From: Robert Yee (robert@bluespud.com)
Date: Mon May 12 2003 - 03:55:46 GMT-3
Donny,
That is a very good point. You would not have to do mutual redistribution, but I was thinking of a scnario where there would be a lot of discontigous OSPF routes that needed to be injected into BGP and where is would be impractical to add the routes into BGP by using the 'network' command.
I think the tag method would work best.
Thanks again for your help.
Robert
-----Original Message-----
From: Donny MATEO [mailto:donny.mateo@sg.ca-indosuez.com]
Sent: Sunday, May 11, 2003 11:18 PM
To: Robert Yee
Cc: ccielab@groupstudy.com; nobody@groupstudy.com
Subject: Re: how can I prevent my AS from becoming a transit AS? (kinda
long)
why do you have to do mutual redistribution ? If it's for synchorinaztion sake, you can get away with only redistributing BGP to OSPF in both R1 and R2. That way you can easily play with the as-path expression ^$. That should work fine.
Another way is to filter the redistribution from OSPF to BGP on R1 and R2, you can use tag 300 and tag 100 and then filter them accordingly when you redistribute OSPF into BGP on both router.
A third way is to manually filter all the route using prefix-list in both R1 and R2
Regards,
Donny #11189
"Robert Yee"
<robert@bluespud. To: <ccielab@groupstudy.com>
com> cc:
Sent by: Subject: how can I prevent my AS from becoming a transit AS? (kinda long)
nobody@groupstudy
.com
05/12/2003 12:57
PM
Please respond to
"Robert Yee"
Given the following scenario, how can I prevent my AS from becoming a transit AS:
----- -----
|AS100| |AS300|
----- -----
\ /
\ /
---------------------------
| \ / |
| R1----iBGP---R2 |
| \ / |
| \ / |
| OSPF OSPF |
| \ / |
| \ / |
| R3 |
|AS200 (OSPF) |
---------------------------
AS 300 advertises 10.1.1.0 /24 to AS 200 through R2.
The 2 edge routers in AS 200 are running BGP and OSPF. R3 is running OSPF and has numerous routes that it is advertising to R1 and R2. Syncronization in BGP is disabled, so there should be no issue with bgp/ospf sync.
The 2 edge routers are running mutual redistribution between the IGP and EGP.
R2 redistributes 10.1.1.0 /24 from BGP into OSPF. Eventually, this route will reach R1 from OSPF (and from iBGP) and will be redistributed back into BGP from OSPF. Since OSPF has a better AD than iBGP, the OSPF route will be placed into routing table,
and BGP will pick the redisributed route as the best path. This route will then get advertised to AS 100.
Because OSPF is redistributing many routes to BGP, I think the best solution would be to put the following filter-list (skip ditribute-list, prefix-list, route-map) on each edge router:
ip as-path access-list 1 permit ^$
This filter list should only allow routes out that have no AS-PATH attribute associated with it.
This should prevent AS 200 from being a transit area (if we were only running BGP), BUT since we are mutually redistributing, 10.1.1.0 /24 now is seen by BGP on R1 as route w/out an AS-PATH attribute.
Then 10.1.1.0 /24 gets advertised out to AS 100.
Is there any way around this?
This situation would also apply to routes received from As100
This message is for information purposes only and its content
should not be construed as an offer, or solicitation of an offer,
to buy or sell any banking or financial instruments or services
and no representation or warranty is given in respect of its
accuracy, completeness or fairness. The material is subject
to change without notice. You should take your own independent
tax, legal and other professional advice in respect of the content
of this message. This message may contain confidential or
legally privileged material and may not be copied, redistributed
or published (in whole or in part) without our prior written consent.
This email may have been intercepted, partially destroyed,
arrive late, incomplete or contain viruses and no liability is
accepted by any member of the Credit Agricole Indosuez group
as a result. If you are not the intended recipient of this message,
please immediately notify the sender and delete this message
from your computer.
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:41 GMT-3