Docs
Infra
Routing
Dual Homed BGP with OSPF

Dual Homed BGP with OSPF

Overview

The below diagram shows a typical dual-homed setup with two CE routers peering with two PE routers, and in the middle we can have either a stacked core switch or a L3 firewall in HA mode. The idea is that the PE routers are peerig with the CE routers, using eBGP. The CE routers are peering with each other using iBGP, wile the core (firewall-HA) is using OSPF to peer with the CE routers. We would like to use CE01 as primary, and CE02 just in case CE01 fails.

Network drawing

The configuration of the customer owned devices can be found below:

CE01: 

!Loopback definition
interface Loopback 0
 description Management_LOOPBACK
 ip address [ipaddr] [mask]
 no ip redirects

!Interfaces to LAN
interface GigabitEthernetx/x
 channel-group 10 mode active
 description TO-LAN-CORE

interface GigabitEthernety/y
 channel-group 10 mode active
 description TO-LAN-CORE

interface Po10
 description TO-LAN-CORE
 ip address [ipaddr] [mask]
 no ip proxy-arp
 ip router ospf 
 ip ospf network point-to-point
  no shutdown

!Interfaces to PE
interface GigabitEthernetz/z
 description To-WAN-PE 
 ip address [ipaddr] mask 255.255.255.252
 bandwidth [bandwidth]
 no ip redirects
 no cdp enable
 no ip proxy-arp

!Route map definition
ip as-path access-list 8 permit ^$
route-map ADVERTISE-SELF-ONLY permit 10 
match as-path 8

route-map OSPF-TO-BGP deny 10
match tag [LOCAL-AS]
route-map OSPF-TO-BGP permit 20

route-map PREFER-PE01 permit 10
 set local-preference 200


!BGP definition

router bgp  [LOCAL-AS]
no synchronization
bgp router-id Lo0

no bgp default ipv4-unicast
bgp log-neighbor-changes
bgp update-delay 5 
timers bgp 15 45 
neighbor [PE01 IPaddress] remote-as [PE AS]
neighbor [PE01 IPaddress] description EBGP peer with PE01
neighbor [PE01 IPaddress] fall-over bfd

neighbor [Neighbours-Loopback IPaddress] remote-as  [LOCAL-AS]
neighbor [Neighbours-Loopback IPaddress] description iBGP-NEI
neighbor [Neighbours-Loopback IPaddress] update-source Lo0

address-family ipv4 
no auto-summary
no synchronization

network [loopback0] mask 255.255.255.255
network [PEERING subnet] mask 255.255.255.252
redistribute ospf 10 level-2 route-map OSPF-TO-BGP
neighbor [PE01 IPaddress] activate
neighbor [PE01 IPaddress] send-community both
neighbor [PE01 IPaddress] soft-reconfiguration inbound
neighbor [PE01 IPaddress] route-map ADVERTISE-SELF-ONLY out
neighbor [PE IP address] route-map PREFER-PE01 in
neighbor [Neighbours-Loopback IPaddress] activate
neighbor [Neighbours-Loopback IPaddress] send-community both
neighbor [Neighbours-Loopback IPaddress] soft-reconfiguration inbound
neighbor [Neighbours-Loopback IPaddress] next-hop-self
exit-address-family

!OSPF Route-Map
route-map BGP-TO-OSPF permit 10
set tag [LOCAL-AS]

!OSPF Config
router ospf 10
router-id Lo0
passive-interface default
no passive-interface Po10
network [YOUR-SUBNET] [YOUR-WILDCARD-MASK] area 0
redistribute bgp [LOCAL-AS] metric-type 1 route-map BGP-TO-OSPF

CE02: 

!Loopback definition
interface Loopback 0
 description Management_LOOPBACK
 ip address [ipaddr] [mask]
 no ip redirects

!Interfaces to LAN
interface GigabitEthernetx/x
 channel-group 10 mode active
 description TO-LAN-CORE

interface GigabitEthernety/y
 channel-group 10 mode active
 description TO-LAN-CORE

interface Po10
 description TO-LAN-CORE
 ip address [ipaddr] [mask]
 no ip proxy-arp
 ip router ospf 
 ip ospf network point-to-point
 ip ospf cost 200
  no shutdown

!Interfaces to PE
interface GigabitEthernetz/z
 description To-WAN-PE 
 ip address [ipaddr] mask 255.255.255.252
 bandwidth [bandwidth]
 no ip redirects
 no cdp enable
 no ip proxy-arp

!Route map definition
ip as-path access-list 8 permit ^$
route-map ADVERTISE-SELF-ONLY permit 10 
match as-path 8
set as-path prepend [LOCAL-AS] [LOCAL-AS]

route-map OSPF-TO-BGP deny 10
match tag [LOCAL-AS]
route-map OSPF-TO-BGP permit 20

!BGP definition

router bgp  [LOCAL-AS]
no synchronization
bgp router-id Lo0

no bgp default ipv4-unicast
bgp log-neighbor-changes
bgp update-delay 5 
timers bgp 15 45 
neighbor [PE02 IPaddress] remote-as [PE AS]
neighbor [PE02 IPaddress] description EBGP peer with PE02
neighbor [PE02 IPaddress] fall-over bfd

neighbor [Neighbours-Loopback IPaddress] remote-as  [LOCAL-AS]
neighbor [Neighbours-Loopback IPaddress] description iBGP-NEI
neighbor [Neighbours-Loopback IPaddress] update-source Lo0

address-family ipv4 
no auto-summary
no synchronization

network [loopback0] mask 255.255.255.255
network [PEERING subnet] mask 255.255.255.252
redistribute ospf 10 level-2 route-map OSPF-TO-BGP
neighbor [PE01 IPaddress] activate
neighbor [PE01 IPaddress] send-community both
neighbor [PE01 IPaddress] soft-reconfiguration inbound
neighbor [PE01 IPaddress] route-map ADVERTISE-SELF-ONLY out
neighbor [PE IP address] route-map PREFER-PE01 in
neighbor [Neighbours-Loopback IPaddress] activate
neighbor [Neighbours-Loopback IPaddress] send-community both
neighbor [Neighbours-Loopback IPaddress] soft-reconfiguration inbound
neighbor [Neighbours-Loopback IPaddress] next-hop-self
exit-address-family

!OSPF Route-Map
route-map BGP-TO-OSPF permit 10
set tag [LOCAL-AS]

!OSPF Config
router ospf 10
router-id Lo0
passive-interface default
no passive-interface Po10
network [YOUR-SUBNET] [YOUR-WILDCARD-MASK] area 0
redistribute bgp [LOCAL-AS] metric-type 1 route-map BGP-TO-OSPF

STAKWISE-CORE: 

router ospf 10
router-id Lo0
passive-interface default
no passive-interface [Interfacce used for peering]
network 0.0.0.0 0.0.0.0 area 0
Last updated on
Ospf Cheat Sheet