OSPF Areas - Can't see the wood for the trees...

Unanswered Question
May 22nd, 2007

All,

I'm in the process of breaking down my network at three different sites. We used to have all of the network on a /23 Class C network, but now I want to make the most of the 3750 switch(es) I have at each site to vlan out for different purposes, but also want to take the opportunity to arrange the ip addresses in to areas so I can manage all sites routing through OSPF. There is every possibility that we could add more sites in future, so I'm thinking that we can just duplicate the structure and up the second octet to match the area. Hey presto!! Simple...

Trouble is, I'm having real problems working out the areas... It should be simple, but I'm having a mental block.

I've attached a diagram for the network as I want it to be. I may add some site to site VPN's in the future for redundancy, but we'll deal with the simple elements first...

I know this should be simple, but would love some help.

Just for a bit more information, the MPLS is managed by Verizon, which is why I want to put a GRE Tunnel in place so I can push OSPF and add class of service etc without having to beg the first line numpties to do it.

The 100Mb leased line is managed by me so I can do what I want to it...

Yours, Confused...

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bjornarsb Tue, 05/22/2007 - 11:44

Hi,

My suggestion i that keep it simple.

Site 1 is area 0, i.e backbonearea.

Site 2 is area 2.

Site 3 is area 3.

Site One router:

router ospf 1

area 2 nssa

area 3 nssa

network 10.1.10.0 0.0.0.254 area 0

network 10.1.20.0 0.0.0.254 area 0

.......

network 10.0.254.0 0.0.0.X area 2

network 10.X.X.0 0.0.0.X area 3 (GRE)

default-information originate always

area 2 range ip-address mask (summarization)

area 3 range ip-address mask (summarization)

This link might also help you:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800b3f2e.html

HTH

BR,

Bjornarsb

campbell.thomps... Wed, 05/23/2007 - 00:30

Thanks for the advice BR. That all looks good.

How would that work for other sites that may be added in the future? The way that my mind was working on this was that we could almost create the area 0 as anything that wasn't 10.1(2,3,4...).n.0/23 based and make sure that area 0 had a 10.0.254.0/29 subnet for the links between sites? (Maybe that's why I'm having issues!)Suppose I were to add a site to site vpn from site 2 to site 3? How would that work?

Thanks in advance.

bjornarsb Wed, 05/23/2007 - 00:42

Hi,

Then if you take care of the routing it would work fine. For site 2, you will get 0.0.0.0 from site 1 and more spesific routes from site 3. For site 3, you will get 0.0.0.0 from site 1 and more spesific routes from site 2.

But I quess that you want redundancy.

If the link from site 2 to site 1 fails you want to reach site 1 via site 3 ?

Then I think that you should go for BGP.

But thats my private opinion :)

Regards,

Bjornarsb

Please do rate all helpfull post.

campbell.thomps... Wed, 05/23/2007 - 00:51

:) You're right, I do want redundancy.

I'll take a look at BGP and see how to get it working. My head was hurting from working out ospf, so it's going to possitively ache from throwing bgp in to the mix.

I'll let you know how I go...

Thanks.

campbell.thomps... Wed, 05/23/2007 - 01:58

Think I may need your help to be honest!!! It really is appreciated.

Just to give you a quick overview, the Site 1, 2 and 3 switches are 3750's and have the vlans (as shown in the diagram) set with a default IP address on each vlan as 10.1.n.254 for each vlan at site 1 and 10.2.n.254 at site 2 etc... I am hoping that I can keep this as standard so that any new sites can follow this pattern.

I'm assuming that I will set an as number at each site, let's say 100 for site 1, 200 for site 2....

This is the entry that I have for the site 1 bgp setup on the 3750 (10.12.169.250 is the ip of the site 3 3750)

Should that work? Soryy about this.

router bgp 100

no synchronization

bgp log-neighbor-changes

network 10.1.0.0

neighbor 10.12.169.250 remote-as 300

neighbor 10.12.169.250 route-map localonly out

no auto-summary

bjornarsb Wed, 05/23/2007 - 03:29

Hi again,

This would work fine,but I suggest that you set up peering between loopback addresses.

Thats "best practice". also apply: update source loopback 0.

HTH, do rate all helpfull posts.

Regards,

Bjornarsb

campbell.thomps... Wed, 05/23/2007 - 07:19

Okay, I'm still having a few issues. I'm concentrating on the link between Site #1 and Site #2, in particular the 3750 switches and the 2600 router on each side.

I've set the site #1 AS as 100 and the sute #2 AS as 200.

The relevant config is as follows:

3750:

!

interface Loopback0

ip address 1.1.1.2 255.255.255.255

!

router bgp 100

no synchronization

bgp log-neighbor-changes

network 10.1.0.0

network 10.12.128.0

network 10.12.130.0

neighbor 1.1.1.1 remote-as 100

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

!

ip route 1.1.1.1 255.255.255.255 10.1.254.1

!

2950:

!

interface Loopback0

ip address 1.1.1.1 255.255.255.255

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.2 remote-as 100

neighbor 1.1.1.2 update-source Loopback0

neighbor 2.2.2.2 remote-as 200

neighbor 2.2.2.2 ebgp-multihop 2

neighbor 2.2.2.2 update-source Loopback0

no auto-summary

!

ip route 1.1.1.2 255.255.255.255 10.1.254.254

ip route 2.2.2.2 255.255.255.255 10.0.254.26

I thought I should see the routes in the 'sh ip route' table...

Help!!

bjornarsb Wed, 05/23/2007 - 22:24

Hi again !

Nice going!

I think the problem is that you do not reach the loopbacks :) Try to ping 2.2.2.2 from 2600 with source loopback 0. Looking at your diagram if the 2600 cary the link to site 2 the gateway for 2.2.2.2 should be 10.254.0.2 :) And no ebgp-multihop.

You do not need to run bgp on both the 3750 and the 2600. You run bgp on the box that has the link to the other site. And you have no network statement under bgp on the 2600. In addition to network you should use mask, like this:

network 172.25.33.0 mask 255.255.255.0

HTH,

Please check the scroll-bar at the bottom rigth on every post :)

BR,

Bjornarsb

bjornarsb Wed, 05/23/2007 - 22:40

...and one more cosmetic thing. Use ospf to reach the loopbacks.

and maybe if you need a local routing at your site. BGP at the border :)

Actions

This Discussion