Re: how to managing traffic flow over ospf network with two main offic - Page 3

ahmad.rz · ‎01-25-2023

Hi,

Consider a situation where two main offices(core1 and 2) are located at different locations to provide redundancy. Using DMVPN and OSPF, I have a branch connected to multiple hubs, again in separate DC sites. The branch advertises its LAN to OSPF(for example in area10) through HUB and then HUB redistributes received routes to the main core (in area100). Each core now has the same subnet in the same area, which is provided by the hub. In order to change the direction of outgoing traffic to one of the offices (site 1 or 2), I can reduce the OSPF distance number as you know!

Based on the above explanations and the attached scenario image:

1) Serverfarm1 selects HUB1 for sending packets to branch as it has the lowest hop count with the same metric.

2) Serverfarm2 selects HUB1 for sending packets to branch as it has the lowest hop count with the same metric.

Would it be possible to force each core to use another link to send traffic?

For example, traffic generated in serverfarm1 will enter Core1, but I want to force it to use Core2 for outbound traffic.

Be quick and careful!

ahmad.rz · ‎02-02-2023

well done, I can't wait to see the results

Be quick and careful!

MHM Cisco World · ‎02-03-2023

hostname Core1
!
track 1 ip sla 1 reachability
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.0.0.1 255.255.255.0
standby 10 ip 10.0.0.10
standby 10 priority 105
standby 10 preempt
standby 10 track 1 shutdown
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 20.0.0.1 255.255.255.0
standby 20 ip 20.0.0.10
standby 20 priority 95
standby 20 preempt
!
router ospf 100
log-adjacency-changes
network 20.0.0.0 0.0.0.255 area 0
network 100.0.0.0 0.0.0.255 area 100
!
ip route 200.0.0.0 255.255.255.0 FastEthernet3/0 permanent
!
ip sla 1
icmp-echo 200.0.0.2 source-interface FastEthernet3/0
ip sla schedule 1 life forever start-time now

MHM Cisco World · ‎02-03-2023

hostname IOU2
!
interface Tunnel5
ip address 5.0.0.2 255.255.255.0
no ip redirects
no ip next-hop-self eigrp 5
no ip split-horizon eigrp 5
ip nhrp map multicast dynamic
ip nhrp network-id 5
tunnel source Ethernet0/2
tunnel mode gre multipoint
tunnel key 5
!
interface Ethernet0/2
ip address 200.0.0.2 255.255.255.0
shutdown
!
interface Ethernet0/3
ip address 100.0.0.2 255.255.255.0
!
router eigrp 5
network 5.0.0.0 0.0.0.255
redistribute ospf 100 route-map mhm5
!
router ospf 100
redistribute eigrp 5 subnets
network 100.0.0.0 0.0.0.255 area 100
!
ip prefix-list 10.0.0.0 seq 10 permit 10.0.0.0/24
!
ip prefix-list 20.0.0.0 seq 10 permit 20.0.0.0/24
!
route-map mhm5 permit 10
match ip address prefix-list 10.0.0.0
set metric 56 100 255 1 1500
!
route-map mhm5 permit 20
match ip address prefix-list 20.0.0.0
set metric 56 200 255 1 1500

MHM Cisco World · ‎02-03-2023

hostname IOU3
!
interface Tunnel15
ip address 15.0.0.3 255.255.255.0
no ip redirects
no ip next-hop-self eigrp 5
no ip split-horizon eigrp 5
ip nhrp map multicast dynamic
ip nhrp network-id 15
tunnel source Ethernet0/3
tunnel mode gre multipoint
tunnel key 15
!
interface Ethernet0/2
ip address 110.0.0.3 255.255.255.0
!
interface Ethernet0/3
ip address 210.0.0.3 255.255.255.0
!
router eigrp 15
network 15.0.0.0 0.0.0.255
redistribute ospf 100 route-map mhm15
!
router ospf 100
redistribute eigrp 15 subnets
network 110.0.0.0 0.0.0.255 area 100
!
ip prefix-list 10.0.0.0 seq 10 permit 10.0.0.0/24
!
ip prefix-list 20.0.0.0 seq 10 permit 20.0.0.0/24
!
route-map mhm15 permit 10
match ip address prefix-list 20.0.0.0
set metric 56 100 255 1 1500
!
route-map mhm15 permit 20
match ip address prefix-list 10.0.0.0
set metric 56 200 255 1 1500

MHM Cisco World · ‎02-03-2023

hostname R7
!
interface Tunnel5
ip address 5.0.0.7 255.255.255.0
no ip redirects
ip nhrp map 5.0.0.2 200.0.0.2
ip nhrp map multicast 200.0.0.2
ip nhrp network-id 5
ip nhrp nhs 5.0.0.2
ip nhrp registration timeout 5
ip virtual-reassembly
if-state nhrp
tunnel source FastEthernet2/0
tunnel mode gre multipoint
tunnel key 5
!
interface Tunnel15
ip address 15.0.0.7 255.255.255.0
no ip redirects
ip nhrp map 15.0.0.3 210.0.0.3
ip nhrp map multicast 210.0.0.3
ip nhrp network-id 15
ip nhrp nhs 15.0.0.3
ip nhrp registration timeout 5
ip virtual-reassembly
if-state nhrp
tunnel source FastEthernet3/0
tunnel mode gre multipoint
tunnel key 15
!
interface FastEthernet0/0
ip address 30.0.0.7 255.255.255.0
ip virtual-reassembly
duplex half
!
interface FastEthernet2/0
ip address 200.0.0.7 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
ip address 210.0.0.7 255.255.255.0
duplex auto
speed auto
!
router eigrp 5
network 5.0.0.0 0.0.0.255
redistribute connected metric 56 100 255 1 1500 route-map hubs
!
!
router eigrp 15
network 15.0.0.0 0.0.0.255
redistribute connected metric 56 100 255 1 1500 route-map hubs
!
ip prefix-list 30.0.0.0 seq 10 permit 30.0.0.0/24
!
route-map hubs permit 10
match ip address prefix-list 30.0.0.0

MHM Cisco World · ‎02-03-2023

all above is my lab,
you can see
I use EIGRP (which is cisco recommend between Spoke and Hub)
I use OSPF-into-EIGRP route-map to adjust the metric send to Spoke in such a way that Hub1 connect to Core1 which is active of subnet 10.0.0.0 with metric better than Hub2.
I use EIGRP-into-OSPF in Spoke to make Spoke only advertise the LAN it connect not make Spoke transit between two Hubs
I use HSRP with track but Core's not track link between Core-Hub (optionally you can also track it) but track the hub WAN interface,
when the Hub WAN interface the active is change and shift from one Core to other.

I know that not full my config is suitable for you, but you can use Idea I used for your real network.

ahmad.rz · ‎02-04-2023

Thank you @MHM Cisco World ,

If I missed your point, I apologize in advance, what I see is you change metrics for the branch in order to branch know which path is best to take, for example 10.0.0.0/24. How about Core1&2? I have made a small change to my topology, please review the configurations. If ServerFarm1( with IP 10.10.10.1/24) wants to reach BR(in province1), it must choose the path Core1 > Core2 > HUB2 > BR.
In addition, I changed the direction from branch to serverfarm1 by reducing the OSPF4248 distance from 110 to 105.
A symmetric flow will result if all these steps are completed.

PS, ignore the Province2 ....

Be quick and careful!

ahmad.rz · ‎02-04-2023

Purple: Outgoing traffic from branch to ServerFarm1

Red: Inconming traffic from ServerFarm1 to branch

Be quick and careful!

MHM Cisco World · ‎02-04-2023

I will run another lab.

MHM Cisco World · ‎02-13-2023

MHM Cisco World · ‎02-13-2023

hostname R1

interface Loopback0
ip address 111.111.111.111 255.255.255.255
!
interface Tunnel0
ip address 5.0.0.10 255.255.255.0
no ip redirects
ip nhrp map multicast 100.0.0.1
ip nhrp map 5.0.0.1 100.0.0.1
ip nhrp network-id 5
ip nhrp nhs 5.0.0.1
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 5
!
interface Tunnel10
ip address 50.0.0.10 255.255.255.0
no ip redirects
ip nhrp map multicast 110.0.0.2
ip nhrp map 50.0.0.2 110.0.0.2
ip nhrp network-id 50
ip nhrp nhs 50.0.0.2
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 50
!
interface FastEthernet0/0
ip address 200.0.0.1 255.255.255.0
duplex half
!
router eigrp 505
distribute-list prefix 111.111.111.111/32 out Tunnel0
distribute-list prefix 111.111.111.111/32 out Tunnel10
network 5.0.0.0 0.0.0.255
network 50.0.0.0 0.0.0.255
network 111.111.111.111 0.0.0.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 200.0.0.3
!
!
ip prefix-list 111.111.111.111/32 seq 10 permit 111.111.111.111/32

MHM Cisco World · ‎02-13-2023

hostname IOU1
!
interface Tunnel0
ip address 5.0.0.1 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 5
tunnel source Ethernet0/0
tunnel mode gre multipoint
tunnel key 5
!
interface Ethernet0/0
ip address 100.0.0.1 255.255.255.0
!
interface Ethernet0/3
ip address 90.0.0.1 255.255.255.0
!
router eigrp 505
network 5.0.0.0 0.0.0.255
redistribute ospf 100 route-map hub1
!
router ospf 100
redistribute eigrp 505 metric-type 1 subnets route-map spoke
network 90.0.0.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 100.0.0.3
!
!
ip prefix-list 10.0.0.0/24 seq 10 permit 10.0.0.0/24
!
ip prefix-list 111.111.111.111/32 seq 10 permit 111.111.111.111/32
!
ip prefix-list 20.0.0.0/24 seq 10 permit 20.0.0.0/24
!
route-map hub1 permit 10
match ip address prefix-list 10.0.0.0/24
set metric 100 200 255 1 1500
!
route-map hub1 permit 20
match ip address prefix-list 20.0.0.0/24
set metric 100 300 255 1 1500
!
route-map spoke permit 10
match ip address prefix-list 111.111.111.111/32

MHM Cisco World · ‎02-13-2023

hostname IOU2
!
interface Tunnel10
ip address 50.0.0.2 255.255.255.0
no ip redirects
no ip next-hop-self eigrp 505
no ip split-horizon eigrp 505
ip nhrp map multicast dynamic
ip nhrp network-id 50
tunnel source Ethernet0/0
tunnel mode gre multipoint
tunnel key 50
!
interface Ethernet0/0
ip address 110.0.0.2 255.255.255.0
!
interface Ethernet0/3
ip address 190.0.0.2 255.255.255.0
!
router eigrp 505
network 50.0.0.0 0.0.0.255
redistribute ospf 100 route-map hub2
!
router ospf 100
redistribute eigrp 505 metric-type 1 subnets route-map spoke
network 190.0.0.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 110.0.0.3
!
!
ip prefix-list 10.0.0.0/24 seq 10 permit 10.0.0.0/24
!
ip prefix-list 111.111.111.111/32 seq 10 permit 111.111.111.111/32
!
ip prefix-list 20.0.0.0/24 seq 10 permit 20.0.0.0/24
!
route-map hub2 permit 10
match ip address prefix-list 10.0.0.0/24
set metric 100 300 255 1 1500
!
route-map hub2 permit 20
match ip address prefix-list 20.0.0.0/24
set metric 100 200 255 1 1500
!
route-map spoke permit 10
match ip address prefix-list 111.111.111.111/32

how to managing traffic flow over ospf network with two main office?