BGP redistribution to EIGRP

Similar Messages

• Bgp-Eigrp-Bgp redistribution question

  Hi Experts,
  Just wish to ask if there is an option to retain the as-path information in eigrp when i redistribute from bgp to eigrp then to bgp?
  I recall coming across something similar to this before but I can't seem to remember it.
  Thanks in advance.

  Hello friend.
  No, you can't retain the AS-PATH when redistributing prefixes from BGP to EIGRP.
  What you CAN do though, is to add the AS-PATH you want when redistributing it BACK to BGP.
  You can do something like this:
  1 - Add a TAG when redistributing the BGP prefixes into EIGRP
  route-map SET_TAG permit 10
   set tag 100
  router eigrp 1
  redistribute bgp 100 metric 1 1 1 1 1 route-map SET_TAG
  2 - transform the TAG into an AS_PATH, when redistributing it BACK to BGP.
  route-map set-as-path-from-tag
  set as-path tag
  router bgp 100
  redistribute eigrp 1 route-map set-as-path-from-tag
  Got it ?
  I hope this helps you !
  cheers

• Question about OSPF to BGP redistribution

  I have some static routes on a router where OSPF and BGP are also running. I have redistributed the static routes into OSPF (showing in OSPF database). I also want to have the static routes into the BGP routing table. Understand this can be done by using a prefix list permiting all the static routes, however I was thinking a simpler way just redistributing whatever is in the OSPF routing tabel into BGP (permit 0.0.0.0/0 le 32).
  My question is if OSPF really redistributes those routes. Those routes are shown as "static" in "sh ip route" even though they are also in OSPF database. I have heard that OSPF only redistributes the routes showing as "OSPF routes", not what's in its database.
  Thanks for any help.
  Gary

  Hi Gary,
  The thing to understand here is that the use of redistribution does not change anything in the routing table of the router on which you are configuring it.
  As you have observed, static routes do not become OSPF routes when you redistribute them into OSPF. This can be generalised to the following: when you redistribute protoclol1 into protocol2, the router will scan the routing table for routes installed by protocol1 and will then do one of the following, depending on the protocol it is being redistributed into:
  - if it is a Link state protocol like OSPF, it will originate LSAs appropriate to the route being redistributed. These LSAs will be subsequently flooded to other routers which will install them as routes in their routing table. The only change on the redistributing router is the installation of additional LSAs; the routing table does not change
  - if it is a distance vector protocol like IGRP, the router will take the protocol1 routes and advertise them via IGRP update packets every time an update packet is sent. Once again, there is no change on the routing table of the redistributing router.
  Note the other important point: when redistributing is carried out, the only routes that are redistributed are those that are in the routing table and installed there by the source protocol, which could be quite different to the contents of link-state databases.
  Hope that helps.
  Pls remember to rate posts.
  Paresh.

• OSPF redistribution into EIGRP

  Hello, I have router 5 and router 7 as OSPF neighbours connected via area 24.
  Router 5 is running EIGRP and OSPF. Router 7 is only running OSPF. I am trying to redistribute the OSPF route 172.16.100.0/25 from router 7 into router 5's EIGRP instance.
  However, I cannot seem to redistribute that network into Router 5.
  Can someone please take a quick look at the configs below. I am sure it is something simple.
  Thank you kindly for any help.
  ROUTER 5 (EIGRP and OSPF)
  ip cef
  no ipv6 cef
  license udi pid CISCO2911/K9 sn FTX1524HT0O
  spanning-tree mode pvst
  interface GigabitEthernet0/0
   ip address 192.168.3.1 255.255.255.0
   duplex auto
   speed auto
  interface GigabitEthernet0/1
   ip address 192.168.1.1 255.255.255.0
   duplex auto
   speed auto
  interface GigabitEthernet0/2
   ip address 192.168.2.1 255.255.255.0
   duplex auto
   speed auto
  interface Vlan1
   no ip address
   shutdown
  router eigrp 100
   redistribute ospf 1 metric 1000000 10 255 1 1500
   network 192.168.2.0
   network 192.168.1.0
   auto-summary
  router ospf 1
   log-adjacency-changes
   redistribute eigrp 100 metric-type 1 subnets
   network 192.168.3.0 0.0.0.255 area 24
  ip classless
  ip flow-export version 9
  line con 0
  line aux 0
  line vty 0 4
   login
  end
  ROUTER 7 (only OSPF)
  hostname Router
  ip cef
  no ipv6 cef
  license udi pid CISCO2911/K9 sn FTX1524D5LZ
  spanning-tree mode pvst
  interface GigabitEthernet0/0
   ip address 192.168.3.2 255.255.255.0
   duplex auto
   speed auto
  interface GigabitEthernet0/1
   ip address 172.16.100.1 255.255.255.0
   duplex auto
   speed auto
  interface GigabitEthernet0/2
   ip address 192.168.4.2 255.255.255.0
   duplex auto
   speed auto
  interface Vlan1
   no ip address
   shutdown
  router ospf 1
   log-adjacency-changes
   network 172.16.100.0 0.0.0.255 area 44
   network 192.168.3.0 0.0.0.255 area 24
   network 192.168.4.0 0.0.0.255 area 34
  ip classless
  ip flow-export version 9
  line con 0
  line aux 0
  line vty 0 4
   login
  end

  here is show ip route from router 5:
  " 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
  C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
  L 192.168.1.1/32 is directly connected, GigabitEthernet0/1
  192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
  C 192.168.2.0/24 is directly connected, GigabitEthernet0/2
  L 192.168.2.1/32 is directly connected, GigabitEthernet0/2
  192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
  C 192.168.3.0/24 is directly connected, GigabitEthernet0/0
  L 192.168.3.1/32 is directly connected, GigabitEthernet0/0
  D EX 192.168.4.0/24 [105/5376] via 192.168.2.2, 01:26:47, GigabitEthernet0/2"
  Here is show ip route from router 7:
  172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
  C 172.16.100.0/24 is directly connected, GigabitEthernet0/1
  L 172.16.100.1/32 is directly connected, GigabitEthernet0/1
  O E1 192.168.1.0/24 [110/21] via 192.168.3.1, 01:43:21, GigabitEthernet0/0
  [110/21] via 192.168.4.1, 01:41:43, GigabitEthernet0/2
  O E1 192.168.2.0/24 [110/21] via 192.168.3.1, 01:43:21, GigabitEthernet0/0
  [110/21] via 192.168.4.1, 01:41:43, GigabitEthernet0/2
  192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
  C 192.168.3.0/24 is directly connected, GigabitEthernet0/0
  L 192.168.3.2/32 is directly connected, GigabitEthernet0/0
  192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks
  C 192.168.4.0/24 is directly connected, GigabitEthernet0/2
  L 192.168.4.2/32 is directly connected, GigabitEthernet0/2

• Providers that support EIGRP for MPLS

  There doesn't seem to be any list of these and BGP and redistribution drive me nuts. I've heard Sprint offers this but there must be others?
  Thanks in advance!

  Hello Mloraditch,
  it is more a question of commercial policies rather then a technical limit
  I think some  provider may charge more for  the use of EIGRP as PE-CE.
  This is because the PE node has to perform the redistribution of EIGRP  in MP BGP for  your benefit.
  Hope to help
  Giuseppe

• Eigrp - How to modify Admin distance for redistributing connected links and over WAN

  We have a single EIGRP domain 101 across 2 locations (A and B) separated by a WAN link. Each location has a number of L3 switches at the IDF behind the router which has  the L3 vlans VL1, VL2 etc. We run eigrp 101 across all the switches and on the routers but we dont advertise any of the L3 vlans on them and we do redistribute static and connected for the static and the vlans to be distributed on eigrp.
  Qn
  1. How do i reduce the admin distance of the directly connected vlan on IDF on our core switch. ie. Vl1 and Vl2 that are distributed via connected has a admin distance of 170 locally as the other switches sees that as External without having to advertise the networks individually on each switch.  
  2. Is that possible to increase the admin distance over the WAN link without having to create a 2nd eigrp domain. ie.. Add a admin distance of say 50 over the WAN link  and that way devices on both sides do see that there is a 130 distance for the remote side and 90 for local for admin distance.
  Why?
  I am trying to separate two locations and i don't think we will be able to create an additional domain and i am trying to see alternate methods of achieving this.  
  Additional info-
  The design i mentioned has 2 locations with a WAN connection and i have mixed (90/170) distance based on where the routes are coming(eigrp/connected/static) from eventhough  everything is within the same network.  We only have 1 Eigrp network 101 and was looking to alter the AD for just connected if at all possible.
  Assuming i put in all the routes into the network how can i make site 2 see the site 1 network with a larger admin distance and 1 to 2 with a larger admin distance while not altering the admin distance within the local site.
  Underlying reason: We are getting a MPLS link(lower bandwidth) connecting to site 3,4 and 5 at both sites and wanted to clear the internal routing first before i can add them or redistribute them into bgp.

  If these two sites are connected via a P2P link and you are exchanging EIGRP routes across it then you need to be aware of what you redistribute into BGP because each site will know about it's own subnets but also the other sites subnets.
  If you just redistribute all EIGRP at both sites then it's a lottery as to which MPLS connection the non EIGRP sites use.
  So you either need to -
  1) when you redistribute EIGRP at each site into BGP use a route map and only allow the local networks for that site
  or
  2) if you want each of the EIGRP sites to back each other's MPLS connection up you could have them both advertise out all networks ie. their own and the other EIGRP site's networks but modify the BGP attributes of the non local networks so they are least preferred.
  You still want to use a route map to ensure only the local and other EIGRP sites network are redistributed because remember you are also receiving BGP routes from the non EIGRP sites and redistributing these into EIGRP at each site and these are exchanged via the P2P link as well.
  It realty depends on what you are trying to do.
  The actual basic redistribution is very straightforward, see this link -
  http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/113506-failover-eigrp-bgp-00.html
  but you need to decide what you are going to do in terms of EIGRP to BGP advertisements as covered above.
  I'm not trying to make things complicated for you but because you have a P2P link connecting these sites and you are running EIGRP over it then any routes received via BGP will be redistributed into EIGRP and you need to make sure they are then not redistributed back into BGP on the other site router.
  Jon

• Conversion EIGRP- OSPF in production environment

  Imagine I have a production network running EIGRP, total of 5 routers. (2 routers in the data center, 1 router each branch office). I would like to setup the main office as "Area 0" and the respective branch offices I would setup as "Area subnet#_branch_office". I am wondering whether setting up Stub areas in the branch offices could be a good approach.
  What would be the best way to approach a migration to OSPF ? Do you start with redistribution from EIGRP to OSPF, or would you just re-advertise networks running EIGRP with OSPF ? I would appreciate directions on this.

  Marlon,
  Migrating from EIGRP to OSPF should be an easy process. You can configure OSPF concurrently while EIGRP is running and that wouldn't impact routing as EIGRP routes are preferred over OSPF because it has a lower (better) admin distance than OSPF. Once you are done fully configuring OSPF then you can start removing EIGRP. At this point, the EIGRP route will be lost and OSPF route should replace it in the routing table. The only exception to this is if you have external EIGRP route then the OSPF route might take its place and can create problems. But, there are ways even this problem can be addressed.
  As far as your question about stub routing is concerned, it's not a bad idea to configure as a stub if the network is a hub-and-spoke. Infact, you can go level further and configure them as totally-stub routers and that way the branches will only learn a default route from the hub device.
  HTH
  Sundar

• Unable to Ping IP when using route redistribution

  Hi Everyone,
  I have below setup
  R1 is running EIGRP and connected to R2 via EIGRP
  R2 is Running OSPF and connected to R3 via OSPF.
  R2 is doing the redistribution of eigrp to ospf and vice versa.
  R1 config
  interface FastEthernet1/0/1
  ip address 10.1.12.1 255.255.255.0
  R1# sh ip  eigrp nei
  EIGRP-IPv4 Neighbors for AS(100)
  H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                              (sec)         (ms)       Cnt Num
  0   10.1.12.2               Fa1/0/1           13 01:47:54  652  3912  0  14
  R2 config
  interface FastEthernet0/16
  ip address 10.1.12.2 255.255.255.0
  sh ip eigrp nei
  EIGRP-IPv4:(100) neighbors for process 100
  H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                              (sec)         (ms)       Cnt Num
  0   10.1.12.1               Fa0/16            12 01:49:44    1   200  0  36
  interface FastEthernet0/19
    ip address 10.1.23.2 255.255.255.0
  sh ip ospf 10  neighbor
  Neighbor ID     Pri   State           Dead Time   Address         Interface
  10.1.23.3         1   FULL/DR         00:00:38    10.1.23.3       FastEthernet0/19
  Redistribution config on R2
  router ospf 10
  router-id 10.1.23.2
  log-adjacency-changes
  redistribute eigrp 100 subnets
  network 10.1.23.0 0.0.0.255 area 10
  distribute-list 1 out
  router eigrp 100
  redistribute ospf 10 metric 100 100 100 100 100
  no auto-summary
  network 10.1.12.0 0.0.0.255
  R3 config
  interface FastEthernet0/16
    ip address 10.1.23.3 255.255.255.0
  Neighbor ID     Pri   State           Dead Time   Address         Interface
  10.1.23.2         1   FULL/BDR        00:00:36    10.1.23.2       FastEthernet0/16
  R1 Routing Table shows routes learned via ospf network of R1.
  R1#sh ip route eigrp 100
       10.0.0.0/8 is variably subnetted, 15 subnets, 2 masks
  D EX    10.1.10.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.11.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.8.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.9.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.13.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.7.1/32 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  D EX    10.1.23.0/24 [170/25628160] via 10.1.12.2, 01:17:03, FastEthernet1/0/1
  i am able to ping the IP of OSPF interface of R2 but not of R3 as shown below
  R1#                          ping 10.1.23.2
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.1.23.2, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
  R1#                          ping 10.1.23.3
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.1.23.3, timeout is 2 seconds:
  Success rate is 0 percent (0/5)
  R1#
  Need to know even the route is in routing table why i am umable to ping the IP 10.0.23.3?
  Also unable to ping the loopback IP of R3  below
  R1#                          ping 10.1.10.1
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.1.10.1, timeout is 2 seconds:
  Success rate is 0 percent (0/5)
  Regards
  Mahesh

  Hi Alain,
  Yes R3 was getting the filtered EIGRP routes from R1 via R2.
  i removed the distribute list on R2 and ping worked fine now.
  I understood now why ping was not working earlier as R1 int IP 10.1.12.1 was dropped by the distribute list.
  Now i added this to ACL 1 on R2 which is used by distribute list on R2 and ping works fine now while using distribute list on R2.
  Best regards
  Mahesh

• L3 mpls network with out P router, all PE to PE plus daisy chainging

  Guys, is it possible to run a core l3 MPLS network over 7600s and 3800s with out any P routers? The reason i aak is because of the particular situation where we will have to daisy chain PE routers due to lack of fiber.
  any thoughts?

  As martin says absolutley limited problems with this it will work a charm UNTIL yo urun into scaling issues. You are daisy chaining all the PEs which would also suggest to me that you are daisy chaining your RRs. In an mpls network the RR's have enough state to handle to keep them busy enough without also having to deal with passing labels about the network. Also you will have any cisco account team breaking down your door putting the fear of god into you for not having at least 2 P routers ;-). So yes you can indeed run it like you say but the lifetime of your network will be very limited indeed. If your not an SP then dont be concerned - unless you are an enterprise with 10000000s routes then id start to worry. Oh they (cisco) also state that PEs also have enough to do in their life without passing labelled packets about the place. sit and think about what your poor PE is having to do daily it could be 100 vrfs routing tables, which in turn means layer 3 lookups to find out where the packet has to go, qos, multicast, bgp, ospf, rip, eigrp, your own internal IGP, TE tunnels, RSVP - this poor router has enough to do without also adding transit traffic. ;-)

• Resilient connections to EIS

  Hi all,
  I've got a question regarding designing a weblogic-based solution that needs to talk to an EIS.
  Basically we have a new system that also needs to keep an old system up to date for an interim period. In order to do this the new system is placing messages representing transactions onto a queue to be processed asynchronously. We are currently considering 3 options:
  - Message driven beans using JCA
  - WLI process using JCA
  - Writing our own message consumer which manages threads to write to the backend (the reason for this will become clear below)
  Basically the worry we have is that the backend may become unavailble (planned or unplanned) and we're worried that an MDB or WLI solution has no way of automatically stopping processing and then automatically picking it up again once the EIS comes back. We bascially don't want to get into a situation where we have a pool of MDBs (for instance) continually trying and failing to connect to the backend (filling the logs and wasting resources). The roll-your-own solution was therefore to enable us to control the number of threads that were attempting to connect by recognising failures and closing down all but one polling thread until we got a response again.
  This RYO approach feels really wrong, though, and it seems that WLI must have something in it to cope with this kind of failure situation. I have seen some stuff in the docs about automatically suspending and then restarting processing but am unsure if any adapters support this model. For information we are currently looking to connect to an Adabas/Natural backend via either 3270, CICS or direct natural connections.
  Hope someone can help on this !
  Thanks
  Ian

  Andy
  It depends.
  I was assuming they had area 0 at both DCs as you mentioned that.
  You should really use two areas and then they would need to filter your routes because you would be injecting them into one area on one link and then they would be sending them to you on the other link.
  The problem arises if each of their DCs is using different areas.
  So say the main DC is area 0 and the backup DC is area 1.
  All OSPF areas need to be directly connected to area 0 and obviously this wouldn't happen on the link to the area 1 DC if you use your own area.
  You can use virtual links but you should avoid these if possible.
  If you simply use their existing areas at your end then that means you are going to receive type 1 and type 2 LSAs as well.
  I don't think I can give you a definitive answer because there are too many variable in terms of OSPF areas, summarisation etc.
  Are the subnets within your main and backup DC different and the same question for their DCs ?
  Depending on the answers to the above it may make more sense to run EIGRP across those links using summary addresses at your end for the subnets and let them do the redistribution because EIGRP does not have the same issues with areas.
  I cannot see how that would affect their VRFs and even if it did they can always create a non VRF interface for the exchange of routes
  I'm happy to help out further when you get more information but I think you need to talk with the other network guy especially about how the OSPF connections are going to work.
  Jon

• Route not showing up in routing table.

  I have my core switch connecting to my router which connects to our MPLS provider. My router has a BGP default route going to the MPLS provider edge router B*   0.0.0.0/0 [20/0] via 172.30.252.78, 1w4d .... This route is not showing up in my core switch. Shouldnt it show up as an eigrp ex default route? Can anyone assist me? my routing table for each device is below. Thank you!
  Router
  USJONELAWTN01R#sho ip route
  Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route
  Gateway of last resort is 172.30.252.78 to network 0.0.0.0
       68.0.0.0/32 is subnetted, 1 subnets
  S       68.142.83.236 is directly connected, Null0
       198.63.196.0/32 is subnetted, 1 subnets
  S       198.63.196.103 is directly connected, Null0
       64.0.0.0/32 is subnetted, 1 subnets
  S       64.234.192.40 is directly connected, Null0
       172.26.0.0/16 is variably subnetted, 3 subnets, 2 masks
  D       172.26.82.0/24 [90/28416] via 172.28.82.10, 1w5d, GigabitEthernet0/1
                         [90/28416] via 172.28.80.10, 1w5d, GigabitEthernet0/0.1
                         [90/28416] via 172.28.80.9, 1w5d, GigabitEthernet0/0.1
  D       172.26.83.0/24 [90/28416] via 172.28.82.10, 1w5d, GigabitEthernet0/1
                         [90/28416] via 172.28.80.10, 1w5d, GigabitEthernet0/0.1
                         [90/28416] via 172.28.80.9, 1w5d, GigabitEthernet0/0.1
  D       172.26.80.0/23 [90/28416] via 172.28.82.10, 1w5d, GigabitEthernet0/1
                         [90/28416] via 172.28.80.10, 1w5d, GigabitEthernet0/0.1
                         [90/28416] via 172.28.80.9, 1w5d, GigabitEthernet0/0.1
       172.28.0.0/16 is variably subnetted, 4 subnets, 2 masks
  C       172.28.176.0/23 is directly connected, GigabitEthernet0/0.6
  C       172.28.80.0/23 is directly connected, GigabitEthernet0/0.1
  C       172.28.82.0/23 is directly connected, GigabitEthernet0/1
  D       172.28.80.20/32
             [90/30720] via 172.28.176.3, 1w5d, GigabitEthernet0/0.6
             [90/30720] via 172.28.82.3, 1w5d, GigabitEthernet0/1
             [90/30720] via 172.28.80.3, 1w5d, GigabitEthernet0/0.1
       172.30.0.0/16 is variably subnetted, 6 subnets, 2 masks
  C       172.30.252.78/32 is directly connected, Multilink1
  C       172.30.252.76/30 is directly connected, Multilink1
  D       172.30.252.114/32
             [90/3415808] via 172.28.176.3, 4d00h, GigabitEthernet0/0.6
             [90/3415808] via 172.28.82.3, 4d00h, GigabitEthernet0/1
             [90/3415808] via 172.28.80.3, 4d00h, GigabitEthernet0/0.1
  D       172.30.252.112/30
             [90/3415808] via 172.28.176.3, 4d00h, GigabitEthernet0/0.6
             [90/3415808] via 172.28.82.3, 4d00h, GigabitEthernet0/1
             [90/3415808] via 172.28.80.3, 4d00h, GigabitEthernet0/0.1
  D       172.30.254.24/32
             [90/156160] via 172.28.176.3, 1w5d, GigabitEthernet0/0.6
             [90/156160] via 172.28.82.3, 1w5d, GigabitEthernet0/1
             [90/156160] via 172.28.80.3, 1w5d, GigabitEthernet0/0.1
  C       172.30.254.25/32 is directly connected, Loopback10
  C    192.168.202.0/24 is directly connected, GigabitEthernet0/0.1
       10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
  S       10.192.254.0/24 [1/0] via 172.28.82.10, GigabitEthernet0/1
  S       10.201.0.0/16 [1/0] via 172.28.82.10, GigabitEthernet0/1
  S       10.200.1.0/24 [1/0] via 172.28.82.10, GigabitEthernet0/1
  C    192.168.203.0/24 is directly connected, GigabitEthernet0/0.1
  C    192.168.51.0/24 is directly connected, GigabitEthernet0/0.1
  B*   0.0.0.0/0 [20/0] via 172.30.252.78, 1w4d
  B    200.200.0.0/16 [20/0] via 172.30.252.78, 1w4d
  B    201.1.0.0/16 [20/0] via 172.30.252.78, 1w4d
  B    172.16.0.0/12 [20/0] via 172.30.252.78, 1w4d
  B    198.30.0.0/16 [20/0] via 172.30.252.78, 1w4d
  B    192.168.0.0/16 [20/0] via 172.30.252.78, 1w4d
  Core Switch
  TNLAW-TN1COREA# sho ip route
  Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route
  Gateway of last resort is 10.192.61.1 to network 0.0.0.0
       172.26.0.0/16 is variably subnetted, 3 subnets, 2 masks
  C       172.26.82.0/24 is directly connected, Vlan601
  C       172.26.83.0/24 is directly connected, Vlan603
  C       172.26.80.0/23 is directly connected, Vlan602
       172.28.0.0/16 is variably subnetted, 4 subnets, 2 masks
  D       172.28.176.0/23 [90/28416] via 172.28.82.3, 7w0d, Vlan2
                          [90/28416] via 172.28.82.2, 7w0d, Vlan2
                          [90/28416] via 172.28.80.3, 7w0d, Vlan1
                          [90/28416] via 172.28.80.2, 7w0d, Vlan1
  C       172.28.80.0/23 is directly connected, Vlan1
  C       172.28.82.0/23 is directly connected, Vlan2
  D       172.28.80.20/32 [90/28416] via 172.28.82.3, 7w0d, Vlan2
                          [90/28416] via 172.28.80.3, 7w0d, Vlan1
       172.30.0.0/16 is variably subnetted, 6 subnets, 2 masks
  D       172.30.252.78/32 [90/3413504] via 172.28.82.2, 1w4d, Vlan2
                           [90/3413504] via 172.28.80.2, 1w4d, Vlan1
  D       172.30.252.76/30 [90/3413504] via 172.28.82.2, 1w4d, Vlan2
                           [90/3413504] via 172.28.80.2, 1w4d, Vlan1
  D       172.30.252.114/32 [90/3413504] via 172.28.82.3, 4d00h, Vlan2
                            [90/3413504] via 172.28.80.3, 4d00h, Vlan1
  D       172.30.252.112/30 [90/3413504] via 172.28.82.3, 4d00h, Vlan2
                            [90/3413504] via 172.28.80.3, 4d00h, Vlan1
  D       172.30.254.24/32 [90/130816] via 172.28.82.3, 7w0d, Vlan2
                           [90/130816] via 172.28.80.3, 7w0d, Vlan1
  D       172.30.254.25/32 [90/130816] via 172.28.82.2, 7w0d, Vlan2
                           [90/130816] via 172.28.80.2, 7w0d, Vlan1
  D    192.168.202.0/24 [90/28416] via 172.28.82.3, 7w0d, Vlan2
                        [90/28416] via 172.28.82.2, 7w0d, Vlan2
       10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
  S       10.192.254.0/24 [1/0] via 10.192.61.1, GigabitEthernet3/47
  S       10.201.0.0/16 [1/0] via 10.192.61.1, GigabitEthernet3/47
  S       10.200.1.0/24 [1/0] via 10.192.61.1, GigabitEthernet3/47
  C       10.192.61.0/28 is directly connected, GigabitEthernet3/47
  D    192.168.203.0/24 [90/28416] via 172.28.82.3, 7w0d, Vlan2
                        [90/28416] via 172.28.82.2, 7w0d, Vlan2
  D    192.168.51.0/24 [90/28416] via 172.28.82.3, 7w0d, Vlan2
                       [90/28416] via 172.28.82.2, 7w0d, Vlan2
  S*   0.0.0.0/0 [250/0] via 10.192.61.1, GigabitEthernet3/47

  Hello,
  The core switch has got a static default route pointing to 10.192.61.1. It has got a better AD value than the EIGRP routes.
  Even if you are redistributing the BGP routes into EIGRP, EIGRP default route will not make it to the routing table because of the higher AD value than the static route.
  However, you can view that it the EIGRP topology table. Check 'Sh ip ei topo'.
  Krishna

• MPLS/OSPF Fasthellos

  I am setting up an MPLS VPN network.
  Customer needs fast convergenace.
  So I thought backbone IGP(OSPF) could be configured with fast hellos for the same. At the time of a backbone link failure, even if OSPF converges fast customer is experiencing an outage of 20 seconds between the CPEs(normal ping). I think the longer switchover delay may be due to LDP convergence. Can someone help me with this.
  Any idea of reducing LDP convergence time.
  I am using 4948 switches.
  Thanks in advance
  AneesH

  Hello Anish,
  Greetings of the day,
  Well MPLS VPN Convergence Times Depending on the PE-CE Protocol. We have different protocols having the following convergence time as below:
  Static: 25 seconds
  OSPF: 35 seconds
  BGP:   85 seconds
  EIGRP:25 Seconds
  RIPV2 :85 seconds
  Option 1:
  You can use static routing in between PE-CE as there is a 60 sec convergence difference between static and BGP routing protocols.
  Option 2:
  Tuning the BGP
  The main delay in route convergence with the BGP protocol is the time taken to advertise a new or deleted VPN route. This time is primarily driven by the advertisement interval timer. This is set by default to 5 seconds for internal BGP (convergence point T4) and 30 seconds for external BGP (convergence points T1 and T7).
  you can chose to reduce the internal BGP timer to 1 second and the external BGP timer to 5 seconds. These new timer values allow routes to be distributed across the backbone network more quickly. They also provide a small delay for the advertisement of these routes to external peers to allow a certain amount of packing of routes into the updates.
  Using these new timer values, you can able to drop the theoretical maximum convergence time (when BGP-4 is used on the PE-CE links) to 27 seconds. (This is the default theoretical maximum of 85 seconds minus twice a 4-second saving for internal BGP and twice a 25-second saving for external BGP.) This time is more inline with the other routing protocols.
  Option 3:
  hello state timer:RSVP hellos can be used to detect when a neighboring node is down. The hello state timer then triggers a state timeout. As a result, network convergence time is reduced, and nodes can forward traffic on alternate paths or assist in stateful switchover (SSO) operation.
  Or you can use BFD for link failure between PE and CE
  Cheers!!!
  Inderdeep

• Multihoming Primary/Backup PE MPLS VPN

  Hi there,
  I kind of stuck of implementing and configuring Primary/Backup scenario for MPLS VPN enviroment.
  Currently, only singe CE router connected to 2 PE router, Primary PE and Backup PE in the same POP.
  PE-CE IGP is running OSPF. On CE router prespective, how do I achieve primary/backup scenario and on other remote PE, how does MPLS VPN cloud noticed that there is Primary and Backup PE towords this CE router?
  Any configuration or sample out there? Appreciate for the help.
  regards,
  maher

  Hello Maher,
  I would try to set the interface metric to a higher value for the backup PE. With OSPF->BGP redistribution you should then get a higher MED in BGP making the path less preferable. Example:
  interface Serial0/0
  description to primary PE
  ip ospf cost 100
  interface Serial0/1
  description to backup PE
  ip ospf cost 1000
  Alternatively you could modify the MED while redistributiing into BGP:
  router bgp 65000
  address-family ipv4 vrf VRFname
  redistribute ospf 123 vrf VRFname match internal external route-map OSPF2BGP
  route-map OSPF2BGP permit 10
  set metric 10000
  Hope this helps! Please rate all posts.
  Regards, Martin

• MPLS, GRE (with no IPSEC) & Dynamic Routing

  Good day my friends!
  Just wondering if any of you could help shed some light on how I would do something. We are switching over from a Point to Point connection between sites to an MPLS one. I have read that Multicast is not permitted across MPLS, so after terminating the MPLS circuits into our network, I created some GRE Tunnels to allow for Multicast (for Dynamic routing as well as Music on Hold)... Everything went well, other then all traffic between the sites is going over the Tunnel interfaces. I would prefer that only multicast traffic go over the GRE tunnel and all other traffic traverse the MPLS without GRE Encapsulation.
  I attempted to do this by doing the following... I wrote an access list indicating Multicast source addresses, then created a route map and did a match ip address acl and set interface to tunnel. then I applied that route map to the vlan (although it doesn't give me the option for direction on the 6509 switch) that the single interface is a member of. That interface goes to the router provided by the service provider. I did the same in the other site as well (2811 router, appied to the interface). What have I done wrong so far?
  We run EIGRP and I did inject the tunnel ip addresses into eigrp, after which traffic started going across it (the tunnel). I need to make sure that routing can find a path via MPLS in EIGRP outside of GRE, and for that all I have done so far is create static routes (on our 6509 and 2811 devices that the MPLS terminates to) with the destination subnet being in the other site between the qwest router and our router (Did that at both sites). I havent created any static routes for remote sites internal subnets because I would like EIGRP to do that, I don't want to rely on Static routes for routing between sites as far as our internal routing.
  So I guess, my question is 2 fold:
  What else do I need to do to get EIGRP to know about the path between sites over MPLS besides through the GRE tunnel?
  How would you control traffic so only Multicast traversed the GRE tunnel where all other traffic would go over MPLS natively?
  Any help you could lend would be very much appriciated!

  Thanks for the reply Laurent!
  Ok, so I just got off the phone our SP and they said they do not support Multicast transport over MPLS... so your assumption is correct...
  I see, so it sounds like I want to stay away from allowing all traffic to traverse between sites over MPLS via GRE... I never considered the issue with scaling when using GRE for all traffic. Good to know!
  While I was on the phone with our SP, I talked with them about routing protocol's they support via MPLS, to which they responded with BGP as really the only option.
  FYI, this is our current WAN arrangement between 2 of the sites:
  Site A>Cisco 2811>Adtran Router (SP provided)>PE-PESite B
  Site A>Cisco 2811 (same as above)>Adtran Router (SP provided)>PE-PESite B
  The SP suggested we run OSPF between our hardware and the Adtran routers and then 2-way redistribute subnets between EIGRP to OSPF and then from OSPF to BGP as follows:
  EIGRP ran inside Site A and B
  OSPF running on outside facing interface on 2811 and 6509
  OSPF running on inside interfaces on Adtran routers
  Private AS BGP running on Adtran with Public AS neighbor to PE device
  This should work, but wouldn't it work for me to just configure BGP on our 2811 and have a IBGP adjacency between it and the Adtran Router and then filter what routes are redistributed from and to IBGP on our 2811 into EIGRP? If this would work, does one design have any advantages over the other? It seems like the EIGRP to OSPF to BGP idea has to many moving parts...
  My objective is to allow all devices in all locations (4 MPLS sites) to route dynamically, verses relying on static routes.
  Regarding the Tunnel config's... I see... Excellent example. OK, so it sounds and looks like I would first configure each site with the routing protocol solution, then, implement GRE with per the example provided, and that would accomplish Multicast over GRE and everything else over MPLS! Thanks alot Laurent!
  So what would you recommend regarding the routing protocol structure?

• How do you Redistribution EIGRP into OSPF and maintain a distance of 250 for a static route?

  Ok, I have scoured the forums long enough and have to post. The design is below. I moved a firewall to our new data center, which required adding some static routes for VPN connections and broadband backups. To minimize the amount of static routes I redistribute static into EIGRP with a route-map and prefix-list.
  My problem is the next part of my network. When the data leaves my 56128's it hits an edge device connecting to our dark fiber. On this edge device I am running OSPF onto the dark fiber, then redistribute some EIGRP subnets into OSPF and again all is well.
  Everything works up until the point the redistributed routes hit my RIB at my main data center where I am running IBGP. IBPG is run between our MPLS router and core for all our remote sites. When my backup route from the 56128's hits the cores, it supersedes the BGP route because the AD route O E2 [110/20] is lower than the BGP AD B [200/0]. Given the configuration below what can be done to remedy this? Oh when I redistribute I can only change the AD for the backup routes, all other routes should stay the same.
  56128's where my static routes are:
  ip route 192.168.101.0/24 192.168.30.77 name firewall 250
  router eigrp 65100
     redistribute static route-map Static-To-Eigrp
  route-map Static-To-Eigrp permit 10
     match ip address prefix-list Static2Eigrp
  ip prefix-list Static2Eigrp seq 2 permit 192.168.101.0/24
  Edge device:
  router eigrp 65100
   network 172.18.0.5 0.0.0.0
   network 172.18.0.32 0.0.0.3
   network 172.18.0.36 0.0.0.3
   redistribute ospf 65100 metric 2000000 0 255 1 1500
   redistribute static metric 200000 0 255 1 1500 route-map STATICS_INTO_EIGRP
   passive-interface default
   no passive-interface Port-channel11
   no passive-interface Port-channel12
   eigrp router-id 172.18.0.5
  router ospf 65100
   router-id 172.18.0.5
   log-adjacency-changes
   redistribute eigrp 65100 subnets route-map EIGRP_INTO_OSPF
   passive-interface default
   no passive-interface GigabitEthernet1/0/1
   no passive-interface GigabitEthernet1/0/2
   no passive-interface GigabitEthernet2/0/1
   no passive-interface GigabitEthernet2/0/2
   network 172.18.0.0 0.0.255.255 area 0
  ip prefix-list EIGRP_INTO_OSPF seq 5 permit 172.18.0.0/16 le 32
  ip prefix-list EIGRP_INTO_OSPF seq 10 permit 192.168.94.0/29 le 32
  ip prefix-list EIGRP_INTO_OSPF seq 15 permit 192.168.26.32/29 le 32
  ip prefix-list EIGRP_INTO_OSPF seq 20 permit 192.168.30.72/29 le 32
  ip prefix-list EIGRP_INTO_OSPF seq 25 permit 192.168.20.128/25 le 32
  ip prefix-list EIGRP_INTO_OSPF seq 26 permit 192.168.101.0/24 le 32 <- Backup Route for MPLS Remote Office
  route-map EIGRP_INTO_OSPF permit 10
   match ip address prefix-list EIGRP_INTO_OSPF

  So in the case of a /24. If it were say broken up into /25's? From our remote sites we are using aggregate-address summary-only. Not sure how I would advertise a more specific route via BGP, sorry.
  I didnt have this problem until I moved my firewalls. They plugged into the cores where IBGP was running and the static never kicked in unless the bgp route disappeared. I guess I could use my static redistribution for my VPN sites and use statics across the cores for the handful of backup links I have.