OSPF and BGP Redistribute

cancel
Showing results for 
Search instead for 
Did you mean: 

OSPF and BGP Redistribute

L1 Bithead

Can someone walk me through redistribution of OSPF into BGP and BGP into OSPF

 

I am setting up a new VSYS (already done) with a new Virtual Router to an AT&T AVPN WAN

 

There is a /30 between us and AT&T, and we use eBGP to AT&T.  On the other router interface, we use OSPF everything in area 0.

 

 

Probably no very good reason to clean this up being this is all private IP stuff, but it's a habit.

 

How do redistribute the OSPF and BGP into one another?

 

Also, how do I deal with the route-map that sets the community?


router ospf 1
redistribute static
redistribute bgp 64xxx
network 10.x.x.x 0.0.0.0 area 0 (this is a loopback IP)
network 192.168.x.x 0.0.0.7 area 0
!

router bgp 64xxx
bgp log-neighbor-changes
neighbor 10.y.y.y remote-as 13xxx (This is in a /30 with ATT)
!
address-family ipv4
network 0.0.0.0 route-map ATT_LTE
network 192.168.x.x mask 255.255.255.248 (This is the same subnet as the one above in OSPF)
network 192.168.72.0 mask 255.255.252.0 route-map ATT_LTE
redistribute connected
redistribute static
redistribute ospf 1 match internal external 1 external 2
neighbor 10.y.y.y activate
neighbor 10.y.y.y send-community
neighbor 10.y.y.y soft-reconfiguration inbound (all of these are the same as in the neighbor string)
default-information originate
exit-address-family
!



interface Loopback0
ip address 10.161.191.71 255.255.255.255
end



route-map ATT_LTE permit 10
match ip address prefix-list ATT_OUT
set community 13xxx:6655
!


ip prefix-list ATT_OUT seq 5 permit 192.168.72.0/22
ip prefix-list ATT_OUT seq 10 permit 0.0.0.0/0

 

 

4 REPLIES 4

Cyber Elite
Cyber Elite

There is not exact "step1, step2" type of guide, but maybe reading this, will give you some ideas.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClypCAC

 

Help the community: Like helpful comments and mark solutions

L1 Bithead

Shouldn't Premium Partner support cover this?  I am told that does not cover technical support except break/fix.  Can you let me know.

Good Day

Thank you for your email.  For many partners, their ASC (auth support centers) are contractually bound to provide ONLY break fix, which aligns to what TAC offers.  That being said, there are some ASC or other PANW resellers that offer Professional Services.

 

What you really asking for, thinly veiled, is configuration assistance, which is really Professional Services, according to some vendors.  

 

What I would really recommend, if you are not comfortable in performing the steps, is to contact your reseller or local PAN SE and see how much PS would be for say, 2 days of PS.  The investment made may outweigh the level of effort needed to perform this on your own successfully. 

 

What other questions can we answer?

Help the community: Like helpful comments and mark solutions

I think I actually have it configured correctly only need to test it at this point.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!