redist route from bgp to OSPF is sending more than the default route

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

redist route from bgp to OSPF is sending more than the default route

L3 Networker

When we turned up BGP in the Palo with ExpressRoute, we started to receive 4 subnets from Microsoft.

 

The customer found that these subnets are being leaked into the Extreme Fabric through the OSPF adjacency to the Palo’s, where only Default route should be sent from the Palo to the Extreme. Not sure why this is happening, since it looks like there is a policy that should only send default route.

 

I have a case open, but am posting here due to long wait times. 

 

Cheers-

 

Don

4 REPLIES 4

Cyber Elite
Cyber Elite

@dbrenipc,

There's really not enough information here to troubleshoot this without being able to look at your configuration. Seems like your redistribution profile is setup with an incorrect filter since it doesn't seem like you even want the 4 subnets redistributed to OSPF.

Hi @dbrenipc ,

 

I believe this is caused by the redistribution profile you have configured. This is something that annoys me a lot - when you configure "Destination" in the redistribution profile, the prefix you put will not look for exact match, but it will match any prefix that falls under the configured prefix.

 

In your case I am almost certain that you have put 0.0.0.0/0 as destination for the redistribution profile. Which as you can guess will match all othe routes.

 

 One way to fix this is to narrow down your redistrubtion profile filter -

 - select the only the interface to which default is pointing

 - select next-hop address to which default is pointing

That way no other route will match that redist profile. But this depends on your config

 

Another way would be to create additional redistribution profile:

- configure destination to match all prefixes that you don't want to redistribute to OSPF

- Set action to no-redist

- And set priority that is lower than what you have for the default route redist profile

Redistribution profiles are applied in order from lowest to highest priority, so this would work like firewall rule and redistribute only the prefix you have in the profile with action redistribute

 

 

L3 Networker

Further information:

 

redist profile has src: BGP  detination 0.0.0.0/0  redist

in the export it says redistribute default route

 

I've found multiple docs that provide some conflicting info.

1 said NOT to use 0.0.0.0/0, and to only have the redistribute default route .

 

The other said to create a no-redist rule for the specific networks

then have the redist rule to probvide the default route wiht 0.0.0.0./0 specified.

 

I hope to lab it out asap.

 

thanks for your help - Don

 

 

Thank you Alexander- I am going to lab this up when I have time..But I agree...

 

regards,

 

Don

  • 3411 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!