Hi Richard, 

I have a more detailed network diagram of my network right now. 

But the main issue is that in Area 10, DH-R1 and DH-R2 annonces the VLANs to each other, so there will multiple routes to each in that vlan, which is unnecessary, they should only be annonced to Area 0, which they are. But is there any other way to block to advertisement in Area 10 between the routers instead of having firewall rules blocking OSPF? 

Or is there any better solution or maybe a design you would recommend.

Hi Paul, 

I already injected the default route into the OSPF area. 

And the VLAN interfaces are also in passive. 

It's just normal area's thats being used, no Stubby, or totally stub areas etc. 

The main issue is that, with VRRP, each of routers in Area 10, they will learn about the routes from each other, which will make big a routing table, so i guess the only fix for this is to create firewall rules on both of routers in Area 10, so block OSPF from each other. 

Have you implemted OSPF where VRRP was used in the same area? 

Hello

---

@MikkelN1996 wrote:

Hi Paul,  

Have you implemted OSPF where VRRP was used in the same area? 

 

---

No i haven't but hrsp i have, Anyway I dont think it the FHRP is the problem.

When you say the routers in area 10 are receiving each other routes that where I am getting confused -Looking at your topology you posted you should have only one ospf adjacency between the core rtrs and the wan rtr, thus you only routes I would say you should be receiving are any routes from area 0 and possibly the ospf sunbet from each other wan facing interface of the cores

Can you post the FHRP/OSPF config of the cores please.

Like Paul I have implemented OSPF with HSRP (many times) but not with VRRP. I do not see where VRRP makes much difference. 

Perhaps I understand the drawing a bit differently from Paul but it looks to me like the 2 routers will be running OSPF on vlans 10, 20, 30, 40, 50, and 60 as well as on the link through area 0. So they will form neighbor relationship on each of those interfaces. But I do not agree that this will create a big routing table. In fact the routing table on both of those routers will have 6 entries for those connected interfaces (one entry for each of the locally connected interfaces) and will not have any OSPF entries for those networks. The OSPF Link State DataBase will have entries learned from its peer router but that is not a large number of entries. I do not see where there is any problem that you need to solve - and I certainly would advise not to have any firewall rules denying OSPF packets.

HTH

Rick

Reading through the discussion again I see the comment that the vlan interfaces are passive which I had not recognized previously. That makes things even better. In that case there will be no neighbor relationship  and no adjacency on the vlan interfaces. So each router will send LSAs through area 0 for the vlans. So each router Link State DataBase will have 6 entries from its neighbor - and will have Zero entries in its routing table reflecting those entries. I do not see any problem here that needs to be solved. If I am missing something then please provide clarification.

HTH

Rick

Hi, 

Yes everything is working correctly, i just tested and verifyed. 

Thanks a lot and have a great new year!

Hello

---

@MikkelN1996 wrote:

Hi, 

Yes everything is working correctly, i just tested and verifyed. 

Thanks a lot and have a great new year!

---

That nice to hear you issue has been resolved!

For clarification and maybe to assist others in the future what did you do to rectify problem did any of my or ricks suggestions help ?

I just tested with creating a new VLAN and assigned that to both routers in Area 10, and then i could see the routes appearing in routing table within the area 10, i then just put the new vlan interface into passive-interface. 

Which solved the issue. 

Hello

glad to hear it - 

may I ask you mark your post as resolved if the support your received helped?