OSPF + 2 equal Cost Links + Video Conferencing

Answered Question

We have just installed a new T1 at a location specifically for video conferencing.


Currently the router at the site has 2 ethernet interfaces. 1 for the data network, and 1 specifically for the video conferencing network.


The router also now has 2 T1's. 1 for the data network, and 1 specifically for the video conferencing network.


As you can see, we are trying to completely seperate our video from our data. This is being done purely for political reasons.


Now onto my question. Obviously, as soon as we turned on the other T1, OSPF saw the equal cost paths and started load balancing the links.


I know there are many ways that I can force data over one link and video over the other but I wanted to see what the general consensus is for this type of traffic engineering.


My initial feeling is to raise the cost of the Video T1 and then put in a route-map to force the video data accross the Video T1. What other options are there out there? Is the one I proposed the best/easiest?


Thanks

Correct Answer by Edison Ortiz about 9 years 10 months ago

Fair enough. Suppose the video subnet is 192.168.100.0/24 for SiteA and 192.168.200.0/24 for SiteB


At SiteA


First, you create an ACL


ip access-list extended VIDEO

permit ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255


Second, you create a route-map


route-map VIDEO permit 10

match ip address VIDEO

set ip next-hop 192.168.1.2


On this example, 192.168.1.2 represents the IP for the 'Video T1'.


At the LAN interface of this router, you need this command


interface f0/0

ip policy route-map VIDEO


At SiteB


ip access-list extended VIDEO

permit ip 192.168.200.0 0.0.0.255 192.168.100.0 0.0.0.255


route-map VIDEO permit 10

match ip address VIDEO

set ip next-hop 192.168.1.1


On this example, 192.168.1.1 represents the IP for the 'Video T1'.


interface f0/0

ip policy route-map VIDEO


You will also need to raise the cost on the Video T1 at both routers so this won't be in the routing table. If it remains in the routing table, the data portion will be balanced with OSPF.




HTH,



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Edison Ortiz Fri, 08/03/2007 - 06:25
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The video conferencing network belongs to another IP subnet ?


Are these point-to-point links and you manage each end ?


Not only you need to engineer how the traffic leaves the network but also how it returns.


PBR (Policy Based Routing) would be the easiest solution here.


Video belongs to its own IP subnet.


These points are point to point 1.5mb serial links that we manage on both ends.


We have multiple field sites with dual links (one for video) that connect back to a POP router (7500), so we would be implementing PBR there as well if we went with that solution.


Thanks,


Aaron

Correct Answer
Edison Ortiz Fri, 08/03/2007 - 07:16
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Fair enough. Suppose the video subnet is 192.168.100.0/24 for SiteA and 192.168.200.0/24 for SiteB


At SiteA


First, you create an ACL


ip access-list extended VIDEO

permit ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255


Second, you create a route-map


route-map VIDEO permit 10

match ip address VIDEO

set ip next-hop 192.168.1.2


On this example, 192.168.1.2 represents the IP for the 'Video T1'.


At the LAN interface of this router, you need this command


interface f0/0

ip policy route-map VIDEO


At SiteB


ip access-list extended VIDEO

permit ip 192.168.200.0 0.0.0.255 192.168.100.0 0.0.0.255


route-map VIDEO permit 10

match ip address VIDEO

set ip next-hop 192.168.1.1


On this example, 192.168.1.1 represents the IP for the 'Video T1'.


interface f0/0

ip policy route-map VIDEO


You will also need to raise the cost on the Video T1 at both routers so this won't be in the routing table. If it remains in the routing table, the data portion will be balanced with OSPF.




HTH,



Richard Burts Fri, 08/03/2007 - 08:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Aaron


Policy Based Routing is a good alternative (and probably what I would do) but there is another alternative which you might consider. You could use VRF Lite and configure a VRF which would include the video conferencing Ethernet and serial and another VRF which includes the data Ethernet and serial. This will keep the traffic entirely separate.


HTH


Rick

Thanks for verification on PBR being the best bet.


I implemented it just now and did a test, but did not see the result I thought I would see.


I raised the OSPF cost on that link and I did see that the route was removed from the table like I would expect, so everything went fine there.


I implemented the route-map on the ethernet interface:


interface FastEthernet0/1

description ***** FastEthernet 0/1 VIDEO CONFERENCE *****

ip address 10.122.100.222 255.255.255.224

ip helper-address 172.20.11.237

ip helper-address 172.20.11.238

ip policy route-map Video

ip ospf authentication-key 7 ****

duplex auto

speed auto


interface Serial0/3/0

description OCS VIDEO CONF

bandwidth 1544

ip address 10.121.3.102 255.255.255.248

ip ospf authentication-key 7 ******

ip ospf cost 100

load-interval 30

fair-queue


ip access-list extended Video

permit ip 10.122.100.192 0.0.0.31 any


route-map Video permit 10

match ip address Video

set ip next-hop 10.121.3.97



R#ping

Protocol [ip]:

Target IP address: 172.20.11.254

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 10.122.100.222

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.20.11.254, timeout is 2 seconds:

Packet sent with a source address of 10.122.100.222

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms


R#sh route-map

route-map Video, permit, sequence 10

Match clauses:

ip address (access-lists): Video

Set clauses:

ip next-hop 10.121.3.97

Policy routing matches: 0 packets, 0 bytes


As you can see, I sourced a ping from that particular IP address, but did not see any policy routing matches under that show command? I dont have any devices on that subnet yet to actually test it, so wanted to try a ping, is that not a good test?


Thanks

Richard Burts Fri, 08/03/2007 - 09:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Aaron


There is a very simple explanation for this (and a simple fix). PBR is activated on the FastEthernet interface and will process all traffic that is THROUGH the interface. But you ping was sourced from the interface but did not go through the interface. Your PBR should work fine for the video traffic. If you want your ping to be policy routed then you need to activate local policy routing by using the command: ip local policy route-map map-tag


HTH


Rick

Edison Ortiz Fri, 08/03/2007 - 09:26
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You need to ping from a device sitting in the LAN, not from the router.

royalblues Fri, 08/03/2007 - 12:08
User Badges:
  • Green, 3000 points or more

In addition to Edison's config, you could actually mention 2 next hops with the set ip next-hop command, the first being the T1 for video and the second as Data.


This way if the video T1 fails, it should fall back to the data T1 (just in case if you need redundancy). Data would always flow over to the other link in case of failures due to OSPF


HTH

Narayan

royalblues Fri, 08/03/2007 - 12:30
User Badges:
  • Green, 3000 points or more

sorry it wont be required.


when the PBR nexgt hop is not reachable, the traffic would anyway use the routing table built by OSPF

Actions

This Discussion