Re: Dual default ospf routes

m.egan · ‎11-30-2012

Hi - I'm working on a design with two different ISP providers. I'm running BGP with the providers and advertising my company owned address block. AS-prepending on one side. That's working fine.

I'm running OSPF in the inside with a Check Point firewall cluster. The two ISP routers are only sending the default route to the firewalls.

Router-A

router ospf 1

default-information originate

Router-B

router ospf 1

default-information originate metric 155

Both Routers and the Firewalls are all on the same segment. I can see neighbor relationships, LSA database etc.

I'm expecting that when Router-A (primary) goes down, the route to Router-B comes in. That seems to be working fine. Now when Router-A comes back I'm expecting the firewall to start using the route to Router-A again but its not. Am I miss-interpreting this behavior?

This seems like such a basic design/config - I baffled as to why its not working. Do I need to adjust or tweak DR/BDR or anything of that nature.

PS - I have a TAC case open with Check Point but I just wanted to sanity check this with the group here.

Thanks in advance for the help.

Giuseppe Larosa · ‎11-30-2012

Hello Matthew,

the router should generate again an OSPF default route after restore IF a default route, not coming from OSPF domain, is present in the IP routing table.

So you need to check the IP routing table of Router-A after the restore to see if:

a default route is present in the IP routing table

that default route is NOT the OSPF route generated by Router-B

Check the OSPF database on Router-A after restore to see if the locally originated LSA for 0.0.0.0 is present.

if the OSPF LSA is present Router-A should flood it and the firewall should use it again.

Hope to help

Giuseppe