08-20-2016 08:57 AM - edited 03-08-2019 07:05 AM
I know this is basic, but I am having some difficulty with this.
I have two sites connected via MPLS and both sites have MPLS BGP routes distributed into their respective OSPF processes.
The OSPF processes are note connected.
There has been a layer 2 connection dropped between the two sites and the desire is to use the layer 2 connection as a primary link for specific subnets, and if the layer 2 link fails, revers back to the OSPF routes in each core.
I have no object tracking available on one side.
I am thinking for the connection between the two sites to create a point to point link with a 30 bit subnet mask:
Site 1
interface 1/0/3
no switchport
ip address 10.254.254.1/30
site 2
interface 1/4
no switchport 10.254.254.2/30
But, I am not sure how the routing will be handled between the different vlans when the point to point link goes down.
One problem is on one side, there are currently only two devices connected via a layer 2 vlan, which have an OSPF process between them.
In order to get routing across the point to point link, I will have to create an SVI in that vlan, but neither device will be using it for routing unless I point static routes to the VLAN SVI.
That VLAN will not see if the point to point goes down.
08-21-2016 04:04 PM
I find your description of your situation to be confusing. I think I understand the part about MPLS which are redistributed into OSPF and understand the plan to configure static routes which will be more attractive than the OSPF redistributed routes. But I am uncertain about what you mean when you emphasize that this new link is a layer 2 link. And I am very unclear how that relates to the very clear description of creating the two interfaces and assigning a /30 IP subnet to them.
And I am quite puzzled about the statement "One problem is on one side, there are currently only two devices connected via a layer 2 vlan, which have an OSPF process between them." How does this relate to the two interfaces that you propose to create?
And when you talk about needing an SVI in that vlan I am not at all clear what vlan you are talking about.
But there is one part of the question which seems somewhat clear (especially if you do not have object tracking) so let me address that part. If you configure a static route with a next hop that is over an Ethernet interface that static route will remain in the routing table as long as the exit interface is in the line protocol up state and the static route will be removed only when that exit interface goes into the line protocol down state.
HTH
Rick
08-22-2016 03:23 AM
1. I described the new link as a layer 2 link, because that is what the provider is calling it, but we can do with it whatever we want, according to the provider. In fact, their words are "this is like a layer 1 physical connection between the 2 sites". I just called it layer 2 to designate as something.
So, my thought was to create a point to point connection between the two sites and route traffic across this /30 point to point subnet.
2. On one side there is a VLAN that holds the MPLS router LAN interface and an ASA. The ASA is not an Internet edge ASA, it is securing traffic on the corporate side, so traffic will come from the MPLS router, through the VLAN to the ASA. The ASA is advertising subnets people need to get to through an OSPF process.
Since this is a layer 2 VLAN, I have to have a routed interface in this VLAN on the core, so people can get to the new point to point link which goes to the other site.
Basically, the idea is for the site on the other side of the new point to point to bypass the MPLS cloud to get to the ASA routes that are being advertised, I have to be able to get to the subnet that holds the MPLS router LAN interface and the ASA interface.
08-22-2016 04:12 AM
Thanks for the additional information. So it is a link between sites which you will treat as a layer 3 link.
I still am not clear about the vlan that needs an SVI. You do not need an SVI for the /30 since the interfaces for the IP addresses are not in a vlan. So which vlan needs an SVI to reach the /30?
HTH
Rick
08-22-2016 06:11 AM
This would be the layer 2 only vlan that connects the ASA and the MPLS router.
There is no other way to route traffic to the ASA from the other site, or route from the other site across the /30 to the ASA without a layer 3 connection in that VLAN.
08-22-2016 09:00 AM
Thanks for the clarification that it is the vlan which connects MPLS to ASA and which currently does not have an SVI. As long as traffic is going between MPLS and ASA there is no need for an SVI. But to direct traffic to the /30 will require an SVI and the configuration of static routes on your switch. Does this switch already have routing enabled? Is it already doing some inter vlan routing? Or will this be the first implementation of routing on the switch?
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide