From Scratch #3: Redistributing Between OSPF and BGP

This is a pretty common scenario. You are running and IGP (in this case, OSPF) on your local network and you connect to another company or ISP via an eBGP link.

Your goal is to leak some of the external routes received via BGP into your IGP, and in turn leak some of your internal routes out via BGP. The constraint is you don’t want everything. Only the routes you decide.

There are numerous ways to do this. The way I would do this, is to explicitly state which routes you want via route-maps on your BGP link. That’s not exactly what I will do in this post – but it should be pretty easy to work out how to do that if you follow what’s bellow.

To begin with, our setup is this:

Network Setup

Thor and Baldur are your internal routers which run OSPF between them. Baldur and Loki have an eBGP link. I have added an extra loopback on both Loki and Thor, and the goal is to get them to talk.

Starting with Thor, we have the following interfaces:

Thor#show ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 10.0.100.2 YES manual up up
Loopback0 10.0.0.1 YES manual up up
Loopback10 10.0.50.254 YES manual up up

Lookback 10 will eventually be able to talk externally. I have given it a /24, which will be advertised externally.

Next up, Baldur has the following interfaces:

Baldur#show ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.0.2 YES manual up up
FastEthernet0/1 10.0.100.1 YES manual up up
Loopback0 10.0.0.0 YES manual up up

F0/0 represents out external interface. F0/1 is the internal (OSPF) interface.

Finally, Loki has the following interfaces:

Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.0.1 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
Loopback0 192.168.17.1 YES manual up up

Lo0 will talk to Lo10 on Thor.

First, getting OSPF up and running we add:

Thor#show run | s router
router ospf 1
 log-adjacency-changes
 network 10.0.0.1 0.0.0.0 area 0
 network 10.0.50.254 0.0.0.0 area 0
 network 10.0.100.2 0.0.0.0 area 0
Baldur#show run | s router
router ospf 1
 log-adjacency-changes
network 10.0.0.0 0.0.0.0 area 0
 network 10.0.100.1 0.0.0.0 area 0

This should be fairly straight forward hopefully. End result: OSPF is running between Thor and Baldur.

Next we bring up and eBGP link between Baldur and Loki:

Baldur#show run | s router bgp
router bgp 65000
 neighbor 192.168.0.1 remote-as 65050
 neighbor 192.168.0.1 update-source FastEthernet0/0
 no auto-summary
Loki#show run | s router
router bgp 65050
 neighbor 192.168.0.2 remote-as 65000
 neighbor 192.168.0.2 update-source FastEthernet0/0
 neighbor 192.168.0.2 default-originate
 no auto-summary

Ok. Now we have all the routing protocols running. Neighborships are up – Baldur can talk to both Loki and Thor, but Loki and Thor can’t talk to each other.

So we have to get the route from Loki (192.168.17.1) to Thor and conversely we have to get the route from Thor (10.0.50.254/24) to Loki.

First step in getting the route from Loki, is for Loki to advertise this route into BGP. This is a simple network statement.

Loki(config)#router bgp 65050
Loki(config-router)#network 192.168.17.1 mask 255.255.255.255

Confirm on Baldur we can see 192.168.17.1:

Baldur#show ip bgp
BGP table version is 6, local router ID is 10.0.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 192.168.0.1 0 0 65050 i
*> 10.0.50.0/24 10.0.100.2 11 32768 i
*> 192.168.17.1/32 192.168.0.1 0 0 65050 i

There it is. Yay.

Now, this has to be redistributed into OSPF. This is done via a redistribute command. I have in this case passed the redistribute command through a route-map (PERMIT_DEFAULT) which references a prefix-list (DEFAULT_LIST). If you haven’t seen prefix-lists – they are awesome! There is heaps of online information on them, you can think of it as something similar to an ACL for use in redistribution or route filter, with the ability to specify your subnet mask size – or a range of sizes.

Back to Baldur:

Baldur(config)#router ospf 1
Baldur(config-router)#redistribute bgp 65000 subnets route-map PERMIT_DEFAULT
Baldur(config)#route-map PERMIT_DEFAULT permit 50
Baldur(config-route-map)# match ip address prefix-list DEFAULT_LIST
Baldur(config-router)#ip prefix-list DEFAULT_LIST seq 15 permit 192.168.17.1/32

So, the result of that prefix-list and route-map – the only routes redistributed into OSPF from BGP should be 192.168.17.1/32.

So if we look at Thor, it should now have a route for 192.168.17.1/32:

Thor#show ip route
 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
O 10.0.0.0/32 [110/11] via 10.0.100.1, 00:25:26, FastEthernet0/1
C 10.0.0.1/32 is directly connected, Loopback0
C 10.0.50.0/24 is directly connected, Loopback10
C 10.0.100.0/30 is directly connected, FastEthernet0/1
 192.168.17.0/32 is subnetted, 1 subnets
O E2 192.168.17.1 [110/1] via 10.0.100.1, 00:25:26, FastEthernet0/1

There it is, an OSPF external E2 route, yay! And look, nothing else. The 192.168.0.0/30 is not there.

Now we need to send the 10.0.50.0/24 network out. Now, you can do this via a redistribute OSPF command within BGP much like we did for the other way. But the other option is just to put a network statement in BGP on Baldur. Remember, the network command in BGP will advertise the specified network – as long as it appears in on the local routing table. So if the network disappears from OSPF, it will also be withdrawn from BGP.

Advertising on Baldur:

Baldur(config)#router bgp 65000
Baldur(config-router)#network 10.0.50.0 mask 255.255.255.0

Confirming on Loki:

Loki#show ip route
 10.0.0.0/24 is subnetted, 1 subnets
B 10.0.50.0 [20/11] via 192.168.0.2, 00:34:47
 192.168.0.0/30 is subnetted, 1 subnets
C 192.168.0.0 is directly connected, FastEthernet0/0
 192.168.17.0/32 is subnetted, 1 subnets
C 192.168.17.1 is directly connected, Loopback0

Full connectivity:

Loki#ping 10.0.50.254 source loopback 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.50.254, timeout is 2 seconds:
Packet sent with a source address of 192.168.17.1
!!!!!

You have to specify the source address because Thor only has a return address for Lo0, not for any of Loki’s other interfaces.

And lastly, confirming that the network command works as explained above, if we remove the 10.0.50.0/24 network from OSPF (shutdown on Lo10 on Thor) then it should also disappear for Loki:

Thor(config)#int lo 10
Thor(config-if)#shut
Loki#show ip route 10.0.50.0
% Network not in table

All gone, network command works as anticipated.

As I said, there a dozen other ways of doing this, but this is one way. Enjoy!

 

 

This entry was posted in BGP, Config, From Scratch, OSPF by Tom. Bookmark the permalink.

2 thoughts on “From Scratch #3: Redistributing Between OSPF and BGP

  1. There is a typo when attempting the following:
    Loki(config)#router bgp 65100 (This should be ‘bgp 65050’, not ‘65100’)
    Loki(config-router)#network 192.168.17.1 mask 255.255.255.255

Leave a Reply

Your email address will not be published. Required fields are marked *