- Using the OSPF default-information originate command in its raw form allows us to send a 0.0.0.0/0 route into the OSPF database for our neighbors to put into their
- active routing tables. One problem with default routes however is they can soon become traffic black holes.
Imagine a router connected to the internet (R1). To ‘help out’ all the other internal routers it advertises a default route in saying “Hey you guys, I know how to get to the internet so don’t worry about all the routes I know about, here is one route to rule them all, send all your traffic to me” The command that router might use would look like this:
The statement ‘default-information originate’ is truncated with the ‘always’ keyword to signify that OSPF should ‘always’ advertise the default route no matter whether the router has an active default route in it;s routing table.
Lets have a look at the active routing table for the neighbor connected to R1 for the new default route advertisement:
We see the default route has an OSPF type of E2 as it is a ‘redistributed’ route brought into OSPF from an external process.
So thats great, but what if we wanted the default route to be conditionally advertised based on the advertising router already having a default route in it’s active routing table? Well thats easy enough we can remove the ‘always’ keyword. Lets go back to R1 and take that out:
Now lets put the originate statement back in - notice no ‘always’
Now on the neighbor we have no route to 0.0.0.0
As we explained before, this is because R1 (the originator) didn’t have a default route in it’s routing table...as shown here:
Right. so without the ‘always’ keyword we need a default route to be present therefore making the presence of the default route a condition of the further advertisement of that route. Lets pop in a static route on R1 to meet this condition and hopefully then advertise the route to R2:
First R1, the first command adds a static route to 0.0.0.0 via interface null0 (effectively blackholing data destined for any route not known by R1. the second statement is simple showing the routing table entry.
Now R2, we see the route is now in the table due to R1 meeting the pre-condition of having a default route in it’s active routing table.
So thats great of course. But what if our internet router has a full internet routing table BUT crucially has no default route? Well we could add a static route as we’ve seen but if those internet routes go down (neighbor failure etc) then the static default will never fail and traffic will keep routing toward R1. Wouldn’t it be better if we matched for a BGP route int he table and based on the presence or ‘non-presence’ of that route stop advertising the default route.
To do this we need a route-map. A route map can be configured in this case to match either an access-list or a prefix list for the route in the table. Lets advertise based on access list entry first of all. We’re going to look for an active route for network 18.104.22.168/24. If it exists then we advertise the route, if not don’t advertise it.
First lets make sure the route is in our routing table on R1:
Great now lets setup the default-originate statement and route map to match the existence of this route.
We need to create the route-map called BGPEXIST now to match the route entry.
Now we need to create the access-list ‘1’ as we have described it. Notice we use a wildcard mask to match exactly the first three octets so as to catch the /24 mask in the routing entry.
Now lets check R2 to make sure we are getting the route:
All good. Now lets prove out the conditional configuration works by taking out the network 22.214.171.124 from the R1 routing table - we’re going to do this by denying the route on the internet peer. Lets check that route is no longer in the R1 active routing table:
OK so without the route we should no longer be advertising the default to R2 - lets check R2’s routing table:
Perfect - conditional advertising works.
To cover the full story we’ll do the same thing using a prefix list now. We’ll chose a different network this time, 126.96.36.199 will be fine. Lets make sure this network is in the R1 routing table:
So we only need to change the route-map since the default-information command still stands. First we access the route-map sub-command then we take out the access-list and add in the new prefix list line. NOTE that you cannot have both access-list and prefix-list matches at the same time.
So now we need to setup the prefix list ‘1’ (the sequence number is personal preference and can be ignored)
Now lets have a look at R2’s routing table to make sure that now we are matching a prefix list looking for the active route 188.8.131.52/24 we are now advertising the default route again...
This topic is covered in more detail on our technical video at youtube
Thanks for reading.