Cisco :: Backup WAN Connections With OSPF?
Feb 11, 2013
implement backup WAN links to complement the metro Ethernet links we currently use so we have some redundancy. These will most likely be a VPN over an Internet service but might be another Ethernet type service, the medium shouldn't really matter I wouldn't think. What I am looking for input on is what is the best way to implement this? Would I just set costs so that the backup is only used when the primary goes down, or should I create new OSPF area for the backup links?
Currently the core switches that are also our routers are 3750G stacks running ip services. We are getting ready to install new firewalls at each location that will become the gateways for the vlans currently on the core switches to give us much more control over segmentation, and because of this I am thinking that it may make sense to then move the OSPF instance from the core to the firewalls. In the drawing I did not show the access layer switches off of the core, and the MOE circuits actually terminate into a 3550-12T switch before the core. I think I will actually eliminate those 3550-12T switches and go straight into the core. This is a current state drawing, so does not include the backup links I am planning.
View 4 Replies
ADVERTISEMENT
Aug 23, 2012
I have a problem with that the ACE20 (A2(3.2)) does send the connections to a backup real server in the serverfarm. I will how to troubleshoot in this case ? This is serverfarm configuration.
serverfarm host fix-http
failaction purge
probe PROBE-TCP-80
rserver fix11
inservice standby
rserver fix12
View 2 Replies
View Related
Sep 22, 2011
I have 2 ASBR routers, AGFR01RTR03 and AGFR02RTR03, performing OSPF to OSPF redistribution in both ways for the same ***. They also do summarization for our private addressing scheme. It is all working just fine for that part (neighbors, summarization, redistribution).
AGDC01RTR01 --- AGDC02RTR01 (OSPF 1000 ABRs)
| |
| |
AGFR01RTR03 --- AGFR02RTR03 (OSPF 1000 / 53 ASBRs)
Let's focus on AGDC01RTR01 with a specific entry here (IP subnet is fake) :
Routing entry for 1.1.1.0/25
Known via "ospf 1000", distance 110, metric 300, type inter area
Last update from 10.2.244.76 on GigabitEthernet5/1, 1d03h ago
Routing Descriptor Blocks:
* 10.2.244.76, from 10.2.1.249, 1d03h ago, via GigabitEthernet5/1
Route metric is 300, traffic share count is 1
[code]...
View 15 Replies
View Related
Mar 14, 2011
Currently the OSPF network consist of 2 segment route via static route.One is AREA 0 and another AREA 10.Both network are seperate entity, only static route to route between 2 networks.But the static route do not provide the dynamically and flexibility, I plan to run routing between 2 networks via VLAN160 and VLAN162.
I still want to manitnace it was 2 different OSPFrouting domain.Can I run OSPF with differrent OSPF porcess ID?
View 8 Replies
View Related
May 15, 2011
I am running IPv4 with OSPFv2 currently. However, I planed to deploy IPv6 in my network. Is it possible to deploy V6 with OSPFv3 without affecting current network traffic in V4?
View 7 Replies
View Related
Aug 29, 2012
why a subnet wouldn't be passed on to just one participating OSPF device?
I have two routers and an ASA, all of which are in area 0, it's a pretty simple config. The two routers are connected to some other devices (also in area 0) that pass of an external route to a particular subnet, let's call it 192.168.4.0. The routers are getting it just fine, but the ASA is not:
View 8 Replies
View Related
Dec 6, 2012
What if i run ospf in all of the routers in network diagram ? does it caus loops ? if so how to prevent it ?
View 8 Replies
View Related
Jul 12, 2012
Isn't there a way to increase the TTL of an OSPF Hello packet or am I thinking of a different protocol? Or is it only with virtual links? I can't seem to find it in my ROUTE cert book or on the Intarwebz outside of setting TTL security, but I could have sworn I remembered configuring something like this in my ROUTE lab book that I unfortunately do not have at work.
View 8 Replies
View Related
Oct 29, 2012
I will be provided with /29 public IP address from my ISP. The idea is to run OSPF between ISP and my ASAs over private IPs so /29 is presented to ASA. This is because I will be using 5 out 6 available IPs on my ASA so I cannot use them on the routers.I need to run HA in Active/Standby mode on ASA, terminate site-to-site and remote access VPNs on ASA, and use static NAT for kit in DMZ network I am trying to figure out how to present this public IP range on ASA. Should I create two subinterfaces on physical interface towards OSPF area and assigned private IP address on one of them for OSPF and public IP on another and then setup a failover on each subinterface.
View 4 Replies
View Related
Apr 25, 2013
I'm trying to run an OSPF protocol over an ATM connection:
192.168.80.0 |----10.0.0.1-----------10.0.0.2----| 192.168.50.0
View 1 Replies
View Related
Dec 22, 2012
how would u link(or in other word route) different OSPF process ID? i have OSPF 1 and OSPF 2 and i want them to see each others networks...how can i accomplish this ?
View 7 Replies
View Related
Aug 12, 2011
I have 10 different segments in ASA 5520, so i created 10 VLAN in ASA & made the inside interface as Trunk that connects with core switch. Now i need to run OSPF in the ASA.
View 1 Replies
View Related
May 13, 2013
I am in the datasheets page for Cisco 3560C Compact switch and states that it ships with IP Base image that "includes the support for routed access, MACsec, and Open Shortest Path First (OSPF)"
[URL]
Does this image come with the full fledged OSPF feature or is it a cut-down version of it?
View 1 Replies
View Related
Dec 19, 2010
I will be getting a WAN connection to a few offices and I have a need to control routes recieved and advertised to/from them. The service provider will be placing a CPE device on-site and will support OSPF with my edge router; in this case a Cisco 2821. That 2821 router will ideally be configured with OSPF routing toward my two core switches.
-> C2821 to NOT have the full routing table from the Core switches
-> Only needs knowledge of two routes from the Core switches and routes from remote offices.
-> Controlled routing advertisements. I do not control the remote offices and would like to ensure they do not accidentally advertise routes into my enviroment that could create a conflict.
I'm assuming the Service Provider will be running BGP on their CPE router, which will mean that the OSPF routes recieved by my Cisco 2821 edge router will be OSPF E2 routes. So if thats the case the 2821 would need to advertise E2 routes.I'm not sure if I should be configuring the 2821 in Area 0...because its meant to be a WAN edge router; but if I configure it in another area...say 200...the Service Provider may configure his CPE router in Area 0...which I'm guessing would pose a problem as the 2821 would be lodged in between two area 0s?
From the reading I've done it sounds like I could use NSSA...but I'm not sure if this is the best design.
View 5 Replies
View Related
Jan 19, 2013
Looking through the SPROUTE course material they state on several occasions that an ABR will announce a default route in to a standard NSSA area, same as a stub area, because LSA5 external routes are not allowed.
View 8 Replies
View Related
Jun 27, 2011
I have 3 tunnels established (full mesh) with 3 CISCO ASA (all security+), through Internet : - Site A : ASA5510 - Site B&C : ASA5505, There is no main site or client site, each site has more than one network behind it. So I'd like to setup OSPF between all the ASA for them to exchange their route within the tunnel. I thought this was automatic when establishing the tunnel, but it isn't.
View 1 Replies
View Related
Feb 26, 2013
When you configure an ABR to inject a summary route into an area, what are the circumstances under which the ABR will inject the summary? I.e., since it's not a set of specific subnets learned directly from other OSPF routers, does the summary get injected regardless of what's in the routing table of the ABR?
I would imagine this could cause problems in a situation where there is an ABR injecting a large summary into an NSSA that also has a backup path over the Internet (IPsec tunnel or something). For example, if the area 0 routers from which the ABR receives routes went down, the ABR would continue to inject the summary route into the NSSA thus tricking those routers into sending traffic to the ABR rather than over the backup link.
I can't imagine any other way an ABR would decide when it's suitable to inject the summary though.
View 1 Replies
View Related
Jul 1, 2012
I have a simple isp topology built in GNS3, for testing (pppoe) dialers:cisco router(R1) connected to my pc network card, doing NAT translations for all the devices in the topology.I know how to configure NAT for spesific ip range, but i can't find out how to configure NAT for networks which are learned through ospf (or any other dynamic way).
View 2 Replies
View Related
Sep 24, 2012
I have an AS-external route being redistributed into OSPF from a static route on one of my routers. I recently changed the static route from a /24 to a /26 and all of a sudden the link ID of the segment in the OSPF database went from the network address to the broadcast address: Code:
View 5 Replies
View Related
Aug 30, 2012
I have 3 routers all running OSPF. each of the three routers have 2 networks they are advertising..NAT Overload breaks OSPF Adjacency
[code]...
View 2 Replies
View Related
Feb 10, 2013
OK. I think Im going crazy here. Im studying OSPF and I'm working on the DR/BDR election process. I have a topology where three devices (RIDs 1.1.1.1, 2.2.2.2, and 9.9.9.9) are on the same ethernet segment so they need to elect a DR. 9.9.9.9 is a switch and Im using a SVI for the OSPF interface. Van't get the darn thing to show up in the post but here is the topology.URl After OSPF came up, I noticed that router2 was selected as the DR and that switch1 was selected as the BDR. I thought initially that it was a matter of timing and that perhaps router2 just came up first and the slower SVI interface came up second. Shutdown the interfaces, cleared the OSPF process, and set the OSPF router priority on the VLAN interface to 10.
View 11 Replies
View Related
Oct 16, 2012
Cisco device is neighbored up with a Brocade device via OSPF, and the desired routes are present.This Brocade device is neighbored up with another Brocade device via OSPF over a GRE tunnel. I am not seeing the desired routes present.What kinds of things can I look at to determine the issue? I think I've viewed the OSPF topology database (I'm not that familiar with Brocade) with the show ip ospf routes command and I'm not seeing the desired routes there either.There is no form of route filtering in place. I'll double check, but I do not believe there is any stub routing going on either.
View 12 Replies
View Related
Jan 18, 2012
I have a scenario with a Cisco 6506 and a 7206. The 6506 is running BGP and peers with our data center router. The 7206 is a stub router off the 6506 and is used as an edge router for customer T1 circuits. I want to use OSPF between the routers to exchange connected and static routes. The problem I have is that static BGP null routes on the 6506 are overriding the OSPF routes being received from the 7206. Example: The 6506 is advertising a class C network 192.168.1.0/24 to our data center. The 6506 does not utilize the 192.168.1.0/24 network. It is only used on the 7206 for customer T1 circuits and is carved up into /29 subnets. So the 6506 has a static route: ip route 192.168.1.0 255.255.255.0 null 0. Today the routing is accomplished with static routes on the 6506 for the 192.168.1.0 networks on the 7206. Using OSPF the 7206 advertises /29 links back to the 6506, but when I withdraw one of the /29 static routes from the 6506, the /24 null route takes precedence over the more specific /29 routes and the traffic is black-holed on the 6506. how can I get the OSPF routes to look preferable to the /24 null route on the 6506?
View 7 Replies
View Related
Feb 24, 2012
Does OSPF work between a VSS L3 MEC & an ASA Redundant Interface? Both 6509 are in VSS and a L3 MEC is formed to the ASA.Both ASA ports are a part of a L3 Redundant Interface. Please note there is only a single ASA in this topology. [code] Now, the OSPF neighboring does occur and go into the FULL state on this device, however soon enough, the state enters INIT/DROTHER state.But as soon as I disconnect the physical connection 6509(Standby) The OSPF adjacency goes into FULL mode.
View 5 Replies
View Related
Feb 12, 2013
I' ve come across an weird ospf issue between my router connected via layer 2 service provider link, details as below.We have a base station router for satelite termination at service provider end connected via Layer 2 vlan link to a head end C3945, current interface for head end is a layer 2 vlan and layer 3 ip address lives under sub interface, config as below
-Head End router
-Cisco 33945
View 4 Replies
View Related
Nov 20, 2011
Our current router is setup to redistribute our BGP routes into OSPF using the following code:
-router ospf 60
-log-adjacency-changes
-redistribute bgp 65199 metric 1500 metric-type 1 subnets
I want to filter down the routes so only a set of specific routes is redistributed.. we have done this in the past with EIGRP by doing a route-map / prefix-list to manage the routes passed into EIGRP.My question is I can replicate the metric and the metric-type in the route-map by doing the following: [code] Do I need to be concerned witht the "subnets" command in this design? What I understand "Subnets".When redistributing routes into OSPF, only routes that are not subnetted are redistributed if the subnets keyword is not specified. I suspect I need to add it! So my final code should look like this..
View 2 Replies
View Related
Dec 14, 2011
Does 800 series routers support OSPF or EIGRP? Command for EIGRP is available but when you try to run it, you get that "protocol is not available in the image". Is there a specific image that I can get that will support either of these two on a Cisco 851 or 861?
View 4 Replies
View Related
Apr 1, 2008
I currently have a set of firewalls in active standby configuration running an ospf process injecting a default route into the rest of my network.I noticed when i was testing the failover that the asa's do not actually pass the route tables on failover, thus forcing the need to wait for routes to converge and for the default route to be advertised back into the network. This of course is not acceptable.
Is there a way around this or do I have to setup static default routes on every device in my network. I am trying to avoid setting up default routes on all of the devices because due to the setup of my network I have equal cost links configured in the event of hardware or link failure. So the devices then see an advertised default route from multiple paths.
View 4 Replies
View Related
Apr 24, 2012
I am going to configure ospf on cisco 1721 router but when I give command
conf t
router ospf 116
it does not show (config-router)
I am attaching sh run and sh version herewith attachment
View 1 Replies
View Related
Nov 23, 2011
I am using 3550 with c3550-ipservicesk9-mz.122-44.SE6.bin. Have successfully run ipv6 commands on global and interface, however getting below error while configuring "ipv6 router ospf 1" :SW1(config)#ipv6 router ospf 1 % Failed to create routing protocol ospf
Command syntax help says its configurable but its not configuring ipv6 OSPF.
View 3 Replies
View Related
Jan 21, 2013
I have two switches and two ASA in active/standby as connected below. These devices are running OSPF 128 in one area (Area 0).I'm pinging from both laptops to each other both ways. The ASA has the latest "8.6.1-5" image. I've configured the firewall failover polltime to 1s with holdtime of 4s. Pings both ways OK.
<LAPTOP> IP:10.112.132.10/24
| [ACCESS PORT VLAN10]
/ <SWITCH> [SVI VLAN10: IP:10.112.132.1/24]
/ [SVI VLAN20: IP:10.113.128.11/28]
.12 / [ACCESS PORT VLAN20] .13
[code]....
I fail the primary firewall (ASA-ACTIVE). I get a 4 seconds ping loss which is expected (holdtime) however after 10 seconds of pings I get another outage which last anywhere between 5 and 15 seconds. I've done a fair amount of debugging and I did notice that the second outage occurs with the OSPF neighbor goes from "loading" to "full". This doesn't make any sense because the routing table is fully populated when going to “full”.
When perfoming a manual fail back (type failover active on ASA-ACTIVE), pings goes on for approximately 10seconds and then an outage between 5 to 15 seconds. Agsin this outage occurs when OSPF neighbor goes from "loading" to "full".I've tried debugging on the switches and found nothing.
View 3 Replies
View Related
May 8, 2013
The LSRefreshtime is 30 minutes in OSPF as per rfc 2328, So the router LSA will start after this time(30 minutes). By using router lsa only the Link State Database will be updated. Suppose the datatransmission is started when it(router) is switched on. by using Link State Database only the routing table will be updated.
View 2 Replies
View Related
Feb 7, 2011
I have some c3560 with system MTU set 1546 with interface VLAN10 whose MTU size is 1546 and there is no possibility to change it to another value. and we have some cisco 2600 where I can't set MTU bigger as 1500. I have a problem in establishing the OSPF adjacency between cisco 2600 abd 3560 , the command "ip ospf mtu-ignore" is set on both side but it doesn't work - the OSPF packets which are sent by c3560 are simply lager as 1500 bytes and are dropped by cisco2600.
the problem is that sometimes c7200 losses their BGP session, I would say in most cases it happens between NPE400 and NPE-G1/G2 whit error message like "session closed by a peer x.x.x.x" after some seconds BGP session goes again UP , and then after some minutes again DOWN .
it can be MTU problem, as the traffic passes those c35660 with MTU1500. The neighbour status showes that "transport tcp path-mtu-discovery" is enabled an all neighbours but it seems doesn't work. if I disable the path-mtu-discovery on the neighbours - the BGP session between them stays stable.
View 2 Replies
View Related