Image Attached.

Fortunately, I never had to ask anything on the forum right from the day we started our ISP two years back as anything/everything we ever wanted to know/ask was already answered, however for this scenario we seem to be failing to find an answer, to make it easy for people to understand our newly bridged to routed converted setup, I have drawn a simplified version of network for the purpose of this forum post, sure I can share more information as needed.

After having gone through the bridged network nightmare, we tested VPLS/MPLS/OSPF on lots of lots of CHRs on out ESXi, to an extent of moving one of the upstream providers to the CHRs and all worked well.

So we decided to migrate and we did.
We did have countless issues with redistribe option with BGP and OSPF instance which we managed to fix to a great extent, now below is where we are stuck

We only have two /24 public prefixes and are both configured on the edge routers via eBGP with the transit provider, the edge router within themselves have iBGP running.

We have two core PPPoE router serving as PPPoE servers having out NATTed as well as public IPs. All the POP location routers have independent VPLS tunnels landing at both the core routers to carry PPPoE traffic.

PPPoE client 1 configured with a public IP connects to whichever PPPoE server is less loaded and gets s public IP which the pppoe server broadcasts to the edge router because redistribute connected is checked in OSPF
Next time he gets disconnected and reconnects to second PPPoE server and just like the first time, everything works fine.

Now the problem is these /32 public IPs are all being flooded in the entire OSPF and MPLS network (which for sure is not recommended)

If I remove redistribute-connected from the core router OSPF instance, these public IP customers lose internet, as the edge routers don't know how to reach these networks.

I cannot do summarisation with area range on the two core pppoe routers as I don't know which public IP pppoe client will connect where.

I have done summarisation for the CGNAT block after splitting the subnet into two and dedicating each to each router, so that works fine, hence all the NATTed /32s are removed from OSPF and MPLS.

I am feeling that there is some basic network design flaw, being new to this, and having done numerous attempts with CHRs, I seem to have no option left, but to ask the experts in the forum, can someone point me to the right direction?

Hi faast, what i will do is to avoid redistributions in the entire network, and you may want to work with OSPF as an IGP only for quick convergence, load balancing mechanism (ECMP) and distribution for internal loopbacks, the you'll need to configure BGP as an EGP an it will be only one allowed to manage your public block, so you will need at least 1 RouteReflector router to make this transition easy, if not then you'll need to create lots of iBGP sessions between the entire network.

Btw, this Is absolutely true:

Now the problem is these /32 public IPs are all being flooded in the entire OSPF and MPLS network (which for sure is not recommended)

.

Thanks for the response sri2007,

I almost had the same thing in mind but wanted an assurance from the experienced folks, below is what I had in mind if you could confirm is what I should be doing next.

The only four routers handling public IPs at the moment are the two edge routers and the two core pppoe routers, I am planning to make edge1 as RR and edge2 as BRR and run iBGP between the four routers I mentioned.

I am confused about what I should be putting in the network tab while setting up the BGP sessions on the core pppoe routers, should I be putting the two /24 public blocks we have? I have two such blocks so on the each of the four iBGP participating routers, do I need to have both the /24s added under the network tab with redistributed connected checked on the pppoe routers to handle the /32?

As declared in my first post, we are coming from bridged network so we are absolutely new to the iBGP and OSPF work, eBGP is something we understand reasonably.

Hi! In the core pope routers ( considering that those will be dynamic IP address), you can redistribute connected under BGP instance (if you have two separate networks (/24), and all of your customers in the PPPoE 1 will be within the same /24; then you'll only need to advertise the summarize version of that (add to network the /24 prefix without synchronization). If those are for active/backup PPPoE Servers, then i think that the most accurate decision is to redistribute connected under BGP (you may need to apply some extra filters there too)

Thanks, so to make sure it it right.

I will setup iBGP between all the 4 routers in question.

And add both my /24s to the network tab for the edge routers facing two different ISPs each and have nothing in the network tab for the core routers with one exception that the core routers will have the redistribute connected checked, is that right?

Both my core routers are expected to be in active/active mode and any ppp client can connect to either one of them and may belong to any of the two /24s I have.

Well, I'll try to setup up two RRs instead, and you'll need to configure network or aggregate networks at the PPPoE routers which are the one (I think that they handle a unique /24, is that right?, if you do this then you'll be advertising this public block to all of your routers within this network, and if the filters are properly configured then you'll be able to advertise them to your providers, however, I can suggest you that try to setup some kind of communities in case that one provider goes down.