I am trying to get OER up on two routers that are connected to two WAN links, so that I can manage inbound traffic. Per everything I have read, OER should do this.
Topology:
[ISP 1] [ISP 2]
| |
[RTR 1]--------------[RTR 2]
\ /
\ /
[Inside RTR]
I have eBGP running between RTR 1 and ISP 1, as well as between RTR 2 and ISP 2. Both ISP's are the same provider and same BGP AS. iBGP runs between RTR 1 and 2. EIGRP between RTR 1/RTR 2 and Inside RTR.
I have setup RTR 1 as OER master and border, have set learning for throughput bgp only, set maximum xmit at 100% as I dont care about outbound, and maximum inbound at 80%
By default, my routes are prepended out RTR2 as it is the backup.. I want OER to double-prepend out RTR1 when RTR1 gets above 80% so then RTR2 will be used. I can get OER to see the link as OOP, but all I get is a message that it "Couldn't control" the route. When I do a "show oer master prefix inside", the status of each inside prefix has a * for "uncontrolled" after it.
Does anyone know what that means, and how I can fix it? I was able to get outbound OER working via local preference, but I need inbound and I cannot find anything that would make these prefixes "uncontrollable".
Configs: (left some out to save space)
RTR1:
Current configuration : 4091 bytes
!
hostname RTR1
!
ip source-route
ip cef
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
key chain <keychain-name>
key 0
key-string <keychain-value>
!
oer master
!
border 10.21.60.1 key-chain <keychain-name>
interface FastEthernet0/1 internal
interface Serial1/3 external
max-xmit-utilization percentage 100
maximum utilization receive percentage 80
downgrade bgp community 300:300
!
border 10.21.60.2 key-chain <keychain-name>
interface FastEthernet0/1 internal
interface Serial1/3 external
max-xmit-utilization percentage 100
maximum utilization receive percentage 80
downgrade bgp community 300:300
!
learn
throughput
inside bgp
periodic-interval 0
monitor-period 1
prefixes 5
aggregation-type prefix-length 32
backoff 90 300
mode route control
mode monitor passive
resolve utilization priority 1 variance 1
!
oer border
local FastEthernet0/0
master 10.21.60.1 key-chain <keychain-name>
!
archive
log config
hidekeys
!
interface FastEthernet0/0
description ## -> RTR2
ip address 10.21.60.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description ## -> Inside RTR
ip address 10.21.70.1 255.255.255.252
duplex auto
speed auto
!
interface Serial1/3
description ## -> ISP1
bandwidth 128
ip address 10.21.40.2 255.255.255.252
serial restart-delay 0
!
router eigrp 100
redistribute bgp 300 route-map MAP-BGP-DefaultRoute
network 10.21.60.0 0.0.0.3
network 10.21.70.0 0.0.0.3
default-metric 1024000 10 255 1 1500
no auto-summary
!
router bgp 300
no synchronization
bgp default local-preference 200
bgp log-neighbor-changes
network 10.21.2.1 mask 255.255.255.255
network 10.21.2.2 mask 255.255.255.255
network 10.21.2.3 mask 255.255.255.255
network 10.21.90.0 mask 255.255.255.0
network 10.21.101.0 mask 255.255.255.0
network 10.21.102.0 mask 255.255.255.0
network 10.21.103.0 mask 255.255.255.0
network 10.250.80.0 mask 255.255.255.0
neighbor 10.21.40.1 remote-as 200
neighbor 10.21.40.1 prefix-list PFX-BGP-DefaultRoute in
neighbor 10.21.60.2 remote-as 300
neighbor 10.21.60.2 next-hop-self
no auto-summary
!
ip forward-protocol nd
!
ip prefix-list PFX-BGP-DefaultRoute seq 5 permit 0.0.0.0/0
!
line con 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
RTR2:
Current configuration : 4091 bytes
!
hostname RTR2
!
ip source-route
ip cef
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
key chain <keychain-name>
key 0
key-string <keychain-value>
!
oer border
local FastEthernet0/0
master 10.21.60.1 key-chain <keychain-name>
!
archive
log config
hidekeys
!
interface FastEthernet0/0
description ## -> RTR1
ip address 10.21.60.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description ## -> Inside RTR
ip address 10.21.80.1 255.255.255.252
duplex auto
speed auto
!
interface Serial1/3
description ## -> ISP2
bandwidth 128
ip address 10.21.50.2 255.255.255.252
serial restart-delay 0
!
router eigrp 100
redistribute bgp 300 route-map MAP-BGP-DefaultRoute
network 10.21.60.0 0.0.0.3
network 10.21.80.0 0.0.0.3
default-metric 1024000 10 255 1 1500
no auto-summary
!
router bgp 300
no synchronization
bgp default local-preference 200
bgp log-neighbor-changes
network 10.21.2.1 mask 255.255.255.255
network 10.21.2.2 mask 255.255.255.255
network 10.21.2.3 mask 255.255.255.255
network 10.21.90.0 mask 255.255.255.0
network 10.21.101.0 mask 255.255.255.0
network 10.21.102.0 mask 255.255.255.0
network 10.21.103.0 mask 255.255.255.0
network 10.250.80.0 mask 255.255.255.0
neighbor 10.21.50.1 remote-as 200
neighbor 10.21.50.1 prefix-list PFX-BGP-DefaultRoute in
neighbor 10.21.50.1 route-map MAP-BGP-PrependPath out
neighbor 10.21.60.2 remote-as 300
neighbor 10.21.60.2 next-hop-self
no auto-summary
!
ip forward-protocol nd
!
ip prefix-list PFX-BGP-DefaultRoute seq 5 permit 0.0.0.0/0
!
route-map MAP-BGP-PrependPath permit 10
set as-path prepend 300
!
line con 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
Output:
HeadendA#show oer master prefix inside d
Prefix (inside) State Time Curr BR CurrI/F Protocol
PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos
ActSDly ActLDly ActSUn ActLUn EBw IBw
--------------------------------------------------------------------------------
0.0.0.0/0 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.90.0/24 DEFAULT* 0 U U U
10.21.2.3/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.2.2/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.2.1/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
#
*Jul 27 10:21:41.611: %OER_MC-5-NOTICE: Load Entrance OOP BR 10.21.60.1, i/f Se1/3, load 0 policy 105
*Jul 27 10:21:41.615: %OER_MC-5-NOTICE: Entrance 10.21.60.1 intf Se1/3 OOP, Tx BW 107, Rx BW 105, Tx Load 83, Rx Load 82
*Jul 27 10:21:42.091: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.3/32, Couldn't control
*Jul 27 10:21:42.095: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.2/32, Couldn't control
*Jul 27 10:21:42.099: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.1/32, Couldn't control
Topology:
[ISP 1] [ISP 2]
| |
[RTR 1]--------------[RTR 2]
\ /
\ /
[Inside RTR]
I have eBGP running between RTR 1 and ISP 1, as well as between RTR 2 and ISP 2. Both ISP's are the same provider and same BGP AS. iBGP runs between RTR 1 and 2. EIGRP between RTR 1/RTR 2 and Inside RTR.
I have setup RTR 1 as OER master and border, have set learning for throughput bgp only, set maximum xmit at 100% as I dont care about outbound, and maximum inbound at 80%
By default, my routes are prepended out RTR2 as it is the backup.. I want OER to double-prepend out RTR1 when RTR1 gets above 80% so then RTR2 will be used. I can get OER to see the link as OOP, but all I get is a message that it "Couldn't control" the route. When I do a "show oer master prefix inside", the status of each inside prefix has a * for "uncontrolled" after it.
Does anyone know what that means, and how I can fix it? I was able to get outbound OER working via local preference, but I need inbound and I cannot find anything that would make these prefixes "uncontrollable".
Configs: (left some out to save space)
RTR1:
Current configuration : 4091 bytes
!
hostname RTR1
!
ip source-route
ip cef
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
key chain <keychain-name>
key 0
key-string <keychain-value>
!
oer master
!
border 10.21.60.1 key-chain <keychain-name>
interface FastEthernet0/1 internal
interface Serial1/3 external
max-xmit-utilization percentage 100
maximum utilization receive percentage 80
downgrade bgp community 300:300
!
border 10.21.60.2 key-chain <keychain-name>
interface FastEthernet0/1 internal
interface Serial1/3 external
max-xmit-utilization percentage 100
maximum utilization receive percentage 80
downgrade bgp community 300:300
!
learn
throughput
inside bgp
periodic-interval 0
monitor-period 1
prefixes 5
aggregation-type prefix-length 32
backoff 90 300
mode route control
mode monitor passive
resolve utilization priority 1 variance 1
!
oer border
local FastEthernet0/0
master 10.21.60.1 key-chain <keychain-name>
!
archive
log config
hidekeys
!
interface FastEthernet0/0
description ## -> RTR2
ip address 10.21.60.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description ## -> Inside RTR
ip address 10.21.70.1 255.255.255.252
duplex auto
speed auto
!
interface Serial1/3
description ## -> ISP1
bandwidth 128
ip address 10.21.40.2 255.255.255.252
serial restart-delay 0
!
router eigrp 100
redistribute bgp 300 route-map MAP-BGP-DefaultRoute
network 10.21.60.0 0.0.0.3
network 10.21.70.0 0.0.0.3
default-metric 1024000 10 255 1 1500
no auto-summary
!
router bgp 300
no synchronization
bgp default local-preference 200
bgp log-neighbor-changes
network 10.21.2.1 mask 255.255.255.255
network 10.21.2.2 mask 255.255.255.255
network 10.21.2.3 mask 255.255.255.255
network 10.21.90.0 mask 255.255.255.0
network 10.21.101.0 mask 255.255.255.0
network 10.21.102.0 mask 255.255.255.0
network 10.21.103.0 mask 255.255.255.0
network 10.250.80.0 mask 255.255.255.0
neighbor 10.21.40.1 remote-as 200
neighbor 10.21.40.1 prefix-list PFX-BGP-DefaultRoute in
neighbor 10.21.60.2 remote-as 300
neighbor 10.21.60.2 next-hop-self
no auto-summary
!
ip forward-protocol nd
!
ip prefix-list PFX-BGP-DefaultRoute seq 5 permit 0.0.0.0/0
!
line con 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
RTR2:
Current configuration : 4091 bytes
!
hostname RTR2
!
ip source-route
ip cef
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
key chain <keychain-name>
key 0
key-string <keychain-value>
!
oer border
local FastEthernet0/0
master 10.21.60.1 key-chain <keychain-name>
!
archive
log config
hidekeys
!
interface FastEthernet0/0
description ## -> RTR1
ip address 10.21.60.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description ## -> Inside RTR
ip address 10.21.80.1 255.255.255.252
duplex auto
speed auto
!
interface Serial1/3
description ## -> ISP2
bandwidth 128
ip address 10.21.50.2 255.255.255.252
serial restart-delay 0
!
router eigrp 100
redistribute bgp 300 route-map MAP-BGP-DefaultRoute
network 10.21.60.0 0.0.0.3
network 10.21.80.0 0.0.0.3
default-metric 1024000 10 255 1 1500
no auto-summary
!
router bgp 300
no synchronization
bgp default local-preference 200
bgp log-neighbor-changes
network 10.21.2.1 mask 255.255.255.255
network 10.21.2.2 mask 255.255.255.255
network 10.21.2.3 mask 255.255.255.255
network 10.21.90.0 mask 255.255.255.0
network 10.21.101.0 mask 255.255.255.0
network 10.21.102.0 mask 255.255.255.0
network 10.21.103.0 mask 255.255.255.0
network 10.250.80.0 mask 255.255.255.0
neighbor 10.21.50.1 remote-as 200
neighbor 10.21.50.1 prefix-list PFX-BGP-DefaultRoute in
neighbor 10.21.50.1 route-map MAP-BGP-PrependPath out
neighbor 10.21.60.2 remote-as 300
neighbor 10.21.60.2 next-hop-self
no auto-summary
!
ip forward-protocol nd
!
ip prefix-list PFX-BGP-DefaultRoute seq 5 permit 0.0.0.0/0
!
route-map MAP-BGP-PrependPath permit 10
set as-path prepend 300
!
line con 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
Output:
HeadendA#show oer master prefix inside d
Prefix (inside) State Time Curr BR CurrI/F Protocol
PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos
ActSDly ActLDly ActSUn ActLUn EBw IBw
--------------------------------------------------------------------------------
0.0.0.0/0 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.90.0/24 DEFAULT* 0 U U U
10.21.2.3/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.2.2/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
10.21.2.1/32 INPOLICY* 0 10.21.60.1 Se1/3 U 0
0 0 0 0 0 0
N N N N 1 1
#
*Jul 27 10:21:41.611: %OER_MC-5-NOTICE: Load Entrance OOP BR 10.21.60.1, i/f Se1/3, load 0 policy 105
*Jul 27 10:21:41.615: %OER_MC-5-NOTICE: Entrance 10.21.60.1 intf Se1/3 OOP, Tx BW 107, Rx BW 105, Tx Load 83, Rx Load 82
*Jul 27 10:21:42.091: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.3/32, Couldn't control
*Jul 27 10:21:42.095: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.2/32, Couldn't control
*Jul 27 10:21:42.099: %OER_MC-5-NOTICE: Uncontrol Prefix 10.21.2.1/32, Couldn't control