In short I have been doing a networking lab with route leaking using OSPF. To keep things simple the idea has been to use only BGP and OSPF as dynamical routing protocols. The OSPF redistribution router has 2 OSPF processes and can do mutual redistribution between these two running OSPF processes. The redistribution router has following tasks:
- OSPF process 1 has to pick up the default route from the global routing table and redistribute it into the OSPF process 10, the local routing table
- OSPF process 10 has to pick up OSPF prefixes from the local routing table and redistribute to the global routing table OSPF process 1
Almost all things have worked with mutual redistribution, but the default route redistribution did not work as expected . Redistributing 0.0.0.0/0 did not work with following:
- distribute lists
- prefix-lists
- route-maps
- access-lists
After reading further documentation I have found Ivan's Papelnjak's blog post about this process, and have discovered a additional documentation about OSPF Redistribution among different OSPF processes. At this point the RFC1925 comes to mind paragraph (8) It is more complicated than you think.
A few days a more simpler solution came to my mind. Each routing process advertises the default network route instead of redistributing it. The simpler solution has been to advertise a default route to the local OSPF process with higher OSPF metrics. The default route in the global routing tables has lower OSPF metrics. Interesting has been, which I have not been aware of, IOS tagged routes have their tag still attached after redistribution. The redistribution router has following configuration:
configure terminal
!
!global routing table
!
router ospf 1
router-id 10.255.255.200
auto-cost reference-bandwidth 1000
redistribute ospf 10 subnets
!
!local routing table
!
router ospf 10
router-id 10.0.3.0
auto-cost reference-bandwidth 1000
default-information originate always metric 10000
!
end
The redistribution is done in the global router ospf 1 process. Importing IP OSPF prefixes from router ospf 10 process, using following command:
redistribute ospf 10 subnets
The local ospf process router ospf 10, advertises the default route with the command:
default-information originate always metric 10000
The default route metric in the global routing table is set to 1000 which is a smaller value than metric of 10000. This is what has been configured on the router that is doing route leaking . Leaking routes from the local routing table to the global routing table. This router has 2 separate OSPF processes, and is lacking MPLS/BGP/VRF configuration.
The router that has MPLS/BGP/VRF configuration is directly attache to the mutual redistribution router, uses following router configuration:
configure terminal
!
!local routing table
!
router ospf 10 vrf vpn10
router-id 10.0.3.2
auto-cost reference-bandwidth 1000
redistribute bgp 65001 subnets tag 200
!
!global routing table
!
router ospf 1
router-id 10.255.255.1
auto-cost reference-bandwidth 1000
!
!bgp routing table
!
router bgp 65001
bgp router-id 10.255.255.1
bgp log-neighbor-changes
neighbor 10.255.255.60 remote-as 65001
neighbor 10.255.255.60 update-source Loopback0
neighbor 10.255.255.61 remote-as 65001
neighbor 10.255.255.61 update-source Loopback0
!
address-family ipv4
neighbor 10.255.255.60 activate
neighbor 10.255.255.61 activate
maximum-paths ibgp 4
exit-address-family
!
address-family vpnv4
bgp nexthop trigger delay 0
neighbor 10.255.255.60 activate
neighbor 10.255.255.60 send-community both
neighbor 10.255.255.61 activate
neighbor 10.255.255.61 send-community both
exit-address-family
!
address-family ipv4 vrf vpn10
network 0.0.0.0
exit-address-family
!
end
The default route again is not redistributed from local routing table router ospf 10. The BGP process announces the default route with the command:
address-family ipv4 vrf vpn10
network 0.0.0.0
exit address-family
This way the default route is send to the BGP route reflectors. The BGP route reflectors announce the default route to the BGP route reflector clients.
MikroTik distributes a free to use appliance with its RouterOS called operating system. This virtual appliance, called CHR, can be downloaded at the gn3 marketplace website or directly on the MikroTik website. It can be run using QEMU or using GNS3. The free CHR router has a maximal 1Mbit/s throughput. But that is enough to configure a virtual lab with 2 or more CHR routers using a dynamic routing protocol.
The networking scenario is easy, it is using 2 directly connected CHR appliances, via the ether1 interface. Direct point to point connection. Each router has additionally configured ip loopback address and announces the IP prefix to its neighbor.
loopback loopback
10.255.255.1/32 10.255.255.2/32
+-------+ +-------+
| | eth1 10.0.0.0/30 eth1 | |
| R1 |-----------------------------------| R2 |
| | .1 .2 | |
+-------+ +-------+
user: admin
<blank password>
For first steps, read the friendly manual
- set hostname R1 and R2
- configure a loopback0 interface
- add ip addresses to interfaces
Enter following configuration commands on R1:
/system identity set name=R1
/interface bridge add name=loopback0
/ip address
add address=10.255.255.1/32 interface=loopback0
add address=10.0.0.1/30 interface=ether1
Enter configuration commands on R2:
/system identity set name=R2
/interface bridge add name=loopback0
/ip address
add address=10.255.255.2/32 interface=loopback0
add address=10.0.0.2/30 interface=ether1
Show current ip configuration using the ip address print command:
ip address print
[admin@R1] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 10.255.255.1/32 10.255.255.1 loopback0
1 10.0.0.1/30 10.0.0.0 ether1
Verify connectivity on directly connected interfaces on R1:
[admin@R1] > ping 10.0.0.2 count=2
SEQ HOST SIZE TTL TIME STATUS
0 10.0.0.2 56 64 1ms
1 10.0.0.2 56 64 1ms
sent=2 received=2 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=1ms
Connectivity check from R2:
[admin@R2] > ping 10.0.0.1 count=2
SEQ HOST SIZE TTL TIME STATUS
0 10.0.0.1 56 64 0ms
1 10.0.0.1 56 64 1ms
sent=2 received=2 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=1ms
- configure OSPF process
- advertise loopback interfaces
- advertise transfer network
- add networks to the area 0, backbone area
Configure on R1:
routing ospf network add network=10.255.255.1/32 area=backbone
routing ospf network add network=10.0.0.0/30 area=backbone
Configure on R2:
routing ospf network add network=10.255.255.2/32 area=backbone
routing ospf network add network=10.0.0.0/30 area=backbone
Verify the routing table, using the ip route print command:
[admin@R1] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 10.0.0.0/30 10.0.0.1 ether1 0
1 ADC 10.255.255.1/32 10.255.255.1 loopback0 0
2 ADo 10.255.255.2/32 10.0.0.2 110
R2's loopback interface address 10.255.255.2 should appear in the routing table of R1:
[admin@R1] > routing ospf route print
# DST-ADDRESS STATE COST GATEWAY INTERFACE
0 10.0.0.0/30 intra-area 10 0.0.0.0 ether1
1 10.255.255.1/32 intra-area 10 0.0.0.0 loopback0
2 10.255.255.2/32 intra-area 20 10.0.0.2 ether1
Show OSPF neighbors:
[admin@R1] > routing ospf neighbor print
0 instance=default router-id=10.0.0.2 address=10.0.0.2 interface=ether1
priority=1 dr-address=10.0.0.1 backup-dr-address=10.0.0.2 state="Full"
state-changes=5 ls-retransmits=0 ls-requests=0 db-summaries=0
adjacency=40m7s
[admin@R2] > routing ospf neighbor print brief
# ROUTER-ID ADDRESS STATE STATE-CHANGES
0 10.255.255.1 10.0.0.1 Full 5
For directly connected OSPF neighbors, there is no need for BDR DR elections. The directly connected link on will be set to point-to-point. This should improve the convergence time of OSPF.
On both routers, R1 and R2 add the following:
/routing ospf interface add network-type=point-to-point
Additionally set the OSPF router-id on R1:
/routing ospf instance
set default router-id=10.255.255.1
Set the OSPF router-id on R2 too:
/routing ospf instance
set default router-id=10.255.255.2
Verfiy the dr-address and backup-dr-address OSPF neighbor output, it is set to 0.
[admin@R2] > routing ospf neighbor print
0 instance=default router-id=10.255.255.1 address=10.0.0.1 interface=ether1
priority=1 dr-address=0.0.0.0 backup-dr-address=0.0.0.0 state="Full"
state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0
adjacency=2h48m9s
How to prevent the /work folder from getting deleted using standard portage tools?
Add the FEATURES=keepwork to the /etc/portage/make.conf file. The full list of available make.conf FEATURES also described in the man files:
man make.conf