[c-nsp] Converting OSPF backbone to iBGP

Phil Mayers p.mayers at imperial.ac.uk
Wed Sep 24 06:01:00 EDT 2008 

Garry wrote:
> Mark Tinka wrote:
>>> I've been trying 
>>> to find decent write-ups about certain things, but
>>> haven't been too successful as far as certain details go
>>> ... maybe somebody has some good pointers for me ...
>>>     
>> Philip Smith (Cisco) has some very good slides on this and 
>> other best practice scaling techniques for ISP's that he 
>> gives at various workshops and conferences.
>>   
> I'll see what I can find ...
>>> Also, we have CPE devices that speak OSPF to our
>>> equipment in order to set up dual uplinks to customer
>>> sites ...
>>>     
>> As a friend of mine would say, "I recommend my competitors 
>> do that..."
>>
>> But seriously, running an IGP with your customers isn't a 
>> good idea (unless you're doing l3vpn's). I'd recommend 
>> running eBGP with your customer's CPE, and keep the 
>> OSPF "internal".

This is very good advice.

>>   
> Problem is that those links use xDSL equipment  like Telindus that don't
> necessarily speak BGP ... so OSPF is the only dynamic routing protocol I
> can use (well, unless you'd consider using RIP) ... guess I could still

In all seriousness: in this case RIP has one distinct advantage - it's 
not your core IGP, and can't pollute your core IGP (this is one reason 
some people prefer IS-IS as their core IGP - it leaves OSPF "free" for 
customer links)

You can import from OSPF to BGP, but it has some risks and complexities 
that are best avoided if at all possible. Much worse is distributing BGP 
into OSPF - don't do that.

One option would be to put a dedicated router between the OSPF and BGP 
speaking bits of the network and separate it using eBGP and a private 
AS# i.e.

R1 -- eBGP -- R2 -- OSPF -- junk

That way R2 can say:

router bgp 65001
   redistribute ospf
   neighbour R1 remote-as 65000

...and R1 can say:

router bgp 65000
   neighbour R2 remote-as 65001
   neighbour R2 route-map OnlyDefault out
   neighbour R2 route-map VerySecure in



 From the sounds of it, you've got:

core -- xDSL -- customer

...the other option is to make the customer do some of the work for dual 
attachment. We do this - we're increasingly requiring our attached 
customer to use eBGP if they want "real" resilience. In this case, some 
form of eBGP-multihop might be needed if the xDSL kit appears as a 
routed hop.

I realise this has layer8 implications.


> use some ip sla tracking mechanism to create "dynamic" static routes
> dependent on the availability of the remote router ... that way I'd have
> a route I can source in iBGP ...
> 
> -gg
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list