Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
609
Views
0
Helpful
6
Replies

ospf convergence problem

ddvoyer
Level 1
Level 1

‎03-30-2004 12:29 PM - edited ‎03-02-2019 02:39 PM

Hello all,

I have a litle bug in my lab with 3 routers and would like to share this bug with you :-)

-------------------------

3x Equiment 3550

ios version: 12.1(14)EA1a

system image: c3550-i5q3l2-mz.121-14.EA1a/c3550-i5q3l2-mz.121-14.EA1a.bin

--------------------------------

The concept:

we want to advertise dynamicaly the default route from the Internet router, thru a firewall, to a internal router which run ospf. Protocol use between routers is bgp.

And actually,it work well as sons as both router see each others. The internal router run bgp/ospf and have a "default information orginate" to advertise the default route with all the internal network.

The design

Internet router Bgp

|

Firewall (tcp/udp 179 open)

|

Internal route A bgp/ospf

|

Internal router B ospf (ditribution layer)

The problem:

The problem is when I stop the firewall to close the bgp connection's (it force de default route to another Internet access on the network).

I wait for about 3 min for bgp update and the Internal router A should remove the default route in his database and should "stop" annoncing the default router to everyone (router B).

For some reason .. it doesnt work .. router B keep receiving info that router A is the default route. To make it work, I must manually do a "clear ip ospf process" then router B converge to another router for the default route.

Internet router config:

Router bgp 65535

default-information originate

neighbor 1.1.1.3 remote-as 65535

ip route 1.1.1.3 255.255.255.255 to -> firewall

router A:

router ospf 1

default-information originate route-map exist

!

access-list permit 1 internet segement of the internet router

!

route-map exist permit 10

match ip address 1

!

Router bgp 65535

no synchronization

neighbor 192.168.2.1 remote-as 65535

ip route 192.168.2.1 255.255.255.255 to firewall

router B:

ospf default config.

There you go.

I am thinking about an ios bug for ospf.

- dan

Labels:
0 Helpful
6 Replies 6

ruwhite
Level 7
Level 7

‎04-02-2004 02:58 AM

If the other route is a BGP route, then you're probably hitting a problem with the preference of BGP and OSPF routes. There's a quirk where the admin distance is ignored in certain orders of operation, and a BGP route is preferred in the table over other routes.

So, it's probably not a bug, it's probably just normal behaviour. You could try setting your eBGP distance higher than your OSPF distance--set eBGP and iBGP both to 200, say, and see if that helps.

:-)

Russ.W

0 Helpful

ddvoyer
Level 1
Level 1
In response to ruwhite

‎04-05-2004 10:22 AM

ospf distance, by default, is 110. Bgp distance, by default, is 220.

To make this design work I did alterate the cost in router A to make the bgp route under 110. Or else another default route in the network will be prefered.

However, I did change it for 200, just to see it and the result is like I expected. Now the network convergenge to another end point.

Here are my new config for router A

router ospf 1

router-id 10.199.253.130

log-adjacency-changes

auto-cost reference-bandwidth 10000

area 3 authentication message-digest

redistribute static metric 20 metric-type 1 subnets

redistribute bgp 65535 metric-type 1 subnets route-map BGP-DEFAULT-EXIST

passive-interface Vlan174

network 0.0.0.0 255.255.255.255 area 3

default-information originate metric-type 1 route-map BGP-DEFAULT-EXIST

!

router bgp 65535

no synchronization

bgp log-neighbor-changes

neighbor 192.168.2.1 remote-as 65535

neighbor 192.168.2.1 ebgp-multihop 255

distance 200 192.168.2.1 0.0.0.0 (this is where I alterate the distance. it says any route coming from 192.168.2.1 change it for 200 .. it was 1 before.)

With distance = to 1, the route 0 is prefered from this router.

Once again, the only problem is when I volontary cut the BGP link (closing the firewall). Router A keep telling everyone inside that he is the default gateway until I do a "clear ip ospf process"

If you guy's have any clue, let me know.

- dan

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to ddvoyer

‎04-05-2004 12:05 PM

When the link between a pair of Internet/internal router Does you BGP session remains up?

You should probably set the ebgp-multihop to be no greater than 2 (just the required value to traverse the FW).

If any part of the link between the Internet/internet router goes down (physical interface, cable, switch, FW, etc) the BGP session should go down and therefore you shouldn't have to choose between two prefixes learnt from two different routing protcols on the router A since the no BGP routes will be available at this point.

Let me know if I make sense,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to Harold Ritter

‎04-05-2004 12:26 PM

One more question. Is the problem that OSPF keeps originating the default route even though there is none locally (other than the one received from the other internal redistribution routers)?

Thanks,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

ddvoyer
Level 1
Level 1
In response to Harold Ritter

‎04-06-2004 06:07 AM

When the firewall is up and runing, there is a BGP session establish between the Internet router and the Internal router. (router A).

If I stop my firewall(it means no more routing between external and internal), the BGP session broke between the 2 routers.

At this point, according to my config, router A should have removed the router 0 from his table and stop anoncing via "default information orginate" the router 0 to the other router.

If I do a sh ip ospf database, I still see the route 0 (even after 30 min). In the router B (ospf neighbor) I still have the route zero from router A.

I do a "clear ip ospf" on router A and the route zero disapear.

When I bring back the firewall, after 3 min, the BGP session re-establish between the Internet router and Router A and propagate the new default gateway for the Internal network.

- dan

0 Helpful

ruwhite
Level 7
Level 7
In response to ddvoyer

‎04-06-2004 06:50 AM

Why are you doing a default information originate in both BGP and OSPF? I would just take the default from the BGP peer, and then redistribute the default into OSPF at router A (?).

Other than this, I don't see what access list 1 matches on router A, and that seems to be what your conditional advertisement is dependant on?

:-)

Russ.W

0 Helpful
Customers Also Viewed These Support Documents