Jump to content
jami30

H2+ .2.5. Backdoor routing between R18-R57

Recommended Posts

Please can someone tell me the method to route traffic on backdoor link in H2+.

 

I am unable to route traffic on the backdoor link (R18-R57) between subnets 10.2.100.0/24 and 172.18.1.0/24. If I trace 172.18.1.254 from user PC R101 my traffic goes load balanced between MPLS and backdoor link.

 

I know in H2, we summarize /16 on R55 and R56 which is how we achieve the above requirement in H2, but in H2+ we are not allowed to summarize. So how do we achieve this?

Share this post


Link to post
Share on other sites

Please can someone tell me the method to route traffic on backdoor link in H2+.

 

I am unable to route traffic on the backdoor link (R18-R57) between subnets 10.2.100.0/24 and 172.18.1.0/24. If I trace 172.18.1.254 from user PC R101 my traffic goes load balanced between MPLS and backdoor link.

 

I know in H2, we summarize /16 on R55 and R56 which is how we achieve the above requirement in H2, but in H2+ we are not allowed to summarize. So how do we achieve this?

 

Advertise 10.2.100.0/24 under bgp (R18) and 172.18.1.0/24 (R57) and you should be good.

Edited by lelien

Share this post


Link to post
Share on other sites

Here is what I have configured:

On R18 & R57 I have configured summary-only with unsupress-map for /24. Therefore both of them advertise /24 subnet to each other.

On R15 & R16 I have configured summary-only for 10.0.0.0/8.

On R55 & R56 it has preconfigured redistribution in C4C EVE with route map attached.

 

 

Now when I look on SW3 or SW4 for show ip route 172.18.1.0, I get two equal path routes for /24 subnet from MPLS and from Backdoor link. Which means /24 is also learned from MPLS cloud.

 

Therefore when I trace from PC 101 for 172.18.1.254, instead of traffic going via backdoor it gets load balanced.

 

Question states that I cannot summarize on R55/R56 so I am unable to get it working.

Share this post


Link to post
Share on other sites

R101#traceroute 172.18.1.254 pr 2

Type escape sequence to abort.

Tracing the route to 172.18.1.254

VRF info: (vrf in name/id, vrf out name/id)

1 10.2.100.254 2 msec 1 msec

2 10.2.0.9 2 msec

10.2.0.42 2 msec

3 10.254.0.77 7 msec

10.2.0.46 4 msec

4 10.254.0.33 [MPLS: Labels 22/44 Exp 0] 5 msec

172.18.2.254 3 msec

 

--------------------------------------------------------------------------------

 

 

SW4#sh ip route 172.18.1.254

Routing entry for 172.18.1.0/24

Known via "ospf 1", distance 110, metric 2

Tag 65005, type extern 1

Last update from 10.2.0.9 on Vlan164, 00:17:40 ago

Routing Descriptor Blocks:

10.2.0.42, from 10.255.1.18, 00:18:30 ago, via Vlan184

Route metric is 2, traffic share count is 1

Route tag 65005

* 10.2.0.9, from 10.255.1.16, 00:17:40 ago, via Vlan164

Route metric is 2, traffic share count is 1

Route tag 65005

Share this post


Link to post
Share on other sites

Thanks Rajbabu but still i am unable to. Here is my configuration:

 

 

R56 (R55 is also same)

 

ip prefix-list EIGRP seq 5 permit 172.0.0.0/8 le 32 ----this was preconfigured

!

ip prefix-list PF seq 5 deny 172.0.0.0/8------------------I added this PL due to requrement.

ip prefix-list PF seq 10 permit 172.0.0.0/8 le 32

!

route-map JACOBHQ permit 10-------------------------------this was preconfigured

match ip address prefix-list EIGRP-----------------------this was preconfigured

!

route-map JACOBHQ1 deny 10---------------------------this was preconfigured

match ip address prefix-list EIGRP-------------------this was preconfigured

!

route-map JACOBHQ1 permit 20--------------------------this was preconfigured

!

 

 

router eigrp 10

network 172.18.254.2 0.0.0.0

network 172.30.1.56 0.0.0.0

redistribute bgp 65005 metric 1 1 1 1 1 route-map JACOBHQ1 ------------------Preconfigured

!

router bgp 65005

bgp log-neighbor-changes

redistribute eigrp 10 route-map JACOBHQ ---------------------------Preconfigured

neighbor 172.18.253.5 remote-as 65006

neighbor 172.18.253.5 prefix-list PF out

neighbor 172.30.1.55 remote-as 65005

neighbor 172.30.1.55 update-source Loopback0

neighbor 172.30.1.55 next-hop-self

 

 

-------------------------------------------------------------------

 

R56#show ip bgp neighbors 172.18.253.5 advertised-routes | in 172.18.1

*> 172.18.1.0/24 172.18.254.254 281856 32768 ?-------------------As you can see it is /24. In H2 we aggregate and make this /16. But not allowed in H2+

Share this post


Link to post
Share on other sites

Hi,

 

I thinks you should redistribute BGP into OSPF on R15 and R16 as E2 route note E1. and from R18 as E1 route.

 

by this way traffic to 172.18.1.0/24 will be preferred via R18.

 

Hope this answer to your qestion

Share this post


Link to post
Share on other sites

Hi,

 

thank for you message.

 

For this question, we must frist understand the default redistribution metric between ospf & bgp to get a better idea on what is gioing on.

 

let us take this configuration:

 

router bgp 65002

redistribute ospf ------------------------------------------------> here bgp will redistribute only all intra and inter prefixes by default.

 

router ospf 1

redistribute bgp subnets ------------------------------------> the default hiier metric-type ospf E2 (with cost 20, this cost is not important for our labs)

 

 

Now we have a good idea and we can also make luckily a filter based on that.

 

 

In H2+ the sinario is a little bit complex, because off only use aggragate 10.0.0.0 on two exit points from DC on R18 and on R15/16 and the complexity raises when he asks not to use any aggragte command from 65005 on R55/56 as we will see later.

 

 

let us configure first the primary route throuhg R18/57 and therefor i have to sulotion to leak the specific prefix.

Pleas pay attention on the redistribution metric that we will use for that!!!

 

 

Option1: Use suppress-map with aggragate-map and I see this sulotion is the standard but i prefer to use the second one as WEB:

 

R18:

router bgp 65002

network 10.1.2.0 mask 255.255.255.0

aggragate-summary 10.0.0.0 255.0.0 summary-only sepress-map LEAK -----------> Not this is the first summary 10.0.0.0 on R18, and we suppressed prefix from this summay

 

route-map LEAK deny 10 -------> to deny the prefix from aggragate command.

match ip address prefix LEAK

route-map LEAK permit 20 -------> to aggaragate others prefixes

 

ip prefix LEAK permit 10.1.2.0/24

 

Option2: use unsuppress-map on a neighbor command:

router bgp 65002

network 10.1.2.0 mask 255.255.255.0

aggragate-summary 10.0.0.0 255.0.0 summary-only

neighbor 10.x.x.x unsuppress-map LEAK

route-map LEAK permit10 -------> we use here permit

match ip address prefix LEAK

ip prefix LEAK permit 10.1.2.0/24

 

 

For ospf:

router ospf 1

redistribute bgp subnets metric-type 1 ------> note here we use E1, please keep that in mind.

summary-address 10.0.0.0 255.0.0.0 not-advertise ------> this prefix is preduced from aggregate-command on bgp, It make no sence to have it again in the same domain DC so we use not- advertise at the end of the summary-address command into ospf

 

Now move to R57:

 

The same policy 2 option we can use it again in the new prefixes: I will use the second one:

 

router bgp 65006

network 172.18.1.0 mask 255.255.255.0

aggragate-summary 172.0.0.0 255.0.0 summary-only

neighbor 10.x.x.x unsuppress-map LEAK

route-map LEAK permit10 -------> we use here permit

match ip address prefix LEAK

ip prefix LEAK permit 1172.18.1.0/24

 

For EIGRP:

 

router eigrp 10

redistribute bgp 65005 metric 10000 100 255 1 1500 ---------------> Please this metric in mind, becase we have here to prefixes from bgp on R18: 10.0.0.0, 10.2.1.0/24. the summary 10.0.0.0 we will have it again on R55/56 from R15/16 and we wii use on R55/56 the same eigrp metric or one that better from this.

distrbute prefix DENY out -----------------> this is again to deny the prefix 172.0.0.0, to not have it at the same domain from aggragate-address bgp on R57.

 

ip prefix-list DENY deny 172.0.0.0/24

ip prefix-list permit 0.0.0.0/0 le 32

 

 

Now you can ping safaly from R101 to vlan 172.18.1.254.

 

 

At the same domain DC and moving to R15/16:

 

On all devices in DC we have already got 172.18.1.254 and not 172.0.0.0 (becuse of summary-address not-advertised in ospf on R18)

 

redistribute bgp into ospf:

 

router ospf 1

redistribute bgp 65002 subnets ------------------> Now we have redistributed all bgp prefixes as the default metric and here E2 and we had it arleady as E1 on R18

from those prefixes 172.18.1.0/24 because the requirements demands not to aggragate command on R55/56 from 65005

Now we have the same prefixes 172.18.1.0/24 but this time with to diffrent ospf metric types E1/E2 and the prefer one is E1 as you know.

So all the device will use a route throuhg R18-57 that has E1 metric

 

 

 

redistribute ospf into bgp:

 

router bgp 65002

redistribute ospf 1 subnets -----------------> Note that we use here the default metric redistribution and it is only intra and internal ospf prefixes to be on a safe side and not redistriute the ospf E1/2

again into backbone

aggragate-address 10.0.0.0 255.0.0.0 summary-only

 

 

Now moving to damin 65005 on R55/56:

 

there is a pre-config redistribution between bgp and eigrp and filter command to permit the prefixes to bgp and deny them into 65005. and this is in exam correct so pleas don't touche it.

 

But we must take a close look at the metric eigrp redistribution, we will finde that the exam use the default metric eigrp 1 1 1 1 1

 

router bgp 65005

redistribute eigrp 10

router eigrp 10

redistribute bgp 65005 metric 1 1 1 1 1 -------> this is not correct and i will explain why?

 

the domain 65005 will get the prefix 10.0.0.0 from R57 and from R55/56

 

we have already used as you saw it. the eigpr redistribution metric on R57 10000 100 1 255 1500

and the exam use the default metric 1 1 1 1 1

 

What do you think, What will the devices in 65005 will choose the route for 10.0.0.0 or lets say to all prefixes that belong to 10.0.0.0 except 10.2.1.0/24??

 

Clearly, All the deveices will prefer the R57-18 primary route over the MPLS backbone and this violate the requirement.

 

So do make MPLS the prefer path. we can use either the same metric, because the VLAN interface is alway prefer over ethernet interface because its default bandwidth

or we cand user a better metric by manipulate either the bandwidh or delay.

 

Let us change the delay to make better than that which is on R57:

 

to remind:

R57

router eigrp 10

redistribute bgp 65005 10000 100 255 1 1500 -----------------> note here the delay is 100

 

On R55/56:

we will change the default metric 1 1 1 1 1

 

router eigrp 10

redistribute bgp 65005 10000 10 255 1 1500 -----------------> note here the delay is 10 to make it the better metric

 

And thus all deveices will choose the MPLS path and the other which through R18/57 the backup for the prefix 10.0.0.0/8

 

 

That is it.

 

All the bests

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...