cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2991
Views
35
Helpful
29
Replies

Show IP Route in HUB-Spoke setup

karamalomari
Level 1
Level 1

I have a question regarding OSPF point-multipoint non-broadcast setup. The links between Hub's & spokes are private links.

attached is the drawing with configuration files of Site-A with wan router-FW-Core Switch & Site-B with wan router-core switch.

The question is when typing

 #sh ip route | inc 192.168. on Hub-01 i see it as O E2 and #sh ip route | inc 172.16. on Hub-01 i see it as O IA

is this the correct ospf route i should see.

 

29 Replies 29

I assume you want O IA routes for both sites. IN this case (unless you need it that way) it wont matter much as there is only one site/path to get to the 192.168.0.0 network. The O E1, O E2 and O IA route preference come into play when its the same route.

To do what you're asking on Spoke-1 exactly I don't believe its possible (unless you do some very underhanded routing/policy with static routes maybe but I would not suggest that). As mentioned before the network command enables OSPF on that interface and advertises it onward with the mask of the interface. You cant separate it unless you want to run the routing protocol on the FW and the Core below.

Said another way you cant put the Spoke-1 interface towards the FW in Area 0 and the rest of the 192.168.0.0/16 network into another area unless you put a routing protocol on the devices below Spoke-1 (to be technically correct you CAN with some advanced tricks that even I couldn't say if it would work).

Another thought/question I had was I noticed your Spoke 1 interfaces were configured as P2P NBMA. Those need a neighbor statement on one side to form at least. We didn't see your HUB configuration, but my question is are you forming an OSPF adjacency with your sites or with he SP who is advertising your routes for you.

If you are peered with the SP in some sort of MPLS L3VPN then their configuration could also determine if the route was O/O IA/ OE1/2 etc. Just curious.

 

Without knowing exactly what's in that cloud troubleshooting can only got so far. Hope fully that can shed more light on the issue.

-David

Hi David,
Kindly find below the configuration from both Hub's:
Hub-01
======
interface G0/0
ip address 192.253.100.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 0 pass OSPF@1234
ip ospf network point-to-multipoint
load-interval 30
!
router ospf 1
network 192.253.100.0 0.0.0.255 area 0
neighbor 192.253.100.192
neighbor 172.253.100.192
!


Hub-02
======
interface G0/0
ip address 172.253.100.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 0 pass OSPF@1234
ip ospf network point-to-multipoint
load-interval 30
!
router ospf 1
network 172.253.100.0 0.0.0.255 area 0
neighbor 192.253.200.192
neighbor 172.253.200.192
!

what I am trying to achieve is to seperate the internal network from area 0.
Saying that, if i use different ip subnet between devices & between spokes & hubs will it make any difference?
Thank you very much for the support and details shared, i really appreciate it.

The internal network being the 2 external sites? If that's the case then from your very fist output you achieved that. When you routes showed up as O IA and O E2 routes in Area 0 that indicates they were from other Areas.

If not then not sure what you mean. 

Using different subnets/IPs have no affect on how your routes show up in OSPF (minus the loopback specialty case). Its how they are advertised into OSPF.

-David

Thank you David for the information shared and support.

Point is clear now.

I really appreciate your help & support.

@David Ruess I can see it in ospf db, but what you see above is how I troubleshoot the issue.

@karamalomari I will make double check I think I found issue here

what make me think that this is not relate to static route is you config ospf identical in both Spoke but one is advertise the prefix with O IA and other not !!
so I troubleshooting and  I find one point interesting 
let start 
I config OSPF with  both 192.168.254.4/30 and 192.168.254.2/30
then I check R3 and find the prefix so no issue 

11111111.png

and then I use area range to merge both prefix to be 192.168.0.0/16 
and I success 

222222.png

here the interest thing immediate after I add area 1 stub no-summary, 
the R2-R1 OSPF is down, and this what you see and I mention before that 192.168.254.4/30 is missing from IP OSPF database. 
why this strange behave happened is need more and I think it bug (I will confirm later after check some cisco doc.). 
so remove area stub no-summary and check again 
first check 192.168.254.4/30 in ospf database 
then check the O IA in Hub.  

33333.png

Thats what I mean when I said you lab is not the same so you cant compare your results to theirs. The OP does not have an ABR on Spoke 1, its an ASBR because there is redistribution static and everything else is in Area 0. Nothing is in Area 192, if you check my last post I explain it. So the Area range command is invalid for the OPs network. You would have to use the summary address command, but even that wont work since its still all in Area 0. It would take the O route no matter what due to OSPF routing preference. The reason they are is seeing it an an O E2 route is because there is a static route pointing to that prefix below the FW and its redistributing static making it an External Type-5 O E2 route.

 

And to be clear both spokes are NOT configured the same. One is configured as static and redistributed and the other is just a summary route. So the redistributed advertises O E2 and the Summary advertises O IA.

Also as mentioned the stub command is invalid because all networks are in Area 0.

friend make double check I use area range and It work. 
do lab and test. theoretical is not best way to troubleshooting network issue. 
thanks  

I did check . It works for YOU because you have interfaces in 2 different areas making your device an ABR. The OP does NOT have this setup so its invalid. Their device is an ASBR with the route not originating in the Area...that's why the O E2 is seen.

They would need to reconfigure some things to make it work.

I agree with that. But this is not the case for the OP as I have mentioned. If you look at the config of Site-A Spoke router you will see it is NOT an ABR as the interfaces are only in 1 Area...Area 0, so the area range command is invalid. I explained this in my earlier response.

router ospf 1
area 192 stub no-summary
area 192 range 192.168.0.0 255.255.0.0
network 192.168.0.0 0.0.255.255 area 192 <<- it is ABR there are two areas, the issue is mix two command range and stub.
network 192.253.100.192 0.0.0.255 area 0
network 192.253.200.192 0.0.0.255 area 0

Yes. That is the old config. I was basing my assessment of the newer config from the OP where all networks are in Area 0. No longer an ABR. The Area 192 commands are obsolete.

 

DavidRuess_0-1675805568681.png

 

Did you run  lab  for this case ? 

Hi,

I will run lab just inform me what you want exact

E2/1 OR O IA in hub for each spoke.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: