Community discussions

MikroTik App
  4. RouterOS
  5. Forwarding Protocols

[SOLVED] IBGP over OSPF Single POP ISP Problems

Post Reply
 
alex_rhys-hurn
Member
Member
Topic Author
Posts: 352
Joined: Mon Jun 05, 2006 8:26 pm
Location: Kenya
Contact:
Contact alex_rhys-hurn

[SOLVED] IBGP over OSPF Single POP ISP Problems

Tue Aug 21, 2018 11:55 am

Hi Guys,

I am having trouble, and hope you guys can help. Thanks in advance.

I am building a network following a design for a POP which I saw at a peering meeting recently (I am sure you are familliar with it). We are a single POP now, but will add more as we go.
POP-Topology.png
All devices are mikrotik, running 6.42.6
I use OSPF on Backbone0&1, Border0, ISP Services, Aggregation, NOC is statically routed for now. OSPF has formed neighbours throughout, and I advertise the Loopback and the local /29s on each physical link. I can see and trace/ping to all devices. All of these are in OSPF AREA1. Each /29 is publicly addressed.

Each router has Loopback interface and Public IP with /32, they are reachable throught the OSPF network.

Then, Border0 is doing EBGP with Transit provider, our Public ASNumber is used and we annound a /22v4 and a /48v6. Route filters are in place, Border sends default route to RR as default originate always.

Backbone0 and Backbone1 are configured as Route Reflectors and are doing ibgp, and are currently have no clusterID set. Each Peer on the BB Rtr has Route Reflect Set, and the Instance has Client to Client Reflection set. All routers are using peer to Loopback address, and have the public AS configured.
BGP Clients peer with each RR and have client to client unset.

Some configs:
Backbone/RR Instance:
Code: Select all
 name="default" as=328162 router-id=160.119.216.106 redistribute-connected=no redistribute-static=no 
      redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no out-filter="" 
      client-to-client-reflection=yes ignore-as-path-len=no routing-table=""
Each Client advertises only its downstream subnet eg, to DNS Recursor and to Client/Customer.

Backbone/RR Peer:
Code: Select all
 name="access-aggregation" instance=default remote-address=160.119.216.111 remote-as=328162 tcp-md5-key="" 
     nexthop-choice=default multihop=no route-reflect=yes hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip update-source=loopback default-originate=always remove-private-as=no as-override=no 
     passive=no use-bfd=no
Access/Aggregation Instance:
Code: Select all
 name="default" as=328162 router-id=160.119.216.111 
      redistribute-connected=no redistribute-static=no redistribute-rip=no 
      redistribute-ospf=no redistribute-other-bgp=no out-filter="" 
      client-to-client-reflection=no ignore-as-path-len=no routing-table=""
Access/Aggregation Peer:
Code: Select all
name="backbone0_peer" instance=default remote-address=160.119.216.106 
     remote-as=328162 tcp-md5-key="" nexthop-choice=default multihop=no 
     route-reflect=no hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip update-source=loopback default-originate=never
     remove-private-as=no as-override=no passive=no use-bfd=no
My problem is that sometimes I can reach devices in the ISP Services LAN and Aggregation Customers, and sometimes not. It seems to flip flop between them. E.g. 160.119.216.204 is DNS recursor in ISP Services, and 160.119.216.178 is a customer CPE. If I can reach one I cant reach the other. Sometimes I can log in to routers via their Loopback addresses, and sometimes not. But they are always pingable.

I have a question on whether the BGP routes should be in the same table as the OSPF routes, or wether they should be in a different table.

Aggregation Router Routes
Code: Select all
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADb  0.0.0.0/0                          160.119.216.106         200
 1 ADo  160.119.216.0/29                   160.119.216.57          110
 2 ADo  160.119.216.8/29                   160.119.216.65          110
 3 ADo  160.119.216.24/29                  160.119.216.65          110
                                           160.119.216.57    
 4 ADo  160.119.216.32/29                  160.119.216.57          110
 5 ADo  160.119.216.40/29                  160.119.216.65          110
 6 ADC  160.119.216.56/29  160.119.216.62  access_to_backb...        0
 7 ADC  160.119.216.64/29  160.119.216.70  access_to_backb...        0
 8 ADo  160.119.216.80/29                  160.119.216.57          110
 9 ADo  160.119.216.88/29                  160.119.216.65          110
10 ADo  160.119.216.104/32                 160.119.216.65          110
                                           160.119.216.57    
11 ADo  160.119.216.106/32                 160.119.216.57          110
12 ADo  160.119.216.107/32                 160.119.216.65          110
13 ADC  160.119.216.111/32 160.119.216.111 loopback                  0
14 ADo  160.119.216.112/32                 160.119.216.65          110
                                           160.119.216.57    
15  DC  160.119.216.128/30 160.119.216.129 sfp1                    255
16  DC  160.119.216.144/30 160.119.216.145 sfp2                    255
17 ADC  160.119.216.176/30 160.119.216.177 ether9                    0
18 ADb  160.119.216.192/28                 160.119.216.112         200
Backbone Routes
Code: Select all
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADb  0.0.0.0/0                          160.119.216.104         200
 1 ADC  160.119.216.0/29   160.119.216.6   ether1                    0
 2 ADo  160.119.216.8/29                   160.119.216.1           110
                                           160.119.216.30    
 3 ADC  160.119.216.24/29  160.119.216.25  ether2                    0
 4 ADC  160.119.216.32/29  160.119.216.33  ether3                    0
 5 ADo  160.119.216.40/29                  160.119.216.30          110
 6 ADC  160.119.216.56/29  160.119.216.57  ether5                    0
 7 ADo  160.119.216.64/29                  160.119.216.62          110
                                           160.119.216.30    
 8 ADC  160.119.216.80/29  160.119.216.81  ether7                    0
 9 ADo  160.119.216.88/29                  160.119.216.86          110
                                           160.119.216.30    
10 ADo  160.119.216.104/32                 160.119.216.1           110
11 ADC  160.119.216.106/32 160.119.216.106 loopback                  0
12 ADo  160.119.216.107/32                 160.119.216.30          110
13 ADo  160.119.216.111/32                 160.119.216.62          110
14 ADo  160.119.216.112/32                 160.119.216.86          110
15 ADb  160.119.216.128/26                 160.119.216.111         200
16 ADb  160.119.216.192/28                 160.119.216.112         200
17 A S  ;;; UTM - NOC Module
        160.119.216.224/27                 160.119.216.38            2
Any info much appreciated.

Regards to all,

Alex
You do not have the required permissions to view the files attached to this post.
Top
 
alex_rhys-hurn
Member
Member
Topic Author
Posts: 352
Joined: Mon Jun 05, 2006 8:26 pm
Location: Kenya
Contact:
Contact alex_rhys-hurn

Re: [SOLVED] IBGP over OSPF Single POP ISP Problems

Wed Aug 22, 2018 11:18 pm

Hi,

I have solved my issues.
This post: viewtopic.php?t=97491 sorted it out.
Few things:
1: I had routing loops due to default route problems in ibgp, moving default routing to ospf sorted it.
2: Then I ran in to the issue where Mikrotik will not bring the default route from EBGP to OSPF (version 6.42.6) and seems to be a known issue, but nearly 1 year later is still there.
3: I made my problem worse by have route reflect marked on the peer between the Route Reflectors as well. My Bad.

All in all a very useful thread by people who know what there doing. Thanks to all.

Alex
Top
 
sri2007
Member Candidate
Member Candidate
Posts: 206
Joined: Wed May 20, 2015 10:14 pm
Location: Lake Grove, NY

Re: [SOLVED] IBGP over OSPF Single POP ISP Problems

Wed Sep 05, 2018 5:41 pm

Hi! I thing that the best solution for you will be testing this new drawing, it's one of our most stable and scalable designs that we've done before. And checking your things:

First one:
Few things:
1: I had routing loops due to default route problems in ibgp, moving default routing to ospf sorted it.
I totally recommend using that default route with iBGP instead of OSPF, just let that the OSPF handle the convergence or loopback distribution at your networks.

Second one:
2: Then I ran in to the issue where Mikrotik will not bring the default route from EBGP to OSPF (version 6.42.6) and seems to be a known issue, but nearly 1 year later is still there.
That will be fixed if you configure iBGP sessions between all of your routers to each RouteReflector.

Check this image which may be really helpful for you:

Image
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 18 guests
  4. RouterOS
  5. Forwarding Protocols