Re: [c-nsp] ospf (passive-interface default)
On 3/Mar/15 23:27, Aaron wrote: > BTW, incase you didn't know... Look how cool IOS XR is it actually does > it per interface AND nicely organized under the ospf construct > > ...kind of cool that you don't have to specify subnets and secondary > subnets... just advertises any and all subnets that are on the following > interfaces... As I mentioned in a previous post, it's been possible to run OSPFv2 at the interface level for years now. It'd be my recommendation. In IOS, however, "passive-interface" works differently from IS-IS. From my experience (well, 12.0S on the XR 12000 anyway), "passive-interface" for a Loopback interface doesn't work unless you either run OSPF on the Loopback interface or add the Loopback's IP address as a "network" statement. I find this really odd, and our Cisco SE says that's how it's supposed to work. IS-IS on IOS, on the other hand, works as expected - "passive-interface" introduces whatever subnet is on an interface into the IS-IS LSDB, but does not run IS-IS on that interface. Interestingly, OSPF works like this on Junos (which seems natural). So not sure whether this issue is specific to IOS. At any rate, I'm an IS-IS house so don't really have much interest in digging deeper into this. Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ospf (passive-interface default)
On 3/Mar/15 23:20, Chuck Church wrote: > Your network statements need to match the interfaces you want added into the > OSPF process. Passive-interface doesn't play a part in what does/doesn't > get inserted into the OSPF process. Passive-interface turns off the sending > of hello packets out that interface (and processing of any received). So > you can have a network (interface) that is inserted into OSPF, yet can't > form any neighbors. The configuration of OSPF directly on interfaces is a > part of OSPFv3 (for IPv6 only I believe). Not really. Since IOS 12.0S, it has been possible to apply OSPFv2 commands at the interface level to enable OSPF, instead of using "network" statements: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/ospfarea.html Cisco call(ed) it the "Area Command in Interface Mode for OSPFv2" feature. How catchy. This should now be available in every major release of code since the last 3x years or so (if not earlier). If I were running an OSPF network (which I do to a small extent for Anycast DNS), I'd use this feature in lieu of "network" statements. Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] N7k PIM Anycast RP - Do we still need MSDP to sync RPs?
At 03:13 PM 3/4/2015 Wednesday, linux.ya...@gmail.com murmered: Dear all, I have a square of 4 x N7k running PIM Anycast RP feature. Do i need to run MSDP feature like traditionnal RPs design or does NX(OS) Anycast feature already take care of RPs sync? You do not need MSDP under this configuration, Anycast w/PIM & Anycast w/MSDP are two different ways to do basically do the same thing. Tim Cheers, Manu Chao ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Tim Stevenson, tstev...@cisco.com Routing & Switching CCIE #5561 Distinguished Engineer, Technical Marketing Data Center Switching Cisco - http://www.cisco.com +1(408)526-6759 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] N7k PIM Anycast RP - Do we still need MSDP to sync RPs?
Dear all, I have a square of 4 x N7k running PIM Anycast RP feature. Do i need to run MSDP feature like traditionnal RPs design or does NX(OS) Anycast feature already take care of RPs sync? Cheers, Manu Chao ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OSPF and BGP relationship
Thanks Adam! Aaron From: Adam Vitkovsky [mailto:adam.vitkov...@gamma.co.uk] Sent: Wednesday, March 04, 2015 4:23 AM To: Aaron; 'Network'; 'Clint Wade' Cc: 'cisco-nsp' Subject: RE: [c-nsp] OSPF and BGP relationship Hi Aron, The HW limitation only hits Trident line-cards with default profile that allows only 512K v4 routes. So these have to be set with L3 or L3XL profiles before they can be used for Internet routing. Using cmd "hw-module profile scale l3/L3xl". -but it requires reload of the LC to take effect. The VRF limitation. -there are also some inefficiencies related to lookups on Trident cards because of the FIB architecture. You have to use cmd "mode big" so that the VRF gets TableID 1-15 as TableIDs 16+ have only one subtree limited to 256k. There are no such limitations on Typhoon LCs as those use mtries. adam > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > Aaron > Sent: 03 March 2015 13:48 > To: 'Network'; 'Clint Wade' > Cc: 'cisco-nsp' > Subject: Re: [c-nsp] OSPF and BGP relationship > > Also, while we are on the subject of full bgp internet routing table…. > > > > My Internet connections are landing on my PE ASR9k’s. so the internet 10gig > interface is in a vrf. Currently I only learn one route from my upstream > provider…0/0. If I were to learn the full bgp internet table, is this OK? I > read > somewhere that there are concerns about learning the full bgp table into a > MPLS L3VPN vrf. Maybe what I read was specific to asr9k running certain cpu > and trident linecard, I don’t recall, but I would appreciate anyone’s > insights. > > > > Aaron > > > > > > From: Network [mailto:netw...@cwo.com] > Sent: Monday, March 02, 2015 8:08 PM > To: Clint Wade > Cc: Aaron; cisco-nsp > Subject: Re: [c-nsp] OSPF and BGP relationship > > > > I should have mentioned that I'm only getting a default route from my > upstream providers. I guess I could request a full table, as we have enough > resources to handle it on the edge routers. In the past there has not been a > convincing reason to receive a full bgp route table. > > > > Just curious, how large,in megabytes, is the current bgp table? > > > > JB > > > On Mar 2, 2015, at 5:11 PM, Clint Wade wrote: > > Everything I'm stating below here is under the assumption you're receiving a > full route table from the ISP's and not just a default route. If all you're > getting > is a default, you're looking at something like policy based routing or > possibly > PFR to fix this as far as I know. > > > Weight and Local Pref to affect outbound --> You'll want it higher on the one > you want to be the exit point and as long as you have an iBGP connection > between your two BGP edge routers you'll be ok. If no iBGP link between > your two edge routers exists then affecting outbound is impossible as you're > limited by OSPF and the best you can do is force one to be the outbound for > all prefixes. Another way I've seen done what you're doing is to originate 1 > default in OSPF as Type 1 and the other as Type 2, obviously the exit path to > the Type 1 route is preferred, but once it makes it to that edge router you'll > have to rely on BGP path selection to affect which edge router to egress for > specific prefixes, which is why the iBGP link is required. > > > AS Path and MED to affect inbound --> Usually done by sending communities > to your providers to affect their routes; Each provider has a list of > communities they accept to perform functions such as 'Add 4x AS# to > existing AS_Path' or 'Set local pref' on the provider side. You'll need to > use a > looking glass server to verify these changes, and you'll want to check them > from a couple different providers looking glass to see what effects it has on > routing outside of the provider you're trying to traffic engineer. Keep in > mind > you have to be careful as some providers transit to other provider > connections can get saturated which can lead to some unexpected side > affects, so you'll have to keep a close eye on performance (latency, etc.) > > > > On Mon, Mar 2, 2015 at 4:12 PM, Aaron wrote: > > I also have 2 (working on 3) Internet connections and only learn default route > from upstream provider > > I don’t know if this is best/common practice but if I ever prefer a /32 to > exit > out one of my particular internet connections, I'll point a static /32 out > that > internet connection and redistribute it into my igpmy igp happens to be > mb-ibgp for my l3vpn's to rcv it across my mpls network. > > Aaron > > > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > CWO Network Operations > Sent: Monday, March 02, 2015 3:40 PM > To: cisco-nsp@puck.nether.net > Subject: [c-nsp] OSPF and BGP relationship > > I have a question about the common practice of using OSPF and (i)bgp. > > Here is my setup: > > > I have 4 Cisco router
Re: [c-nsp] Cisco Route Map Strangeness
On 04/03/2015 09:41, Stig Meireles Johansen wrote: > Route-maps are sequential and stops on first match, unless you use the > "continue" feature: > http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/irg-route-map-continue.html just be aware that "continue" is supported for route maps used by BGP, but not in route-maps used by other routing protocols, including static / connected. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OSPF and BGP relationship
> One idea is to only use OSPF behind each edge router and > inject those ospf routes into iBGP. Doing that would eliminate > having to deal with the lower igp metric of OSPF between > my 4 edge routers. That was what I was thinking of initially but I wasn't sure if the areas are interconnected in which case there could be some funky routing results external vs internal LSAs... but now that I think about it it should be fine. > Since I’m only receiving a default route from my upstream > providers at the moment, would injecting a default route via > ospf (with the same metric) cause a “load balanced” outbound > distribution? Yes if each BGP speaker advertises a default route with the same metric then egress from the AS "west" sites would use exit A and "east" sites would use Exit B adam --- This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com --- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco Route Map Strangeness
Route-maps are sequential and stops on first match, unless you use the "continue" feature: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/irg-route-map-continue.html /Stig -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Craig Whitmore Sent: 3. mars 2015 21:56 To: 'Lukas Tribus'; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco Route Map Strangeness I need to do something like Match community A # a local community Set community B additive # upstream community Continue Match community C Set community D additive continue - other ones to match Filter out all local communities before sending to upsteam Doing your way (without the additive works) but I can only do it once . if I want other tests then it all fails It seems I cannot have multiple sets additive or comm-lists in the same route-map ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OSPF and BGP relationship
Hi Aron, The HW limitation only hits Trident line-cards with default profile that allows only 512K v4 routes. So these have to be set with L3 or L3XL profiles before they can be used for Internet routing. Using cmd "hw-module profile scale l3/L3xl". -but it requires reload of the LC to take effect. The VRF limitation. -there are also some inefficiencies related to lookups on Trident cards because of the FIB architecture. You have to use cmd "mode big" so that the VRF gets TableID 1-15 as TableIDs 16+ have only one subtree limited to 256k. There are no such limitations on Typhoon LCs as those use mtries. adam > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > Aaron > Sent: 03 March 2015 13:48 > To: 'Network'; 'Clint Wade' > Cc: 'cisco-nsp' > Subject: Re: [c-nsp] OSPF and BGP relationship > > Also, while we are on the subject of full bgp internet routing table…. > > > > My Internet connections are landing on my PE ASR9k’s. so the internet 10gig > interface is in a vrf. Currently I only learn one route from my upstream > provider…0/0. If I were to learn the full bgp internet table, is this OK? I > read > somewhere that there are concerns about learning the full bgp table into a > MPLS L3VPN vrf. Maybe what I read was specific to asr9k running certain cpu > and trident linecard, I don’t recall, but I would appreciate anyone’s > insights. > > > > Aaron > > > > > > From: Network [mailto:netw...@cwo.com] > Sent: Monday, March 02, 2015 8:08 PM > To: Clint Wade > Cc: Aaron; cisco-nsp > Subject: Re: [c-nsp] OSPF and BGP relationship > > > > I should have mentioned that I'm only getting a default route from my > upstream providers. I guess I could request a full table, as we have enough > resources to handle it on the edge routers. In the past there has not been a > convincing reason to receive a full bgp route table. > > > > Just curious, how large,in megabytes, is the current bgp table? > > > > JB > > > On Mar 2, 2015, at 5:11 PM, Clint Wade wrote: > > Everything I'm stating below here is under the assumption you're receiving a > full route table from the ISP's and not just a default route. If all you're > getting > is a default, you're looking at something like policy based routing or > possibly > PFR to fix this as far as I know. > > > Weight and Local Pref to affect outbound --> You'll want it higher on the one > you want to be the exit point and as long as you have an iBGP connection > between your two BGP edge routers you'll be ok. If no iBGP link between > your two edge routers exists then affecting outbound is impossible as you're > limited by OSPF and the best you can do is force one to be the outbound for > all prefixes. Another way I've seen done what you're doing is to originate 1 > default in OSPF as Type 1 and the other as Type 2, obviously the exit path to > the Type 1 route is preferred, but once it makes it to that edge router you'll > have to rely on BGP path selection to affect which edge router to egress for > specific prefixes, which is why the iBGP link is required. > > > AS Path and MED to affect inbound --> Usually done by sending communities > to your providers to affect their routes; Each provider has a list of > communities they accept to perform functions such as 'Add 4x AS# to > existing AS_Path' or 'Set local pref' on the provider side. You'll need to > use a > looking glass server to verify these changes, and you'll want to check them > from a couple different providers looking glass to see what effects it has on > routing outside of the provider you're trying to traffic engineer. Keep in > mind > you have to be careful as some providers transit to other provider > connections can get saturated which can lead to some unexpected side > affects, so you'll have to keep a close eye on performance (latency, etc.) > > > > On Mon, Mar 2, 2015 at 4:12 PM, Aaron wrote: > > I also have 2 (working on 3) Internet connections and only learn default route > from upstream provider > > I don’t know if this is best/common practice but if I ever prefer a /32 to > exit > out one of my particular internet connections, I'll point a static /32 out > that > internet connection and redistribute it into my igpmy igp happens to be > mb-ibgp for my l3vpn's to rcv it across my mpls network. > > Aaron > > > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > CWO Network Operations > Sent: Monday, March 02, 2015 3:40 PM > To: cisco-nsp@puck.nether.net > Subject: [c-nsp] OSPF and BGP relationship > > I have a question about the common practice of using OSPF and (i)bgp. > > Here is my setup: > > > I have 4 Cisco routers (A, B, C & D). All routers are connected to each other > through metro ethernet connections. The 4 routers have other “stuff” > behind them speaking only OSPF and require a injected default route. > Router A and B are co
Re: [c-nsp] Cisco Route Map Strangeness
I worked the problem out. I was testing on an old 12.0 router. I was running 12.0 and it was broken. I tested on 15.2 and it worked 100% fine Ie Permit 10 Match community A Set community B additive Continue Permit 20 Match community C Set community D additive Continue Permit 30 Set-comm to delete all the old communities A and C before sending upstream Sent from my iPhone ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco console port to USB
> This is the best USB to serial adapter ever. +1 ♡ :) alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
