[c-nsp] BGP and OSPF issues

Geert Nijs geert.nijs at gmail.com
Thu Mar 4 04:09:06 EST 2010 

Some basics:

1) You can't compare "cost" between routing protocols. Each protocol has its
own "cost" metrics.
(ospf based on bandwidth, bgp based on AS path length and other variables)

2) Between routing protocols, the only thing that counts is "administrative
distance"

3) In your example below, BGP has AD 120 , OSPF has AD 110
      therefore, once a route is present in OSPF, BGP can't "overwrite"
it...
      and that is the reason you need to clear OSPF (remove the OSPF route
from the routing table) before BGP can re-insert its route. Once it is
inserted in the routing table and redistributed in  OSPF, its redistribution
cost is indeed lower than the VPN OSPF
one and that is the reason why it stays stable this way.

4) One possible solution would be to increase AD of OSPF above 120 or
decrease AD of BGP below 110, but be very carefull with this. Plan it
carefully and test it in some lab before you deploy it to see if it is
compatible with the rest of your topology.


regards,
Geert
CCIE #13729




2010/3/3 Christopher J. Wargaski <wargo1 at gmail.com>

> Greetings
>
> We have a mixed BGP and OSPF routing environment. The routing protocol
> on the MPLS and point to point T-1s is mostly BGP with some OSPF (but
> moving to BGP). A vendor of ours to whom we have a WAN link advertises
> via OSPF (and can not advertise via BGP). This link is in a DMZ off of
> the firewall which advertises the OSPF. There are backup paths to the
> remote locations via VPN tunnels.
>
> When a WAN link goes down, the lower cost BGP route (from the WAN
> router) is deselected, and the higher cost OSPF route (from the
> firewall) is selected. This happens dynamically.
>
> When the WAN link comes back up the higher OSPF route is NOT
> dynamically deselected in favor of the BGP route. Instead, we must
> clear the OSPF process on the WAN routers.
>
> So that every location knows all the routes, OSPF routes are
> redsitributed into BGP, and BGP routes are redistributed into OSPF.
>
> Why must I clear the OSPF process for the lower cost BGP routes to
> return? Shouldn't this be dynamic? If so, is there somethign that can
> be added to the configuration?
>
>
> ----------------------------
> Firewall OSPF config:
>
> router ospf 10
>  network 10.0.2.0 255.255.255.0 area 10.0.0.0
>  network 10.1.0.0 255.255.248.0 area 0
>  log-adj-changes
>  redistribute static metric 220 subnets route-map StaticRedistVPN
>
> route-map StaticRedistVPN permit 8
>  match metric 220
>
> route outside 10.2.0.0 255.255.248.0 209.252.39.49 220
> route outside 10.3.0.0 255.255.248.0 209.252.39.49 220
>
> ----------------------------
> Router OSPF config:
>
> router ospf 10
>  log-adjacency-changes
>  redistribute bgp 65002 subnets
>  network 10.1.0.0 0.0.7.255 area 0
>  network 192.168.1.0 0.0.0.255 area 0
>  network 192.168.252.0 0.0.0.255 area 0
>
> ----------------------------
> Router BGP config:
>
> router bgp 65002
>  no synchronization
>  bgp log-neighbor-changes
>  bgp redistribute-internal
>  redistribute ospf 10 metric 200 match internal external 1
>  neighbor 10.1.1.111 remote-as 65002
>  neighbor 10.1.1.111 default-originate
>  neighbor 10.1.1.111 version 4
>  neighbor 10.1.1.111 soft-reconfiguration inbound
>  distance bgp 120 120 120
>  no auto-summary
>
>
>
> cjw
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list