11-23-2016 09:17 AM - edited 03-08-2019 08:16 AM
Hi,
I am trying to remove VLAN 11 (10.10.30.1 /26), 12 (10.10.30.65 /26) and 13 (10.10.30.129 /26) from the core and place them on a firewall (changing from L3 VLANs on core to L2).
The problem I am having is when putting in a static route, OSPF isn't updating and this is causing the traffic to expire in transit as it is trying to reach the gateway on the core which has been moved to the firewall as an interface to a /26 range.
Firewall Config
Internal_Interface : 10.11.30.250
DMZ 1: 10.10.30.1 /26
DMZ 2: 10.10.30.65 /26
DMZ 3: 10.10.30.129 /26
OSPF Config
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute static
network 10.254.0.1 0.0.0.7 area 0
Static Route
Newly input
ip route 10.10.30.0 255.255.255.0 10.11.30.250
Please could you advise what I am missing? the route stays in the OSPF table and I am assuming thats where it is failing as it isnt seeing the static?
Thanks for any help!
11-23-2016 09:43 AM
Hi -
Based on your post I'd say this is the expected behavior. You're redistributing a /24 into OSPF, so all it's peers will see that network.
PSC
11-23-2016 02:03 PM
I find this description of the problem to be not clear. Have the SVIs for vlan 11 and 12 and 13 been removed from the core? As long as the SVIs exist and OSPF does redistribute static then the /26 subnets will still be in the routing table and will be used and not the /24 static.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide