05-06-2016 06:28 AM - edited 03-08-2019 05:38 AM
Hi.. I have been running nexus 9396(n9000-dk9.6.1.2.I3.4a.bin) and so far I have been running static routing b/w nexus and router to connect other remote sites.
But now I have a new site with L3 3850 stack switches which have two P2P circuit directly connected to the nexus switchs(one circuit to N9k-1 & another circuit to N9k-2). I want to run ospf b/w 3850 and nexus switches.
On 3850 I can do configuration but on nexus I am a bit unsure. I need to do ospf config like that if one circuit on N9k-1 goes down, there should still be reachability over secondary circuit which is connected on N9k-2.
So in this case traffic will route from N9k-1 to N9k-2 and then over secondary circuit to 3850 switch and same like reverse path.
Could you pls guide me how to do ospf config in this case.
05-08-2016 09:52 AM
Hi -
I suggest you review Brad Hedlund's article on this topic. Link to Article.
05-11-2016 06:06 AM
Hi Paul.. Thanks for your info, Currently I have provisioned a new link b/w nexus-1 and nexus-2 and made these ports as L3 and have run ospf. currently ospf neighborship is up. But I have confusion, i have vlans configured on both nexus switches and if advertise vlans networks on both nexus switches under ospf, wouldn't there be any problem. Means same network will be advertised by both nexus switches. Is it ideal configuration? Could you confirm if below config is correct.
Nexus -1
interface Ethernet 1/5
description " To Nexus-2"
no switchport
ip address 172.25.16.2/30
ip router ospf 1 area 0
interface vlan100
description "user data vlan"
no shutdown
no ip redirects
ip address 192.168.100.2/24
hsrp 1
preempt
priority 150 forwarding-threshold lower 1 upper 150
ip 192.168.100.1
ip dhcp relay address 192.168.10.10
router ospf 1
router-id 172.25.16.2
network 192.168.100.0 mask 0.0.0.255 area 0
Nexus -2
interface Ethernet 1/5
description " To Nexus-1"
no switchport
ip address 172.25.16.1/30
ip router ospf 1 area 0
interface vlan100
description "user data vlan"
no shutdown
no ip redirects
ip address 192.168.100.3/24
hsrp 1
preempt
priority 100 forwarding-threshold lower 1 upper 100
ip 192.168.100.1
ip dhcp relay address 192.168.10.10
router ospf 1
router-id 172.25.16.1
network 192.168.100.0 mask 0.0.0.255 area 0
05-11-2016 08:19 AM
Hi -
I think this configuration would be better...
! ### N9K-1 ###
! Set up routing
feature ospf
router ospf 1
router-id 172.25.16.2
passive-interface default
exit
!
! Connection to 3850 (interface and IP made up)
interface e1/40
desc <3850 host name> - Gi1/1/1
no switchport
ip address 172.31.255.249/29
ip router ospf 1 area 0
no ip ospf passive-interface
no shutdown
!
! Nexus OSPF peer connection (can be any vPC VLAN)
interface vlan100
ip address 192.168.100.2/24
no ip redirects
ip router ospf 1 area 0
no ip ospf passive-interface
! HSRP if desired for end station connections
!
! General VLAN (OSPF Passive Interface)
interface vlan101
ip address 192.168.101.2/24
no ip redirects
ip router ospf 1 area 0
! HSRP if desired for end station connections
!
!
! ### N9K-2 ###
! Set up routing
feature ospf
router ospf 1
router-id 172.25.16.3
passive-interface default
exit
!
! Connection to 3850 (interface and IP made up)
interface e1/40
desc <3850 host name> - Gi2/1/1
no switchport
ip address 172.31.255.250/29
ip router ospf 1 area 0
no ip ospf passive-interface
no shutdown
!
! Nexus OSPF peer connection (can be any vPC VLAN)
interface vlan100
ip address 192.168.100.3/24
no ip redirects
ip router ospf 1 area 0
no ip ospf passive-interface
! HSRP if desired for end station connections
!
! General VLAN (OSPF Passive Interface)
interface vlan101
ip address 192.168.101.3/24
no ip redirects
ip router ospf 1 area 0
! HSRP if desired for end station connections
!
!
! ### 3850 Stack ###
! Set up Route peering VLAN (creates equal cost routing to Nexus)
vlan 401
name N9K-ROUTING
interface vlan401
ip address 172.31.255.254 255.255.255.248
!
! Assign fiber links to VLAN
interface range gi1/1/1, gi2/1/1
switchport mode access
switchport access vlan 401
!
! Build routing as typical for this device
From the N9K perspective each switch will forward directly to the 3850 because the local link is the shortest path. From the 3850 perspective the N9Ks are equal cost paths to the remote networks. I always use "passive-interface default" to control my route peers. On the nexus this is important because if we don't control it we will end up peering on (potentially) 100s of VLANs.
In your particular setup, you don't need a dedicated link for OSPF. There are some topologies that do, particularly ones where route peering is necessary for an asymmetrically connected router. (The example above basically builds the Example 1 topology from the Brad Hedlund article.)
Hope that helps.
PSC
05-11-2016 02:35 PM
Hello
You also apply either an higher manually ospf cost on the less preffered p2p circuit if you are using the same ospf areas for both p2p links or use an inter-area peer for path manipulation
res
paul
05-11-2016 10:17 PM
Thanks much Pau Driver & Paul Chapman... I would configure passive-interface default but still if I use a dedicated link b/w both nexus to run OSPF, would there be any challenge? Since I have used dedicated link so I don't want to remove this now. And in future we will be good if there is requirement to setup network where dedicated link is required.
05-11-2016 11:15 PM
Hi -
There's no harm in the dedicated link. You just need a peering point between the Nexus switches.
PSC
05-11-2016 11:44 PM
Thanks, I will implement ospf on 3850 switch also and will let you know accordingly. Thanks again for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide