Question:
We currently WS-C3750X-48T-L have two routing protocols that we use in our DCs. Internally we use EIGRP, and externally we use BGP. Each of DC's has an internet link and an MPLS link.
To redistribute between the EIGRP instance and the BGP instance in the DC, we use a route map that matches internal routes.
I have an ASA firewall that is connected to the core switch, this firewall is the Internet firewall, and is part of the EIGRP AS. There are site to site tunnels, the default route, and client vpn subnets that the firewall advertises to EIGRP.
Those routes are not getting redistributed into BGP, which is a huge issue. The routes coming from the firewall are all showing as external, so BGP is not advertising them.
Here's the configuration of the edge MPLS router (the one that needs to redistribute between the two):
router eigrp 50
network x.x.x.x 0.0.63.255
redistribute bgp 50 route-map BGP-TO-EIGRP
!
router bgp 50
bgp log-neighbor-changes
network y.y.y.y mask 255.255.255.255
aggregate-address y.y.y.y 255.255.192.0 summary-only
timers bgp 30 90 90
redistribute eigrp 50 route-map EIGRP-TO-BGP
neighbor z.z.z.z remote-as 50
<output ommitted>
!
route-map EIGRP-TO-BGP permit 10
match route-type internal
!
route-map BGP-TO-EIGRP permit 10
set metric 10000 100 255 1 1500
!
Here's a sample route from one of the networks that the firewall is advertising:
xxx-3925-01#sh ip route 150.175.49.3
Routing entry for 150.175.49.3/32
Known via "eigrp 50", distance 170, metric 3328, type external
Redistributing via eigrp 50, bgp 50
Last update from 10.34.0.73 on GigabitEthernet0/0, 00:45:12 ago
Routing Descriptor Blocks:
* 10.34.0.73, from 10.34.0.73, 00:45:12 ago, via GigabitEthernet0/0
Route metric is 3328, traffic share count is 1
Total delay is 30 microseconds, minimum bandwidth is 1000000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 2
xxx-3925-01#sh ip bgp neighbors x.x.x.x advertised-routes <--- ISP MPLS Peer
BGP table version is 121306, local router ID is x.x.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> x.x.0.0/18 0.0.0.0 32768 i
Total number of prefixes 1
Looking at that output from the show route it seems it's being redistributed, but I'm not seeing it anywhere else and it doesn't show as being advertised out.
Answer:
Yes, the redistribution causes the route to be external. Matching on internal routes won't work in this case and you'll either need to have them also match on external routes, or they should be able to tie it down to just that routing protocol (if you have more than bgp/eigrp on this router).
route-map EIGRP permit 10
match route-type internal
route-map EIGRP permit 20
match route-type external
match source-protocol eigrp <AS>
You can't do much with the ASA in regards to tagging routes (at least in the older versions). Otherwise, I would say tag your statics during redistribution and then match on the tag. WS-C3560X-48PF-S
Original comes from http://cisco3560.weebly.com/
没有评论:
发表评论