OSPF default route under special circumstance

Ondrej Zajicek santiago at crfreenet.org
Tue Feb 16 22:24:04 CET 2016 

On Tue, Feb 16, 2016 at 09:39:37AM +0000, Rohrmann Sascha wrote:
> Hi,
> 
> I have 4 routers:
> ISP1                       ISP2
>   l                              l
> A1                          A2
>   l------------------l
> B1                          B2
> 
> A1 is directly connected to its' on ISP and A2 is directly connected to its' own ISP, too.
> A1 and A2 are performing eBGP, iBGP and OSPF.
> I already configured all protocols and distributed the default gateway (A{1,2}) for B{1,2}.
> For that I created a 0.0.0.0/0 route in the static section  of A{1,2} and filtered it out in the BGP-, OSPF-, and Kernel-table of A{1,2}:
> 
> import filter { if net = 0.0.0.0/0 then reject; accept};
> export all;
> 
> So, basicly A{1,2} should throw this default-route only in OSPF and they should not have the default-route in their own routing-table.
> But, unfortunately, A{1,2} actually do have this route in their table.

Hi

Well it is hard to say where is a problem without the configuration.
Don't you swap import/export statements? For example, kernel protocol
should have 'export filter { if net = 0.0.0.0/0 then reject; accept};'
if you do not want to export default route to it.

Or you could just have default reject/unreachable route, like in this example:

https://gitlab.labs.nic.cz/labs/bird/wikis/BGP_example_2


Generally, it is a good question what are best practices for configuring
BGP border routers on Linux/BIRD. There is an interesting idea to use two
separate kernel routing tables, one for internal routes and one for
external/BGP routes, just for the sake of clarity.


> How do I have to configure my protocols so that A{1,2} do not show this behavior?
> In my understandings, routers like A{1,2} should not have a default-route in their routing-table...
> 
> My 2nd desire is the following:
> A{1,2} should throw the default-route in the OSPF area <only> if the BGP adjacency is reachable and the BGP peer is formed (BGP state should be established).
> Is this desire realizable with bird only?

No, that is not possible. Unless you convince your ISPs to send you also
a default route through the BGP and use it to redistribute it to OSPF.

But it is not a big problem - the router with BGP session down already
has external routes from IBGP, so the traffic will be directed to the
other border router.

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20160216/5fdfaad1/attachment.asc>

More information about the Bird-users mailing list