OSPF WAN routing over MPLS and backup DS3

Answered Question
Aug 14th, 2008

Hi there,

I have two sites that currently have connectivity via a DS3, and I'm about to add secondary connectivity via a service provider MPLS network. I've asked the SP about the new service, and for all intents and purposes, I'm receiving a 40Mb layer 2 link between my two sites.

I currently have OSPF running on my Multi-layer switches at each site, and on the DS3 routers in between. I'm planning on changing the DS3 so it's in Area 0, changing my Multi-layer switches so they act as ABR's and have seperate area's for each site.

Would you recommend leaving the DS3 routers in Area 0, with their internal interfaces in the same subnet as the WAN side of the multi-layer switches? Or should I use a different subnet for the MLS-DS3 Router connection?

Also, is there any way to "trick" OSPF into load-balancing across the DS3 and the 40Mb VPLS network?

Thanks in advance,

--Brandon

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 8 years 5 months ago

Hello Brandon,

you can use a subnet in the same IP block for the new link and keep the DS3 links and the MPLS links in area 0.

If you do so you can achieve load balancing if desired.

you need to think on how OSPF metric calculation works.

Use the point of view of the multilayer switch: it has a LAN link to the WAN router and then there is the DS3 link.

When enabling the MPLS link I suppose you con nect directly the multilayer switches at the two sites. If so without any change the new link become the primary path for its lower metric.

In order to load balance use ip ospf cost under the L3 link to MPLS service and use a cost value = cost from L3 switch to WAN router + cost of DS3

typically the first is 1 and the second is int (100/44) with default reference BW in OSPF.

Notice that DS3 bandwidth is more then 40 Mbps. (something less 44)

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Giuseppe Larosa Thu, 08/14/2008 - 11:36

Hello Brandon,

you can use a subnet in the same IP block for the new link and keep the DS3 links and the MPLS links in area 0.

If you do so you can achieve load balancing if desired.

you need to think on how OSPF metric calculation works.

Use the point of view of the multilayer switch: it has a LAN link to the WAN router and then there is the DS3 link.

When enabling the MPLS link I suppose you con nect directly the multilayer switches at the two sites. If so without any change the new link become the primary path for its lower metric.

In order to load balance use ip ospf cost under the L3 link to MPLS service and use a cost value = cost from L3 switch to WAN router + cost of DS3

typically the first is 1 and the second is int (100/44) with default reference BW in OSPF.

Notice that DS3 bandwidth is more then 40 Mbps. (something less 44)

Hope to help

Giuseppe

branfarm1 Thu, 08/14/2008 - 11:43

Thanks again Giuseppe for a clear answer and a prompt response. I can't tell you how much I appreciate your input and responses to my questions.

Giuseppe Larosa Thu, 08/14/2008 - 12:22

Hello Brandon,

thanks for your remarks.

Let me say that it is interesting to follow the developement of your project, and also that is easier to answer to a new question when we know the scenario from a previous tread.

I think, as some of our top leaders has written, that is important to provide feedback It completes the case story.

For example I'm starting to study VoIP CCM and I go the forums about VOIP and telephony to read some treads.

Of course I look for treads with valued answers first because I expect to find useful info there.

Best Regards

Giuseppe

branfarm1 Fri, 08/15/2008 - 10:19

Giuseppe,

As a follow-up to this question -- I built a prototype network out of some spare routers I had laying around and I verified that I could make the costs such that OSPF would see equal cost paths between the two sites.

Once I got everything working, I tried switching all of the router interfaces except for the point-to-point link (Simulated DS3) onto the same subnet. That didn't work out too well, since the lowest cost path was *always* over the layer-2 links, and never the simulated DS3.

Giuseppe Larosa Fri, 08/15/2008 - 11:16

Hello Brandon,

make a drawing of your lab in the two scenarios and post it here.

choice an IP network you would like to load-balance and use

sh ip ospf database advertising-router x.x.x.x

where x.x.x.x is the OSPF router-id of the router that behaves as ABR (0,3) for the remote site.

post the output on both cases

do a sh ip route of the prefix

it is seen as O IA, O, or as O E1 or O E2.

External routes LSAs carry a forwarding address field that may require a review of the suggestion.

The suggestion should work for intra-area routes, we need to see for inter-area routes what happens and for external-routes.

I was able to make tricks like this in the past.

Hope to help

Giuseppe

branfarm1 Mon, 08/18/2008 - 06:56

This is looking from SiteA router towards Site B router:

SiteA#sh ip ospf database adv-router 10.10.0.1

OSPF Router with ID (10.2.0.1) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

10.10.0.1 10.10.0.1 664 0x80000003 0x00E7E7 1

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

10.5.255.2 10.10.0.1 664 0x80000001 0x0016D6

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

10.10.0.0 10.10.0.1 1129 0x80000001 0x00E72B

Routing entry for 10.10.0.0/16

Known via "ospf 100", distance 110, metric 2, type inter area

Last update from 10.5.255.2 on FastEthernet0/0, 00:03:16 ago

Routing Descriptor Blocks:

* 10.5.255.2, from 10.10.0.1, 00:03:16 ago, via FastEthernet0/0

Route metric is 2, traffic share count is 1

Example 2:

SiteA#show ip ospf database adv-router 10.10.0.1

OSPF Router with ID (10.2.0.1) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

10.10.0.1 10.10.0.1 197 0x80000009 0x00225D 2

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

10.5.255.2 10.10.0.1 451 0x80000004 0x00F00D

10.5.255.22 10.10.0.1 344 0x80000001 0x00469F

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

10.10.0.0 10.10.0.1 1056 0x80000002 0x00E52C

Routing entry for 10.10.0.0/16

Known via "ospf 100", distance 110, metric 6, type inter area

Last update from 10.5.255.17 on FastEthernet0/1, 00:00:46 ago

Routing Descriptor Blocks:

* 10.5.255.2, from 10.10.0.1, 00:00:46 ago, via FastEthernet0/0

Route metric is 6, traffic share count is 1

10.5.255.17, from 10.10.0.1, 00:00:46 ago, via FastEthernet0/1

Route metric is 6, traffic share count is 1

It seems to me that I will never be able to get example 1 to work correctly because, since the difference between the two paths is only 1 link (2 links via direct, 3 links via "DS3"), and the two links are the same via both path, I can never set the cost for the 2 links to be equal to the 3 links.

Giuseppe Larosa Mon, 08/18/2008 - 09:01

Hello Brandon,

the network design I had in mind is actually that of of example 2 where it can work.

The network design of Example 1 fails to achieve load balancing because there isn't a real alternate path end-to-end: once you enter the broadcast network 10.5.255.0/28 there's no reason to use the "DS3" because it cannot carry to the other area networks.

In fact traffic should go out again in net 10.5.255.0/28 and this is of course no sense if there is an ABR attached to this subnet traffic will flow directly to it.

The network design of Example 2 is the one to be used.

Notice that you can easily extend the design to three sites using one site as the central hub you can have a L3 network (the MPLS service) and a collection of point-to-point WAN links.

I would suggest only one change to be considered: in order to provide full L3 redundancy, I would consider to have the WAN routers to be ABRs for each site prefixes too: it is just enough to have a trunk with enough Vlan subinterfaces from each WAN router to each site's campus network.

This is to avoid the single point of failure that are now the MAN nodes.

Hope to help

Giuseppe

branfarm1 Mon, 08/18/2008 - 09:20

Thanks again Giuseppe. Unfortunately, I don't think I'm going to get any new hardware for this implementation, which means my multi-layer switches at each site will act as the ABR's. I was going to convert some of my interfaces into routed interfaces and have the WAN terminate directly. I'm certainly going to ask for dedicated WAN routers, but I'm not holding my breath.

Actions

This Discussion