Routing
Highlighted
Routing

OSPF routing issues

‎09-25-2017 06:02 AM

Hi,

 

Need your help with the attached scenario I am currently testing in a lab. 

 

LSA-1 X.X.X.X/24 is advertised by CE-3 to PE-3 which is redistributed from OSPF to BGP on the PE-3. PE-3 advertise the prefix to both PE-1 and PE-2. Both PE-1 and PE-2 advertise the prefix to their respective CEs. However, both CE-1 and CE-2 have backdoor OSPF connectivity to each other. The following occurs:

  • CE-1 learns the X.X.X.X/24 route as Inter-area route which it then advertised to CE-2
  • CE-2 prefers CE-1 to reach X.X.X.X/24
  • CE-2 advertise the route to PE-2
  • PE-2 learn the route from CE-2 and also PE-3
  • Due to route preference (AD), OSPF route is preferred on PE-2 which it then advertise back to BGP
  • PE-1 sees the route from PE-2 and PE-3 but still prefers PE-3 due to BGP metric.

When I shutdown the link between CE-1 and PE-1; CE-1 learns X.X.X.X/24 from CE-2. No routing loop in this case. When I re-active the CE-1 -- PE-1 link, CE-1 still prefers CE-2 to reach X.X.X.X/24 and the whole routing loop process start all over but in this case on PE-1.

 

I have configured tags to prevent loops but that doesn't seems to be working. I have configured domain-vpn-tag but that doesn't work as that is applicable to LSA type 5 and 7. I have tried using different ospf processes with redistribution between each other, still not working as expected.

 

Could anyone share an insight into this please?

 

Thanks. 

 

 

 

 

Attachments

4 REPLIES 4
Highlighted
Routing

Re: OSPF routing issues

‎09-25-2017 07:30 AM

Hello,

We need to see Your configs, but OSPF DN-bit set in LSA3 by PE-1 would have prevented this:


@simpnet wrote:

 

  • Due to route preference (AD), OSPF route is preferred on PE-2 which it then advertise back to BGP

 

 

 


If DN-bit is set, then PE-2 would have ignored this LSA.

Please post the configs and following printout from PE-2:

 

show ospf database extensive instance <VRFname where OSPF is enabled>

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Routing

Re: OSPF routing issues

‎09-25-2017 07:55 AM

Hi aarsenlev, 

 

Thanks for looking into this.

 

As requested, please see the configurations below.

================

PE-1 Configurations

=================

set routing-instances VRF-LAB instance-type vrf
set routing-instances VRF-LAB interface em1.0
set routing-instances VRF-LAB route-distinguisher 65535:1000
set routing-instances VRF-LAB vrf-import VRF-LAB-IMPORT
set routing-instances VRF-LAB vrf-export VRF-LAB-EXPORT
set routing-instances VRF-LAB vrf-table-label
set routing-instances VRF-LAB routing-options auto-export
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast export OSPF-EXPORT
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast import OSPF-IMPORT
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast area 0.0.0.0 interface em1.0
set routing-instances VRF-LAB protocols ospf3 export OSPF-EXPORT
set routing-instances VRF-LAB protocols ospf3 import OSPF-IMPORT
set routing-instances VRF-LAB protocols ospf3 area 0.0.0.0 interface em1.0


set policy-options policy-statement OSPF-EXPORT term 10 from protocol bgp
set policy-options policy-statement OSPF-EXPORT term 10 then tag 65535
set policy-options policy-statement OSPF-EXPORT term 10 then accept
set policy-options policy-statement OSPF-IMPORT term 10 from protocol ospf3
set policy-options policy-statement OSPF-IMPORT term 10 from tag 65535
set policy-options policy-statement OSPF-IMPORT term 10 then reject
set policy-options policy-statement OSPF-IMPORT term 1000 then accept

 

 

==================

PE-2 Configurations

==================

set routing-instances VRF-LAB instance-type vrf
set routing-instances VRF-LAB interface em3.0
set routing-instances VRF-LAB route-distinguisher 65535:1000
set routing-instances VRF-LAB vrf-import VRF-LAB-IMPORT
set routing-instances VRF-LAB vrf-export VRF-LAB-EXPORT
set routing-instances VRF-LAB vrf-table-label
set routing-instances VRF-LAB routing-options auto-export
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast export OSPF-EXPORT
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast import OSPF-IMPORT
set routing-instances VRF-LAB protocols ospf3 realm ipv4-unicast area 0.0.0.0 interface em3.0
set routing-instances VRF-LAB protocols ospf3 export OSPF-EXPORT
set routing-instances VRF-LAB protocols ospf3 import OSPF-IMPORT
set routing-instances VRF-LAB protocols ospf3 area 0.0.0.0 interface em3.0


set policy-options policy-statement OSPF-EXPORT term 10 from protocol bgp
set policy-options policy-statement OSPF-EXPORT term 10 then tag 65535
set policy-options policy-statement OSPF-EXPORT term 10 then accept
set policy-options policy-statement OSPF-IMPORT term 10 from protocol ospf3
set policy-options policy-statement OSPF-IMPORT term 10 from tag 65535
set policy-options policy-statement OSPF-IMPORT term 10 then reject
set policy-options policy-statement OSPF-IMPORT term 1000 then accept

 

================

CE-1 Configurations

================

interface GigabitEthernet1/0
description *** TO PE-1 ***
ip address 30.1.1.2 255.255.255.252
negotiation auto
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface GigabitEthernet2/0
description *** TO CE-2 ***
ip address 30.1.1.9 255.255.255.252
negotiation auto
ipv6 enable
ospfv3 cost 100
ospfv3 1 ipv4 area 0

 

router ospfv3 1
router-id 100.100.100.102
!
address-family ipv4 unicast
exit-address-family

 

================

CE-2 Configurations

================

interface GigabitEthernet3/0
description *** TO PE-2 ***
ip address 30.1.1.6 255.255.255.252
negotiation auto
ipv6 enable
ospfv3 1 ipv4 area 0
!
interface GigabitEthernet3/0
description *** TO CE-1 ***
ip address 30.1.1.10 255.255.255.252
negotiation auto
ipv6 enable
ospfv3 cost 100
ospfv3 1 ipv4 area 0

 

router ospfv3 1
router-id 100.100.100.101
!
address-family ipv4 unicast
exit-address-family

 !

 

 

Thanks.

Highlighted
Routing

Re: OSPF routing issues

‎09-25-2017 12:59 PM

Hello,

In Your OP You mentioned "OSPF" which usually means "OSPFv2" RFC 2328.

However, Your configs show You are using OSPFv3.

The DN-bit for OSPFv3 is described in RFC 6565 https://tools.ietf.org/html/rfc6565

This RFC or preceding Internet Drafts are NOT yet supported in JUNOS

https://www.juniper.net/documentation/en_US/junos/topics/reference/standards/ospf.html

Your best bet in this situation is  to use prefix-lists to filter out this route on PE-2  from being redistributed into MP-BGP.

HTH

Thx
Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Routing

Re: OSPF routing issues

[ Edited ]
‎09-25-2017 03:08 PM

After a few permutations and combinations, I have found a workaround for this. 

 

Basically, I forced all BGP routes imported on both PE-1 and PE-2 within the "VRF-OSPF" routing instance to have a Preference (AD) of 9. This is lower than the Internal OSPF preference of 10. Then advertise the inter-area route with a lower cost on PE-1. BGP is preferred on both PEs even though I still get the route via internal OSPF on both PEs but doesn't matter. Also, due to better cost from CE-1, CE-2 now prefers CE-1 to X.X.X.X/24. I did a few failover and all works great. 

 

Appreciate your time and effort Alex. Thanks.

Feedback