cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
460
Views
5
Helpful
8
Replies

OSPF Multi Home Area Design

CAN_OTT
Level 1
Level 1

We are in the process of migrating our remote sites to OSPF. We have two main head quarter sites connected by a 20 GIG point to point connection. The two main head quarters are our backbone area 0.

 

We have approximately 200 remote sites that have dual 1 gig connections for redundancy. One link goes into HQ1 and the other link goes into HQ2. I am trying to figure out the best way to put these remotes sites in the various areas. Each remote site has 3 VLANs that we have to advertise from each site.

 

I have attached a diagram showing what I have got and proposing. I don't want to put on the links of the remote connections to the the head quarters in area 0 as we will have over two hundred remote locations.

 

I have come up with two scenarios that I can see to setup the OSPF areas.

 

My first thought was to put the first 40 sites in area into area 79 and next sites in area 80 etc. When I built this scenario in GNS3 I was getting some routing loops and black hole routing.

 

My second scenario is to have each site in its own area. When I built this scenario in GNS3 it worked as expected.

 

What would be the correct way of defining the areas in this scenario.

 

Thanks 

8 Replies 8

Hello,

 

From what I know about GNS3 its a simulator of what devices will actually do since it has the images of the actual device. So the results you got were probably pretty accurate as far as setup and experiencing routing black holes and loops. If the remote sites each have their own connection to the HUB and have their own IP space then I could see putting them into just 2 groups could cause issues. For instance if you have 40 "remote" sites in 1 area lets say 79, but they have different connections to the HUB routers then the router may not know which interface it needs to send traffic to in Area 79 to get to the specific route. That being said GNS3 not without bugs so its not 100% accurate. It looks like your best bet is the separate areas for each remote location based on the info you have given.

 

There is still info we don't know such as how the devices are configured and if you are using stuff like DMVPN or summarization and many other things.

 

 

-David

I have looked at the drawing in the original post. The important thing that I notice is that the drawing shows the 2 core routers with interfaces in area 0 and interfaces in some combination of areas 900, 901, 902, and or 903. That  is fine and makes the core routers function as Area Border Routers. the remote routers have some combination of interfaces in areas 900, 901, 902, and or 903 and interfaces in areas 79, 80 etc. This looks like the remote router would be an ABR. But for a router to function as ABR it needs an interface in area 0. So this design is deeply flawed.

Based on these design issues, and on my sense of what would be best I would advocate for a design where every remote router had its own non zero area.

There is another aspect to consider. The design in the drawing has area 0 on the link between core switches (which is good). It has the remote site with interfaces in area 79, 80, etc which is ok (better if each one was unique in my opinion) and have interfaces in areas 900, 901, 902, and or 903 which creates the problem. Among other issues there would be 80 discontiguous area 79s, 80 discontiguous area 80s, etc. But the main issue is that the remote router is not really an ABR. To fix this issue the link from the remote to the core either needs to be in area 0 (which makes each remote router an ABR) or needs to be in the remote area (which makes the core the ABR). Either approach could work and I tend to favor the approach making the core the ABR.

HTH

Rick

Hello
Allocating your opsf estate into non backbone areas is a good way to decrease the route tables and ospf SFP calculation om the rtrs due to topology’s changes that will occur within those areas.

Having 200 non bb areas (sites) would furthermore assist in the above as you could even decrease the ospf topology database for each area even smaller.

However you may not require to have so many areas, it all depends on how may routers will reside in each area and if those areas will need to advertise external network themselves and/will require direct access to other areass without going via the DCI rtrs.

Can you when you say you experienced routing loops can you confirm what ospf network types you were applying to the rtrs on those non bb areas?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Paul brings up several points that might impact the implementation of ospf:

- will any of the sites need to advertise external routes?

- will any of the sites need to communicate with anything (external or other sites) on paths that are different from the paths to head quarters?

If the answer to both of these is no then I would suggest that you configure each of the remote sites as totally stubby ospf. If you do this then each remote site will have its own local routes and 2 default routes to head quarters. This reduces the size (and complexity) of the routing table and shields the sites from any instability in other parts of the network.

I am a bit puzzled at this statement "However you may not require to have so many areas," If each site is a separate area and if there are 200 sites then how can there be less than 200 areas? And how would the number of routers in an area impact the number of areas?

 

HTH

Rick

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello @CAN_OTT ,

you can use totally stub areas to have the minimal impact on backbone multilayer switches.

if you use totally stub areas you can scale up to 200 areas but spoke routers and their links should be in the same totally stub area = internal nodes to that area.

 

The Hub routers will automatically send an LSA type 3 O IA default route 0.0.0.0/0  to the remote site representing all the rest of the network and there will be three or four router LSAs the one built by the Spoke(s) and one built by each Hub for the specific totally stub area listing only the link between Hub and Spokes. and listing four links on the spoke.

Further by using ip ospf network point to point you will avoid DR/BDR election on links and the creation of LSA type 2.

 

If there are two Spokes you need to provide a path between them.

 

Warning: if for any reason you have a site that needs to redistribute something into OSPF routing domain the associated area should be a totally NSSA. In that case you need to configure the sending of a default route on the two ABR nodes.

 

Hope to help

Giuseppe

 

 

CAN_OTT
Level 1
Level 1

Thanks for the all of the information it is very helpful.

 

Yes all the remotes will be setup as a totally stub network. We are not using DMVPN but I have told the group we have to start summarizing our routes. 

The sites will not have to advertise and external routes. I would say 95% traffic is either destined for the data centre or Internet which is at each of our head quarters. There is very little site to site communication. 

 

 

If I make the links from the headquarters and remote part of area 0 wouldn't it go against the recommendations of keeping an area under 50 as Cisco recommends?

Thanks

Hello @CAN_OTT ,

>> If I make the links from the headquarters and remote part of area 0 wouldn't it go against the recommendations of keeping an area under 50 as Cisco recommends?

 

Actually up to 800 routers in same area have been reported here in the forums by Russ White that was formerly a Cisco employee.

I have worked on SP networks with 200 routers in area 0 with no issues

 

That recommendation had been done many years ago ( almost 20 years ago)  when router cpu were much less powerful and network links  less stable.

 

Given the topology and connectivity model you can also put multiple remote sites in the same totally stub area with no issues and reducing the memory usage on the HUB devices.

 

200 totally  stub areas is something I have never seen in a single OSPF router process.

 

With the appropriate design following OSPF rules you have scalability for sure.

Use network type p2p and you probably can even afford to have hub to spoke links in area 0 but probably a trade off with 10 areas is the best approach.

 

Hope to help

Giuseppe

 

"If I make the links from the headquarters and remote part of area 0 wouldn't it go against the recommendations of keeping an area under 50 as Cisco recommends?"

As @Giuseppe Larosa notes, that's a very old rule-of-thumb, and besides his description of router CPUs being more powerful, Cisco's OSPFv2 implementation has evolved over the years, doing both things under-the-covers (e.g. the update backoff timers, or LSA timing of their transmissions) and features like iSPF.

BTW, I recall, concurrent with the 50 routers per OSPF rule-of-thumb, there was also a recommendation to avoid having an ABR with more than just a few OSPF areas.  Unsure how applicable that recommendation may, or may not, be today, but having an OSPF area, for each remote site, especially if each only has 3 (?) local networks, would seem to be overkill.

As other have noted, you could probably run all your topology in just a single OSFP area, but having a couple or few (i.e. 2 to 4) "WAN" OSPF areas (perhaps in geo clusters?), would likely be a "safer" design approach.  (Why if you had 4 such OSPF area, supporting 200 routers, why we then would keep to that old rule of 50 routers per area - laugh.)

"Yes all the remotes will be setup as a totally stub network. We are not using DMVPN but I have told the group we have to start summarizing our routes."

Personally, I've not been a big fan of OSPF stub networks, as they seem to paint you into a corner, sometimes, down the road.  I prefer summarization of routes as they exit the area.  (Of course, the latter assumes, your IP addressing scheme lends itself to that.)

If you do exit area summarization and/or have multiple remote sites within the same OSPF area, keep in mind the OSFP routing "gotchas" concerning blackholes and/or suboptimal routing.

BTW, just wondering, you only would have the one 20G area zero link between your to HQ sites?  If so, you do want to provide some area zero redundancy.  (One way would be to place some of your remote sites in area zero.  Costed "correctly", the 20g path would be preferred path.  Also costed "correctly" you can use ECMP as the "redundant" alternative.)

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: