cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
890
Views
0
Helpful
7
Replies
Highlighted
Beginner

OSPF parallel path traffic engineering.

I am under the impression that ospf path cost can be used to influence OSPF path selection, but am experiencing some difficulties.

I have a 4500-VSS and a 6500-VSS which have 2x10Gbps Ethernet links between them running as a port channel. In addition to this port channel they are also connected with a single 1Gbps link.

SVI's are used at both ends rather than configs on physical or portchannel interfaces.

The SVI (vlan 204) that is being trunked across the Port-Channel is only being used when the SVI (602) over the single 1Gbps link is shut down. I've tried statically configuring the OSPF cost on the interfaces with vlan 204 being the lowers (prefered) and vlan 602 being higher. However when both ports are up all routes are shown as going via the single 1Gbps link (vlan 602).

Sanitised config on the 6500-VSS:

!
interface Vlan204
ip address 10.71.207.89 255.255.255.252
ip ospf message-digest-key 1 md5 7 DELETED
ip ospf cost 10
!
interface Vlan602
ip address 192.168.86.254 255.255.255.248
ip ospf message-digest-key 1 md5 7 DELETED
ip ospf cost 100
!
router ospf 100
auto-cost reference-bandwidth 40000
nsf
area 0 authentication message-digest
area 89 authentication message-digest
area 89 nssa no-summary
redistribute connected subnets tag 100
redistribute static subnets tag 100
passive-interface default
no passive-interface Vlan204
no passive-interface Vlan602
network 10.71.15.12 0.0.0.3 area 0
network 10.71.15.16 0.0.0.3 area 0
network 10.71.207.88 0.0.0.3 area 89
network 192.168.86.248 0.0.0.7 area 89
!

Sanitised config on the 4500-VSS

!
interface Vlan204
ip address 10.71.207.90 255.255.255.252
ip ospf message-digest-key 1 md5 7 DELETED
ip ospf cost 10
!
interface Vlan602
ip address 192.168.86.253 255.255.255.248
ip ospf message-digest-key 1 md5 7 DELETED
ip ospf cost 100
!
router ospf 100
auto-cost reference-bandwidth 40000
area 89 authentication message-digest
area 89 nssa
redistribute connected metric-type 1 subnets
redistribute static metric-type 1 subnets
passive-interface default
no passive-interface Vlan204
no passive-interface Vlan602
network 10.71.207.88 0.0.0.3 area 89
network 192.168.86.248 0.0.0.7 area 89
!

So on the core 6500-VSS I have the SVI 602 shutdown and checking route to 10.13.11.0 (a subnet directly connected on the 4500-VSS) 


6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 130, type NSSA extern 1
Last update from 10.71.207.90 on Vlan204, 00:24:03 ago
Routing Descriptor Blocks:
* 10.71.207.90, from 192.168.89.254, 00:24:03 ago, via Vlan204
Route metric is 130, traffic share count is 1
6500-VSS#
6500-VSS#
6500-VSS#conf t
Enter configuration commands, one per line. End with CNTL/Z.
6500-VSS(config)#int vl 602
6500-VSS(config-if)#no sh
6500-VSS(config-if)#^Z
6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 130, type NSSA extern 1
Last update from 10.71.207.90 on Vlan204, 00:24:31 ago
Routing Descriptor Blocks:
* 10.71.207.90, from 192.168.89.254, 00:24:31 ago, via Vlan204
Route metric is 130, traffic share count is 1
6500-VSS#
6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 120, type NSSA extern 1
Last update from 192.168.86.253 on Vlan602, 00:00:02 ago
Routing Descriptor Blocks:
* 192.168.86.253, from 192.168.89.254, 00:00:02 ago, via Vlan602
Route metric is 120, traffic share count is 1
6500-VSS#
6500-VSS#conf t
Enter configuration commands, one per line. End with CNTL/Z.
6500-VSS(config)#int vl 602
6500-VSS(config-if)#sh
6500-VSS(config-if)#^Z
6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 120, type NSSA extern 1
Last update from 192.168.86.253 on Vlan602, 00:00:15 ago
Routing Descriptor Blocks:
* 192.168.86.253, from 192.168.89.254, 00:00:15 ago, via Vlan602
Route metric is 120, traffic share count is 1
6500-VSS#
6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 130, type NSSA extern 1
Last update from 10.71.207.90 on Vlan204, 00:00:01 ago
Routing Descriptor Blocks:
* 10.71.207.90, from 192.168.89.254, 00:00:01 ago, via Vlan204
Route metric is 130, traffic share count is 1
6500-VSS#

So no matter what I do, the metric across the 204 SVI is always 10 higher than the 602 SVI. 

What am I missing here ?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Engager

Regarding the redistribution

Regarding the redistribution of the connected routes, tbh I am not sure why it is configured that way. I guess I could move them into the appropriate area. Especially if that helps the situation.

That will help for sure. Perhaps you're doing summarization or filtering at the area border (this is possible because the routes are NSSA-externals and (NSS)ABRs have to translate them and are therefore the originators of the Type-5 LSAs), but you can do this with internal routes as well.

Discussion: Disadvantages of redistributing connected networks into OSPF

Now to your original question:

  • the (seed-) metric of the Type-7 LSA is 20 (default value)
  • the Forwarding Address (FA) is 192.168.86.253 (4500's SVI VLAN 604; Cost: 100)
  • the route to the FA is learned via VLAN 204 (local Cost: 10)
  • the route to the FA has a metric of 110 (100 + 10)
  • total cost to external Network 10.13.11.0/24: 20 + 110 = 130

So what you see is expected behavior. In a NSSA an ASBR must set the FA to a non-zero IP-address and the path to this FA is one component in the routing calculation for external Networks. The second component is the LSA metric.

You could achieve some different results when the FA would be taken from a Loopback-interface but again, I'd recommend to propagate the connected networks as OSPF-internals.

HTH
Rolf

View solution in original post

7 REPLIES 7
Highlighted
Beginner

Investigating further:-

Investigating further:-

The subnet 10.13.11.0/24 is directly connected to Vlan 11 on the 4500-VSS

4500-VSS_089254#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Redistributing via ospf 100
Advertised by ospf 100 metric-type 1 subnets
Routing Descriptor Blocks:
* directly connected, via Vlan11
Route metric is 0, traffic share count is 1
4500-VSS#

I am not doing anything special with the metrics from this 4500-VSS outbound, so looking on the 6500-VSS.

6500-VSS#sh ip ro 10.13.11.0
Routing entry for 10.13.11.0/24
Known via "ospf 100", distance 110, metric 130, type NSSA extern 1
Last update from 10.71.207.90 on Vlan204, 01:16:46 ago
Routing Descriptor Blocks:
* 10.71.207.90, from 192.168.89.254, 01:16:46 ago, via Vlan204
Route metric is 130, traffic share count is 1
6500-VSS#

The metric is now 130, even though the output below indicates interface cost is configured as 10.

6500-VSS#sh ip ospf int vl 204
Vlan204 is up, line protocol is up
Internet Address 10.71.207.89/30, Area 89, Attached via Network Statement
Process ID 100, Router ID 10.71.207.31, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10 no no Base
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.71.207.31, Interface address 10.71.207.89
Backup Designated router (ID) 192.168.89.254, Interface address 10.71.207.90
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:00
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/20, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 40
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 192.168.89.254 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Message digest authentication enabled
Youngest key id is 1
6500-VSS#

So what I don't understand is where is the additional cost of 120 coming from ??

Highlighted
VIP Mentor

just a quick thought is its

just a quick thought is its your auto cost under the process causing it ? does the vss have 40gb links that you need this set that way

Highlighted
Beginner

The auto cost was one of my

The auto cost was one of my early thoughts, we do have

router ospf 100
auto-cost reference-bandwidth 40000

under the router ospf process.

We do not have any 40Gbps links in the VSS, just 10Gbps.

Highlighted
Engager

Hi,

Hi,

it is a NSSA external type-1 route, that means the cost of the path to the Forwarding Address is one component of the total cost. The other component is the LSA Metric (should be 20 by default).

Could you share the output of 'show ip ospf database nssa-external 10.13.11.0' ?

There should be a line like this: Forward Address: <IP-Address>

Please share also the output of 'show ip route <IP-Address>'.

If this shows a connected route (e.g. "directly connected via Vlan X"), we'll also need a 'show ip ospf interface vlan X'.

HTH
Rolf

P.S.: It is generally not recommended to redistribute connected networks in OSPF. This is even more the case in NSSAs (as you can see). Is there a particular reason why you do that?

Highlighted
Beginner

Hi,

Hi,

Outputs below:-

6500-VSS#
show ip ospf database nssa-external 10.13.11.0
OSPF Router with ID (10.71.207.31) (Process ID 100)
Type-7 AS External Link States (Area 89)
LS age: 1001
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 10.13.11.0 (External Network Number )
Advertising Router: 192.168.89.254
LS Seq Number: 8000122B
Checksum: 0xAB8D
Length: 36
Network Mask: /24
Metric Type: 1 (Comparable directly to link state metric)
MTID: 0
Metric: 20
Forward Address: 192.168.86.253
External Route Tag: 0

6500-VSS#
6500-VSS#sh ip ro 192.168.86.253
Routing entry for 192.168.86.248/29
Known via "ospf 100", distance 110, metric 110, type intra area
Last update from 10.71.207.90 on Vlan204, 05:32:18 ago
Routing Descriptor Blocks:
* 10.71.207.90, from 192.168.89.254, 05:32:18 ago, via Vlan204
Route metric is 110, traffic share count is 1
6500-VSS#

Regarding the redistribution of the connected routes, tbh I am not sure why it is configured that way. I guess I could move them into the appropriate area. Especially if that helps the situation.



Highlighted
Engager

Regarding the redistribution

Regarding the redistribution of the connected routes, tbh I am not sure why it is configured that way. I guess I could move them into the appropriate area. Especially if that helps the situation.

That will help for sure. Perhaps you're doing summarization or filtering at the area border (this is possible because the routes are NSSA-externals and (NSS)ABRs have to translate them and are therefore the originators of the Type-5 LSAs), but you can do this with internal routes as well.

Discussion: Disadvantages of redistributing connected networks into OSPF

Now to your original question:

  • the (seed-) metric of the Type-7 LSA is 20 (default value)
  • the Forwarding Address (FA) is 192.168.86.253 (4500's SVI VLAN 604; Cost: 100)
  • the route to the FA is learned via VLAN 204 (local Cost: 10)
  • the route to the FA has a metric of 110 (100 + 10)
  • total cost to external Network 10.13.11.0/24: 20 + 110 = 130

So what you see is expected behavior. In a NSSA an ASBR must set the FA to a non-zero IP-address and the path to this FA is one component in the routing calculation for external Networks. The second component is the LSA metric.

You could achieve some different results when the FA would be taken from a Loopback-interface but again, I'd recommend to propagate the connected networks as OSPF-internals.

HTH
Rolf

View solution in original post

Highlighted
Beginner

Thanks Rolf, that explains it

Thanks Rolf, that explains it perfectly.

Sorry for the delay I was away on vacation last week.

Regards

Jon

Content for Community-Ad