Hi Joe,

Unfortunately the functionality you're looking for isn't available with OSPF. OSPF does not keep backup routes and simply uses a "shortest path first" method of routing. If the fiirst path goes down it will reconverge and find the second path, but it requires some time. If all of your devices are Cisco you can use EIGRP which will keep backup routes in it's topology table and will allow you to prioritize links. Hope this helps.

Hello David,

EIGRP may be an option but you should be aware that you would need to carefully tweak the EIGRP metrics to allow one router to appear as a feasible successor to another.

However, even in OSPF, path preference to the same destination can be achieved simply by increasing the cost of links on the backup path. Even if OSPF indeed does not maintain a pre-established backup path, it nevertheless reconverges to the next shortest path once the primary path has failed. This is a fundamental property of all routing protocols, not just EIGRP.

Joe, can you post a diagram of your topology? It would help us to better suggest the metric modification.

Best regards,

Peter

Hello Peter,

Please see the diagram below. My client needs all the devices run OSPF, no EIGRP. All the connection are ethernet/1G port. They want to have Link 1 as active conneciton, and Link 2 as standby. If Link 1 goes down, link 2 will be kick in; If link 1 comes back up, and the link 1 becomes active, link 2 becomes standby. The sample configuration will be helpful.

Regards,

Joe

Hello Joe
You can have once interface up and one in standby if you wish using interface backup command

In Gigi 0/0
Backup int gig0/1 (This will put gig0/1 in a standby state)

Sh backup

res
Paul


Sent from Cisco Technical Support iPad App

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Generally, OSPF will recompute to use the secondary path rather quickly (subsecond), once it "knows" the existing path is no longer available.

In a situation like that of your drawing, the common issue is if one of the links fail between the ASA and one of the OSPF routers, the side whose link did not drop needs to wait for OSPF hellos to determine connectivity has been lost.  Default OSPF hellos with default number of lost hellos can result in the side with the link still up "black holing" traffic for multiple seconds (e.g. 40 seconds), as it doesn't "know" the path is no longer good.

To decrease such a situation, hello timers need to be decreased.  Newer routers may support "fast Hellos" and/or BFD for OSPF which will allow for subsecond detection that the path has failed.

Hello,

Following on from Joseph statement, below is a sample config where your asa ospf neighbor will be active and the switch ospf neighbor will become active if the asa link is lost.

The hello interval is set to 250ms and a dead interval or 1 sec

int xx

link to asa

ip ospf network non-broadcast

ip ospf dead-interval minimal hello-multiplier 4

ip ospf priority 0

int xx

link to switch
ip ospf network non-broadcast

ip ospf dead-interval minimal hello-multiplier 4

ip ospf priority 0

router ospf x

network x.x.x.x  0.0.0.0 area 0 ( asa connecting interface)

network x.x.x.x  0.0.0.0 area 0 ( switch connecting interface)

neighbor x.x.x.x (asa opsf neigbour)
neighbor x.x.x.x (switch opsf neigbour)

access-list 101 permit ospf host (int switch ip) host (switch neigbour)

ip sla 11

icmp-echo (asa dest) source-ip (int facing asa)
frequency 5

ip sla schedule 11 life forever start-time now

track 11 ip sla 11 reachability

delay down 2 up 2

route-map OSPF permit 10
match ip address 101
set ip next-hop verify-availability (asa neigbour) track 11

route-map OSPF permit 90

ip local policy route-map OSPF

asa/switch

int fxx

ip ospf dead-interval minimal hello-multiplier 4

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.