Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1061
Views
0
Helpful
1
Replies

Nexus 7k & OSPF

surya.thapa
Level 1
Level 1

‎10-23-2011 01:12 AM - edited ‎03-07-2019 02:59 AM

hi,

We are having two nexus 7k configured in vpc environment, Currently we are using SVI's and single vdc. Default route going to our company's network. We have a seperate setup for particular source and destination for which traffic gets encrypted and follow vpn tunnel and goes through the same company network. I mean, for three particular SVI's, traffic to Destination A, will go through VPN routers and gets encrypted and in return follow the path over the company network. Whereas for other SVI's to go to destination A, it will follow normal company path without VPN tunnel. We are currently using PBR for the same on those three SVI's. Now, the destinations have increased and we want to configure OSPF instead of using PBR, to fulfill this requirement. First query, is it possible to configure OSPF to serve the purpose. We tried as per attached diagram, but facing few problems. Below are some observations.

1. Neighbourship is getting formed, but routing table is getting updated only in one nexus core at a time as second core will get update over vPC link.

2. All SVI's taking OSPF path for Destination A, instead of taking normal default route.

Now questions are, is it really possible to configure OSPF for particular SVI's? How to stop OSPF route learning over vPC links, like in router we could define distance 255... command? Any help will be really appreciated.OSPF_Nexus.jpg

Labels:
0 Helpful
1 Reply 1

Marwan ALshawi
VIP Alumni
VIP Alumni

‎10-23-2011 02:32 AM

You need to have a separate link either layer 3 or layer with svi on both switches for ospf peering

Do not use the vPC peer link to form ospf peering as this will lead to splitting the routing and issues like the one you facing

For VPN re routing you can keep the pbr and for other traffic you could use ospf for simplicity

Hope this help

If helpful rate

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card