I have a question regarding the understanding of OSPF.
What did the output means ?
As i can understand, the ip 172.20.0.254
is directly connected, but then it has the "Redistributing via ospf 1135" and the "Advertised by ospf 1135 metric 1 subnets" sentence's.
Ther is no way of this address is being learned by ospf, right?
Its just a confirmation what i need.
My concern, is caused by another area 0 with same Process in a two routers distance, and just want to clarifie my doubt.
Router#sh ip route 172.20.0.254
Routing entry for 172.20.0.0/16
Known via "connected", distance 0, metric 0 (connected, via interface)
Redistributing via ospf 1135
Advertised by ospf 1135 metric 1 subnets
Routing Descriptor Blocks:
* directly connected, via Vlan1
Route metric is 0, traffic share count is 1
At least part of your understanding is not correct. You say:
"As i can understand, the ip 172.20.0.254 is directly connected". But that address is not directly connected. If you look carefully you will see that you asked about the /32 address 172.20.0.254 and the response is for Routing entry for 172.20.0.0/16. So it is actually reporting that it does not know about 172.20.0.254 and that the class B network 172.20.0.0 is connected. It is the class B network that is "Redistributing via ospf 1135" and the "Advertised by ospf 1135 metric 1 subnets".
I am not sure what your concern is about another area 0 two routers away. And you have not given us enough information to understand that part.
Tks for ur reply Richard,
I understand your correction and i agree, i missed up the question.
I attached a draft wich could be more compreensive to understand my doubt.
I have a Wan Router, wich have a OSPF Process 1135 with the Service Provider Router.
I have a default static route, "ip route 0.0.0.0 0.0.0.0 172.20.0.254" to LAN, and another's vrf routes to the Firewall ip address, (not shown).
My question was, if this OSPF Process is independent from the OSPF process in Router/Switch 6006_1 and 6006_2?
As u can see in the attachment, the router between these 2 area's, is a 4506 with the same OSPF Process 1135, and the same IP Address, 192.168.156.2.
I think that this process is inactive as shown in the image, so i imagine that no OSPF is runnig between LAN Area (6006_1 and 6006_2) and WAN Area, (Wich are the same "0", but on different networks, 172.20.0.0 and 192.168.156.0).
So i think as long as i was composing this text that i really understand my question, but thus i feel that some incorrect configuration was made in attempting to join this two areas in only one.
Any suggestions ?
I have looked at the additional information that you have posted. There are still parts of it that I do not understand and you have not yet provided enough detail to understand completely what is going on there. But I believe that what you have posted does allow us to answer the question about whether there is any OSPF running between the area on the LAN (6006s) and the WAN. Given the show ip ospf neighbor on the 4506 shows that there are no neighbors, then we can conclude that there is no OSPF running between the LAN and the WAN (unless there is connectivity present in the network that is not represented in your diagram).
Sorry, i forgot the following configuration on 4506:
router ospf 1135
redistribute connected metric 1 subnets
redistribute static subnets
network 192.168.156.0 0.0.0.3 area 0
I was trying to understand why the client had this configuration, (same ip address/RouterId of "Router"), and im gessing that he couldnt apply the ospf between LAN and WAN.
6006_1 and 6006_2 have static routes for 172.20.0.246, for reaching the remote sites;
(S 172.23.56.0 [1/0] via 172.20.0.246)
(S 172.23.57.0 [1/0] via 172.20.0.246)
but if i do the show ip ospf database i see entry's for that subnet's beeing dvertised by 172.20.1.249, (6006_2 - BDR).
I'm am a bit confused about this but i'll try to read a bit more about OSPF.
There is not anything in your drawing or your description that tells anything about 172.23 so we have no way of knowing where it is or how it got into the OSPF database.
Given that the 4506 appears to be in the same subnet with the 6006_1 and 6006_2 (they all have addresses in 172.20.0(246,248,249) it would be easy to run OSPF between them. All it would take is to add a network statement for 172.20 in the OSPF process of the 4506.
There are several puzzling things in the parts of the config shown. One of the puzzling things is the configuration of OSPF router ID. When configuring router-id you can specify any address - there is no requirement that the address be an address on the router. But it is not valid for 2 neighbor routers to both be configured with the same routerID. And that appears to be what is configured between both 6006s and between the 4506 and the router. When configured that way one of the routers will pick some other address to be its routerID.
Rick and Petr?nio
Just was goin through this problem.. and conclusion probably is that no OSPF is running in between LAN and WAN even if the ID is same and the 2 AREA 0's are different..as OSPF NEIGHBORS FOR THE TWO(6006's and ROUTER 3750) ARE DIFFERENT in the command output..so i assume they are in different domain altogether and hence IGP is different for both of them..
I have queries myself..
1. The area 0 on the 4506 router shows -- INACTIVE in command output for sh ip ospf 1135 -- This proves that no ospf is running or ACTIVE currently on this router..also it has no neighbors for it..the query here is when would an area show as INACTIVE..
2. The 172.23.x.x networks(Remote Sites) as mentioned that we are talking about are being configured statically on the 6006's..so even if the OSPF is having info. abt. the same they will not be used unless these static routes are removed as their AD is better..But here where are these subnets connected is the query..they are not mentioned in the diagram and what is there connectivity to 6006's is the question..as we need to know from where atre these injected to 6006's in OSPF Database..to solve this query..
So, my main query in this scenario is -> when would an area show as INACTIVE as in output for 4506..
Hi Akki, Richard,
The subnet's are beeing learned by OSPF External, in Router.
In attach i add more information about the routes in each equipment.
Take a look at the traceroute from 6006_1 to Router. SWINFOR_1 is making only Layer2, right ?
My doubt here, is what should i change in this scenario to make it the "best pratcise".
Sould i try to join SWINFOR_1 in the same OSPF process, and join the LAN and WAN area, in OSPF ?
Should i try to make the SWINFOR_1 a border Router in different OSPF Process's?
I should not change anything . It's good as it is?
For an overview more complete of this network, in 6006_1 and 6006_2 i have several 3500XL switchs, connected in cascate, for variuos floor's of my costumer.
6006_1 and 6006_2, should be a "distributed" switch area, and the SWINFOR_1 should be a "Core" area, and i have some DMZ's area attached in the Firewall, so the output in attached is a part of the complete information.
This is an already builted network and im trying to getting a "better" network, topology and performance.
From the latest attachment it is pretty clear that the OSPF 1135 is different in both 6006's(LAN) and the WAN Router as the sh ip route command signifies that there are no OSPF Routes in the table for 6006's(all static) and all the routes for subnet 172.23.x.y are learnt via OSPF by the WAN Router 3750 and it has no other connectivity towards the LAN(6006's) without SWINFOR_1 4506(i have a query here that what is function 4506 is performing here as it has no routes learned from OSPF (no neigbors) also Area is showing INACTIVE(have a query why..?) must be a Core Device so load on it has to be kept to minimum probably..please specify)
Moreover, there are no neigbors for 4506 to learn routes from and hence, this clears that the OSPF is different for both LAN and WAN..
Now, the BEST PRACTICE for this toplogy here would be to use Static Routes instead of OSPF(as it consumes its own resources on devices) if there are not many subnets in the network and you do not feel that there won't be many more adding to the network and you can manage them manually by adding then it is fine as it is.. as already there is a procees 1135 running on 6006's(this must be for the LAN)..IF U CAN CLARIFY WHAT IS IN THEIR IN THE LAN FOR WHICH this OSPF process is running on 6006's and what all it is redistributing on other devices in the LAN(must be the subnets of these Remote Sites)..
If u can also paste the complete Network Diagram including LAN/WAN..in the diagram then probably better solution can be worked out..
Also, you edited your last attachment..Could you please share from which tool you edit and paste these command output results as pages and edit/create the diagrams..i think it is quite beautiful and explanatory method to use..
"...i have a query here that what is function 4506 is performing here as it has no routes learned from OSPF (no neigbors) also Area is showing INACTIVE(have a query why..?) must be a Core Device so load on it has to be kept to minimum probably..please specify)"
I had the same suspicous, but then i saw the few ospf configuration no making sence to me, but there is nobody here to ask for it.
"...as already there is a procees 1135 running on 6006's(this must be for the LAN)..IF U CAN CLARIFY WHAT IS IN THEIR IN THE LAN FOR WHICH this OSPF process is running on 6006's and what all it is redistributing on other devices in the LAN(must be the subnets of these Remote Sites).. "
I really dont think that this process is really necessary.
The "show ip route", "show ip ospf", and "show ip ospf neighboors" commands don't show me nothing to worry about.
I only need to garantee that the Lan Network, (172.20.x.x / 16) is able to communicate with remote sites and vice-versa.
I really dont think that the client would grow up in the LAN environment, so i will suggest the client (if they understand that) to cancel that OSPF Process in the LAN Area, (6006_1 and 6006_2).
Routes for Remote Sites are getting routed for WAN Router statically.
Routes for DMZ Address's are configured in the Firewall statically.
In the WAN router, there is an OSPF Process 1135 running between the ISP Router.
In this point i'm learning routes to Remote Sites from OSPF External , wich means (if i am not wrong), it were been advertised from another OSPF AS/Area).
The tool is not a very unknown from us, it's MS-VISIO.
You Have to download Cisco Stencils, cause it's not able in default stencil library.
Just edit the text box, and paste the information to show, then save it as *.jpg
The network draw is being completed, as long i'm passing trouhgh.
Thank you for your attention,