Re: ICMP Working fine however other TCP Traffic Blocked Randomly - OSFP Ring topology

vishal agavane · ‎02-07-2021

Hello team,

We have total 14 location where in L3 switches are in placed, these 14 location are connected through fiber optic cable using ring topology, along with this we have DWDM network ring which provide few more path which is again forming sub rings. We have enabled OSPF routing protocol on all uplink switch to switch and switch to DWDM device. Please refer our network topology with IP subnet.

Ospf is forming neighbourship with its neighbours so each L3 device has 15 neighbours (2 neighbours through switch east and west direction and other 13 through DWDM network) in its neighbourship.

We have been observed that when we establish entire network all node can reach to each other by using Ping/ICMP however few of node/switch connected applications http traffic won't be pass, we couldn't take that application on web GUI however same application host ping/icmp is reachable. if we connected only switch ring and test ping and http traffic everything work fine however whenever we introduce DWDM rings into picture only ICMP works and http work at few locations/switches randomly, if we connect only switch ring in the network and check then we have observed that ICMP and HTTP traffic work very well with ring failure scenario and similarly if we only connect DWDM ring ICMP & HTTP traffic works but whenever we merge these all ring together as per above network topology then we are facing this issue. We have increase DWDM link cost so switch ring will always take priority.

Please note we dont have firewall in place neither we have configure any ACL, DWDM network is pure transparent network so it's not possible to block any network traffic.

Your suggest would be much appreciated.

Thanks,

paul driver · ‎02-07-2021

Hello
From a high level perspective- What you have explained is the additional ospf peering over DWDM suggest the issue correct?

I assume all ospf peerings at this time are in a single backbone area?

If so have you tried ospf peering the DWDM in a non backbone area.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

vishal agavane · ‎02-09-2021

Please refer your answers below.

I assume all ospf peerings at this time are in a single backbone area?

Yes it was under Backbone area-0, however i tried with area-1 but no luck, same issue appear, ping work but http/telnet traffic block only when i remove multiple links and keep single ring or so everything start working. I have observed one thing sometime i could see TTL expire and when i tried to tracert to TTL expire IP address i could see in workstation tracert shows network uplink ip continuously, it goes to next uplink ip and again come back local uplink ip and this happen continuously due to this TTL expire comes. is it routing/ospf loop indication? if so how can i overcome that? One more thing i would like to inform that i have IP telephone traffic running in this network and that work very well with all rings (switch & DWDM) and its work fine during multiple link failure scenario however when i tried to take working IP phone web GUI from remote client it couldn't work.

If so have you tried ospf peering the DWDM in a non backbone area.

Yes i did we facing same issue..

What you have explained is the additional ospf peering over DWDM suggest the issue correct?

I will recheck this an update you.