Jump to content
Firass81

Request: H2 cfg, sec 2.2, 2.8 made me crezy!!!!!

Recommended Posts

Hi,

 

I have done every thing perfeclty, aggregate-address without SUMMARY and added network subenet and redistruted bgp on very router to eigrp and ospf and it is propagated successfully into every domain, I could see every subnet on SW4 and SW10.

 

simpely i couldn't ping from SW10 to R101(had successfuly ping to an IP address and ping to all others domain) and vice vira??????

 

The route throuhg the MPLS is pinging prefectly without problems.

 

NOW: wehn I redistributed the E-BGP link between Edge routers (R18, R57) into OSPF on R18: " redistributed connected ". The BGP Backdoor is working and the pinging too.

 

But i think the Redistributing EBGP link into ospf domian is not acceptable on the exam!!!!!

 

Any body hier has the sampe problem??

 

Thanks in advance.

Share this post


Link to post
Share on other sites

R18 config

 

 

interface Loopback0

ip address 10.255.1.18 255.255.255.255

!

interface Ethernet0/0

ip address 10.2.0.45 255.255.255.252

!

interface Ethernet0/1

ip address 10.2.0.42 255.255.255.252

!

router ospf 1

router-id 10.255.1.18

redistribute bgp 65002 metric-type 1 subnets

network 10.2.0.42 0.0.0.0 area 0

network 10.255.1.18 0.0.0.0 area 0

!

router bgp 65002

bgp router-id 10.255.1.18

bgp log-neighbor-changes

network 10.0.0.0

network 10.2.1.0 mask 255.255.255.0

aggregate-address 10.0.0.0 255.0.0.0

redistribute ospf 1

neighbor 10.2.0.46 remote-as 65005

neighbor 10.2.0.46 prefix-list MERG out

!

ip prefix-list MERG seq 5 permit 10.0.0.0/8

ip prefix-list MERG seq 10 permit 10.2.1.0/24

Share this post


Link to post
Share on other sites

R57 Config

 

 

 

interface Loopback0

ip address 172.30.1.57 255.255.255.255

!

interface Ethernet0/0

ip address 10.2.0.46 255.255.255.252

!

interface Ethernet0/1

ip address 172.18.2.1 255.255.255.0

 

router eigrp JACOB

!

address-family ipv4 unicast autonomous-system 10

!

topology base

redistribute bgp 65005 metric 10000 100 255 1 1500

exit-af-topology

network 172.18.2.1 0.0.0.0

network 172.30.1.57 0.0.0.0

eigrp router-id 172.30.1.57

exit-address-family

!

router bgp 65005

bgp router-id 172.30.1.57

bgp log-neighbor-changes

network 172.0.0.0 mask 255.0.0.0

network 172.18.1.0 mask 255.255.255.0

aggregate-address 172.0.0.0 255.0.0.0

redistribute eigrp 10

neighbor 10.2.0.45 remote-as 65002

neighbor 10.2.0.45 prefix-list MERG out

!

ip prefix-list MERG seq 5 permit 172.0.0.0/8

ip prefix-list MERG seq 10 permit 172.18.1.0/24

Share this post


Link to post
Share on other sites

Hi farahatzahran,

 

thank u very much for ur reply and feedback.

 

By ur way, it would absolutly work. But u have matul redistribution on very border router (R18,R57) and the question was clear, Only redistribut BGP into interior protocol (ospf and eigrp).

That means only one way redistribution on every router. that is why the pinging ist not work.

 

Any way I have found the problem,

On Linux ios, there is a bug, but on a normal cisco ios, my method with one way reditribution is working.

 

Thank a lot for ur help.

Edited by Firass81

Share this post


Link to post
Share on other sites

on R18:

-------------

 

router bgp 65002

bgp router-id 10.255.1.18

bgp log-neighbor-changes

network 10.2.1.0 mask 255.255.255.0

aggregate-address 10.0.0.0 255.0.0.0 summary

neighbor 10.2.0.46 remote-as 65005

neighbor 10.2.0.46 unsupress-map Leak

 

ip prefix-list NET permit 10.1.200.0/24

route-map Leak permit 10

match ip add prefix NET

 

---------

 

On R57:

----------

 

router bgp 65005

bgp router-id 172.30.1.57

bgp log-neighbor-changes

network 172.0.0.0 mask 255.0.0.0

aggregate-address 172.0.0.0 255.0.0.0 summary

neighbor 10.2.0.45 remote-as 65002

neighbor 10.2.0.45 unsupress-map Leak

 

ip prefix-list NET permit 172.18.2.0/24

route-map Leak permit 10

match ip add prefix NET

 

and then redistribut bgp into ospf and eigrp.

 

PS: this sulotion for H2+. for H2, there is no unsupress-map, only on BGP the aggragate-add without summary at the end, and network command for each subnet.

 

Thanks.

Edited by Firass81

Share this post


Link to post
Share on other sites

In H2 there is no reason to supress child routes from the summaries on R18 and R57.

Purely based on that, you no longer need a way to get the exact /24 route for 172.18.1.0 on the OSPF in Jameson DC.

 

Instead, there is no way to get the /24 address from MPLS/L3 VPN, as you supress these on 55 and 56 via aggregate.

 

I'm not sure about the unsupress-map solution in H2+, where summary supression happens at R18 and R57, as this actual solution uses a route-map for the unsupress-map.... and it seems that a route-map is an invalid result. However, if this is valid, then you can just unsupress the /24 being advertised via network command and redistribute it via E1 instead of E2.

 

On a possible variation, 55 and 56 could block 172.18.1.0/24 via prefix list to their PEs, if that is the case, you don't need to change the metric type in R18 redistribution

If it only ask to block 172.0.0.0/8, then you would end up with 172.18.1.0/24 advertised via 15 and 16, just redistribute these as E2 and Redistribute E1 in R18

 

Or Redistribute both as E1 and increase the redistribution metric on R15/16

Share this post


Link to post
Share on other sites

Hi wowman,

 

Thanks a lot for ur feedback, u know what, the last sentence from ur reply, is the perfect key for this solution.

 

Thank u very much.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...