Redistribute connected or use network command in ospf?

Answered Question
Apr 10th, 2008
User Badges:

Hi all,


I have an issue with ospf routing for a pair of 4948 we are using. They have a number of vlan interfaces, in different subnets of the same major net. They have been configured with loopback interfaces, too. I need the vlans to be known by the other 4948 and two 7604s which are ruuning ospf with the 4948s and BGP with three different SP. he loopbacksp are included in ospf with the network statement. My question is, do I need to include in the ospf config a network statement for each vlan, or would be better to just use a redistribute connected subnets?


Thank you,

Correct Answer by ruwhite about 9 years 2 months ago

This entire discussion digs a lot into OSPF past, and OSPF present.... There was, at one time, only two types of SPF in OSPF:


1. Full SPF run, performed whenever any change in a type 1, 2, or 3 occurred.

2. Partial SPF, performed whenever there was a change in a type 5.


So, at one time (and still, on some routers with older cold, but don't go asking me when iSPF was put in any specific code, because my memory doesn't work that way!:-) ), redistributing connected routes gave you faster SPF runs for edge changes than running network statements with passive. A change to a connected network caused all the routers to simply lop the link off the tree, and not run SPF at all, really.


So, a lot of folks ran redistribute connected because it cut down on spf runs--you had the inclusion of the type 4's, but then that was a tradeoff against the SPF runs.


Well... Now, with incremental SPF, internals which are leaf nodes only (not transit links to other nodes), are treated the same way as externals, so there is no real difference in the convergence between externals and type 3's, or leaves off type 1's, etc. So, that rational is gone entirely....


At this point in the game, it all comes down to elegance and management. If you have a special reason to segregate externals, for troubleshooting purposes, then running the internals with passive interfaces is going to be better. If you don't really care, and don't mind eating the type 4's, and more complexity in the stub area types, well, it doesn't matter either way.


Do what's easiest for you, at this point.


:-)


Russ

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.2 (6 ratings)
Loading.
mheusing Thu, 04/10/2008 - 04:23
User Badges:
  • Cisco Employee,

Hi,


I personally would use the network statement, as then you have more and easier control on which networks to announce.

Use


router ospf 123

network 0.0.0.0 255.255.255.255 area 0 ! or whatever area you have


to select all interfaces in one command. Advantage: simple

Disadvantage: less control


Second option:


router ospf 234

network 1.2.3.4 0.0.0.0 area 0

network 10.4.5.6 0.0.0.0 area 0


assuming 1.2.3.4 and 10.4.5.6 are interface IPv4 addresses.

Advantage: precise control over announced networks

Disadvantage: more configuration required


In both cases you should set all access VLAN interfaces as passive.


Regards, Martin

laloperez Thu, 04/10/2008 - 06:38
User Badges:

Thank you for your answer, Martin,


My concerns with using redistribution are mainly the appearence of the vlan networks in the 7604s as E2 ospf type routes with a metric 20, compared with O routes with metric 2. I'm planning to insert about 50 vlans and I'm looking for a way to do it less tedious.

I don't know either if a ospf config with 50 or more network statements would be too much, so I've thought about the redistribution.


Best regards,


Eladio

lizhing1972 Thu, 04/10/2008 - 06:45
User Badges:

If you do a redistribute connected. you don't need the network statements.


Ming

laloperez Thu, 04/10/2008 - 06:53
User Badges:

Hi, Ming,


yes, I know, but I was not sure about the pros and cons of using redistribution instead of the network command. As you can read in my previous post, the route type and result metric are different, and I was not sure of the implications of that.


Thank you


Eladio

lizhing1972 Thu, 04/10/2008 - 07:04
User Badges:

Once you redistribute the connected route, your route becomes ASBR which mean it sends LSA 7 for the update. It might take a little bit more resource. But I don't see much difference.

laloperez Thu, 04/10/2008 - 08:03
User Badges:

Well, that's the point. If it's only a matter of granularity and control and not of performance or resource comsuption, I'll use the redistribution method, cause our net is very homogeneous and granularity is not such an issue, but simplicity is. If it impacts performance or resource exhaustion, I'll sacrifice simplicity for them.

Richard Burts Thu, 04/10/2008 - 08:17
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Eladio


There is an aspect of this that has not yet been mentioned. There is an important difference between the function of the network statement and the redistribution statement. The redistribution statement inserts routes for OSPF to advertise but does not include any interfaces into the OSPF process. The network statement includes interfaces into the OSPF process.


If I understood your question correctly you have network statements only for the loopback interfaces and are wondering about doing redistribution for the VLANs. But if you do that the only OSPF interfaces will be the loopback interfaces and no VLAN will be an OSPF interface. This means that there will be no OSPF neighbors and no place to advertise or learn OSPF routes.


I suggest that you need OSPF network statements for at least the VLAN interfaces where there are devices that you want as OSPF neighbors. Beyond that you could use redistribution if you want.


If your concern is the number of network statements then I suggest that the alternative of using masks on the network statement would allow you to include multiple interfaces on a single network statement and to reduce the number of network statements.


HTH


Rick

laloperez Thu, 04/10/2008 - 08:44
User Badges:

Hi, Rick, thank you for your answer,


Our vlans are only for our servers. All our infrastructure interfaces are physical or loopback with the exception of a pair of vlans we use for connecting to the switches. In fact, the vlan interfaces are configured with passive-interface in ospf, cause we don't want our clients to see our routing traffic, nor to waste bandwidth with it.


Anyway, as all of our vlans are in the supernet X.X.X.0/22, could I just use network x.x.x.0 0.0.3.255 area 0 to insert all the net in ospf, and forget about the redistribution?


Best regards,


Eladio

Richard Burts Thu, 04/10/2008 - 09:20
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Eladio


I believe that network statement would work very well.


HTH


Rick

Edison Ortiz Thu, 04/10/2008 - 12:44
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Mentioning "supernet" brings an interesting point on this discussion.


If you bring all the interfaces with the network statement instead of redistribution you won't be able to summarize routes within the same area


while


if you bring the interfaces with redistribution, you can summarize those routes while they enter the OSPF database.


The answer depends on the amount of routes you want your routers to hold which is unknown based on this thread.


HTH,


__


Edison.

laloperez Thu, 04/10/2008 - 23:45
User Badges:

All that supernet is again announced to the external world by BGP with the corresponding network statement (I've read many times that injecting IGP routes in BGP is a bad idea). We have many vlans, but all of them are stub, all belonging to the /22 supernet, so I've decided to use only area 0. There's no geographically or topology considerations either, cause all of them are in the same datacenter. So I'm not sure if summarization is an issue.


Eladio

Correct Answer
ruwhite Thu, 04/10/2008 - 09:44
User Badges:
  • Gold, 750 points or more

This entire discussion digs a lot into OSPF past, and OSPF present.... There was, at one time, only two types of SPF in OSPF:


1. Full SPF run, performed whenever any change in a type 1, 2, or 3 occurred.

2. Partial SPF, performed whenever there was a change in a type 5.


So, at one time (and still, on some routers with older cold, but don't go asking me when iSPF was put in any specific code, because my memory doesn't work that way!:-) ), redistributing connected routes gave you faster SPF runs for edge changes than running network statements with passive. A change to a connected network caused all the routers to simply lop the link off the tree, and not run SPF at all, really.


So, a lot of folks ran redistribute connected because it cut down on spf runs--you had the inclusion of the type 4's, but then that was a tradeoff against the SPF runs.


Well... Now, with incremental SPF, internals which are leaf nodes only (not transit links to other nodes), are treated the same way as externals, so there is no real difference in the convergence between externals and type 3's, or leaves off type 1's, etc. So, that rational is gone entirely....


At this point in the game, it all comes down to elegance and management. If you have a special reason to segregate externals, for troubleshooting purposes, then running the internals with passive interfaces is going to be better. If you don't really care, and don't mind eating the type 4's, and more complexity in the stub area types, well, it doesn't matter either way.


Do what's easiest for you, at this point.


:-)


Russ

laloperez Thu, 04/10/2008 - 23:35
User Badges:

Well, thank you all a lot. It is a really insightful discussion and it's helping me a lot to understand how OSPF works. I didn't knew about the "old" and "new" way of OSPF to deal with the internal and external route changes. So as I can see now, is up to me. For now, I've tried the network statement with the supernet, and it works well by now.


Eladio

Actions

This Discussion