Default route and Ospf

Answered Question
Dec 21st, 2008
User Badges:
  • Bronze, 100 points or more

I have a 3745 w/ a NME-16ES-1G-P and have 7 vlans on the NME


and I'm running OSPF on both and I'm able to ping any ip assined to the router but not past that


I'm sure its something simple that I'm just over looking

I've attached the Configs of both the ether switch and the router



Correct Answer by Harold Ritter about 8 years 6 months ago

One more thing. Do not forget to configure "ip nat inside" on interface gig1/0.


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
Giuseppe Larosa Sun, 12/21/2008 - 13:43
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Richard,

to generate a default route that is sent to another OSPF neighbor on the router add


router ospf 1

default-information originate


redistribute static is not enough


Sorry for the other post about IPv6 I didn't realize the module had its own IOS and configuration


Hope to help

Giuseppe


is66rlhntadm Sun, 12/21/2008 - 13:49
User Badges:
  • Bronze, 100 points or more

thats fine


I've added default-information originate and still can't ping z.x.y.38 from the ehterswitch but I can ping it from the router


38 is the ip assigned to my side of the ISP router


also the ehterswitch can't ping 4.2.2.1 (well known any-cast dns server)

Harold Ritter Sun, 12/21/2008 - 13:48
User Badges:
  • Cisco Employee,

Richard,


Try assigning the ip address 10.200.200.2/24 directly under interface Gig1/0/2 rather than under the vlan interface. It should fix the issue.


Regards

is66rlhntadm Sun, 12/21/2008 - 13:57
User Badges:
  • Bronze, 100 points or more

I issued the commands


Int vlan 200

no Ip address

int gi 1/0/2

no switchport

Ip address 10.200.200.2 255.255.255.0

Ip ospf 1 area 0


and still can't ping Z.X.Y.38

Giuseppe Larosa Sun, 12/21/2008 - 14:04
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Richard,

I don't see any network command in your router ospf processes you need them to build adjacencies


router ospf 1

network 10.200.200.0 0.0.0.255 area 0


on both sides otherwise the default originate command is useless



edit:

I haven't seen you were using the new syntax ignore this post



Hope to help

Giuseppe


is66rlhntadm Sun, 12/21/2008 - 14:07
User Badges:
  • Bronze, 100 points or more

just a little after I started the conversation I changed the commands under ospf 1 to

network 10.0.0.0 0.0.0.255 area 0

network 10.1.0.0 0.0.0.255 area 0

network 10.2.0.0 0.0.0.255 area 0

network 10.3.0.0 0.0.0.255 area 0

network 10.4.0.0 0.0.0.255 area 0

network 10.200.200.0 0.0.0.255 area 0


oh is it better to use range than network?

is66rlhntadm Sun, 12/21/2008 - 14:28
User Badges:
  • Bronze, 100 points or more

anything else?

the etherswitch still can't reach the internet


I have this feeling that after its sorted that it'll seem so simple and it was just being overlooked

Harold Ritter Sun, 12/21/2008 - 14:55
User Badges:
  • Cisco Employee,

Richard,


Can you verify that the ospf adjacency is up between the two devices (show ip ospf nei) and whether you are receiving the default route on the ethernet switch.


Regards

Correct Answer
Harold Ritter Sun, 12/21/2008 - 15:54
User Badges:
  • Cisco Employee,

One more thing. Do not forget to configure "ip nat inside" on interface gig1/0.


Regards

is66rlhntadm Sun, 12/21/2008 - 16:09
User Badges:
  • Bronze, 100 points or more

Entered Show ip ospf Nei on ethSW

75.148.235.33 1 FULL/DR 00:00:35 10.200.200.1 GigabitEtherne

t1/0/2

Entered Show ip ospf Nei on Router

10.200.200.2 1 FULL/BDR 00:00:35 10.200.200.2 GigabitEtherne

t1/0


and added Ip nat inside to Gi 1/0

is66rlhntadm Sun, 12/21/2008 - 16:14
User Badges:
  • Bronze, 100 points or more

ok I just tested again from a computer in vlan 2 and it can now ping 4.2.2.1


but the ethSW still can't

I think at this point I can say its working

Harold Ritter Sun, 12/21/2008 - 17:19
User Badges:
  • Cisco Employee,

Richard,


The fact that it doesn't work when you ping from the ethSW is due to the fact that the source address by default is 10.200.200.2 and this address doesn't match any one of your NAT rules. An extended ping with one of the vlans IP address as the source address will solve this issue. This is not a big issue though as long as it works for the vlan users.


Have a great holiday season

is66rlhntadm Sun, 12/21/2008 - 20:14
User Badges:
  • Bronze, 100 points or more

Thanks


my intent is so that the managment IP's of devices other than the router don't reach the internet so now that I have it worked out its fine


I could easily set the 10.200.200.0 network in the ACL for the nat trans


the part that fixed hosts in the 3 Internet vlans was the IP nat inside part


thanks for the help and Have a great holiday season as well

Actions

This Discussion