OSPF

Unanswered Question
Mar 20th, 2007

Hi all,

I have a question regarding the understanding of OSPF.

What did the output means ?

As i can understand, the ip 172.20.0.254

is directly connected, but then it has the "Redistributing via ospf 1135" and the "Advertised by ospf 1135 metric 1 subnets" sentence's.

Ther is no way of this address is being learned by ospf, right?

Its just a confirmation what i need.

My concern, is caused by another area 0 with same Process in a two routers distance, and just want to clarifie my doubt.

Router#sh ip route 172.20.0.254

Routing entry for 172.20.0.0/16

Known via "connected", distance 0, metric 0 (connected, via interface)

Redistributing via ospf 1135

Advertised by ospf 1135 metric 1 subnets

Routing Descriptor Blocks:

* directly connected, via Vlan1

Route metric is 0, traffic share count is 1

Best Regards,

Petr?nio

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.3 (3 ratings)
Loading.
Richard Burts Tue, 03/20/2007 - 05:41

Petr?nio

At least part of your understanding is not correct. You say:

"As i can understand, the ip 172.20.0.254 is directly connected". But that address is not directly connected. If you look carefully you will see that you asked about the /32 address 172.20.0.254 and the response is for Routing entry for 172.20.0.0/16. So it is actually reporting that it does not know about 172.20.0.254 and that the class B network 172.20.0.0 is connected. It is the class B network that is "Redistributing via ospf 1135" and the "Advertised by ospf 1135 metric 1 subnets".

I am not sure what your concern is about another area 0 two routers away. And you have not given us enough information to understand that part.

HTH

Rick

b.petronio Tue, 03/20/2007 - 08:20

Tks for ur reply Richard,

I understand your correction and i agree, i missed up the question.

I attached a draft wich could be more compreensive to understand my doubt.

I have a Wan Router, wich have a OSPF Process 1135 with the Service Provider Router.

I have a default static route, "ip route 0.0.0.0 0.0.0.0 172.20.0.254" to LAN, and another's vrf routes to the Firewall ip address, (not shown).

My question was, if this OSPF Process is independent from the OSPF process in Router/Switch 6006_1 and 6006_2?

As u can see in the attachment, the router between these 2 area's, is a 4506 with the same OSPF Process 1135, and the same IP Address, 192.168.156.2.

I think that this process is inactive as shown in the image, so i imagine that no OSPF is runnig between LAN Area (6006_1 and 6006_2) and WAN Area, (Wich are the same "0", but on different networks, 172.20.0.0 and 192.168.156.0).

So i think as long as i was composing this text that i really understand my question, but thus i feel that some incorrect configuration was made in attempting to join this two areas in only one.

Any suggestions ?

Best Regards,

Petr?nio

Richard Burts Tue, 03/20/2007 - 08:48

Petr?nio

I have looked at the additional information that you have posted. There are still parts of it that I do not understand and you have not yet provided enough detail to understand completely what is going on there. But I believe that what you have posted does allow us to answer the question about whether there is any OSPF running between the area on the LAN (6006s) and the WAN. Given the show ip ospf neighbor on the 4506 shows that there are no neighbors, then we can conclude that there is no OSPF running between the LAN and the WAN (unless there is connectivity present in the network that is not represented in your diagram).

HTH

Rick

b.petronio Tue, 03/20/2007 - 09:41

Sorry, i forgot the following configuration on 4506:

...

router ospf 1135

router-id 192.168.156.2

log-adjacency-changes

redistribute connected metric 1 subnets

redistribute static subnets

network 192.168.156.0 0.0.0.3 area 0

default-information originate

...

I was trying to understand why the client had this configuration, (same ip address/RouterId of "Router"), and im gessing that he couldnt apply the ospf between LAN and WAN.

6006_1 and 6006_2 have static routes for 172.20.0.246, for reaching the remote sites;

Ex:

(S 172.23.56.0 [1/0] via 172.20.0.246)

(S 172.23.57.0 [1/0] via 172.20.0.246)

but if i do the show ip ospf database i see entry's for that subnet's beeing dvertised by 172.20.1.249, (6006_2 - BDR).

I'm am a bit confused about this but i'll try to read a bit more about OSPF.

Thank you

Richard Burts Tue, 03/20/2007 - 10:10

Petr?nio

There is not anything in your drawing or your description that tells anything about 172.23 so we have no way of knowing where it is or how it got into the OSPF database.

Given that the 4506 appears to be in the same subnet with the 6006_1 and 6006_2 (they all have addresses in 172.20.0(246,248,249) it would be easy to run OSPF between them. All it would take is to add a network statement for 172.20 in the OSPF process of the 4506.

There are several puzzling things in the parts of the config shown. One of the puzzling things is the configuration of OSPF router ID. When configuring router-id you can specify any address - there is no requirement that the address be an address on the router. But it is not valid for 2 neighbor routers to both be configured with the same routerID. And that appears to be what is configured between both 6006s and between the 4506 and the router. When configured that way one of the routers will pick some other address to be its routerID.

HTH

Rick

Akhilbindal Wed, 03/21/2007 - 02:37

Hi there,

Rick and Petr?nio

Just was goin through this problem.. and conclusion probably is that no OSPF is running in between LAN and WAN even if the ID is same and the 2 AREA 0's are different..as OSPF NEIGHBORS FOR THE TWO(6006's and ROUTER 3750) ARE DIFFERENT in the command output..so i assume they are in different domain altogether and hence IGP is different for both of them..

I have queries myself..

1. The area 0 on the 4506 router shows -- INACTIVE in command output for sh ip ospf 1135 -- This proves that no ospf is running or ACTIVE currently on this router..also it has no neighbors for it..the query here is when would an area show as INACTIVE..

2. The 172.23.x.x networks(Remote Sites) as mentioned that we are talking about are being configured statically on the 6006's..so even if the OSPF is having info. abt. the same they will not be used unless these static routes are removed as their AD is better..But here where are these subnets connected is the query..they are not mentioned in the diagram and what is there connectivity to 6006's is the question..as we need to know from where atre these injected to 6006's in OSPF Database..to solve this query..

So, my main query in this scenario is -> when would an area show as INACTIVE as in output for 4506..

Thanks

Akki

b.petronio Wed, 03/21/2007 - 04:31

Hi Akki, Richard,

The subnet's are beeing learned by OSPF External, in Router.

In attach i add more information about the routes in each equipment.

Take a look at the traceroute from 6006_1 to Router. SWINFOR_1 is making only Layer2, right ?

My doubt here, is what should i change in this scenario to make it the "best pratcise".

Sould i try to join SWINFOR_1 in the same OSPF process, and join the LAN and WAN area, in OSPF ?

or

Should i try to make the SWINFOR_1 a border Router in different OSPF Process's?

or

I should not change anything . It's good as it is?

For an overview more complete of this network, in 6006_1 and 6006_2 i have several 3500XL switchs, connected in cascate, for variuos floor's of my costumer.

6006_1 and 6006_2, should be a "distributed" switch area, and the SWINFOR_1 should be a "Core" area, and i have some DMZ's area attached in the Firewall, so the output in attached is a part of the complete information.

This is an already builted network and im trying to getting a "better" network, topology and performance.

Many thanks,

Petr?nio

Akhilbindal Wed, 03/21/2007 - 06:53

Hi Petronio/Rick,

From the latest attachment it is pretty clear that the OSPF 1135 is different in both 6006's(LAN) and the WAN Router as the sh ip route command signifies that there are no OSPF Routes in the table for 6006's(all static) and all the routes for subnet 172.23.x.y are learnt via OSPF by the WAN Router 3750 and it has no other connectivity towards the LAN(6006's) without SWINFOR_1 4506(i have a query here that what is function 4506 is performing here as it has no routes learned from OSPF (no neigbors) also Area is showing INACTIVE(have a query why..?) must be a Core Device so load on it has to be kept to minimum probably..please specify)

Moreover, there are no neigbors for 4506 to learn routes from and hence, this clears that the OSPF is different for both LAN and WAN..

Now, the BEST PRACTICE for this toplogy here would be to use Static Routes instead of OSPF(as it consumes its own resources on devices) if there are not many subnets in the network and you do not feel that there won't be many more adding to the network and you can manage them manually by adding then it is fine as it is.. as already there is a procees 1135 running on 6006's(this must be for the LAN)..IF U CAN CLARIFY WHAT IS IN THEIR IN THE LAN FOR WHICH this OSPF process is running on 6006's and what all it is redistributing on other devices in the LAN(must be the subnets of these Remote Sites)..

If u can also paste the complete Network Diagram including LAN/WAN..in the diagram then probably better solution can be worked out..

Also, you edited your last attachment..Could you please share from which tool you edit and paste these command output results as pages and edit/create the diagrams..i think it is quite beautiful and explanatory method to use..

:-)

Cheers

Akki

b.petronio Wed, 03/21/2007 - 08:41

"...i have a query here that what is function 4506 is performing here as it has no routes learned from OSPF (no neigbors) also Area is showing INACTIVE(have a query why..?) must be a Core Device so load on it has to be kept to minimum probably..please specify)"

I had the same suspicous, but then i saw the few ospf configuration no making sence to me, but there is nobody here to ask for it.

"...as already there is a procees 1135 running on 6006's(this must be for the LAN)..IF U CAN CLARIFY WHAT IS IN THEIR IN THE LAN FOR WHICH this OSPF process is running on 6006's and what all it is redistributing on other devices in the LAN(must be the subnets of these Remote Sites).. "

I really dont think that this process is really necessary.

The "show ip route", "show ip ospf", and "show ip ospf neighboors" commands don't show me nothing to worry about.

I only need to garantee that the Lan Network, (172.20.x.x / 16) is able to communicate with remote sites and vice-versa.

I really dont think that the client would grow up in the LAN environment, so i will suggest the client (if they understand that) to cancel that OSPF Process in the LAN Area, (6006_1 and 6006_2).

Routes for Remote Sites are getting routed for WAN Router statically.

Routes for DMZ Address's are configured in the Firewall statically.

In the WAN router, there is an OSPF Process 1135 running between the ISP Router.

In this point i'm learning routes to Remote Sites from OSPF External , wich means (if i am not wrong), it were been advertised from another OSPF AS/Area).

The tool is not a very unknown from us, it's MS-VISIO.

You Have to download Cisco Stencils, cause it's not able in default stencil library.

Just edit the text box, and paste the information to show, then save it as *.jpg

:)

The network draw is being completed, as long i'm passing trouhgh.

Thank you for your attention,

Best Regards,

Bruno Petr?nio

Akhilbindal Wed, 03/21/2007 - 08:53

Hi Petronio,

Can u pls paste the whole network including the LAN (other parts) and then we can plan for a better solution..

Also please provide link for MS-VISIO version and the Cisco Stencils for diagrams..

Cheers

Akki

b.petronio Wed, 03/21/2007 - 09:24

Im have not yet the whole drawn completed, but as soon as i have it, i will share with u, for your suggestions.

Visio Application:

http://office.microsoft.com/en-us/visio/default.aspx

Cisco Stencils:

http://www.cisco.com/web/about/ac50/ac47/2.html#pkt

http://www.cisco.com/en/US/products/prod_visio_icon_list.html

Visio its not free, and don't know any kind of this application type for free.

I think that is included in the MS Office Pack, like Outlook, PowerPoint, Access, Excell, others.

Hope it helps.

Bruno Petr?nio

Akhilbindal Thu, 03/22/2007 - 01:31

Please share the full network with respect to LAN (that is after 6006's in the network.. which switches are connected) and i will try to find Best possible Solution..

Also thnx for these links..can u pls tell .. these yellow pages u pasted for showing the configurations results on in the diagrams ..is it post-it notes software.. or any other software?

Thnx

Akki

b.petronio Thu, 03/22/2007 - 03:27

It bellongs to Visio, is the "Callouts" Shape, item "Yellow Note".

Just drag and drop to draw area, and type wherever u want.

This shape has other types of annotations.

Petr?nio

Attachment: 
Akhilbindal Thu, 03/22/2007 - 08:28

Hi,

Thnx for sharing the same..

The OSPF Communication(Port 89) must have been blocked or Destination Multicast Addresses for Hello Packets(224.0.0.5 and 224.0.0.6).. in between 4506 Router and the WAN Router on the firewall probably..that is why it is not forming any neigbors with WAN and LAN as OSPF process is already running on this Router..Try to find that on Routers and Firewall(RULES) for any ACL's or Route Maps(PBR)..

Also check for what is the OSPF Network type on the 4506 and 6006's and WAN routers interfaces..

Cheers

Akki

Actions

This Discussion