08-24-2008 09:35 AM - edited 03-03-2019 11:15 PM
Hello.
I have thre routers:
R1 - RID 192.168.10.1
R2 - RID 192.168.10.2
R3 - RID 192.168.10.1
they are connected in one brodcast network.
the R2 and R3 are routers connected to internet.
I want to R3 and R2 advertise default route by OSPF and R1 recive both default routes and change metric in one of them to one route be primary default route and
second be backup default route (it is needed because i want to place statefull firewall beetwen the routers).
I do the folowing configuration on router
R3 and R2:
R3:
interface Loopback0
ip address 192.168.11.1 255.255.255.0
interface FastEthernet0
ip address 192.168.10.3 255.255.255.0
speed auto
router ospf 100
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 0
network 192.168.11.0 0.0.0.255 area 0
default-information originate always metric-type 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 permanent
R2:
interface FastEthernet0
ip address 192.168.10.2 255.255.255.0
speed auto
router ospf 100
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 0
default-information originate always metric-type 1
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial0 permanent
AND on R1 is the folowing configuration:.
interface Ethernet0
ip address 10.0.0.1 255.255.255.0
half-duplex
!
interface FastEthernet0
ip address 192.168.10.1 255.255.255.0
speed auto
router ospf 100
router-id 192.168.10.1
log-adjacency-changes detail
network 192.168.10.0 0.0.0.255 area 0
distribute-list route-map ddd in
ip prefix-list defroute seq 10 permit 0.0.0.0/0
access-list 1 permit any
access-list 10 permit 192.168.10.3 log
access-list 20 permit 192.168.10.2
route-map ddd permit 10
match ip route-source 10
set metric 10
!
route-map ddd permit 20
match ip address 1
match ip route-source 20
The problem is that the configuration made on R1 is not working - metric do not change.
sh ip route on R1 display folowing output:
C 192.168.10.0/24 is directly connected, FastEthernet0
192.168.11.0/32 is subnetted, 1 subnets
O 192.168.11.1 [110/2] via 192.168.10.3, 00:00:25, FastEthernet0
O*E1 0.0.0.0/0 [110/2] via 192.168.10.3, 00:00:25, FastEthernet0
[110/2] via 192.168.10.2, 00:00:25, FastEthernet0
Can somebody help me, where i made mistake ?
Thanks for help.
08-24-2008 10:34 AM
Wociech
OSPF as a link state protocol must draw a logical and accurate map of the network topology and from that map will calculate the routes. I do not believe that OSPF gives you the ability to manipulate the metric in the same way that some other protocols do. I believe that the set metric that you use in the route map could be effective for some other protocols but not for OSPF.
HTH
Rick
08-24-2008 05:56 PM
Wociech,
One way to achieve what you want to do is to originate the default with as an E1 on the primary side and leave the secondary as an E2 (which is the default). R1 will naturally use the route to the primary as the E1 is preferred over the E2.
Regards,
08-25-2008 12:12 AM
Hello Wociech,
on R2
router ospf 100
default-information originate always metric-type 1 metric 50
in this way you will have an higher seed metric for the 0.0.0.0/0 or R2.
remove all the stuff on R1 because it is wrong in theory because OSPF is link state you cannot change an LSA attribute like metric on another router: LSA is owned by the originator and is propagated unchanged on all the OSPF domain (in the case of LSA type 5 as the default route).
Only the LSA owner can send a new version of the LSA with a different field like a different metric value.
Hope to help
Giuseppe
08-25-2008 04:34 AM
Wociech
In my response I focused on your question about what you can do on R1 to prefer one of the default routes and the fact that R1 can not really do that. The excellent suggestions from Harold and from Guiseppe look past that and suggest ways to achieve what you want by doing things on R2 or R3. Their suggestions should provide an effective solution to your requirements.
HTH
Rick
08-29-2008 02:08 AM
The problem is not to R1 get two default routes with difrent piority. The problem is how to do that on R1.
Ok whole the problem is that i have two difrent locations far away from each other.
In one location is R2 > statefull firewall > R1
In second location is R3 > statefull firewall > R4
R2,R3 - have connection to internet.
R1 and R4 are dmz routers. DMZ have public addreses.
DMZ must be the same l2/l3 segment i in both locations.
I have first l2 connections - segment betwen R2 and firewall in location 1 is connected witch segment between R3 and wirewall in location 2.
I have second l2 connections - segment betwen R1 and firewall in location 1 is connected witch segment between R4 and wirewall in location 2.
The problem is how to configure traffic that if communication will be sent to one firewall then the return traffic will be send to this same firewall. (without emploing any nat). And maintain redundancy in case of failure of one firewall or failure one of routers R2 or R3.
Of course it is not posible to build cluster form firewals in location 1 and location 2 but they support ospf.
In IOS decumentation it is writen that metric command is suported for OSPF. I have seen the same working excamples on cisco.com that my, only difrence was that it was for the normal routes not for default which is external in meening of ospf. (but i see that it is not working with normal route too in my case).
Mayby i am missing something.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: