Solved: OSPF Design for small network - Page 2

cbse120109 · ‎09-30-2011

I have a design question regarding configuring OSPF for two sites. Say, Napa and Sonoma. I

All traffic not local to Sonoma including 0.0.0.0 needs to be routed through Napa over a private wan link.

Would creating a stub area for Sonoma be the solution as it would only need a 0.0.0.0 route?

I have attached a diagram of what I think on how it should be configured.

Thinking ahead, a backup internet connection at Sonoma will be installed in case the private wan link fails.

A l2l vpn over ASAs would be configured so Sonoma could reach Napa as a backup route.

Would NSSA be needed as a new ASA in Sonoma would inject a backup route into Area1?

Any thoughts on the backup design?

Kishore Chennupati · ‎10-05-2011

I would recommend you to test this carefully. because as part of the unicast OSPF thingy you are advertising the WAN and LAN subnets into OSPF on the PIX/ASA. So you need to be mindful of that as well. Normally I have seen these kind of set ups where you have a private link with the ISP and dont want them to see your data traffic. Then you use this unicast OSPF where the ISP only can see your ospf neighbors but not the traffic carried by it. That's when you run OSPF over IPSEC.

HTH

Regards

Kishore

Marwan ALshawi · ‎10-05-2011

well you network is small i would go with floating static routes as described in the above posts to reduce complexity

as you will have trick setup interns of default route of the OSPF and back over the local link if you go with OSPF over both links and using totally stubby area over the WAN link

i am not saying you can not do it but it is not a simple one to trobleshoot if there is any issue or routing change in the future

HTH