Solved: Re: OSPF Path Selection

misaleh · ‎08-09-2022

Below is a summary of a scenario that's happening with me in real life. There are two Internet links, the one connected to ISP A has a 100 Mb/s speed and the one connected to ISP B has a 50 MB/s speed. Router 2 has an OSPF neighborship with Router 0 and Router 1. Router 0 and Router 1 have an OSPF neighborship with Multilayer Switch 0. What's happening now is that when PC1 tries to go to the internet, sometimes it's going through ISP A and sometimes it's going through ISP B. What I'm trying to achieve is that I want anyone in the remote site that's using the internet to use ISP-A and if the connection to ISP A goes down, then they used ISP B. I've tried increasing the cost on Router 2 on the interface connected to ISP B, but nothing happened. Both links to ISPs were being utilized. I've attached a screenshot of the design and also a packet tracer file. Any help would be really appreciated.

Joseph W. Doherty · ‎08-10-2022

Ah, okay, VPN links make much more sense.

So, do your routers have tunnel interfaces, or are they "transparent" VPN connections which make the connections between the routers appear as directly connected on the same "wire"?

For either, you need adjust the cost on the OSPF interfaces (whatever they are). Again, might be done with OSPF interface cost statements or via

interface bandwidth

statements.

View solution in original post

MHM Cisco World · ‎08-09-2022

In site R0 and R1 have different cost but each one connect directly to R2, so you can not do anything in Routers but

You can prefer path through ISP-A by config SW - Router cost.

The R2 have two equal cost and load is sharing, config R2 to prefer path through ISP-A

And that it.

misaleh · ‎08-09-2022

I'm sorry, I don't understand what you mean.

MHM Cisco World · ‎08-09-2022

if the R2 support OSPF then config cost as shown
if not and it have two default route
then using IP SLA and track and high AD for both default route make R2 prefer one ISP and when it failed it will automatic shift to other ISP

Joseph W. Doherty · ‎08-09-2022

I haven't downloaded your PT file, but from what you describe, how do routers 0 and 1 form an OSPF adjacency with router 2?

If you're using tunnels, the tunnels, by default, I believe, will be the same cost, i.e. not the cost of the underlying physical interfaces.

If that's what's happening, all you need to do is cost your two tunnels interfaces differently, either via an OSPF interface cost command, or by setting their bandwidth to match their underlying physical port bandwidth (I would recommend the latter).

misaleh · ‎08-09-2022

I'm not sure how adjaceny is formed exactly, but the ISP is in the middle between the 2 routers.

We're not using tunnels. The IP addresses are configured on the physical ports.

Joseph W. Doherty · ‎08-09-2022

"I'm not sure how adjacency is formed exactly, but the ISP is in the middle between the 2 routers. "

Well, that's the question, i.e. how do you have OSPF adjacency between your two sites routers if there's an ISP in the middle? In the real world (although this is a PK setup, correct?), you generally don't "do" OSPF with your ISP, although perhaps BGP. If you are doing OSPF with your ISP, then the question is, what's the cumulative OSPF cost across the ISP paths?

What you might be trying to tell me, in PK, the ISP links are working like p2p links. Okay, if that's the case, than what's the OSPF cost on those router interfaces? By default, Cisco's OSPF will use the physical bandwidth of the interface. You mention 100 Mbps, which is an actual Ethernet (?) bandwidth, but you also mention 50 Mbps. For the latter, if Ethernet, how do you "get" 50 Mbps? (If it's some kind of logical bandwidth cap, along the path, you need to, as noted in my prior post, configure the interface (this time the physical interface) with the "correct" cost, also again which might be accomplished by using the

interface bandwidth

command.

misaleh · ‎08-09-2022

I made a mistake in my original post. This is a VPN link and not an internet link. The router at the remote site has an adjacency with the 2 routers at HQ. The connection to ISP-A from the remote has a a VPN speed of 100 Mbps and the connection to ISP-B has a VPN speed of 50 Mbps. Those speeds are set by the ISP, I'm not sure exactly how. I've tried increasing the cost on the R2's interface connected to ISP-B, but when I checked a bandwidth monitoring tool, both links were still being utilized.

Joseph W. Doherty · ‎08-10-2022

Ah, okay, VPN links make much more sense.

So, do your routers have tunnel interfaces, or are they "transparent" VPN connections which make the connections between the routers appear as directly connected on the same "wire"?

For either, you need adjust the cost on the OSPF interfaces (whatever they are). Again, might be done with OSPF interface cost statements or via

interface bandwidth

statements.

misaleh · ‎08-11-2022

They are transparent VPN connections. The routers appear directly connected. When I changed the cost on the R2's g0/1 interface, the upload bandwidth, the output rate became 0 on the interface, but the input rate was still changing. When I changed the cost on R1's gi0/1 interface, the input rate on R2's gi0/1 became 0 so now all the traffic's passing through gi0/0. Thanks a lot for your help!

Joseph W. Doherty · ‎08-11-2022

Yes, that's to be expected. When you adjust OSPFs, it only impacts egress not ingress. For ingress, you need to adjust the other direction's egress.

MHM Cisco World · ‎08-11-2022

as I mention in my photo, the two way must config the cost

Martin L · ‎08-09-2022

"anyone in the remote site that's using the internet to use ISP-A and if the connection to ISP A goes down, then they used ISP B'

this is normally done with IP SLA tracking or PBR. I do not think this is possible in PT as PT is just software simulator; good one but still a simulator and not real thing running IOS. You should get GNS3 and one of supported real IOS images, or try Cisco Modeling lab (CML) from DevNet sandbox (free 4 hr online). find demo of them on youtube

Furthermore, if u have two equal cost, load is sharing kicks in. Normally that is done by CEF. which may or may not be turn on in PT but it is on by default in all Cisco routers. Once CEF is on, there are at least 3 modes of packets forwarding (per packet, per destination hash, per flow). Not sure But I don't think PT supports those.

Regards, ML
**Please Rate All Helpful Responses **

David Ruess · ‎08-09-2022

Hello,

You say you have different speeds however your lab sees all Gig links the same speed so by default OSPF will load balance these links to the ISPs. I was able to change to cost on

R2's G/1 interface to 10 (interface command: ip ospf cost 10)

and it is only using the one path now towards ISP A. However, I will note it took a good minute or 2 and a clearing of the OSPF processes to work. OSPF derives cost form the link its configured on and since you did not use auto-cost reference-bandwidth then anything above 100 Mbps is seen as the same speed.

Before:

Router#sh ip route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

C 10.1.1.0/30 is directly connected, GigabitEthernet0/0

L 10.1.1.1/32 is directly connected, GigabitEthernet0/0

C 10.1.1.4/30 is directly connected, GigabitEthernet0/1

L 10.1.1.5/32 is directly connected, GigabitEthernet0/1

O 10.1.1.8/30 [110/2] via 10.1.1.2, 00:00:01, GigabitEthernet0/0

O 10.1.1.12/30 [110/2] via 10.1.1.6, 01:12:28, GigabitEthernet0/1

172.168.0.0/24 is subnetted, 1 subnets

O 172.168.1.0/24 [110/3] via 10.1.1.2, 00:00:01, GigabitEthernet0/0

[110/3] via 10.1.1.6, 00:00:01, GigabitEthernet0/1

After:

show ip route

Router#sh ip route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

C 10.1.1.0/30 is directly connected, GigabitEthernet0/0

L 10.1.1.1/32 is directly connected, GigabitEthernet0/0

C 10.1.1.4/30 is directly connected, GigabitEthernet0/1

L 10.1.1.5/32 is directly connected, GigabitEthernet0/1

O 10.1.1.8/30 [110/3] via 10.1.1.6, 01:02:42, GigabitEthernet0/1

O 10.1.1.12/30 [110/2] via 10.1.1.6, 01:08:11, GigabitEthernet0/1

172.168.0.0/24 is subnetted, 1 subnets

O 172.168.1.0/24 [110/3] via 10.1.1.6, 01:02:42, GigabitEthernet0/1

Attached is the working file.

Hope that helps.

-David

misaleh · ‎08-10-2022

I've tried increasing the cost on the R2's interface connected to ISP-B in real world, yes the routing table only shows 1 path now but when I checked a bandwidth monitoring tool, both links were still being utilized. What if I changed the cost on R1's link connected to R2?