Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Perimeter network and BGP->OSPF redistribution question

Hi, can you confirm if doing redistribution BGP to OSPF on the 6509 switch (in red) would be the typical way to allow routing of my intervlan and then allow me to route traffic in/out via the AS 1803 (ISP)?

Please see attached diagram for detailed explanation.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Perimeter network and BGP->OSPF redistribution question

Hello Marlon,

until both C6509 have complete knowledge of internat network you should be able to route to outside world using default route that the C3750 stack can inject in the OSPF domain.

For more safety I would provide a direct L3 link between the two C6500 so that should an SVI be shutted down on C6500_1 the traffic destined to that subnet is sent to C6500_2 and not to the C3750 stack.

If you don't use passive-interface on client vlans you have already multiple parallel links between the two C6500.

The C3750 stack can advertise internal network subnets as described in my first post: using network command under router bgp (preferred) or by using redistribute ospf (to be used only if the number of subnets makes not feasible the network command approach).

Hope to help

Giuseppe

5 REPLIES
Hall of Fame Super Silver

Re: Perimeter network and BGP->OSPF redistribution question

Hello Marlon,

redistributing BGP into OSPF has become uncommon.

on the devices that run both BGP and OSPF you can:

send a default route in the OSPF domain

using

default-information originate metric-type 1 [route-map check_ebgp]

on the same device you can :

redistribute OSPF into BGP

router bgp 2000

redistribute ospf 10

or if the number of networks is low you can use directly the network command in BGP process:

router bgp 2000

network 172.16.4.0 mask 255.255.255.0

network 172.16.5.0 mask 255.255.255.0

no auto-summary

no sync

So it is even possible to handle this scenario without using any redistribution.

Redistributing BGP into OSPF is dangerous: BGP can handle much more routes then OSPF does so it is recommended to never do it without a route filter.

Hope to help

Giuseppe

New Member

Re: Perimeter network and BGP->OSPF redistribution question

If the 6509 is just handling your internal network, why not send all traffic to the 3750 stack as a default route?

That way you don't even have to run BGP on the 6509.

Blue

Re: Perimeter network and BGP->OSPF redistribution question

Huang:

You can.

Giuseppe was creating a solution for you to be able to advertise a default route through your OSPF domain using the command he mentioned. This way all Internet-bound traffic will take the default to the 6509.

On the 6509, assuming you're running BGP on it, since it is acting as an ASBR, you can allow only a default route through BGP using a filter, as Giuseppe suggests, or you can create a static route to the 3750 and be done with it.

But, if you're learning the whole Internet routing table through BGP and you redistribute that into your OSPF domain, you may crash your routers and shut down your network.

HTH

Victor

New Member

Re: Perimeter network and BGP->OSPF redistribution question

Thanks.

How about the case that if I have (2) 6509's in the internal network;

Is it still wise to use a default route to send the traffic to the 3750 - perimeter stack?

Hall of Fame Super Silver

Re: Perimeter network and BGP->OSPF redistribution question

Hello Marlon,

until both C6509 have complete knowledge of internat network you should be able to route to outside world using default route that the C3750 stack can inject in the OSPF domain.

For more safety I would provide a direct L3 link between the two C6500 so that should an SVI be shutted down on C6500_1 the traffic destined to that subnet is sent to C6500_2 and not to the C3750 stack.

If you don't use passive-interface on client vlans you have already multiple parallel links between the two C6500.

The C3750 stack can advertise internal network subnets as described in my first post: using network command under router bgp (preferred) or by using redistribute ospf (to be used only if the number of subnets makes not feasible the network command approach).

Hope to help

Giuseppe

261
Views
0
Helpful
5
Replies