Ticket #11

Ticket #11

Network diagram

IGP diagram

BGP diagram


The problem:

R1 can't ping R2's Lo0. Fix the problem.

The solution:


First, lets try to ping R2's Lo0 IP address from R1.

On R1:

R1#ping 14.7.0.2


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 14.7.0.2, timeout is 2 seconds:

...

Success rate is 0 percent (0/3)



Indeed, R1 can't ping R2's Lo0.

Lets check R1's routing table entry for R2's Lo0 IP address.

On R1:

R1#sh ip route 14.7.0.2
% Subnet not in table


Its not there! Maybe R1 have a default route?

On R1:

R1#sh ip route 0.0.0.0

% Network not in table



No default route on R1.


Lets move closer to R2 and check if R5 got a route to R2's Lo0.

On R5:

R5#sh ip route 14.7.0.2
% Subnet not in table
R5#sh ip route 0.0.0.0
% Network not in table


No route to R2's Lo0 on R5 either.

Lets move closer to R2 and check R4's routing table entry for R2's Lo0.

On R4:

R4#sh ip route 14.7.0.2
Routing entry for 14.7.0.2/32
  Known via "bgp 24", distance 200, metric 0, type internal
  Redistributing via ospf 1
  Last update from 14.7.24.2 00:35:45 ago
  Routing Descriptor Blocks:
  * 14.7.24.2, from 14.7.24.2, 00:35:45 ago
      Route metric is 0, traffic share count is 1
      AS Hops 0


There is a route on R4, and it is redistributed to OSPF. Then why R5 do not get the redistributed route? Lets check the OSPF neighbor relationship.

On R4:

R4#sh ip ospf neighbor 

R4#


R4 got no OSPF neighbors. Lets check on both R4 and R5 if the interfaces between them are running OSPF.

On R4:

R4#sh ip ospf interface brief 
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Fa0/1        1     45              14.7.45.4/24       1     DR    0/0

On R5:

R5#sh ip ospf interface brief 
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Lo0          1     45              14.7.0.5/32        1     LOOP  0/0
Fa0/0        1     45              14.7.45.5/28       1     DR    0/0


As we can see, on both R4 and R5 the common interfaces are running OSPF and they are in the same area.


Lets check if we have any unicast connectivity between R4 and R5.

On R5:

R5#ping 14.7.45.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.7.45.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/10/20 ms


There is a two way unicast connectivity between R4 and R5.


Lets enable OSPF debugging on R5 to see what is going wrong.

On R5:

R5#debug ip ospf hello 
OSPF hello events debugging is on
R5#
*Apr 12 23:35:05.903: OSPF: Rcv hello from 14.7.0.4 area 45 from FastEthernet0/0 14.7.45.4
*Apr 12 23:35:05.903: OSPF: Mismatched hello parameters from 14.7.45.4
*Apr 12 23:35:05.907: OSPF: Dead R 40 C 40, Hello R 10 C 10  Mask R 255.255.255.0 C 255.255.255.240
R5#
*Apr 12 23:35:08.859: OSPF: Send hello to 224.0.0.5 area 45 on FastEthernet0/0 from 14.7.45.5
R5#un all
All possible debugging has been turned off


We have a mask mismatch. R5, which is the "C" is /28 and R4, which is "R" is /24. Lets correct this on R5.

On R5:

R5#sh run int f0/0
Building configuration...

Current configuration : 115 bytes
!
interface FastEthernet0/0
 ip address 14.7.45.5 255.255.255.240
 ip ospf 1 area 45
 duplex auto
 speed auto
end

R5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#int f0/0
R5(config-if)#ip address 14.7.45.5 255.255.255.0  
R5(config-if)#
*Apr 12 23:37:11.131: %OSPF-5-ADJCHG: Process 1, Nbr 14.7.0.4 on FastEthernet0/0 from LOADING to FULL, Loading Done


Now we have a full OSPF neighbor relationship between R4 and R5. Lets check again R5's routing table entry for R2's Lo0.

On R5:

R5#sh ip route 14.7.0.2
% Subnet not in table


Its not there yet, does R5 got any OSPF routes?

On R5:

R5#sh ip route ospf 
     14.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
O E2    14.7.0.4/32 [110/1] via 14.7.45.4, 00:19:35, FastEthernet0/0
O E2    14.7.24.0/24 [110/1] via 14.7.45.4, 00:19:35, FastEthernet0/0


R5 do have OSPF routes, maybe R4 is not redistributing BGP routes into OSPF?

On R4:

R4#show run | sec router ospf
router ospf 1
 log-adjacency-changes
 redistribute bgp 24 subnets


R4 is redistributing the BGP routes to OSPF, then what is wrong?

To answer that lets have a closer look at R4's route to R2's Lo0.

On R4:

R4#sh ip route 14.7.0.2
Routing entry for 14.7.0.2/32
  Known via "bgp 24", distance 200, metric 0, type internal
  Redistributing via ospf 1
  Last update from 14.7.24.2 01:26:45 ago
  Routing Descriptor Blocks:
  * 14.7.24.2, from 14.7.24.2, 01:26:45 ago
      Route metric is 0, traffic share count is 1
      AS Hops 0


We can see that the administrative distance of the route to R2's Lo0 is 200, which means that the route is iBGP route. By default IOS will not redistribute iBGP routes to IGP. Lets check if R4 was configured to do so.

On R4:

R4#sh run | i internal
R4#


We can't see the bgp redistribute-internal BGP command, which without it R4 will not redistribute iBGP routes to OSPF. Lets fix that.

On R4:

R4(config)#router bgp 24
R4(config-router)#bgp redistribute-internal


Now lets check again R5's routing table entry for R2's Lo0.

On R5:

R5#sh ip route 14.7.0.2
Routing entry for 14.7.0.2/32
  Known via "ospf 1", distance 110, metric 1, type extern 2, forward metric 1
  Redistributing via rip
  Advertised by rip metric 1
  Last update from 14.7.45.4 on FastEthernet0/0, 00:00:51 ago
  Routing Descriptor Blocks:
  * 14.7.45.4, from 14.7.0.4, 00:00:51 ago, via FastEthernet0/0
      Route metric is 1, traffic share count is 1


Now R5 got a route to R2's Lo0. Lets check if R1 got a route to R2's Lo0.

On R1:

R1#sh ip route 14.7.0.2
Routing entry for 14.7.0.2/32
  Known via "rip", distance 120, metric 1
  Redistributing via rip
  Last update from 14.7.15.5 on FastEthernet0/0, 00:00:09 ago
  Routing Descriptor Blocks:
  * 14.7.15.5, from 14.7.15.5, 00:00:09 ago, via FastEthernet0/0
      Route metric is 1, traffic share count is 1


Now R1 do have a route to R2's Lo0. Lets try to ping.

On R1:

R1#ping 14.7.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.7.0.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

I hope you were not surprised that it didn't worked, as the fun is not over yet!

What is wrong? 


Since we know that we have a route to R2, lets check if R2 knows how to get back to R1, which is sourcing its ICMP echo requests from 14.7.15.1.

On R2:

R2#sh ip route 14.7.15.1
% Subnet not in table
R2#sh ip route 0.0.0.0
% Network not in table


R2 got no route back to R1. Does R4 got a route back to R1?

On R4:

R4#sh ip route 14.7.15.1
Routing entry for 14.7.15.0/24
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1
  Redistributing via bgp 24
  Last update from 14.7.45.5 on FastEthernet0/1, 00:55:50 ago
  Routing Descriptor Blocks:
  * 14.7.45.5, from 14.7.0.5, 00:55:50 ago, via FastEthernet0/1
      Route metric is 20, traffic share count is 1


R4 got an external OSPF route back to R1 via R5, and it also says that it redistributing it to BGP, then why R2 do not see the route?


Lets have a look at R4's redistribution configuration.

On R4:

R4#sh run | sec router bgp
router bgp 24
 no synchronization
 bgp log-neighbor-changes
 bgp redistribute-internal
 network 14.7.0.4 mask 255.255.255.255
 network 14.7.24.0 mask 255.255.255.0
 redistribute ospf 1
 neighbor 14.7.24.2 remote-as 24
 no auto-summary


R4 is configured to redistribute OSPF to BGP, but does it redistribute all the routes?

On R4:

R4(config)#router bgp 24
R4(config-router)#redistribute ospf 1 ?   
  match      Redistribution of OSPF routes
  metric     Metric for redistributed routes
  route-map  Route map reference
  vrf        VPN Routing/Forwarding Instance
  <cr>

R4(config-router)#redistribute ospf 1 match ?
  external       Redistribute OSPF external routes
  internal       Redistribute OSPF internal routes
  nssa-external  Redistribute OSPF NSSA external routes


By default, BGP will redistribute only internal OSPF routes to BGP, and there is a good reason for it, as external routes might already come from BGP.


Lets configure BGP to redistribute also external OSPF routes.

On R4:

R4(config)#router bgp 24
R4(config-router)#redistribute ospf 1 mat internal external 


Now, lets check if R2 got a route back to R1.

On R2:

R2#sh ip route 14.7.15.1
Routing entry for 14.7.15.0/24
  Known via "bgp 24", distance 200, metric 20, type internal
  Last update from 14.7.45.5 00:00:51 ago
  Routing Descriptor Blocks:
  * 14.7.45.5, from 14.7.24.4, 00:00:51 ago
      Route metric is 20, traffic share count is 1
      AS Hops 0


Now that R2 got a route back to R1, lets check if R1 can finally ping to R2's Lo0.

On R1:

R1#ping 14.7.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.7.0.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 12/14/20 ms


Success! We have solved the lab, with not just one problem, but three!

                                          __ 
.-----.--.--.----.----.-----.-----.-----.|  |
|__ --|  |  |  __|  __|  -__|__ --|__ --||__|
|_____|_____|____|____|_____|_____|_____||__|