IOS fossils: OSPF-to-BGP redistribution

Here’s a weird requirement that you could get on a really hard CCIE preparation lab (and hopefully never in a live network): redistribute external OSPF routes from selected ASBRs into BGP without using a route-map on the redistribution router.

For example, assuming R1 and R2 insert external routes into OSPF, you want only routes from R1 to be redistributed into BGP on R3, but you cannot use route-maps on R3.

Answer: OSPF external routes with tags greater than 3758096384 are not redistributed into BGP.

Solution: You can set the OSPF route tags on the originating ASBRs with the redistribute … tag value router configuration command and the router performing OSPF-to-BGP redistribution configured with redistribute ospf pid performs automatic filtering.

Sample configurations: The following printouts contain OSPF router configuration on R1 and R2:

R1#show run | section router ospf
router ospf 1
 log-adjacency-changes
 redistribute static subnets
 network 10.0.0.0 0.255.255.255 area 0

R2#show run | section router ospf
router ospf 1
 log-adjacency-changes
 redistribute static subnets tag 3758096385
 network 0.0.0.0 255.255.255.255 area 0

You can inspect the OSPF external routes on R3 and verify that only one of them gets inserted into BGP even though all OSPF external routes should be redistributed.

R3#show run | section router bgp
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 redistribute ospf 1 match external 1 external 2
 neighbor 10.0.1.1 remote-as 65000

R3#show ip ospf data external | inc Link State|Tag
                Type-5 AS External Link States
  Link State ID: 10.2.1.0 (External Network Number )
        External Route Tag: 3758098606
  Link State ID: 10.2.2.0 (External Network Number )
        External Route Tag: 0

R3#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.2.2.0/24      10.0.7.10               20         32768 ?

By now you’re probably wondering what’s going on? The behavior is the result of section 4.4.6 of RFC 1403 (3758096384 = 14 * 2^28), which is over 16 years old (and that’s the reason this post belongs to “IOS Fossils”)

9 comments:

  1. :) nice findings

    regards
    shivlu jain

    ReplyDelete
  2. Thanks. It was an interesting archaeological exercise ;)

    ReplyDelete
  3. good findings :-)

    ReplyDelete
  4. Hey I was wondering if you could refer someone (or if you yourself might be interested) for a position I have available in Milwaukee WI for a certified CCIE (written & lab, must have #). This is an immediate need and we're looking for a full-time hire. Please get back to me, I can be reached at gblackman@visiongroupllc.com. Thanks.

    Best Regards,

    Gavin Blackman
    Managing Partner / Recruiting
    Vision Group Associates, LLC
    gblackman@visiongroupllc.com

    ReplyDelete
  5. Ivan,
    my question is not related on this topic, but I have a question about OSPF. Something that I can't handle with. I tried to find more information about that but unfortunately unsuccessful.

    I've noticed that some OSPF LSAs have "routing bit" set on. I checked and realized that there is no such thing in OSPFs RFC. I can't understand what is it's purpose?

    Thanks in advance!

    ReplyDelete
  6. Is there any document, like the RFC1403 for OSPF, describing BGP RIP Interaction, and BGP EIGRP Interaction?

    ReplyDelete
  7. @Anonymous #2: in the writing pipeline. Have to do a few more tests.

    @Anonymous #3: RIP was too dumb at the time when they felt the need to document the BGP-IGP interaction and EIGRP is a proprietary protocol.

    ReplyDelete
  8. To the Anonymous who said: 'I've noticed that some OSPF LSAs have "routing bit" set on. I checked and realized that there is no such thing in OSPFs RFC. I can't understand what is it's purpose? '
    On CCIE TCP/IP Volume I, I found this:
    'The routing bit is not a part of the LSA itself; it is an internal maintenance bit used by IOS indicating that the route to the destination advertised by this LSA is valid. So when you see "Routing Bit Set on this LSA," it means that the route to this destination is in the routing table.'
    I hope the Cisco press won't mind if I inserted some of excerpt from the book. Hope the remark was helpful.

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.