2 should be able to send them to internal network or to CE1 through OSPF (not iBGP) since OSPF routes have better AD than internal iBGP routes. 

I think the above is talking about inbound traffic but we are concerned with outbound traffic.

Inbound as discussed CE2 should send traffic direct although the fact you are running OSPF between the CEs (which i didn't realise before) may influence the path taken depending on how the internal topology is setup. It all depends on how the internal L3 devices running OSPF are connected to the CEs.

In terms of outbound traffic there are quite a few variables so it may be better to cover those when you have access to the equipment rather than speculate.

But as a general point if the CEs are peering with each other using IBGP and OSPF then as long as the CEs redistribute the EBGP learned routes (from their respective PES) into OSPF i can't see at the moment what you would gain by also redistributing IBGP routes into OSPF.

Jon

New Member

Hi Guys,I checked the OSPF

Hi Guys,

I checked the OSPF configuration and it is basically for the internal communication so there is no redistribution between BGP and OSPF, The reason of using OSPF is to control how traffic float to internal network. 

Some of the internal network devices have different entities that configured with ip addresses and some entities are only connected to CE1 while others are only connected to CE2, even though those devices can route traffic using internal switches, the designer of the network preferred to run OSPF and let the CEs choose the through which CE each entity have a better route, and do the routing on a CE level. 

So some of the interfaces going to internal devices are configured directly with OSPF, while others are configures with static routes, and then the static routes are redistributed to OSPF (the static routes are made with higher AD so the OSPF will be preferred). The whole subnet for those static routes are also redistributed to PEs through EBGP.

So PEs will be able to reach those routes, while CEs will always prefer the OSPF over BGP.


Does this scenario makes sense and it is a good design ? 

 

Thanks,

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Hard to say whether it makes sense and/or is a good design.

 

Generally, interior devices, if doing L3, need to "know" where to go for routes not in the interior routing protocol.  Often, this is done using a default route.  That might be done statically, but when working with BGP, you can dynamically inject a default.  (So, if a CE loses it eBGP peer, it stop injecting its default.)

 

Likewise, your external network needs to "know" about your interior OSPF network.  As BGP can "pick up" routes already in the route table, you don't need to use a redistribution command.

 

When working with eBGP, we often don't want to advertize every internal prefix and we want to avoid needless insertion and removal of routes.  For single peering setup, often have a null route aggregate work well but when working with multiple peers, a dynamic aggregate is better.

 

You mention redistribution of statics and modifications of ADs between statics and OSPF; that's sounds unusual.  Unclear why a static and OSPF should "know" of the same route if you're redistributing statics into OSPF.

New Member

Thanks Joseph, and sorry for

Thanks Joseph, 

and sorry for the confusion caused by my previous post, i went through the configuration of internal devices and they are not routers and don't support OSPF. Sorry again for the confusion as im going through the configuration to understand the topology since there is no diagram for the network. 

So the CEs connect to internal network using L2 (VRRP) or L3 point to point connectivity, now the CEs run OSPF only between the CEs and advertise all internal routes either by redistribution of static/connected routes or network command.

by running OSPF between CEs, they will be able to reach each internal entity through the right CE instead of having to configure static routes since as i mentioned before some entities are only connected to CE1 while others are connected to CE2. 

As for the static routes configured to reach some of the internal networks and then redistributed to OSPF, I believe the reason of preferring the ospf over the static AD is making the CEs always use OSPF to reach those destination since by default they will prefer the static route since they have better AD (P.S. even for the few connectivities that use static routes, some static routes on CE1 are not configured on CE2 and vice versa)

 

Please let me know your feedback. 

Super Bronze

Not this time. 

Not this time.  wink

New Member

Hi Guys, Just one more

Hi Guys, 

Just one more question regarding this scenario: 

For outbound traffic, in case no tracking configured, If CE1 is the VRRP master for one device and the CE1 to PE1 link fails (CE1 will remain the Master since no tracking is enabled). Now would the traffic traverse the link to CE2 using L2 trunk or L3 links ? 

My confusion is that CE1 will receive the traffic as L2 traffic, but at the same time it will receive the advertisement on how to reach service provider as L3 and since CE1-PE1 link is down, the path will be through CE2. so would the traffic move from CE1 to CE2 on the L2 trunk and then be sent to PE2 as L3 traffic ? 

or would traffic be sent from CE1 to CE2 as L3 using the L3 links and going out to PE2.as L3 traffic ? 

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Once the traffic gets to CE1 it will look for the "best" L3 path to its destination; normally PE1.  But when down, it will look for the "best" L3 path to PE2, and from what you've described (if my scorecard is correct) would be the iBGP hop between CE1 and CE2, i.e. the p2p L3 link.

Hall of Fame Super Blue

I agree with Joseph which

I agree with Joseph which contradicts what i said earlier when you asked what would happen if the CE1 to PE1 link failed (i've updated the other answer).

I was thinking that you were tracking VRRP but you aren't so yes CE1 will have to make a routing decision and since you are not redistributing BGP into OSPF the traffic would need to be sent across the L3 links.

I wasn't sure, apart from VRRP and OSPF peerings, what the L2 trunk was used for but having reread the whole thread it looks like the internal OSPF devices are generally connected to either one or other of the CEs. If so then the link would be used primarily for routing inbound traffic to the correct CE ie.

if each CE is advertising all the internal networks to their respective PEs then the inbound traffic may end up at the CE not connected to the internal OSPF device and would then have to be sent across the L2 trunk to the other CE.

That may well explain why the L2 trunk link is larger than the combined L3 links.

Edit - if you are not redistributing BGP into OSPF then this suggests you are originating a default route into OSPF on each CE ?

Jon

 

New Member

Thanks Jon, What i understood

Thanks Jon, 

What i understood from the configuration is that there is no redistribution between OSPF and BGP. 

OSPF is using completely separate L3 links than the ones used for iBGP. 

and the CEs run OSPF only between themselves (CE1 and CE2) and advertise all internal routes either by redistribution of static/connected routes or network command.

by running OSPF between CEs, they will be able to reach each internal entity through the right CE instead of having to configure static routes on each CE since as i mentioned before some entities are only connected to CE1 while others are connected to CE2. 

so OSPF is only for internal routes to save the time of configuring static routes.

241
Views
10
Helpful
23
Replies