cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1596
Views
39
Helpful
18
Replies
wilson_1234_2
Participant

OSPF neighbor, preferred route problem

I have the network shown in the attached file.

I have had problems with this in the past.

The default route is distributed from Verizon BGP into our Internet router OSPF domain then advertised to the rest of the network, as part of our falover scenario.

The PIX firealls are configured with OSPF, the inside networks get the default route from the PIX.

Both PIX firewalls need to have the default route in the route table because they are doing entirely different things. Both Firewall's DMZs need to get to the Internet, have inside networks access their DMZ and failover to DR Interent when HQ Internet is lost.

I am having trouble with the Edge router and Inside 6509 switch preferring the 515 firewall.

I want the Edge router to always use the routes from the 525 PIX for inside and the 6509 to always use the 525 for the default route unless it fails.

The 6509 is also using the PIX 515 as the next hop for Internet. Both PIX firewalls are directly connected to the 6509 in this drawing.

There is another 6509 downstairs that is a neighbor to the 6509 in this drawing, that is getting the default route from the 525 pix as I want.

Looking at the OSPF databases, they all are identical.

The edge router is forming adjacnetcys but isn't the higher Neighbor ID supposed to be preferred? The Internet router is using the 515 firewall.

Internet Router:

Neighbor ID Pri State Dead Time Address Interface

192.168.2.1 1 FULL/DROTHER 00:00:32 2.2.2.3 FastEthernet0/0

192.168.1.1 1 FULL/BDR 00:00:39 2.2.2.2 FastEthernet0/0

The 6509 is also:

6509-#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface

192.168.1.1 1 FULL/DROTHER 00:00:30 10.1.7.1 Vlan1

192.168.2.1 1 FULL/DROTHER 00:00:36 10.5.7.1 Vlan5

18 REPLIES 18
bjornarsb
Enthusiast

Hi,

As far as I understand you need to use:

ip ospf cost, to manipulate the routing cost on your interfaces.

Your current settings seems to be load-balancing with equal metric.

Neighbor ID is used only for DRouter selection, not route selection.

BR,

Bjornarsb

<