OSPF dynamic failover on two GWs

Paco-Paco · ‎05-10-2024

Hi everyone,
I have 2 Aruba GWs and 2 L3 cisco switches with their respective VLANs and Network subnets.
Both GWs are active and each cisco forwards traffic to it's respective GW.

I want to achieve a dynamic traffic failover (ospf) if one of the GWs would fail.

Although cisco boxes can ping cross vlans using ospf (409/500) they cannot ping the far end GW's IP. So SW1 cannot ping 10.2.6.2 and SW2 cannot ping 10.2.2.1

any ideas?

Aruba GW --- cisco -- to -- cisco ---- Aruba GW

SW1

interface Vlan55
ip address 10.2.4.2 255.255.255.0
ip ospf message-digest-key 5 md5 xxxx
!
interface Vlan500
ip address 10.2.2.63 255.255.254.0
!
router ospf 1
router-id 10.2.4.2
area 5 authentication message-digest
redistribute static
redistribute connected
network 10.2.4.0 0.0.0.255 area 5
network 10.2.2.0 0.0.1.255 area 5
default-information originate
!
ip route 0.0.0.0 0.0.0.0 10.2.2.1
i-------------

SW2

interface Vlan55
ip address 10.2.4.1 255.255.255.0
ip ospf message-digest-key 5 md5 xxxx
!
interface Vlan409
ip address 10.2.6.61 255.255.254.0
!
router ospf 1
router-id 10.2.4.1
area 5 authentication message-digest
redistribute static
redistribute connected
network 10.2.6.0 0.0.1.255 area 5
network 10.2.4.0 0.0.0.255 area 5
default-information originate
!
ip route 0.0.0.0 0.0.0.0 10.2.6.2
!

SW1(config)#do ping 10.2.6.2 <<<<< ----- I cannot ping the gateways on each side!
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.6.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
SW1(config)#do ping 10.2.6.61 <<<<< ----- !
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.6.61, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

MHM Cisco World · ‎05-10-2024

Can you draw topolgy

Also both Aruba GW have same subnet ?

MHM

Paco-Paco · ‎05-10-2024

Hi thanks for the response.

topology

Topology

Aruba GW [10.2.2.2 --vlan409-- 10.2.2.61] cisco [vlan55 10.2.4.2 ospf vlan55 10.2.4.1] cisco [10.2.6.63 --vlan500-- 10.2.6.2] Aruba GW

Arubas are on different segments.

MHM Cisco World · ‎05-10-2024

show ip route
show ip ospf neighbor
show ip ospf interface brief
share this for both SW

Thanks

MHM

Paco-Paco · ‎05-10-2024

SW1#show ip route
Gateway of last resort is 10.2.2.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 10.2.2.1
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 10.2.2.0/23 is directly connected, Vlan500
L 10.2.2.63/32 is directly connected, Vlan500
C 10.2.4.0/24 is directly connected, Vlan5
L 10.2.4.2/32 is directly connected, Vlan5
O 10.2.6.0/23 [110/2] via 10.2.4.1, 00:06:23, Vlan5

SW1#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
10.2.4.1 1 FULL/BDR 00:00:35 10.2.4.1 Vlan5

SW1#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Vl500 1 5 10.2.2.63/23 1 DR 0/0
Vl5 1 5 10.2.4.2/24 1 DR 1/1

------------------

SW2#sh ip route
Gateway of last resort is 10.2.6.2 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 10.2.6.2
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
O 10.2.2.0/23 [110/2] via 10.2.4.2, 00:08:27, Vlan5
C 10.2.4.0/24 is directly connected, Vlan5
L 10.2.4.1/32 is directly connected, Vlan5
C 10.2.6.0/23 is directly connected, Vlan409
L 10.2.6.61/32 is directly connected, Vlan409

SW2#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
10.2.4.2 1 FULL/DR 00:00:35 10.2.4.2 Vlan5

SW2#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Vl409 1 5 10.2.6.61/23 1 DR 0/0
Vl5 1 5 10.2.4.1/24 1 BDR 1/1

Giuseppe Larosa · ‎05-14-2024

Hello @Paco-Paco ,

comparing show ip ospf neig and show ip ospf interface on both SW1 and SW2 we can see that Sw1 has no neighbor on SVI Vlan 500 and SW2 has no neighbor on SVI VLAN 409.

As a result of this the Aruba devices do not take part in the OSPF routing domain in area 5 and this is why you cannot ping a remote Aruba device.

Check the MTU, the IP subnet mask and the area ID you may need to use area ID 0.0.0.5 on the Aruba.

Also as @Georg Pauwen has noted why are you attempting to inject a default route in OSPF on both SW1 and SW2 ?

Hope to help

Giuseppe

Paco-Paco · ‎05-10-2024

<cut>

MHM Cisco World · ‎05-13-2024

Sorry I dont see last reply

MHM

Georg Pauwen · ‎05-14-2024

Hello,

why are you originating the default route on both Cisco switches ? Can you post a schematic drawing showing how your devices are physically and logicall;y connected (including the OSPF areas) ? Are the Aruba gateways running OSPF as well ?

Also post the full configs of the Cisco and the Aruba devices...