Yes,

we don't need to create a vlan and no need to have OSPF on vendor switches but my question is to i need to create a ospf  process and area on my switch in order to redistribute the static route into my LAN. 

If you have multiple L3 devices then you need them to know about the route so you can redistribute the static into OSPF or if you are not running OSPF you can simply add a static to each L3 device.

I assumed you were running OSPF though so yes just redistribute the static route to the vendor subnet into it and you should be fine.

Don't forget that the vendor switch also needs to know how to reach your subnets.

Jon

Yes, we have layer 3 switches and I don't want to static the route to every single switch and we are using OSPF so you suggest that i should do at the static round into OSPF and redistribute it that way.

Just to be sure that I am understanding your situation correctly:

- you do not need to run OSPF to the vendor switch.

- you do already run OSPF to your other switches or routers in your network.

- you have a static route configured on your layer 3 switch which connects to the vendor switch.

If those are true then you do not need a second OSPF process. The existing OSPF process is all that you need. And you can do redistribution of your static route into that OSPF process. This will result in advertising the static route to your OSPF neighbors so that all of your network should learn the route without any extra configuration on those devices.

HTH

Rick

Yes, I'm running OSPF on my switches and I create a static route from switch to the vendor switch which they only need to do static route back to me and they don't need to run OSPF on there witch.

Hi Richard,

Thank you for all your help and Jon any suggestion since the vendor will be on our network I need to protect my network and it will be better to do a P2P from the vendor switch to a firewall from the firewall to my Core switch I don't know if this will help.

Are you telling us that the vendor has a specific vlan for critical data and that they want you to connect on that vlan to exchange routes? It sounds strange to me. If it were my network and there was a vlan for critical data I sure would not want to have a router/layer 3 switch belonging to a different company to connect where my critical data was.

But it is not my network and we just need you to explain to us how it is supposed to work. And if they want the routing connection to be in their vlan for critical data then we can make it work that way.

HTH

Rick

Thank you all for your help will be getting more information and Rick just to answer your question right now the vendor switch are in our backbone which lets say there network or IP is 10.10.10.0 and we have 192.168.100.0 so now the vendor is not going to use the 10.10.10.0 network because we are giving them one of our ip address which they will be on our network.I don't know if i make sence sorry but I'm new on this and trying to learn at the same time.

Can you be clear about which switch in your lab is doing redistribution and where you are looking for the O E2 route? You will not see O E2 on the router that is doing redistribution but will see O E2 on the neighbor router to which it is advertised (the vendor router in this case).

HTH

Rick

Rick

I am getting a bit confused myself.

Your idea is the right one I think but I am unclear what should be advertised where.

The configuration posted below will advertise to the vendor but obviously the vendor's networks need to be advertised back and I'm not sure where they need to be propagated within the network.

Apologies for confusing the issue.

Jon

Jon

No apology needed. I agree that the issue is confused but you are not providing the confusion. The confusion is that we have gone back and forth between the live environment and a lab environment and because there have been confusing statements about the topology of the network and lack of clarity about what needs to be advertised to whom. So I suggest that first of all that we focus on the lab environment and worry about the live environment after the lab is working.

I think it would be very helpful if the original poster would post a new diagram which clearly identifies which switch is his company switch, which switch is the vendor switch, and what subnet is on what interface. Then a clear description of what needs to be advertised from his switch to the vendor and what needs to be advertised from the vendor to him and clarifying about what is redistributed.

HTH

Rick

I'm working on a lab and will try to get that info also a diagram of what I'm trying to do

A clear drawing and a description would be very helpful. If you have 3 switches I would suggest that you might have something like
SW1 is a switch inside your company and it has these networks, n,n,n which are advertised to SW2

SW2 is the switch in your company network which has a static route which will be redistributed. I have the impression that the redistributed static would be advertised to the vendor but I am not clear if that is correct or if perhaps the redistributed static is to be advertised to your network.

SW3 is the vendor switch and it has these networks n,n and whether those networks are advertised to your company or not.

HTH

Rick

Okay, no problem.

I agree with Rick, lets concentrate on the lab and then if we get that working you should be able to transfer that to your production setup.

We just need to understand exactly what subnets need to be accessed and where those subnets are in relation to your network and the vendor switches.

Jon