Just replace the /16 network statement by several /24 nets:

3550SMIA

network 192.168.10.0 0.0.0.255 area 0

network 192.168.5.0 0.0.0.255 area 0

3550SMIB

network 192.168.10.0 0.0.0.255 area 0

network 192.168.6.0 0.0.0.255 area 0

Leo

Hi leo

i did this on Switch A and B

network 192.168.6.0 0.0.0.255 area 0

network 192.168.10.0 0.0.0.255 area 0

network 192.168.20.0 0.0.0.255 area 0

network 192.168.30.0 0.0.0.255 area 0

!

but on Switch A  i still see all 3 vlans as neighbors

3550SMIA#sh ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
192.168.30.2      1   FULL/BDR        00:02:33    192.168.30.2    Vlan30
192.168.30.2      1   FULL/BDR        00:02:33    192.168.10.2    Vlan10
192.168.30.2      1   FULL/BDR        00:02:33    192.168.20.2    Vlan20
192.168.6.3       1   FULL/DR         00:02:02    192.168.5.3     FastEthernet0/11

thanks

mahesh

But you did not do exactly what I said.

You have added all three vlan networks where I specified only vlan 10.

Hi Leo.

Thanks for reply.

Now what i did is switch A

network 192.168.5.0 0.0.0.255 area 0

network 192.168.20.0 0.0.0.255 area 0

3550SMIA#             sh ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/BDR        00:02:32    192.168.20.2    Vlan20
4.4.4.4           1   FULL/DR         00:02:07    192.168.5.3     FastEthernet0/11

Vlan 20 has wi fi network so i run the ospf on vlan 20 only.

other vlans 10 and 30 no ospf is running now as per below.

this means if any users connect to vlan 10 and 20 then they can not connect to the internet right ???

as no OSPF is running on vlan 10.

3550SMIA#sh ip ospf int vlan 10

%OSPF: OSPF not enabled on Vlan10

question  in order to run ospf on vlan 10 i need to run the command

network 192.168.10.0 0.0.0.255 area 0  right??

network 192.168.5.0 i used on A  switch as it connects to the Internet router.

thanks

mahesh

If the two switch is in high availability with ospf, and on all vlan there are only host if i have understand correctly, why do not configure interface in passive state and use ospf only on interface connected to Router internet? Or maybe there are other router that need to communicate on each vlan?

Hi Fabio,

Thanks  for reply.

Switches A  andB  are running HSRP.

Currently VLAN 20 is running which has wi fi connection for users.

So OSPF is  running on it.

If i do not run OSPF on VLAN  20 then no internet connections as i am not advertising 192.168.20.0 network to Internet router.

So between Switch A and B  currently  OSPF is running  on VLAN  20  and each switch interface that connects to the

Router.

So as per you note can i config VLAN  20 in Passive state?

If i config the VLAN 20 as passive state as per my understanding internet will not work.

Correct me i am wrong.

Thanks

MAhesh

Ospf must be configured with command network for all subnet or range of subnet you want advertise, but only on vlan or interfece where there is a router to form a neighborship, if you put interface in passive state ospf continue to send advertisement about that interface but doesn't send multicast hello an all interface where there are not router to form a neighborship. Is not necessary to send a lot of multicast hello to 224.0.0.5 to the host client. If two switch are in hsrp all client can reach both switch by layer 2, and layer 3 protocol routing is only needed vs router internet to announce inside network.

Hi Fabio,

Thanks for reply.

Here is what i did --

1>Both switches are still advertising network 192.168.20.0  

2>On HSRP switches A  and B  i did this

router ospf 1

passive-interface vlan 20.

Now when i run command --- sh ip ospf nei

3550SMIA#             sh ip ospf nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
4.4.4.4           1   FULL/DR         00:02:38    192.168.5.3     FastEthernet0

It do not show Switch B as nei -- This is normal behaviour as now we do not nei adjancey with B  switch Right?

Same thing on B  switch -  it does not show switch A  as nei.

*******************************************************************************************************************8

when i do sh ip ospf int 

switch A

3550SMIA#sh ip ospf int

Vlan20 is up, line protocol is up

  Internet Address 192.168.20.1/24, Area 0

  Process ID 1, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 1

  Transmit Delay is 1 sec, State DR, Priority 1

  Designated Router (ID) 3.3.3.3, Interface address 192.168.20.1

  No backup designated router on this network

  Timer intervals configured, Hello 40, Dead 160, Wait 160, Retransmit 5

    oob-resync timeout 160

    No Hellos (Passive interface)

Switch B

3550SMIB#sh ip ospf int
Vlan20 is up, line protocol is up
  Internet Address 192.168.20.2/24, Area 0
  Process ID 1, Router ID 2.2.2.2, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 2.2.2.2, Interface address 192.168.20.2
  No backup designated router on this network
  Timer intervals configured, Hello 40, Dead 160, Wait 160, Retransmit 5
    oob-resync timeout 160
    No Hellos (Passive interface)

Now Both switch A and B  show as DR  and they have no backup Router ---  is this due to the reason that we have

made vlan 20 as passive and it is not sending any hellos and both A and B  switches elected their VLAN 20 interface as

DR.

Also when i do sh ip route vlan 20 IP on both switches  it shows

3550SMIB#sh ip route 192.168.20.3

Routing entry for 192.168.20.0/24

  Known via "connected", distance 0, metric 0 (connected, via interface)

  Routing Descriptor Blocks:

  * directly connected, via Vlan20

      Route metric is 0, traffic share count is 1

So correct me if i am wrong  this means that both switches can reach their VLAN 20 IPs  via vlan 20  and this info

is passing through trunk ports on the switch??

Thanks

Mahesh

Yes Mahesh, your switch are linked in layer 2 the communication betwen switch is not performed by routing protocol, and there are only client on vlan 20, the switch communicates directly because on the same lan, and also both switch continue to advertise the route of your vlan 20 to internet router in ospf.

Now your network works correctly and with more performance?

Hi Fabio,

Thanks for reply.

I read the info below ---

So by doing interface as passive is to advertise the IP network configured on such an interface as an internal OSPF network.

Can you please explain me what does it mean by internal ospf network?

Right now current switch processing is ok.

It droped after config of interface as passive.

Thanks

MAhesh

Hi Fabio and Leo,

Many thanks for spending your time to explain me about the network setup  in depth.

Regards

Mahesh