Multiple ASBRs: summarizing prefixes from BGP into OSPF

Israel G. Lugo israel.lugo at lugosys.com
Fri Jul 28 02:09:45 CEST 2017


TL;DR:

  * OSPF backbone, ECMP
  * 2 redundant Bird ASBRs learning 3000~4000 prefixes from 2 BGP route
    servers and routing them to 3000~4000 nexthops in a customer VLAN
  * All these prefixes are subnets of a few big dedicated prefixes
  * I want the ASBRs to redistribute the big aggregate prefixes into
    OSPF instead of the many tiny ones
  * I can't just unconditionally redistribute a static null route: if
    one ASBR loses the BGP sessions it must stop announcing the
    prefixes, otherwise it will become a black hole

Can this (or something smarter) be done with Bird?

Regards,
Israel G. Lugo


On 07/26/2017 12:20 PM, Israel G. Lugo wrote:
> Hello,
>
> I've got an internal Openstack deployment, currently in beta but
> expecting a few thousands tennants in full production. Each tennant gets
> at least an IPv4 prefix and an IPv6 one. They may get additional
> prefixes upon payment or special request.
>
> The way Openstack works is each tennant will have his own (virtual)
> router, with an unique IP. This router is controlled directly by
> Openstack and only knows static routes. Then there are a couple of BGP
> route servers, also controlled by Openstack, who announce the prefixes
> and respective nexthops.
>
> On my side, I've got a couple of ASBR, using Bird to speak BGP with
> Openstack's route servers and learn the routes. They forward the traffic
> between my backbone and the tennant routers. On the backbone side,
> they're speaking OSPF (also with Bird) to the rest of the infrastructure
> and redistributing external prefixes. Everything works.
>
> My problem is, I don't want to announce hundreds or thousands of
> prefixes into OSPF when we go full. I'm carving the tennants from a
> couple of large prefixes so I want to aggregate this at the ASBRs. But I
> can't just blindly add a large static sink route on my ASBRs and
> redistribute that to OSPF; that opens me up to the risk of dropping
> traffic if one of the ASBRs loses BGP with the Openstack route servers.
>
> What I need, unless someone has a better suggestion, is some way to
> summarize externals in OSPF, such that the summary prefix is only
> announced if I've got more specific routes inside it.
>
> I tried creating an NSSA and placing the prefix there as external, but
> it didn't help:
>
> protocol ospf backbone {
>   import all;
>   export filter ospf_export;
>   ecmp yes;
>   merge external yes;
>   area 0.0.0.0 {
>     stub no;
>     interface "eth0" { /* auth stuff */ };
>     interface "lo" { stub; };
>   };
>   area 0.0.1.2 {
>     nssa;
>     /* transit VLAN to the tennant routers */
>     interface "eth0.22" { stub; check link yes; };
>     external {
>       198.18.0.0/15;
>     };
> }
>
> From my understanding, I believe the external keyword on an NSSA would
> be to aggregate in the opposite direction (backbone -> NSSA area).
>
> Is there any way to do what I want? I.e., summarize externals into OSPF,
> if and only if I have specific routes inside the summary prefix? That,
> or a conditional route, that only gets inserted if another certain route
> exists, or if the BGP peering is up.
>
> Regards,
> Israel G. Lugo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20170728/31db34ec/attachment.html>


More information about the Bird-users mailing list