cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2047
Views
10
Helpful
7
Replies

ospf between N9k and 3850

Anukalp S
Level 1
Level 1

Hi.. I have been running nexus 9396(n9000-dk9.6.1.2.I3.4a.bin) and so far I have been running static routing b/w nexus and router to connect other remote sites.

But now I have a new site with L3 3850 stack switches which have two P2P circuit directly connected to the nexus switchs(one circuit to N9k-1 & another circuit to N9k-2). I want to run ospf b/w 3850 and nexus switches.

On 3850 I can do configuration but on nexus I am a bit unsure. I need to do ospf config like that if one circuit on N9k-1 goes down, there should still be reachability over secondary circuit which is connected on N9k-2.

So in this case traffic will route from N9k-1 to N9k-2 and then over secondary circuit to 3850 switch and same like reverse path.

Could you pls guide me how to do ospf config in this case.

7 Replies 7

Paul Chapman
Level 4
Level 4

Hi -

I suggest you review Brad Hedlund's article on this topic. Link to Article.

Hi Paul.. Thanks for your info, Currently I have provisioned a new link b/w nexus-1 and nexus-2 and made these  ports as L3 and have run ospf. currently ospf neighborship is up. But I have confusion, i have vlans configured on both nexus switches and if advertise vlans networks on both nexus switches under ospf, wouldn't there be any problem. Means same network will be advertised by both nexus switches. Is it ideal configuration? Could you confirm if below config is correct.

Nexus -1

interface Ethernet 1/5

description " To Nexus-2"

no switchport

ip address 172.25.16.2/30

ip router ospf 1 area 0

interface vlan100

description "user data vlan"

 no shutdown
  no ip redirects
  ip address 192.168.100.2/24
  hsrp 1
    preempt
    priority 150 forwarding-threshold lower 1 upper 150
    ip 192.168.100.1
  ip dhcp relay address 192.168.10.10

router ospf 1

router-id 172.25.16.2

network 192.168.100.0 mask 0.0.0.255 area 0

Nexus -2

interface Ethernet 1/5

description " To Nexus-1"

no switchport

ip address 172.25.16.1/30

ip router ospf 1 area 0

interface vlan100

description "user data vlan"

no shutdown
  no ip redirects
  ip address 192.168.100.3/24
  hsrp 1
    preempt
    priority 100 forwarding-threshold lower 1 upper 100
    ip 192.168.100.1
  ip dhcp relay address 192.168.10.10

router ospf 1

router-id 172.25.16.1

network 192.168.100.0 mask 0.0.0.255 area 0

Hi -

I think this configuration would be better...

! ### N9K-1 ###
! Set up routing
feature ospf
router ospf 1
 router-id 172.25.16.2
 passive-interface default
 exit
!
! Connection to 3850 (interface and IP made up)
interface e1/40
 desc <3850 host name> - Gi1/1/1
 no switchport
 ip address 172.31.255.249/29
 ip router ospf 1 area 0
 no ip ospf passive-interface
 no shutdown
!
! Nexus OSPF peer connection (can be any vPC VLAN)
interface vlan100
 ip address 192.168.100.2/24
 no ip redirects
 ip router ospf 1 area 0
 no ip ospf passive-interface
 ! HSRP if desired for end station connections
!
! General VLAN (OSPF Passive Interface)
interface vlan101
 ip address 192.168.101.2/24
 no ip redirects
 ip router ospf 1 area 0
 ! HSRP if desired for end station connections
!
!
! ### N9K-2 ###
! Set up routing
feature ospf
router ospf 1
 router-id 172.25.16.3
 passive-interface default
 exit
!
! Connection to 3850 (interface and IP made up)
interface e1/40
 desc <3850 host name> - Gi2/1/1
 no switchport
 ip address 172.31.255.250/29
 ip router ospf 1 area 0
 no ip ospf passive-interface
 no shutdown
!
! Nexus OSPF peer connection (can be any vPC VLAN)
interface vlan100
 ip address 192.168.100.3/24
 no ip redirects
 ip router ospf 1 area 0
 no ip ospf passive-interface
 ! HSRP if desired for end station connections
!
! General VLAN (OSPF Passive Interface)
interface vlan101
 ip address 192.168.101.3/24
 no ip redirects
 ip router ospf 1 area 0
 ! HSRP if desired for end station connections
!
!
! ### 3850 Stack ###
! Set up Route peering VLAN (creates equal cost routing to Nexus)
vlan 401
 name N9K-ROUTING
interface vlan401
 ip address 172.31.255.254 255.255.255.248
!
! Assign fiber links to VLAN
interface range gi1/1/1, gi2/1/1
 switchport mode access
 switchport access vlan 401
!
! Build routing as typical for this device

From the N9K perspective each switch will forward directly to the 3850 because the local link is the shortest path.  From the 3850 perspective the N9Ks are equal cost paths to the remote networks.  I always use "passive-interface default" to control my route peers.  On the nexus this is important because if we don't control it we will end up peering on (potentially) 100s of VLANs.

In your particular setup, you don't need a dedicated link for OSPF.  There are some topologies that do, particularly ones where route peering is necessary for an asymmetrically connected router. (The example above basically builds the Example 1 topology from the Brad Hedlund article.)

Hope that helps.

PSC

Hello

You also apply either an higher manually ospf cost on the less preffered p2p circuit if you are using the same ospf  areas for both p2p links or use an inter-area peer for path manipulation

res

paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Thanks much Pau Driver & Paul Chapman... I would configure passive-interface default but still if I use a dedicated link b/w both nexus to run OSPF, would there be any challenge? Since I have used dedicated link so I don't want to remove this now. And in future we will be good  if there is requirement to setup network where dedicated link is required.

Hi -

There's no harm in the dedicated link.  You just need a peering point between the Nexus switches.

PSC

Thanks, I will implement ospf on 3850 switch also and will let you know accordingly. Thanks again for your help.

Review Cisco Networking for a $25 gift card