With the introduction of rfc2328, or OSPFv2, the path selection criteria for external or summary routes changed.
Specifically, the new changes call for preferring a non-backbone path over a backbone(area 0) path for the prefix.
Previously, we relied on cost to determine path selection, without regard to whether it was a backbone or non-backbone path.
IOS has always treated rfc1583 as the default behavior for path selection, and as support for rfc2328 was added, IOS added a toggle to prefer this new method of path selection, but continued to keep rfc1583 behavior set by default.
NX-OS, however, was launched with rfc2328 only behavior by default, and then to conform with RFC specs, added a command to make it optionally rf1583 compliant.
This difference in default behavior can lead to ospf loops, where you have some devices pointing to one path as the shortest path, and other devices pointing to a different path as the shortest path.
rtrB#show ip route 192.168.0.0 Routing entry for 192.168.0.0/16, supernet Known via "ospf 1", distance 110, metric 25, type extern 1 Last update from 10.0.0.1 on GigabitEthernet0/0, 00:20:40 ago Routing Descriptor Blocks: * 10.0.0.1, from 220.127.116.11, 00:20:40 ago, via GigabitEthernet0/0 Route metric is 25, traffic share count is 1
As you can see, the IOS router points out g0/0 to the n7k, and the n7k(ABR) points out e2/10 to rtrB. This is a loop!
Now, we will turn on the rfc1583compatibility command on the n7k(ABR) and it will allow us to use the metric for our decision, like the IOS router is doing.
ABR(config)# router ospf loop ABR(config-router)# rfc1583compatibility ABR# show ip route 192.168.0.0
rtrB#show ip route 192.168.0.0 Routing entry for 192.168.0.0/16, supernet Known via "ospf 1", distance 110, metric 25, type extern 1 Last update from 10.0.0.1 on GigabitEthernet0/0, 00:30:03 ago Routing Descriptor Blocks: * 10.0.0.1, from 18.104.22.168, 00:30:03 ago, via GigabitEthernet0/0 Route metric is 25, traffic share count is 1
As you can see, if all the ospf routers in this domain are configured to run according to the same rfc mode, then we do not experience these same loops, as the complete domain is consistent in what it considers to be the shortest path.
On NX-OS, you can use the "rfc1583compatibility" command to make the device align with default IOS behavior.
On IOS, you can use the "no compatible rfc1583" command to make the device align with default Nexus behavior.
Which ever of the two options you use is your choice, but I will not go into the major design differences here in this post.
HiI'm experiencing an issue with the DMVPN links on LTE networks. Its an intermittent problem but I regularly find that the Tunnel is showing UP UP on the hub and spoke but "SHOW DMVPN" showing on the spoke side that the link is down which then caus...
Hi This may have been asked / answered before but I was wondering if anyone knows if it'd be possible to stack a 9200 & 9300 switch together? I've read through the white papers which only mention the 9300 & 9300L not working in a mixed s...
Hello, I am newbie, i replaced 2 switches with vlan33 protected by FW with 4 cisco 2x sg350x and 2x SX350X in Hybrid stack. The stack is now accessible from vlan1 and vlan33. Removing FW I have to filter accesses in http https from vlan1 to vla...
Hi. Are there any guides on how best to handle voice services on a SDA network? I have a PoC setup working nicely for data, with .1x auth on the switchports, but I'm struggling to understand how to add the IP phones into the mix, now that there...
Good day, I'm using Packet Tracer 8 on MacOs and whenever I open the terminal to configure a switch or router, the terminal is just a plain black screen with a cursor, the commands I type don't even work. Does anyone know how to fix this? Thank you