Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1033
Views
5
Helpful
4
Replies

OSPF controll neighbour

Go to solution
standrews
Level 1
Level 1

‎01-11-2021 05:29 AM

Hi 

 

Like the diagram, is it possible to only form OSPF nei C1 to Fish1 and C2 to Fish1, but not C1 to C2, if I use passive int it will disable the OSPF neighbor to Fish1 as well, if I use OSPF authentication it will still form the OSPF neighbor between C1 and C2, or only C1 to Fish1 but not C2 or vice versa. I know I can have 2 separated link from Fish1 to C1 and C2, but if the diagram can't be changed, is it still possible? thanks in advance

 

 

ospf.JPG

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to standrews

‎01-11-2021 12:21 PM

Thanks for the additional information. It is helpful to know that there is a single subnet to which all 3 devices are connected and that the switch ports are just access ports. The original post asked about being able to prevent C1 and C2 from becoming OSPF neighbors. And I believe that my suggestion could accomplish this. But knowing that C1 and C2 are customers of ISP Fish1 means that preventing OSPF neighbor relationship is probably not enough. If C1 and C2 are customers then it would make sense that you do not want them to know about each other or to be able to communicate. And with OSPF Fish1 will learn C1 LSAs and will then send them to C2 when it forms neighbor relationship with C2 (and will send C2 LSAs to C1). To keep C1 and C2 from learning each others routes I would suggest running OSPF on Fish1 and C1 and running some other routing protocol (perhaps EIGRP, or RIPv2, or ISIS) with C2. This would give you the ability to control what routes you share with each customer. Or as you suggest in the original post you could establish 2 separate links.

HTH

Rick

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-11-2021 05:34 AM - edited ‎01-11-2021 12:31 PM

Use VLAN SVI or  L3 interface to form the OSPF neighbour. is that Link between device configured as Trunk or point to point ?

make sure you make the like as Point to Point  (ip ospf network point-to-point) - so it form with the right interface as expected ?

 

is this what you looking ?

 

EDIT :

 

It was typo , my intention was  L3 Interface (not loopback)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to balaji.bandi

‎01-11-2021 10:01 AM

I am not clear what @balaji.bandi is suggesting about using Loopback for OSPF. I am familiar with Loopback used as Router ID. But how would Loopback be used for neighbor?

 

There is much that we do not know about this environment and that impacts our ability to give good advice. The drawing shows router C1, router C2, and router Fish1 connected through a switch. It is not clear in the drawing what that connection is. The description suggests that the connections on the switch are simple access ports, and so that all 3 routers have IP addresses in the same subnet. But this is not clear. Can we get some clarification about the addressing? It is also not clear why it is desired that  C1 and C2 each form neighbor relationship with Fish1 but not form neighbor relationship with each other. Can we get clarification on this?

 

But the question asked is can it be done. I would suggest that one way to achieve this would be to configure inbound access lists on C1 and C2 e0/0 interface. The inbound access list should deny OSPF (protocol 89) with source address of C1/C2 and allow other traffic. This would prevent neighbor relationship of C1/C2 but allow neighbor relationship with Fish1.

HTH

Rick
0 Helpful

Go to solution
standrews
Level 1
Level 1
In response to Richard Burts

‎01-11-2021 12:03 PM - edited ‎01-11-2021 12:04 PM

Thanks all

 

Yes it's a layer 2 connection and all in the same vlan (subnet), and the switch port just access ports on default vlan1, as Richard mentioned I am not sure how you can use the loopback interface? the idea is C1 and C2 are customer sites and Fish1 is the ISP, so C1 and c2 forms OSPF nei with Fish1 but not with each other  (assume they can not run IBGP) and then Fish1 doing the BGP redistribution into OSPF. thanks

 

ospf2.JPG

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to standrews

‎01-11-2021 12:21 PM

Thanks for the additional information. It is helpful to know that there is a single subnet to which all 3 devices are connected and that the switch ports are just access ports. The original post asked about being able to prevent C1 and C2 from becoming OSPF neighbors. And I believe that my suggestion could accomplish this. But knowing that C1 and C2 are customers of ISP Fish1 means that preventing OSPF neighbor relationship is probably not enough. If C1 and C2 are customers then it would make sense that you do not want them to know about each other or to be able to communicate. And with OSPF Fish1 will learn C1 LSAs and will then send them to C2 when it forms neighbor relationship with C2 (and will send C2 LSAs to C1). To keep C1 and C2 from learning each others routes I would suggest running OSPF on Fish1 and C1 and running some other routing protocol (perhaps EIGRP, or RIPv2, or ISIS) with C2. This would give you the ability to control what routes you share with each customer. Or as you suggest in the original post you could establish 2 separate links.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents