Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
681
Views
0
Helpful
2
Replies

OSPF Area 0 over backup IPSEC/GRE

Go to solution
cisco-cdn
Level 1
Level 1

‎05-10-2011 03:23 PM - edited ‎03-06-2019 04:59 PM

High Level Design (Picture attached):

2 locations (Area 30, Area 40). 2 Routers at each location, and 1 3750 stack.

The sites are interconnected via link between the 3750 stacks at each location.

I have designated this interconnect network as area 0.

The problem is, at the routers which are our internet edge devices, I want to do an IPSEC/GRE tunnel that can interconnect areas 30 and 40, but routing only happen when the interconnect link between the stacks goes down.

The problem I am seeing in my lab, is the routers see their route to the other location as across the tunnel interface, but the stack sees their route across the interconnect link.

Couple Questions:

Is my overall design of the 3 OSPF areas a correct design?

What can I do to have my routes fail over to the IPSEC/GRE tunnel when the interconnect link goes down?

Thanks in advanced.

Labels:
Preview file
30 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kishore Chennupati
Level 7
Level 7

‎05-10-2011 09:43 PM

Hi,

The areas seems to be conencted properly and its a standard setup.However, when you want to connect your area30 and area 40, the traffic has to go through the backbone which is area0. So, if you want to run GRE/IPsec between the areas via the internet then you might want to run another protocol like eigrp over the tunnel and use redistribution between ospf and eigrp.

So, the routers in Area 30 will learn about the routes in Area 40 via  Tunnel(Eigrp) and also OSPF ( from your internal network). The routers will always select the routes learned via the internal network because the routes it learns via eigrp will be external routes and the AD will be 170 compared to ospf 110.

When you internal network switch links go down then the traffic will router via GRE(Eigrp).

Hope this makes sense

Regards

Kishore

Please rate if helpful

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Kishore Chennupati
Level 7
Level 7

‎05-10-2011 09:43 PM

Hi,

The areas seems to be conencted properly and its a standard setup.However, when you want to connect your area30 and area 40, the traffic has to go through the backbone which is area0. So, if you want to run GRE/IPsec between the areas via the internet then you might want to run another protocol like eigrp over the tunnel and use redistribution between ospf and eigrp.

So, the routers in Area 30 will learn about the routes in Area 40 via  Tunnel(Eigrp) and also OSPF ( from your internal network). The routers will always select the routes learned via the internal network because the routes it learns via eigrp will be external routes and the AD will be 170 compared to ospf 110.

When you internal network switch links go down then the traffic will router via GRE(Eigrp).

Hope this makes sense

Regards

Kishore

Please rate if helpful

0 Helpful

Go to solution
cisco-cdn
Level 1
Level 1
In response to Kishore Chennupati

‎05-11-2011 05:37 PM

thanks for the reply, it set me down the right path, I ended up doing EIGRP with redistribution into OSPF on the edge routers, but because there are some networks that are not attached to them I also needed to do OSPF redistribution into EIGRP as well. Basically bi-directional redistribution between EIGRP and OSPF.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card