Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
598
Views
0
Helpful
2
Replies

internal routing issue

Go to solution
dave dave
Level 1
Level 1

‎09-04-2012 08:52 AM - edited ‎03-07-2019 08:41 AM

hi! I've 2 core switches running HSRP, and each of this core switch has a connection to a router. The initial objective is to have all the outgoing traffic to go thru core 1 to the router, and the link from core 2 to the router will only kick in if core 1 failed. However with the config below, i noticed that both links are up at the same time. Pc connected to core 1 will actually have the traffic going through the link between itself to the router, and PC connected to core 2 will actually going through the link between core 2 to the router. My questions are below.

1) when i do a sh ip route from the core 1 and core 2 below, it seems that it has the option to go thru vlan32, 31,30 and 28 GW to go to 10.10.31.224/30 & 10.10.31.240/30. Any idea why is that so? I noticed that when i disconnect any of the link between the core to the router, it has to go thru 2-3 internal GW before hitting the opposite router interface. Is this related?

siteA_C1 - sh ip route

O       10.10.31.244/30 [110/2] via 10.10.31.227, 06:36:50, Vlan32

                         [110/2] via 10.10.31.131, 06:36:50, Vlan31

                         [110/2] via 10.10.30.3, 06:36:50, Vlan30

                         [110/2] via 10.10.28.3, 06:36:50, Vlan28

siteA_C2 - sh ip route

O       10.10.31.240/30 [110/2] via 10.10.31.226, 06:38:12, Vlan32

                         [110/2] via 10.10.31.130, 06:38:12, Vlan31

                         [110/2] via 10.10.30.2, 06:38:12, Vlan30

                         [110/2] via 10.10.28.2, 06:38:12, Vlan28

Here are the configurations and i have with the diagram attached. Pls advise on this. Thx.

SiteA_Core1

----------------------------

interface GigabitEthernet6/1

no switchport

ip address 10.10.31.241 255.255.255.252

!

interface Vlan26

description VLAN 26 Management

ip address 10.10.26.2 255.255.255.0

standby 1 ip 10.10.26.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan29

description VLAN 29 Data

ip address 10.10.29.2 255.255.255.0

standby 1 ip 10.10.29.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan30

description VLAN 29 Data1

ip address 10.10.30.2 255.255.255.0

standby 1 ip 10.10.30.1

standby 1 priority 80

standby 1 preempt

!

interface Vlan31

description VLAN 311 svr

ip address 10.10.31.130 255.255.255.240

standby 1 ip 10.10.31.129

standby 1 priority 120

standby 1 preempt

!

interface Vlan32

description VLAN 312 security

ip address 10.10.31.226 255.255.255.240

standby 1 ip 10.10.31.225

standby 1 priority 80

standby 1 preempt

!

router ospf 100

log-adjacency-changes

redistribute static subnets

network 10.10.31.241 0.0.0.0 area 0

network 10.10.26.0 0.0.15.255 area 0

!

ip route 0.0.0.0 0.0.0.0 GigabitEthernet6/1 10.10.31.242

ip route 0.0.0.0 0.0.0.0 GigabitEthernet6/1 10.10.31.246 250

ip route 10.0.0.0 255.0.0.0 GigabitEthernet6/1 10.10.31.242 250

SiteA_Core2

------------------------------------

!

!

interface GigabitEthernet6/1

no switchport

ip address 10.10.31.245 255.255.255.252

!

interface Vlan26

description VLAN 26 Management

ip address 10.10.26.3 255.255.255.0

standby 1 ip 10.10.26.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan29

description VLAN 29 Data

ip address 10.10.29.3 255.255.255.0

standby 1 ip 10.10.29.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan30

description VLAN 30 Data1

ip address 10.10.30.3 255.255.255.0

standby 1 ip 10.10.30.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan31

description VLAN 311 svr

ip address 10.10.31.131 255.255.255.240

ip helper-address 10.10.9.4

standby 1 ip 10.10.31.129

standby 1 priority 80

standby 1 preempt

!

interface Vlan32

description VLAN 312 security

ip address 10.10.31.227 255.255.255.240

ip helper-address 10.10.9.4

standby 1 ip 10.10.31.225

standby 1 priority 120

standby 1 preempt

!

router ospf 100

log-adjacency-changes

redistribute static subnets

network 10.10.31.245 0.0.0.0 area 0

network 10.10.26.0 0.0.15.255 area 0

!

ip route 0.0.0.0 0.0.0.0 GigabitEthernet6/1 10.10.31.242

ip route 0.0.0.0 0.0.0.0 GigabitEthernet6/1 10.10.31.246 250

ip route 10.0.0.0 255.0.0.0 GigabitEthernet6/1 10.10.31.246 250

SiteA_Router 1

----------------

!

interface FastEthernet0/1/0

description Connection to Core1

ip address 10.10.31.242 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet0/1/1

description connection to core2

ip address 10.10.31.246 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet0/0/0

description Connection to router1

ip address 10.10.25.122 255.255.255.252

duplex auto

speed auto

!

router ospf 8

network 10.10.25.122 0.0.0.0 area 0

network 10.10.31.242 0.0.0.0 area 0

network 10.10.31.246 0.0.0.0 area 0

!

!

ip route 0.0.0.0 0.0.0.0 10.10.25.121

Labels:
Preview file
134 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎09-11-2012 03:42 PM

To answer your specific question first -

1) from core1 switch -

siteA_C1 - sh ip route

O 10.10.31.244/30 [110/2] via 10.10.31.227, 06:36:50, Vlan32

[110/2] via 10.10.31.131, 06:36:50, Vlan31

[110/2] via 10.10.30.3, 06:36:50, Vlan30

[110/2] via 10.10.28.3, 06:36:50, Vlan28

you have in your OSPF config on core2 -

network 10.10.31.245 0.0.0.0 area 0

network 10.10.26.0 0.0.15.255 area 0

10.10.26.0 0.0.0.15 actually  covers subnets 10.10.16.0 -> 10.10.31.0. So any vlan interface configured on core2 that falls within that range will have OSPF start up and advertise that subnet. OSPF starts on vlan 28, 30, 31 and 32. It also starts on vlan 26 and vlan 29 as well. 

So OSPF starts on vlan 28 for example. It then forms a adjacency with core1 on vlan 28. Once it has done this it then sends it's routing entries to core1 (note it doesn't actually send routing entries but LSAs but that's not really the key point here). It then does this for vlan 26, vlan 29, 30, 31 and 32 as well. So core1 receives advertisements from core2 for 10.10.31.244/30 on vlan 26,28.29.30,31,32.  The reason you only see 4 entries is because OSPF by default only installs 4 equal cost paths into the routing table so it has just chosen those 4 advertisements.

This is normal behaviour.  If you didn't want all these adjacencies forming you could use the passive interface command under some of the vlan interfaces and they would not be formed which is quite a common practice. It doesn't hurt to have what you have though.

To answer the more general question about traffic flow -

PC1  connected to core1 in vlan 30

PC2 connected to core2 in vlan 30

core1 is HSRP active for vlan 30

PC1 pings a device in siteB. You should see the traffic go from PC1 to core1 then to siteA router and on to siteB.

PC2 pings a device in siteB. You should see the traffic go from PC2 to core2 then to core1 then to siteA router. The reason it goes from core2 to core1 is that PC2 sends it's traffic to it's default-gateway which is the HSRP active address on core1 so traffic has to go to core1 first.

Return traffic from siteB however is a different matter. You are not running HSRP between the router and the core switches so the the router should have 2 equal cost paths to vlan 30 one via core1 and one via core2. It will use both paths in a round robin fashion so the link between core2 and siteA router may well be used.

The above is normal for this setup. If you do a traceroute from PC2 using the above example you should see it go via the HSRP IP address on core1 although you won't see any extra hops in traceroute because the packet is switched at L2 from core2 to core1.

If you really wanted to only use the core2 to siteA router for backup then you would need to -

i) make sure all HSRP active gateways are on core1

ii) manipulate the routing table on siteA router to prefer the core1 link

but i would ask if you have gone to the trouble of setting up redundant connectivity as you have why not let the network simply choose the best route. You get more bandwidth and probably just as important you do not need to do any extra config which would only complicate the setup.

Jon

View solution in original post

0 Helpful
2 Replies 2

Go to solution
dave dave
Level 1
Level 1

‎09-11-2012 07:30 AM

hi! Anyone has any clue on this? Thx.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎09-11-2012 03:42 PM

To answer your specific question first -

1) from core1 switch -

siteA_C1 - sh ip route

O 10.10.31.244/30 [110/2] via 10.10.31.227, 06:36:50, Vlan32

[110/2] via 10.10.31.131, 06:36:50, Vlan31

[110/2] via 10.10.30.3, 06:36:50, Vlan30

[110/2] via 10.10.28.3, 06:36:50, Vlan28

you have in your OSPF config on core2 -

network 10.10.31.245 0.0.0.0 area 0

network 10.10.26.0 0.0.15.255 area 0

10.10.26.0 0.0.0.15 actually  covers subnets 10.10.16.0 -> 10.10.31.0. So any vlan interface configured on core2 that falls within that range will have OSPF start up and advertise that subnet. OSPF starts on vlan 28, 30, 31 and 32. It also starts on vlan 26 and vlan 29 as well. 

So OSPF starts on vlan 28 for example. It then forms a adjacency with core1 on vlan 28. Once it has done this it then sends it's routing entries to core1 (note it doesn't actually send routing entries but LSAs but that's not really the key point here). It then does this for vlan 26, vlan 29, 30, 31 and 32 as well. So core1 receives advertisements from core2 for 10.10.31.244/30 on vlan 26,28.29.30,31,32.  The reason you only see 4 entries is because OSPF by default only installs 4 equal cost paths into the routing table so it has just chosen those 4 advertisements.

This is normal behaviour.  If you didn't want all these adjacencies forming you could use the passive interface command under some of the vlan interfaces and they would not be formed which is quite a common practice. It doesn't hurt to have what you have though.

To answer the more general question about traffic flow -

PC1  connected to core1 in vlan 30

PC2 connected to core2 in vlan 30

core1 is HSRP active for vlan 30

PC1 pings a device in siteB. You should see the traffic go from PC1 to core1 then to siteA router and on to siteB.

PC2 pings a device in siteB. You should see the traffic go from PC2 to core2 then to core1 then to siteA router. The reason it goes from core2 to core1 is that PC2 sends it's traffic to it's default-gateway which is the HSRP active address on core1 so traffic has to go to core1 first.

Return traffic from siteB however is a different matter. You are not running HSRP between the router and the core switches so the the router should have 2 equal cost paths to vlan 30 one via core1 and one via core2. It will use both paths in a round robin fashion so the link between core2 and siteA router may well be used.

The above is normal for this setup. If you do a traceroute from PC2 using the above example you should see it go via the HSRP IP address on core1 although you won't see any extra hops in traceroute because the packet is switched at L2 from core2 to core1.

If you really wanted to only use the core2 to siteA router for backup then you would need to -

i) make sure all HSRP active gateways are on core1

ii) manipulate the routing table on siteA router to prefer the core1 link

but i would ask if you have gone to the trouble of setting up redundant connectivity as you have why not let the network simply choose the best route. You get more bandwidth and probably just as important you do not need to do any extra config which would only complicate the setup.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card