OSPF Multiple Processes

mo shea · ‎09-02-2005

Hi..

Do All LSA updates travel between different router ospf processes or we need to manually redistribute the opsf process which we want its updates to be learned?

One more question: what if two ospf processes are defined on a single router and F0/0 is configured for ospf 1 and area 0, F1/1 is configured for ospf2 and area 10, doest this setup filter all kinds of updates? Because I do not want the network on F0/0 to be advertised to F1/1 network.

Thanks

amit-singh · ‎09-02-2005

Hi,

We have to manually redistribute the routes between two different OSPF processes on a single router. I am a bit puzzled with your question "Do All LSA updates travel between different router ospf processes ". If you are asking about the LSA types then, Its not neccessary that all the LSA's will travel between the 2 routers ospf processe actually it depends on the role of the router. for example LSA 2 is the network LSA which is sent by the DRother routers to DR. LSA4 is sent by ABR to ASBR.

OSPF process will learn the routes depending on the type of area it belongs to. If it belongs to Stub area then it will learn the filter routes and only LSA3,2 and 1.Same goes of Totally stub area as well which even doesnot get the summary routes.

For your question 2, the two procsesse will not learn the router untill you use redistribution between the two OSPF processes.

HTH,

-amit singh

Harold Ritter · ‎09-02-2005

When you configured two ospf processes, two separate link state databases are created and LSAs received from an interface belonging to a given process is put in its respective database.

In your scenario, updates from one process would not be propagated by the other unless you explicitly configure mutual redistribution.

Let me know if I answered your question,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

mo shea · ‎09-02-2005

Thanks amit and hritter for your replies. Your answer hritter did clear up my confusion. One more clarification, is the area distribution a factor here, i.e. if all interfaces are in one area while two ospf processes are running, is the result the same, no updates advertised?

I need your suggestions as well for the project I am doing.

I am studying a typical design for one of our customers, where a router (but most probably a PIX firewall as per the customer's request) will be placed centrally, and for the firewall design, each of the inside, dmz and outside interfaces connect to 2600 routers running ospf, and the inside, dmz and internet networks lie behind theses 3 routers respectively.

Now this makes the pix an ABR while the internet router acts as ASBR. I suggested to have 2 ospf processes, one for the inside and dmz while the other for the outside. The pix will be a 525 or 535 so the resources should not be a problem. This way the inside and dmz networks would not be advertized to the outside network, and the PIX can be used for OSPF and mainly its security features, much better than a router with IOS firewall feature set. The external ospf process will be redistributed.

Thanks again

Harold Ritter · ‎09-02-2005

It doesn't matter if the two interfaces are in the same area or different areas. As long as they are configured with different ospf processes, updates from one won't propagate to the other without explicit redistribbution.

As far as your second question is concerned, I personally don't like to get the FW (PIX in this case) involved with the dynamic RP. I usually prefer to run BGP between the inside and outside routers (or dmz for that matter). This way the FW is not involved at all.

I don't know enough about the PIX itself to tell you if you will be able to configure two ospf precesses (which I doubt) on the PIX and even less if it would allow you the redistribute between the 2 processes. I will let somebody else comment on it.

Hope this helps,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)