Re: OMP - Advertise a service VPN default route to branches from HQ

ouhsainezineeddine75290 · ‎05-18-2021

Hello, hope you having a great day.

i want to ask on how to advertise a default route from HQ vEdge to a branch vEdge, i am using " ip route 0.0.0.0/0 vpn 0" at HQ to nat for internet access, but this default route is not advertised to other vEdges. i know that if i used "ip route 0.0.0.0/0 null0" the route will be advertised to branches but now i will lose my nat at HQ and therfore my internet access. Any workaround? why is it so hard to advertise a default route, even an external ospf default route is not advertised, but other ospf external routes are advertised.

Kanan Huseynli · ‎05-21-2021

Hi,

network 0.0.0.0 0.0.0.0 in OMP template should do job.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

ouhsainezineeddine75290 · ‎05-23-2021

Hi, thanks fo replying

i tried your config but it didn't work

Here is HQ vEdge config

___________

system
host-name HQ-vEdge-1-1
system-ip 10.255.255.111
site-id 1
vbond 192.168.99.20
!
omp
no shutdown
graceful-restart
advertise ospf external
advertise connected
advertise static
!

vpn 0
name Transport
router
ospf
router-id 10.255.255.111
area 0
interface ge0/3
!
!
interface ge0/0
description "Link to Internet"
ip address 192.168.111.1/24
nat
!
tunnel-interface
encapsulation ipsec
color public-internet restrict
!
no shutdown
!
interface ge0/3
description "Link to MPLS"
ip address 172.16.111.1/24
tunnel-interface
encapsulation gre
color mpls restrict
!
no shutdown
!
ip route 0.0.0.0/0 192.168.111.254
!

vpn 1
name Service-VPN-1
router
ospf
router-id 10.255.255.111
area 1
interface ge0/1
exit
interface ge0/2
exit
!
!
interface ge0/1
description Lan-Link
ip address 10.1.55.1/24
no shutdown
!
interface ge0/2
description Lan-Link
ip address 10.1.66.1/24
no shutdown
!
ip route 0.0.0.0/0 vpn 0
!
omp
advertise ospf external
advertise connected
advertise static
advertise network 0.0.0.0/0
__________________________________________________________

And here is branch vEdge-2 config:

system
host-name vEdge-2
system-ip 10.255.255.120
site-id 2
vbond 192.168.99.20
!
omp
no shutdown
graceful-restart
advertise ospf external
advertise connected
advertise static
!
vpn 0
name Transport
router
ospf
router-id 10.255.255.120
area 0
interface ge0/3
exit
exit
!
!
interface ge0/0
description "Link to Internet"
ip address 192.168.120.1/24
nat
!
tunnel-interface
encapsulation ipsec
color public-internet restrict
!
no shutdown
!
interface ge0/3
description "Link to MPLS"
ip address 172.16.120.1/24
tunnel-interface
encapsulation gre
color mpls restrict
!
no shutdown
!
ip route 0.0.0.0/0 192.168.120.254
!
!
!
vpn 1
name Service-VPN-1
interface ge0/1
description Lan-Link
ip address 10.2.1.1/24
no shutdown
!
omp
advertise ospf external
advertise connected
advertise static
________________________________________________________________

And if i chech vEdge-2 routing table, there is no default route.(i attached an image)

by the way the version i am using is 19.2.31 if it matters or not
Thank you

IslamOmar · ‎05-24-2021

Try to add these two routes under your service side VPN

ip nat route vrf xxx 0.0.0.0 128.0.0.0 global

ip nat route vrf xxx 128.0.0.0 128.0.0.0 global

ouhsainezineeddine75290 · ‎05-25-2021

Hi, i couldn't find the "nat" option here, i have 3 option
ip route

ip ipsec

ip gre

i attached the pic from my console