[j-nsp] internal BGP necessary ?

Patrick Okui pokui at psg.com
Sat Mar 23 17:29:45 EDT 2013 

Hi Piotr,

On  23-Mar-2013 16:13:18 (+0200), Piotr wrote:
> I have to connect two networks via bgp, both have own ospf area0, there
> are 2 points od redistribution between BGP and OSPF. We use med to have
> symmetry, because Junipers must work in flow based (ipsec).

Probably a small ascii diagram would help in this case. If you're using
MED then these two networks are two separate ASes correct? Juniper in
one, Cisco in another?

> When we set on cisco  default AD, on juniper we change bgp ad to 20 (

The default AD of eBGP in Cisco is 20, but of iBGP is 200. However,
Cisco by default will wait to see a route in the IGP before installing
it into BGP. I usually set both to 200 (and turn off synchronisation)
thusly:

router bgp NN
  distance bgp 200 200 200
  no synchronisation

You may also want to set bgp deterministic-med on the cisco side to
match how most other vendors treat MED.

> like in Cisco) juniper prefer routes from ibgp and there is a problem
> with redistribution between ospf and ebgp because there is no prefix
> from ospf in rib.

one of BGP's first rules is reachability to the next hop. If BGP can't
reach the next hop it will drop the prefix advertisment. Your IGP has to
guarantee this.

> 
> I think that when i remove internal bgp session there should be ok, in
> rib there will be prefixes only from ospf so there will be no problem
> wirh redistribution? There are some disadvantages when there is no ibgp ?

I think my first question is ... why are you redistributing in the first
place? iBGP will handle more prefixes than any IGP - so usually you just
want to carry your infrastructure/interface/link prefixes in the IGP and
everything else in BGP. If you go down this route, then a full iBGP
mesh[*] between BGP speakers is required to avoid loops.

Again, it's not easy to guess what you're trying to achieve without a
diagram.

Will OBrien's comments above give hints on getting redistribution
working but then again, we're all shooting in the dark.

--
patrick

[*] or a route reflector or ...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130323/876fcbc0/attachment.sig>

More information about the juniper-nsp mailing list