Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3461
Views
0
Helpful
8
Replies

Need Urgent help on configuring ospf with hsrp

asfar.zaidi
Level 1
Level 1

‎07-25-2008 02:55 AM - edited ‎03-03-2019 10:54 PM

Hi Guys

I have twor routers configure with hsrp and running on ospf , now i have configure my firewall be the part of ospf and remove all the static routes from the firewall pointing to hsrp ip.

Firewall learn all the routes through ospf but not going through the hsrp ip instead going through the physical ip of routers .

My problem is that my routers all complete backup to each other and if one router goes down other will take over but now thats not happening from the firewall because its getting ospf updates from the routers physical ip instead of hsrp virtual ip.

Regards/Asfar

Labels:
0 Helpful
8 Replies 8

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-25-2008 03:14 AM

hello Asfar,

if your firewall has OSPF adjaciencies with the two routers it will be informed of any topology change behind the two routers.

This is the job for which routing protocols exist !

So remove the static routes pointing to the HSRP VIP and everything should be fine.

>> Firewall learn all the routes through ospf but not going through the hsrp ip instead going through the physical ip of routers

Where is the problem ? this is right. Forget of HSRP VIP that is useful only as ip next hop of the static routes you used before.

Hope to help

Giuseppe

0 Helpful

asfar.zaidi
Level 1
Level 1
In response to Giuseppe Larosa

‎07-25-2008 03:52 AM

Hi

My problem is my router B is the backup of router A , and in case od failure of router A how my firewall will come to know that it has to go to router B as in my ospf routes on my firewall i can only see OSPF routes publish form router A and in the neighbour details of my firewall i can see both the routers but with Full state it should be one Full and one DR/Full.

Important thing is that Router A is now active for my HSRP may be thats trhe reason I am getting routes only from Router A.

Please Clearify

Regards/Asfar

0 Helpful

tdrais
Level 7
Level 7
In response to asfar.zaidi

‎07-25-2008 07:11 AM

You will always see both neighbors up and see both routes in the OSPF database. You no longer need the HSRP and will many times cause you issues if you attempt to run both a routing protocol and hsrp.

What you want to do is to manipulate the ospf metrics so that only the route to router A is placed into the firewall routing table. If it were to lose the route from router A it would then select the route it learned from router B.

How you do this will depend on what type of ospf routes these are. In general you can set ospf costs when you redistribute, on interfaces and with distribution lists.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to asfar.zaidi

‎07-25-2008 12:14 PM

Hello Asfar,

there is no dependency of OSPF on HSRP they are different separate protocols

DR/Full

Are you sure that your firewall isn't the OSPF DR in your setup ?

Hope to help

Giuseppe

0 Helpful

sdoremus33
Level 3
Level 3
In response to Giuseppe Larosa

‎07-25-2008 01:14 PM

As mentioned befor as long as you have OSPF neighbor adjacencies to the two rtrs (active,standby) you should be fine

HSRP

RTRA - Active

HSRP Prioirity

RTRB = Standby

Hsrp Priority =

OSPF should have no problems if the dajacencied are formed from th VIP perspective

0 Helpful

sdoremus33
Level 3
Level 3
In response to sdoremus33

‎07-25-2008 01:18 PM

meanins as lons as OSPF can reach the physical interfaces routers (active,standby) everyting is cool.

OSPF --> Route in table fpor active routers

OSPF--> In the event the active rtr goesd down Multicast packets are sent between the two devices every 5sec*3 then the obviouslly the standcy rtr accts as the active and the routes is in the table

0 Helpful

gacross
Level 1
Level 1
In response to sdoremus33

‎07-26-2008 12:44 PM

Meaning as long as OSPF can reach the physical interfaces routers (active,standby) everyting is cool.

-----

Active/Standby does not matter.

OSPF --> Route in table for active routers

-----

No route in table based on best metric

OSPF--> In the event the active rtr goesd down Multicast packets are sent between the two devices every 5sec*3 then the obviouslly the standcy rtr accts as the active and the routes is in the table

-----

No, route in table based on best metric, if router with best metric goes down FW will choose the other routers routes.

Who makes the FW? Does it support equal-cost multipath? If so and rtr-A and rtr-B have access to same networks then it should install both routes in routing table.

0 Helpful

asfar.zaidi
Level 1
Level 1
In response to gacross

‎07-27-2008 01:33 AM

Hi

I am attaching the configuration of my Routers can you please check whats wrong as I am still not clear whats the problem

Regards/Asfar

Preview file
3 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card