[c-nsp] Fw: Re: [Disarmed] Re: RIB failure : Higher admin distance

Andy Ashley lists at nexus6.co.za
Sat Jan 16 14:48:08 EST 2010 

>
>
> --- On *Fri, 1/15/10, Randy /<randy_94108 at yahoo.com>/* wrote:
>
>
>     Hi Andy:
>     ...I am taking a closer look at your first post and going *wait a
>     second..*
>     What you are seeing is what one would expect to see in Router A
>     site A:
>     From the "show commands" in your first post:
>     Router A learns site B's /24 via the gre tunnel as an iBGP route
>     with an AD of 200.(as shown int your "sh ip bgp x.x.x.x/24" in
>     question). Router A puts this route in it's BGP route table but
>     does not advertise this route to any eBGP peer because iBGP routes
>     are not injected into eBGP unless "redistribute internal" is
>     explicitly configured.
>
Correct, it wont advertise this route to our upstreams.We dont have 
"redistribute internal" configured.

>     Router A also learns site B's /24 via the private link as an OSPF
>     route with an AD of 110(as shown in your "sh ip route
>     x.x.x.x/24) and puts the route learned via ospf in this IP routing
>     table and FIB since it has a better AD : 110 as opposed to 200.
>     As a result, the  same-/24  learned via iBGP that is in A's BGP
>     route table; for obvious reasons suffers a RIB-failure because the
>     same-route learned by A via OSPF with a better AD  is already
>     installed in A's ip route tabel and FIB.
>
Yes, that is correct and I believe this is exactly what is happening - 
so it is in fact normal due to the AD rules.

>     Having explained the *normal-behavior* you are seeing in router A,
>     my question is:
>     1) Are you trying to announce site B's /24 from site A to your
>     upstreams
>
Yes, we want to announce site B's /24 from site A and B. We want site A 
to learn site B's /24 route via either OSPF or iBGP (over the tunnel or 
private link) and should the private link break, site A will withdraw 
the announcement to our upstreams there because it will no longer learn 
this route via OSPF or iBGP.
That should mean that site B stays online as the /24 is still announced 
via the transit provider there (and to exchange peers).
>
>     OR
>     2) You are trying to announce your site-B /24 *from site B and
>     that is failing.
>
We are trying to do this. When we withdraw the present /20 route at site 
A (keeping the /24 static in on the router at site B), the route isnt 
announced from site B, by site B.
I have made sure that the transit provider is accepting the longer 
prefix, etc but the rib failure prevents it even getting to the stage of 
trying to announce to the transit provider over the eBGP session.
>
>     If your are trying to announce site B's /24 from site A to it's
>     upstreams you already have the "answer" to make that work! (deploy
>     a lot of outbound filters before you redistribute iBGP into eBGP)
>
OK, so we should filter announcements of the /24 via the (tunnelled) 
iBGP session between sites, so that the route is learned only by OSPF 
over the private link and upstream transit?
(hopefully meaning if the private link breaks that the tunnel will 
re-establish over transit)
>
>     If on the otherhand siteB's /24 is not being announced *By-SiteB*
>     to it's eBGP peer, I would have to look at the config in site B's rtr.
>
Which bits of the config? It's quite long =)
>
>     Regards,
>     ./Randy
>
>
Thanks,
Regards,
Andy

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the cisco-nsp mailing list