EIGRP to BGP Mutual Redistribution loop protection
I have a scenario where we have 2 MPLS providers. Each of our sites runs EIGRP which is redistributed into BGP for each MPLS provider and vice versa.
Currently the loop protection mechanism is to use prefix-lists at each site which dictate what should and should not be redistributed each way eg. SIte A has prefix-lists which effectively say "only redistribute my local routes into BGP" and "do not allow my local routes to be redistributed from BGP back into EIGRP".
I think this can made more efficient by writing rules that use tags in EIGRP to stop routes being redistributed into EIGRP and then being advertised back out into BGP. This is well documented on this forum, I have experimented in the lab and im happy with this.
The thing I am not sure about is the 2nd part of what the prefix-lists are doing ("do not allow my local routes to be redistributed from BGP back into EIGRP"). I do not see the need for this protection. Surely any route that is redistributed into BGP has an associated AS-PATH that means that if (for instance) my Site-A router ever see's one of its own local routes again it will know to drop it as it originated from itself. Is this protection only needed just in case I have a remote site that doesnt have loop protection configured properly and ends up looping a route round from one MPLS provider into another? Or is there another reason for it? I have read about configuring communities in BGP to achieve this as well but again I do not see the need in my scenario?
"Surely any route that is redistributed into BGP has an associated AS-PATH that means that if (for instance) my Site-A router ever see's one of its own local routes again it will know to drop it as it originated from itself"
It is possible that MPLS provider configure as-override (this is usually done if you have the same AS-number in both sites).
After a bit of research I think configuring SOO would be too much of a headache involving our service provider but thank you for the suggestion.
It is interesting what you say about as-override. I believe we have unique AS numbers at each site but I will need to confirm that.
So i guess the answer to my question is that "best practice" is (despite BGP using AS-Path for loop protection) to configure BGP > IGP loop protection in some form or other in case of AS-Override or mis-configuration?
Yes, I think so. You might use a route-map with route-type external or tags or something else but some sort of filter is useful to avoid loops and routing feedback. By the way: if you want to check if your ISP is using as-override just check the as-path in your BGP table: if you see a couple of different AS they would be the ISP AS and your remote AS. If you see the ISP AS number twice probably you have the same AS in the remote site and ISP is making override.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...