cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8600
Views
13
Helpful
14
Replies

OSPF to two routers sending default

johnelliot6
Level 2
Level 2

Hi,

Have a 1921 that has 3 eth connections (1 LAN, and 2 WAN) - I have 2 seperate OSPF processes (2 areas) on the WAN Ints - both upstream WAN's are sending defaults back to the 1921, and the 1921 is sending it's LAN range to them.

I have ip ospf cost 150 set on the "failover" WAN connection interface (Both on the 1921 and upstream), but the 1921 is preferring the default route from the "failover"?

The ospf processes are:

"failover"  ospf 38 (And area 38)

"primary" ospf 40 (And area 40)

The default routes are both being received by the 1921, but it's preferring the "failover" Int with the ip ospf cost 150 configured?

Any suggestions as to why this is happening?

Thanks.

1 Accepted Solution

Accepted Solutions

Hello,

use the command "distance ospf external 109" to set only the external routes.

Regards.

View solution in original post

14 Replies 14

r.malviya
Level 1
Level 1

Hi John ,

What i understood with your query is u have 2 exit point & getting 2 default route pointing to 2 different interface.

But your route is always going to Failover interface instead of going to Primary one .

can u please share the interface details with Ospf config so i can see those things , because some time edit cost is not the only solution

Julio Carvajal
VIP Alumni
VIP Alumni

Hello John,

So you are sending a default route from two upstreams routers on different OSPF areas,

You want ur router to use Exit 1 (primary) but is using Exit 2(secondary) where you have set a specific OSPF cost to the interface,

Can you share the OSPF database so we can determine why the route is being prefered over Path B ( you can filter it to only show the default route)?

What happens if you disable Exit 2(failover), does the  primery route get's installed on the routing table ?

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

I am unable to disable the links at this time (CE is in production), but both ospf processes are advertising default to CE (And is seen in CE also)...for some reason secondary link is preferring the default.

If you need to see specific output from ospf, please let me know (I provided ospf database output earlier)

antonio.guirado
Level 3
Level 3

Hello johnelliot6,

how do you inject the default route?. Do you use the command "default-information originate always"?.

Notice that external routes in OSPF are type 1 (E1) and 2 (E2). By default, default-route are injected using E2 type.

This meaning that routers do not add any internal OSPF cost to the metric. Your command "ip ospf cost 150" does not

apply to E2 routes. So you can do:

1) change your command to "default-information originate always metric-type 1" in both WAN routers.

This change route type to E2 and the your ip ospf cost command works.

or

2) change your command to "default-information originate always metric 50" in primary WAN router and

"default-information originate always metric 100" in backup WAN router. You can delete the command "ip

ospf cost" because default routes are injected with different metrics. Although, routes are E2 type the metric

are set by WAN routers.

Regards.


johnelliot6
Level 2
Level 2

Thanks for the responses - I tried Antonio's suggestion, but it is still preferring the "backup" WAN.

Int configs, and ospf configs below:

CE

interface GigabitEthernet0/0

description BACKUP_WAN

ip address 10.2.8.226 255.255.255.252

ip flow ingress

ip flow egress

ip ospf cost 150

duplex auto

speed auto

interface FastEthernet0/0/0

description PRIM_WAN

ip address 10.2.9.62 255.255.255.252

duplex auto

speed auto

router ospf 38

router-id 10.2.8.226

redistribute connected subnets

passive-interface default

no passive-interface GigabitEthernet0/0

network 10.2.8.224 0.0.0.3 area 38

!        

router ospf 40

router-id 10.2.9.62

redistribute connected subnets

passive-interface default

no passive-interface FastEthernet0/0/0

network 10.2.9.60 0.0.0.3 area 40

#sh ip route 0.0.0.0

Routing entry for 0.0.0.0/0, supernet

  Known via "ospf 38", distance 110, metric 100, candidate default path

  Tag 38, type extern 2, forward metric 151

  Last update from 10.2.8.225 on GigabitEthernet0/0, 00:06:27 ago

  Routing Descriptor Blocks:

  * 10.2.8.225, from 10.2.8.193, 00:06:27 ago, via GigabitEthernet0/0

      Route metric is 100, traffic share count is 1

      Route tag 38

#sh ip ospf 38 database

            OSPF Router with ID (10.2.8.226) (Process ID 38)

                Router Link States (Area 38)

Link ID         ADV Router      Age         Seq#       Checksum Link count

10.2.8.193      10.2.8.193      1713        0x80002609 0x0056C0 2

10.2.8.194      10.2.8.194      1740        0x80002426 0x004943 1

10.2.8.226      10.2.8.226      1540        0x80001D73 0x0049E6 1

                Net Link States (Area 38)

Link ID         ADV Router      Age         Seq#       Checksum

10.2.8.194      10.2.8.194      1740        0x800011EE 0x007E65

10.2.8.226      10.2.8.226      1540        0x80000041 0x004CF5

                Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Tag

0.0.0.0         10.2.8.193      210         0x8000241B 0x0081BD 38

10.1.2.0        10.2.8.194      1740        0x80000784 0x00F33E 0

192.168.1.0     10.2.8.194      1740        0x800004F1 0x004B32 0

192.168.5.0     10.2.8.194      1740        0x80001577 0x009F30 0

192.168.6.0     10.2.8.194      1740        0x80000257 0x000EF3 0

192.168.8.0     10.2.8.194      1740        0x800003AD 0x004860 0

192.168.9.0     10.2.8.226      1540        0x8000005A 0x002CB1 0

192.168.10.0    10.2.8.194      1740        0x800013EA 0x0087D1 0

192.168.11.0    10.2.8.194      1740        0x800011F8 0x0066E5 0

#sh ip ospf 40 database

            OSPF Router with ID (10.2.9.62) (Process ID 40)

                Router Link States (Area 40)

Link ID         ADV Router      Age         Seq#       Checksum Link count

10.2.9.61       10.2.9.61       1167        0x8000000D 0x00C218 1

10.2.9.62       10.2.9.62       969         0x8000000B 0x00C119 1

                Net Link States (Area 40)

Link ID         ADV Router      Age         Seq#       Checksum

10.2.9.61       10.2.9.61       1167        0x8000000B 0x006D7B

                Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Tag

0.0.0.0         10.2.9.61       545         0x8000000C 0x00EEB9 3489678694

192.168.9.0     10.2.9.62       969         0x8000000B 0x009F31 0

Primary Core:

router ospf 40 vrf HOCA

router-id 10.2.9.61

passive-interface default

no passive-interface Port-channel1.560

network 10.2.9.60 0.0.0.3 area 40

default-information originate always metric 50

interface Port-channel1.560

description CORE_PRIM

encapsulation dot1Q 560

ip vrf forwarding HOCA

ip address 10.2.9.61 255.255.255.252

ip mtu 1500

Backup Core:

router ospf 38 vrf HOCA

router-id 10.2.8.193

log-adjacency-changes

passive-interface default

no passive-interface GigabitEthernet0/1.2765

network 10.2.8.192 0.0.0.3 area 38

  default-information originate always metric 100

interface GigabitEthernet0/1.2765

description CORE_BACKUP

encapsulation dot1Q 2765

ip vrf forwarding HOCA

ip address 10.2.8.225 255.255.255.252

ip ospf cost 150

Hello,

I have checked that Cisco use always the oldest route when there are two routes with the same Administrative

distance for OSPF.

http://d2zmdbbm9feqrf.cloudfront.net/2010/usa/pdf/BRKARC-2350.pdf

So, my first answer is not very good. You have to change the adminitrative distance to have a deterministic behavior in your network.

Please do the following:

- Remove all "ip ospf cost" commands.

- Change your command again to "default-information originate always".

- In 1900 router in ospf process associated with primary link do "distance ospf 109 109 109"


So, routes learned by ospf associated primary link have a lower AD (109<110) and are preferred.

Regards.

Thanks Antonio,

The only options I have on the 1900 are:

(config-router)#distance ospf ?

  external    External type 5 and type 7 routes

  inter-area  Inter-area routes

  intra-area  Intra-area routes

Which option is correct?

Hello,

use the command "distance ospf external 109" to set only the external routes.

Regards.

Thanks Antonio!

That worked.

#sh ip route 0.0.0.0

Routing entry for 0.0.0.0/0, supernet

  Known via "ospf 40", distance 109, metric 50, candidate default path

  Tag Complete, Path Length == 1, AS 17766, , type extern 2, forward metric 1

  Last update from 10.2.9.61 on FastEthernet0/0/0, 00:02:43 ago

  Routing Descriptor Blocks:

  * 10.2.9.61, from 10.2.9.61, 00:02:43 ago, via FastEthernet0/0/0

      Route metric is 50, traffic share count is 1

      Route tag 3489678694

I cant test failover atm, but looking good.

Thanks for your help

Hello,

please, when you do the failover test, let me now that everything is fine. Be careful with the keywords "always"

because the default route is "always" injected.

Regards.

Thanks - So, am I better to simply have only "default-information originate"  on both "cores"? (And manipulate prmary ospf process on the CE?)

Side note - If I were to run the same ospf process/area (i.e. 38) on both primary+secondary WAN Ints, would ip ospf cost on the secondary Ints then work?

Thanks again for your help

Hello,

I do not ask you why use two ospf process. If there are not "special" reasons use only one proccess and use only an area

(area 0 backbone area). Then, if you have only a ospf proccess my first post will be good. "ip ospf cost" only apply if your external routes are type 1. I prefer control the metric in WAN routes setting the metric in the "default-information" command.

If you use "always" keywork WAN routes always inject the default route. If you do not use it, they only inject it if there is a default route in its routing table. In our network we do not use "always". Default route are learned by BGP in the WAN routes and if there is a problem (link down, BGP problem, so on...) the default route is not injected by ospf process.

Regards.

Hi Antonio - Initially I had a single ospf process (And single area) - 38, but the "backup" core also had a link to another site(In the same vrf) in area 38 and this was also the default route for the vrf.

So all routes learned via ospf 38 from this "other" site, were being advertised via the backup link to the 1921(Including the default), and then those routes were also being advertised to the "primary" core(Including default) even though I had the following route-map/acl configured on the 1921:

router ospf 38

router-id 10.2.8.226

redistribute connected subnets route-map OSPF_ACL

route-map OSPF_ACL permit 10

match ip address 2

access-list 2 permit 192.168.9.0 0.0.0.255

So this is why I removed ospf 38 from primary core, and setup ospf 40

As to why the routes where being advertised even with the acl, Im not entirely sure...would love if someone could explain why

Hello Johnelliot6,

you can not filter intra-area (routes learned from routers in the same area). OSPF needs that all routers inside

an area have the same database topology. What you can do is avoiding that this routes go into routing table.

You can use the "distribute-list 2 in" (2 is the ACL number) command in the "primary" core router.

Regards.

Review Cisco Networking for a $25 gift card