07-01-2017 02:54 PM - edited 03-08-2019 11:10 AM
Hi All,
Good Day!
Below diagram should be the right traffic flow but I would like to ask, what would be the best solution for asymmetric routing on this scenario.
Going/From to 192.168.64.0 path should always use S1 to S3 vice versa.
Going/From to 192.168.80.0 path should always use S2 to S4 vice versa.
but if 1 link fail it should use the alternative link.
TRACE FROM `1FW to S3F (OK)
Record route:
(192.168.13.243)
(192.168.255.82)
(192.168.64.254)
(192.168.255.81)
(192.168.12.4)
(192.168.13.243) <*>
TRACE FROM 1FW to S4F – Asymetric Routing
Record route:
(192.168.13.243)
(192.168.255.102)
(192.168.80.254)
(192.168.255.97)
(192.168.255.81)
(192.168.12.4)
(192.168.13.243) <*>
----------------------------------------------------------
TRACE FROM `1FW to S3F (OK)
Record route:
(192.168.13.254)
(192.168.255.82)
(192.168.64.254)
(192.168.255.81)
(192.168.12.4)
(192.168.13.254) <*>
TRACE FROM 2FW to S4F – Asymetric Routing
Record route:
(192.168.13.254)
(192.168.255.102)
(192.168.80.254)
(192.168.255.97)
(192.168.255.81)
(192.168.12.4)
(192.168.13.254) <*>
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Configuration (Sample)
S1 & S2: static route's going to upstream and downstream.
S3 & S4: OSPF enable p2p
S3 has static route redistributed to OSPF received by R4 (So that why S4 chose S3 - S1 return path)
S3: i
ip route 192.168.0.0/16 192.168.255.82
router ospf 1
redistribute static subnets
S4: Show ip route ( No other configuration in S4)
S* 0.0.0.0/0 [1/0] via 192.168.255.102
O E2 192.168.0.0/16 [110/20] via 192.168.255.98, 00:06:37, FastEthernet1/0
Issue: is the path from/to S4 192.168.80.0/24 it always chose S1(192.168.255.98)
Please help me to find solution on S4 asymmetric routing..
Thanks
07-01-2017 05:40 PM
Hi
Can you paste the config on text files to all your switches/routers S1 to S4?
On your post you're talking about R4. Who's this router and where is connected to?
By viewing all your static routes and analyze your redistribution we'll be able to help you and eliminate asymmetric routing.
On your config you can delete all confidential data.
Thanks
07-01-2017 10:26 PM
Here's the summary of the config.
SW01
interface FastEthernet1/0
ip address 192.168.12.4 255.255.254.0
duplex auto
speed auto
standby 10 ip 192.168.12.6
standby 10 priority 120
standby 10 preempt
standby 20 ip 192.168.12.3
standby 20 preempt
standby 20 track 1 decrement 15
ip route 192.168.48.0 255.255.255.0 192.168.13.254
ip route 192.168.64.0 255.255.255.0 192.168.255.81
ip route 192.168.80.0 255.255.255.0 192.168.255.81
ip route 192.168.103.0 255.255.255.0 192.168.13.243
SW02
interface FastEthernet1/0
ip address 192.168.12.7 255.255.254.0
duplex auto
speed auto
standby 10 ip 192.168.12.6
standby 10 priority 110
standby 20 ip 192.168.12.3
standby 20 priority 110
standby 20 preempt
standby 20 track 1 decrement 15
ip route 192.168.48.0 255.255.255.0 192.168.13.254
ip route 192.168.64.0 255.255.255.0 192.168.255.101
ip route 192.168.80.0 255.255.255.0 192.168.255.101
ip route 192.168.103.0 255.255.255.0 192.168.13.243
SW03
interface FastEthernet0/0
ip address 192.168.255.81 255.255.255.252
interface FastEthernet1/0
ip address 192.168.255.98 255.255.255.252
ip ospf 1 area 0
router ospf 1
log-adjacency-changes
redistribute static subnets route-map RM:SO
network 192.168.64.0 0.0.0.255 area 0
network 192.168.74.0 0.0.0.255 area 0
network 192.168.76.0 0.0.0.255 area 0
ip route 192.168.0.0 255.255.0.0 192.168.255.82
SW4
interface FastEthernet0/0
ip address 192.168.255.101 255.255.255.252
interface FastEthernet1/0
ip address 192.168.255.97 255.255.255.252
ip ospf 1 area 0
ip route 0.0.0.0 0.0.0.0 192.168.255.102
Also I cannot remove the redistributed routes It will affect other neighbors on OSPF
07-02-2017 06:04 PM
Hi
First of all, why aren't you running ospf onto SW1 and SW2? With a good OSPF design you can achieve what you want in a dynamic way.
Does your 1FW is connected to both S1 and S2? If yes, what are the static routes configured? What's the next hop for 192.168.80.0/20 on this 1FW?
This is normal that you've asymmetric routing because on SW1, you've a static route for 192.168.80.0/20 going to S3:
ip route 192.168.80.0 255.255.255.0 192.168.255.81
If 1FW is not connected to S2, then next hop for that subnet should be S1 and on S1, the next-hop for your static route for that subnet should be S2. You can also add some tracking in case S2 goes down to route the traffic to that subnet to S3:
Below an example of the config on S1 in that case: (IP SLA I'm showing below is based on icmp as example but you can also track the interface status between S1 and S2 because if S2 goes down the interface status on S1 goes down too)
ip sla 1 icmp-echo 192.168.12.7 source-ip 192.168.12.4 ip sla schedule 1 life forever start-time now
track 1 ip sla 1 reachability
ip route 192.168.80.0 255.255.255.0 192.168.12.7 track 1 ip route 192.168.80.0 255.255.255.0 192.168.255.81 10
If 1FW is connected to both switch, it's easier as you already have a HSRP group with S2 as primary and S1 as secondary.
The route on 1FW should be:
ip route 192.168.80.0 255.255.255.0 192.168.12.3
In the other way, S4 has a default route going through S2 which is good. Normally the traffic on that way is taking the right path. However, If S2 goes down, does S1 is announcing a default backup route for S4? If not, you can announce a default route from OSPF on S1 or adapt your static route on S2 with tracking as I show before.
Normally the redistribute shouldn't affect access to internet for S4 because your static on S4 has precedence over ospf learned routes. But to be 200% sure that nothing else could impact, we need to see the route-map. Again based on what I see, I'm 100% confident that from S4 to internet the path is the right one.
Thanks
PS: Please don't forget to rate and mark as correct answer if this answered your question
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide