OSPF Default Route

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
We recently had a network event where a card in our core switch would not lock OSPF neighbors. I ended up rebooting this card and was able to restore services. However, I am confused why the network didn't alter the default route in the rest of our routers to redirect traffic. I have attached a simple diagram, red routers are ospf and green routers include BGP. My problem was the link between the green routers and when I tried to get traffic in a peer on the north side(north is up, right?!?) destined for a customer attached via BGP on the south peer, it goes from green to the red just north of it, once it got there, it didn't have a route in it's table for that southern peer, it only has the default route.

So...should it recalculate the default route or should I see a route in the routing table on that first hop away from the green so it doesn't use the default route. The default route is viable so I'm not sure that truly needs recalculated. I do have the following commands on the south BGP router:

enable ospf export e-bgp ExportToBGP
enable ospf export i-bgp ExportToBGP

that policy just states that all networks are accepted:
    permit;
    cost 2;   
    cost-type ase-type-1;




Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,784 Points 10k badge 2x thumb
Hi,

I'm not sure to fully understand the network diagram. Is that diagram your whole AS, or are there different AS in it?

I'm assuming this is a single AS. So, tell me if I got it right: traffic coming from the upper ring, with a destination to a remote customer connected to the lower green BGP router, would reach the upper green router, and from there it goes to the red router just above it (directly connected to it) and stops there. Correct?

That red router has a default route, as you said, but pointing to what router? From what that default originate? Is it a static route created somewhere and redistributed in OSPF, is it originated from your BGP routers? Which one? Both? What about metric?

Do your BGP routers have an iBGP peering? Did you configure that peering on their loopback, which are redistributed in your OSPF? Do you have next-hop-self set on your iBGP?
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
essentially one AS, we have a customer connected to both green routers with a private AS...when one peer goes down they just route through the other one. So both green routers receive routes for all networks, say A/24, B/24 and C/24 but one router will get 3 prepends for a subnet and the other will get one prepend so it will send A & B north and C south...one fails, they all default to the other peer. 

Your statement about directions is correct. the default route on router just north of northern green points back to the green router. when I do a show iproute it says it originates from ospf. yes, the green routers have an I-peer setup, that is where it decides to send the traffic when it starts the routing process but when it hits the first red router, it gets pointed back where it came from. The peers are setup on the loopback interface and the only way to distribute that is ospf. both routers are setup with next-hop-self.
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,784 Points 10k badge 2x thumb
On that red router north the upper green, do you have A, B and C prefix? I mean, are the BGP prefixes redistributed in your IGP?

So, if I understand correctly, the traffic load-balancing is performed by your customer, via AS-Path prepending? You do not control your exit point with local-preference?

The point here is that none of your green router was down, nor the BGP links. So their advertisements were still correct. Are you sure the loopbacks of the green routers are redistributed into OSPF? Not via a static route on the directly connected link between them (for example)?
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
i don't see the prefixes, that's why it's falling back to the default route. 

correct, all based on prepends.

a card on north green router was not passing traffic but did not fault EAPS, however that happens. This issue with traffic caused the customer BGP session to fail, which is part of the problem but not entirely. When I rebooted that card, all bgp sessions came back up...but in the midst of trying to restore services, i had disabled the interface with the X. When the card came online, all was well but I couldn't reach some of the customers networks. It would route to the first red router away and come back. When I enabled that port, things came back as expected...i'm just concerned that a fiber cut between those locations would cause an issue in the future. Also..now, when i do a show iproute a/24, it will show the actual P2P interface to the south router and not the loopback IP.
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,784 Points 10k badge 2x thumb
Why do you need EAPS? Isn't it all routed?
I'd be interested in seeing the RIB of the BGP routers for the "faulty" prefixes, and the loopback, and have a view of the RIB from the OSPF router. The BGP config as well, if possible.
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
sorry for the delay here. A bit of an amateur mistake, not sure it should have any effects but maybe not the best way about it. We have a peer with a customer on both routers using private AS and private IP space, nothing except the E peers use public IP's so in order to cut down on static routes or matching private IP spacing I have a single /30 with the customer protected with EAPS...one interface on their router and one interface on our BGP Router. Is there a way I can message that info to you or is it best to just pull the output and clean it of any data I don't want published? RIB Meaning you want the whole routing table?
Photo of Tripathy, Priya Ranjan

Tripathy, Priya Ranjan, ESE

  • 2,306 Points 2k badge 2x thumb
Apart from what Stephane has to say whether any loopbacks of  these green routers are redistributed into OSPF or not. We can also need to identify the default route injection if taking place or not. Actually Default route is injected to OSPF domain only if that router has a default route in it. Also Router will originate a default route only if it has the routes permitted in route-map.
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
what is the best way for me to share this data with the two of you?
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,784 Points 10k badge 2x thumb
Hi, sorry, forgot to answer. A full RIB with BGP routers is usually a bad idea :) I'm just interested in the prefixes causing pb and the default, with the info of the next-hop as well for each prefix. I don't need the real IPs, as long as you keep it consistent. So, if you can extract that info, stating clearly what router has what, just post it here.
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
I posted another reply below, let me know if there is anything else I can share. thanks again for your help!
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
Let me know where I can offer more detail.

Thank you to both of you!
Photo of EMES

EMES

  • 280 Points 250 badge 2x thumb
I Believe this to be resolved. The two BGP Routers did not have a protected path for talking when the link was down. 

This article, has a different point overall, outlines what I saw.

https://mpreath.wordpress.com/2014/10/04/how-mpls-reduces-routes-bgp-free-core/
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 12,784 Points 10k badge 2x thumb
Hi,

sorry I didn't come back to you before, the RIB was not very helping without knowing the BGP loopback addresses and the presence of the loopback in the IGP: what was my hint as your problem.

Looks like you have found it, good. I understand this was the reason, is it correct?

Regards,