cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1693
Views
8
Helpful
14
Replies

Default route and Ospf

is66rlhntadm
Level 1
Level 1

I have a 3745 w/ a NME-16ES-1G-P and have 7 vlans on the NME

and I'm running OSPF on both and I'm able to ping any ip assined to the router but not past that

I'm sure its something simple that I'm just over looking

I've attached the Configs of both the ether switch and the router

1 Accepted Solution

Accepted Solutions

One more thing. Do not forget to configure "ip nat inside" on interface gig1/0.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

14 Replies 14

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Richard,

to generate a default route that is sent to another OSPF neighbor on the router add

router ospf 1

default-information originate

redistribute static is not enough

Sorry for the other post about IPv6 I didn't realize the module had its own IOS and configuration

Hope to help

Giuseppe

thats fine

I've added default-information originate and still can't ping z.x.y.38 from the ehterswitch but I can ping it from the router

38 is the ip assigned to my side of the ISP router

also the ehterswitch can't ping 4.2.2.1 (well known any-cast dns server)

Harold Ritter
Cisco Employee
Cisco Employee

Richard,

Try assigning the ip address 10.200.200.2/24 directly under interface Gig1/0/2 rather than under the vlan interface. It should fix the issue.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

I issued the commands

Int vlan 200

no Ip address

int gi 1/0/2

no switchport

Ip address 10.200.200.2 255.255.255.0

Ip ospf 1 area 0

and still can't ping Z.X.Y.38

Hello Richard,

I don't see any network command in your router ospf processes you need them to build adjacencies

router ospf 1

network 10.200.200.0 0.0.0.255 area 0

on both sides otherwise the default originate command is useless

edit:

I haven't seen you were using the new syntax ignore this post

Hope to help

Giuseppe

just a little after I started the conversation I changed the commands under ospf 1 to

network 10.0.0.0 0.0.0.255 area 0

network 10.1.0.0 0.0.0.255 area 0

network 10.2.0.0 0.0.0.255 area 0

network 10.3.0.0 0.0.0.255 area 0

network 10.4.0.0 0.0.0.255 area 0

network 10.200.200.0 0.0.0.255 area 0

oh is it better to use range than network?

anything else?

the etherswitch still can't reach the internet

I have this feeling that after its sorted that it'll seem so simple and it was just being overlooked

Richard,

Can you verify that the ospf adjacency is up between the two devices (show ip ospf nei) and whether you are receiving the default route on the ethernet switch.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

One more thing. Do not forget to configure "ip nat inside" on interface gig1/0.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Entered Show ip ospf Nei on ethSW

75.148.235.33 1 FULL/DR 00:00:35 10.200.200.1 GigabitEtherne

t1/0/2

Entered Show ip ospf Nei on Router

10.200.200.2 1 FULL/BDR 00:00:35 10.200.200.2 GigabitEtherne

t1/0

and added Ip nat inside to Gi 1/0

ok I just tested again from a computer in vlan 2 and it can now ping 4.2.2.1

but the ethSW still can't

I think at this point I can say its working

thanks for the help

Richard,

The fact that it doesn't work when you ping from the ethSW is due to the fact that the source address by default is 10.200.200.2 and this address doesn't match any one of your NAT rules. An extended ping with one of the vlans IP address as the source address will solve this issue. This is not a big issue though as long as it works for the vlan users.

Have a great holiday season

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Thanks

my intent is so that the managment IP's of devices other than the router don't reach the internet so now that I have it worked out its fine

I could easily set the 10.200.200.0 network in the ACL for the nat trans

the part that fixed hosts in the 3 Internet vlans was the IP nat inside part

thanks for the help and Have a great holiday season as well

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco