Jump to content


2

H2+ .2.5. Backdoor routing between R18-R57


7 replies to this topic

#1 jami30

jami30

    Advanced Member

  • Members
  • PipPipPip
  • 66 posts
  • 39 thanks

Posted 12 October 2019 - 01:29 AM

Please can someone tell me the method to route traffic on backdoor link in H2+.

I am unable to route traffic on the backdoor link (R18-R57) between subnets 10.2.100.0/24 and 172.18.1.0/24. If I trace 172.18.1.254 from user PC R101  my traffic goes load balanced between MPLS and backdoor link.

I know in H2, we summarize /16 on R55 and R56 which is how we achieve the above requirement in H2, but in H2+ we are not allowed to summarize. So how do we achieve this?

Thanked by 1 Member:
Firass81

#2 lelien

lelien

    Member

  • Members
  • PipPip
  • 33 posts
  • 131 thanks

Posted 12 October 2019 - 03:16 AM

View Postjami30, on 12 October 2019 - 01:29 AM, said:

Please can someone tell me the method to route traffic on backdoor link in H2+.

I am unable to route traffic on the backdoor link (R18-R57) between subnets 10.2.100.0/24 and 172.18.1.0/24. If I trace 172.18.1.254 from user PC R101  my traffic goes load balanced between MPLS and backdoor link.

I know in H2, we summarize /16 on R55 and R56 which is how we achieve the above requirement in H2, but in H2+ we are not allowed to summarize. So how do we achieve this?

Advertise 10.2.100.0/24 under bgp (R18) and 172.18.1.0/24 (R57) and you should be good.

Edited by lelien, 12 October 2019 - 03:17 AM.


#3 jami30

jami30

    Advanced Member

  • Members
  • PipPipPip
  • 66 posts
  • 39 thanks

Posted 12 October 2019 - 10:12 AM

Here is what I have configured:
On R18 & R57 I have configured summary-only with unsupress-map for /24. Therefore both of them advertise /24 subnet to each other.
On R15 & R16 I have configured summary-only for 10.0.0.0/8.
On R55 & R56 it has preconfigured redistribution in C4C EVE with route map attached.


Now when I look on SW3 or SW4 for show ip route 172.18.1.0, I get two equal path routes for /24 subnet from MPLS and from Backdoor link. Which means /24 is also learned from MPLS cloud.

Therefore when I trace from PC 101 for 172.18.1.254, instead of traffic going via backdoor it gets load balanced.

Question states that I cannot summarize on R55/R56 so I am unable to get it working.

#4 jami30

jami30

    Advanced Member

  • Members
  • PipPipPip
  • 66 posts
  • 39 thanks

Posted 12 October 2019 - 01:07 PM

R101#traceroute 172.18.1.254 pr 2
Type escape sequence to abort.
Tracing the route to 172.18.1.254
VRF info: (vrf in name/id, vrf out name/id)
  1 10.2.100.254 2 msec 1 msec
  2 10.2.0.9 2 msec
    10.2.0.42 2 msec
  3 10.254.0.77 7 msec
    10.2.0.46 4 msec
  4 10.254.0.33 [MPLS: Labels 22/44 Exp 0] 5 msec
    172.18.2.254 3 msec

--------------------------------------------------------------------------------


SW4#sh ip route  172.18.1.254
Routing entry for 172.18.1.0/24
  Known via "ospf 1", distance 110, metric 2
  Tag 65005, type extern 1
  Last update from 10.2.0.9 on Vlan164, 00:17:40 ago
  Routing Descriptor Blocks:
    10.2.0.42, from 10.255.1.18, 00:18:30 ago, via Vlan184
      Route metric is 2, traffic share count is 1
      Route tag 65005
  * 10.2.0.9, from 10.255.1.16, 00:17:40 ago, via Vlan164
      Route metric is 2, traffic share count is 1
      Route tag 65005

#5 rajbabu

rajbabu

    Member

  • Members
  • PipPip
  • 19 posts
  • 146 thanks

Posted 12 October 2019 - 05:38 PM

Change eigrp metric while redist on r55/ r56. Try this way. It will work.

Just change the  delay 1000.

#6 jami30

jami30

    Advanced Member

  • Members
  • PipPipPip
  • 66 posts
  • 39 thanks

Posted 13 October 2019 - 10:56 AM

Thanks Rajbabu but still i am unable to. Here is my configuration:


R56 (R55 is also same)

ip prefix-list EIGRP seq 5 permit 172.0.0.0/8 le 32   ----this was preconfigured
!
ip prefix-list PF seq 5 deny 172.0.0.0/8------------------I added this PL due to requrement.
ip prefix-list PF seq 10 permit 172.0.0.0/8 le 32
!
route-map JACOBHQ permit 10-------------------------------this was preconfigured
match ip address prefix-list EIGRP-----------------------this was preconfigured
!
route-map JACOBHQ1 deny 10---------------------------this was preconfigured
match ip address prefix-list EIGRP-------------------this was preconfigured
!
route-map JACOBHQ1 permit 20--------------------------this was preconfigured
!


router eigrp 10
network 172.18.254.2 0.0.0.0
network 172.30.1.56 0.0.0.0
redistribute bgp 65005 metric 1 1 1 1 1 route-map JACOBHQ1 ------------------Preconfigured
!
router bgp 65005
bgp log-neighbor-changes
redistribute eigrp 10 route-map JACOBHQ  ---------------------------Preconfigured
neighbor 172.18.253.5 remote-as 65006
neighbor 172.18.253.5 prefix-list PF out
neighbor 172.30.1.55 remote-as 65005
neighbor 172.30.1.55 update-source Loopback0
neighbor 172.30.1.55 next-hop-self


-------------------------------------------------------------------

R56#show ip bgp neighbors 172.18.253.5 advertised-routes | in 172.18.1
*>  172.18.1.0/24    172.18.254.254      281856         32768 ?-------------------As you can see it is /24. In H2 we aggregate and make this /16. But not allowed in H2+

#7 zakilouz

zakilouz

    Junior Member

  • Members
  • PipPip
  • 5 posts
  • 4 thanks

Posted 13 October 2019 - 11:50 AM

Hi,

I thinks you should redistribute BGP into OSPF on R15 and R16 as E2 route note E1.  and from R18 as E1 route.

by this way traffic to 172.18.1.0/24 will be preferred via R18.

Hope this answer to your qestion

#8 Firass81

Firass81

    Advanced Member

  • Members
  • PipPipPip
  • 95 posts
  • 33 thanks

Posted 13 October 2019 - 07:55 PM

Hi,

thank for you message.

For this question, we must frist understand the default redistribution metric between ospf & bgp to get a better idea on what is gioing on.

let us take this configuration:

router bgp 65002
  redistribute ospf ------------------------------------------------> here bgp will redistribute only all intra and inter prefixes by default.

router ospf 1
  redistribute bgp subnets  ------------------------------------> the default hiier metric-type ospf E2 (with cost 20, this cost is not important for our labs)


Now we have a good idea and we can also make luckily a filter based on that.


In H2+ the sinario is a little bit complex, because off only use aggragate 10.0.0.0 on two exit points from DC on R18 and on R15/16 and the complexity raises when he asks not to use any aggragte command from 65005 on R55/56 as we will see later.


let us configure first the primary route throuhg R18/57 and therefor i have to sulotion to leak the specific prefix.
Pleas pay attention on the redistribution metric that we will use for that!!!


Option1: Use suppress-map with aggragate-map and I see this sulotion is the standard but i prefer to use the second one as WEB:

     R18:
         router bgp 65002
            network 10.1.2.0 mask 255.255.255.0
            aggragate-summary 10.0.0.0 255.0.0 summary-only sepress-map LEAK -----------> Not this is the first summary 10.0.0.0 on R18, and we suppressed prefix from this summay

        route-map LEAK deny 10 -------> to deny the prefix from aggragate command.
          match ip address prefix LEAK
        route-map LEAK permit 20 -------> to aggaragate others prefixes

     ip prefix LEAK permit 10.1.2.0/24

Option2: use unsuppress-map on a neighbor command:
         router bgp 65002
            network 10.1.2.0 mask 255.255.255.0
            aggragate-summary 10.0.0.0 255.0.0 summary-only
            neighbor 10.x.x.x unsuppress-map LEAK
        route-map LEAK permit10 -------> we use here permit
          match ip address prefix LEAK
     ip prefix LEAK permit 10.1.2.0/24


For ospf:
router ospf 1
   redistribute bgp subnets metric-type 1 ------> note here we use E1, please keep that in mind.
   summary-address 10.0.0.0 255.0.0.0 not-advertise ------> this prefix is preduced from aggregate-command on bgp, It make no sence to have it again in the same domain DC so we use not-                                                                                                          advertise at the end of the summary-address command into ospf

Now move to R57:

The same policy 2 option we can use it again in the new prefixes: I will use the second one:

        router bgp 65006
            network 172.18.1.0 mask 255.255.255.0
            aggragate-summary 172.0.0.0 255.0.0 summary-only
            neighbor 10.x.x.x unsuppress-map LEAK
        route-map LEAK permit10 -------> we use here permit
          match ip address prefix LEAK
     ip prefix LEAK permit 1172.18.1.0/24

For EIGRP:

router eigrp 10
  redistribute bgp 65005 metric 10000 100 255 1 1500 ---------------> Please this metric in mind, becase we have here to prefixes from bgp on R18: 10.0.0.0, 10.2.1.0/24. the summary 10.0.0.0 we                                                                                                                will have it again on R55/56 from R15/16 and we wii use on R55/56 the same eigrp metric or one that better from this.
  distrbute prefix DENY out -----------------> this is again to deny the prefix 172.0.0.0, to not have it at the same domain from aggragate-address bgp on R57.

ip prefix-list DENY deny 172.0.0.0/24
ip prefix-list permit 0.0.0.0/0 le 32


Now you can ping safaly from R101 to vlan 172.18.1.254.


At the same domain DC and moving to R15/16:

On all devices in DC we have already got 172.18.1.254 and not 172.0.0.0 (becuse of summary-address not-advertised in ospf on R18)

redistribute bgp into ospf:

router ospf 1
redistribute bgp 65002 subnets ------------------> Now we have redistributed all bgp prefixes as the default metric and here E2 and we had it arleady as E1 on R18
                                                                            from those prefixes 172.18.1.0/24 because the requirements demands not to aggragate command on R55/56 from 65005
                                                                            Now we have the same prefixes   172.18.1.0/24 but this time with to diffrent ospf metric types E1/E2 and the prefer one is E1 as you know.
                                                                            So all the device will use a route throuhg R18-57 that has E1 metric



redistribute ospf into bgp:

router bgp 65002
redistribute ospf 1 subnets -----------------> Note that we use here the default metric redistribution and it is only intra and internal ospf prefixes to be on a safe side and not redistriute the ospf E1/2
                                                                    again into backbone
   aggragate-address 10.0.0.0  255.0.0.0 summary-only


Now moving to damin 65005 on R55/56:

there is a pre-config redistribution between bgp and eigrp and filter command to permit the prefixes to bgp and deny them into 65005. and this is in exam correct so pleas don't touche it.

But we must take a close look at the metric eigrp redistribution, we will finde that the exam use the default metric eigrp 1 1 1 1 1

router bgp 65005
redistribute eigrp 10
router eigrp 10
redistribute bgp 65005 metric 1 1 1 1 1 -------> this is not correct and i will explain why?

the domain 65005 will get the prefix 10.0.0.0 from R57 and from R55/56

we have already used as you saw it. the eigpr redistribution metric on R57 10000 100 1 255 1500
and the exam use the default metric 1 1 1 1 1

What do you think, What will the devices in 65005 will choose the route for 10.0.0.0 or lets say to all prefixes that belong to 10.0.0.0 except 10.2.1.0/24??

Clearly, All the deveices will prefer the R57-18 primary route over the MPLS backbone and this violate the requirement.

So do make MPLS the prefer path. we can use either the same metric, because the VLAN interface is alway prefer over ethernet interface because its default bandwidth
or we cand user a better metric by manipulate either the bandwidh or delay.

Let us change the delay to make better than that which is on R57:

to remind:
R57
router eigrp 10
redistribute bgp 65005 10000 100 255 1 1500 -----------------> note here the delay is 100

On R55/56:
we will change the default metric 1 1 1 1 1

router eigrp 10
redistribute bgp 65005 10000 10 255 1 1500 -----------------> note here the delay is 10 to make it the better metric

And thus all deveices will choose the MPLS path and the other which through R18/57 the backup for the prefix 10.0.0.0/8


That is it.

All the bests

Thanked by 2 Members:
simple792 , jami30



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top