Hi, i have been trying hard to figure out how to do this. Is there any Lab example that i can see.
- simple bgp connection to isp router and how not to received the full internet routes
- Lan using ospf and to be able to ping the internet.
I use natting but my Lan still cannot ping the internet. It works if i redistribute ospf in the bgp, but we dont redistribute ospf to the bgp that is connected to the isp right?
this is just a simple setup. but i just to know how people usually do it.
There are three different things you’re trying to implement here. The BGP peering with your ISP router, the OSPF routing within your enterprise network, and your NAT at the network edge. Here are some labs and some guidelines you should keep in mind when implementing these together:
- For your BGP peering, you must decide if you’re going to implement an iBGP peering or an eBGP peering. This is typically dictated by your ISP. You can look at the BGP Course that covers all topics for BGP, but more specifically, take a look at the iBGP and the eBGP lessons with labs that tell you more about the involved configuration.
- To filter out BGP routes in your BGP peerings, take a look at the BGP Filtering section of the BGP course linked above. BGP AS Path Filter and BGP Extended Access-List Filtering are two lessons that will be helpful in this.
- Concerning the use of OSPF and connectivity to the Internet, you should have a default route to the Internet on your edge router, and then redistribute that into the rest of your OSPF topology. You can see how to do this in the How to configure OSPF default route lesson. That way, all your internal hosts will route traffic to the BGP domain, which should then be able to continue routing to the eventual destination.
- Finally, when you configure NAT, make sure that the OSPF internal routes are learning about the internal private addresses while BGP on the outside is learning about the external routable addresses. That way, each routing protocol routes traffic to the addresses that the NAT router is assigned on both the inside and outside interfaces. More on NAT can be found in this lesson and some related ones on the site.
Now you said that if you redistribute OSPF routes into BGP, you are able to ping. But this of course is not best practice, and if you have done this, then I suspect that you are bypassing NAT in this case. Internal addresses will not be routed on the Internet in a real-world scenario. Make sure that your BGP routes know how to get to the outside NAT addresses of the NAT router, while your OSPF (using a default route) knows how to get to the Internet.
Let us know how you get along in your troubleshooting. If you still get stuck, give us some more info to help us help you better.
I hope this has been helpful!
great explanation. but i still have some doubts.
- for every Lan to Wan(isp) connection must we use NAT? because without NAT my Lan which is using ospf cannot ping to internet although i have a static route pointing out.
Whether or not you use NAT should not directly affect the operation of your routing. The choice of using NAT should depend upon the IP addresses you are using internally on your network. Typically these will be private addresses, and if so, NAT must be employed.
Once you decide on whether or not to use NAT, you should then determine how to implement routing so that it will function correctly with the NAT configuration you have implemented. Now for the particular setup you have I cannot tell you why it’s not working. It depends on the configurations involved. If you share some more info about what you have done, we can help you troubleshoot the issue.
I hope this has been helpful!