01-25-2023 05:33 AM - edited 01-31-2023 05:02 AM
Hi,
Consider a situation where two main offices(core1 and 2) are located at different locations to provide redundancy. Using DMVPN and OSPF, I have a branch connected to multiple hubs, again in separate DC sites. The branch advertises its LAN to OSPF(for example in area10) through HUB and then HUB redistributes received routes to the main core (in area100). Each core now has the same subnet in the same area, which is provided by the hub. In order to change the direction of outgoing traffic to one of the offices (site 1 or 2), I can reduce the OSPF distance number as you know!
Based on the above explanations and the attached scenario image:
1) Serverfarm1 selects HUB1 for sending packets to branch as it has the lowest hop count with the same metric.
2) Serverfarm2 selects HUB1 for sending packets to branch as it has the lowest hop count with the same metric.
Would it be possible to force each core to use another link to send traffic?
For example, traffic generated in serverfarm1 will enter Core1, but I want to force it to use Core2 for outbound traffic.
01-25-2023 06:08 AM - edited 01-25-2023 06:18 AM
OSPF doesn't take hop-count into account. It' based upon OSPF cost.
What's the end goal here?
01-25-2023 06:44 AM
Thanks for the reply.
I increased the cost for one of the paths from core to the hub to not be select as a prefer path. But I guess this solution may be no good for load-sharing in my scenario. Because this is a permanent forcing solution to select a specific path in one way. The final goal is to have selective outgoing paths in both of the cores for every network which I prefer.
01-25-2023 07:02 AM - edited 01-25-2023 07:10 AM
With OSPF, route-summarization on ABRs can be used to prefer one path over the other. In your case, if the routes are external you would need to do summarization at the Hubs.
You need to move to BGP.
01-25-2023 12:05 PM
If I using summarization in each hub toward core, then again I have same problem. Serverfarm1 enter to core1 and then go to the hub1!
OK, You sure that I can't handle this with OSPF and should use BGP ?
01-25-2023 12:15 PM
I am new in this issue but, can I ask you something
are the spoke have one tunnel or two tunnel ?
01-25-2023 12:44 PM
Hi dear MHM Cisco World,
Branch as spoke has two dmpvn gre tunnel. One to hub1 and another to hub2. OSPF process number is different for every hub, but area is same.
01-25-2023 12:49 PM
are the server share the same subnet?
or Server1 have subnet different than Server2 subnet ??
01-25-2023 01:15 PM
In my situation they are different subnets..
01-25-2023 01:51 PM - edited 01-26-2023 02:23 PM
in Hub1
router ospf X
net <server1 subnet> area 0
net <server2 subnet> area 0
area 0 range <server2> advertise
in Hub2
router ospf Y
net <server1 subnet> area 0
net <server2 subnet> area 0
area 0 range <server1> advertise
in spoke we get both server1 and server2 and range of server1 and server2
this make spoke sure use the longest path to server1 or sever2 according to Hub that advertise the exact subnet not range of subnet.
check this solution if it OK for you.
01-26-2023 02:32 PM
By the way, area 0 is between the hub and the core. Does this configuration apply to hubs towards spokes then?
Again, I would like to clarify if I wasn't clear. An issue concerning the serverfarm1 behind the core1 wanting to access the branch. There is the same subnet of branch in core1 & core2 with fixed prefix and no summarization (for example /24), and we use different paths (hub1 or hub2) to reach the branch. I would like to know how to force core 1 or 2 to select the path which I prefer to reach spoke. However, maybe there are so many branches that may not follow this rule and match with default action.
01-26-2023 03:03 PM
Given each branch has a single /24, you can define two VRRP-groups on Core1/2 - one default-gateway/next-hop for Serverfarm1 and other for ServerFarm2. In other words, vrrp-group-1 master is core1 and the other groups master core2. This would force traffic from Farms to branches on respective links.
01-26-2023 03:27 PM
that good point we must sure the return traffic must pass through same Core-Hub.
I will make double check
01-27-2023 07:41 AM - edited 01-27-2023 08:09 AM
Thank you,
Core devices are located at different physical sites, but they are connected by dark fiber. What are the effects of defining VRRP on other traffic? These devices are risky and there are some other blocks behind them.
Would it be possible to give an example of a sample configuration?
01-27-2023 08:25 AM
How is the traffic from ServerFarms to Branch only hitting Core1?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide