10-07-2024 06:44 AM
Hi there
I have 2 isp connecting separately to a core switch. i can ping both isp from the switch, however, LAN can not ping the backup link. The core switch is connected to an L3 switch which can't ping the backup link. Both switches are exchanging IPs via ospf and vlan1.
the L3 switch has the backup link in the routing table via VLAN 1 but it can't reach it. but it can for the primary link. if someone could identify what is the issue please?
10-07-2024 06:48 AM - edited 10-07-2024 08:11 AM
I dont try that but I think what you see is normal' the issue is Core have primary defualt route toward one ISP (using AD 10) so core SW send packet to primary even if destination IP is for backup and hence packet drop.
Shut the primary ISP interface and you can ping form LAN
MHM
MHM
10-07-2024 07:57 AM
Hello
You have at a minimum of 3 ospf adjacency's from the core by the looks of it, All on multiaccess connections ( probably broadcast network type ) so these would have negotiated DR/BDR adjacency's.
In a multi-access ospf network DR/BDRs are elected so ospf updates/topology info etc is sent centrally from the elected DR of the ospf segment to all other attached ospf rtrs thus negating the need for all the other rtrs sharing the same network segment to do this individually - so manually setting the DR is recommended which then will make the election of the DR/BDR/Drother deterministic..
However If all of these opsf interfaces have just the single OSPF rtr attached them you could negate the DR/BDR election completely and set the each interface to become a P2P network.
It also looks like your ospf rtrs that are adjacent from the core are receiving a default route or at least one is being advertised to them.
I would suggest you to remove this and then check reachability from the lan once more.
For future reference, If the static default routes you are showing on the core are required, maybe append them to be conditional based on the readability of the ISPs connections or some received prefix from either of them, this can be accomplished quite simply with a Boolean and ipsla tracking.
If however you have the option of receiving a default from either ISP instead then you could just cost out the less preferred default if need be so you would have no need to append any static default routes towards either ISP
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide