Solved: Re: OSPF Routing Preference

neil.robinson · ‎03-12-2004

We have two main sites connecting to a customer network through PIX 515’s. The PIX 515’s sit behind Cisco 2600’s which are configured as GRE tunnels terminating at the customer Cisco router. The GRE tunnels are transmitting and receiving OSPF LSA’s. The PIX’s are also setup for OSPF.

The customer router has tunnels configured for separate OSPF area’s to each Cisco 2600. The Cisco 2600’s has separate OSPF AS’s setup for the tunnel interface and the Ethernet interface connecting back to the PIX. The tunnel interface OSPF area is redistributed into the Ethernet OSPF AS on area 0.

The PIX redistributes from the OSPF AS on the DMZ interface (this is the interface that connects to the 2600) to the OSPF AS on the inside interface as external type 1’s.

Both main sites are also connected together via a leased line on the backbone (area 0).

The problem we are getting is that OSPF on the PIX 515’s will learn to route to the customer router via the Cisco 2600’s, but after a period of time the route will be relearned via the leased line routers on the backbone (area 0).

I have tried using route-map policies on the 2600 to redistribute a lower metric for the route to the customer network. This seems to work for a period of time learning the route via a lower metric, but again OSPF on the PIX relearns the route via the backbone routers.

I know OSPF preference is O, O IA, OE1, OE2. But the cost to the customer network has been lowered with my route-map policy.

Is this a problem with OSPF in the PIX? Is there a maximum path limit on OSPF for the PIX? Or is there another work-round?

Thanks

Neil

ruwhite · ‎03-14-2004

Okay, from your description, it sounds like the 2600's are receiving external ospf routes from the ospf process through the external link, and also from the pix locally (through the ethernet). Is this correct? And there are two processes on the 2600's, as well, correct?

If this two processes, and not two areas (I'm having a hard time with all the redistribution, it sounds like you have three points of redistribution here between the customer and the backbone, or maybe four), then.... We don't compare the metrics of ospf routes between two processes, the last one installed wins. So, it could be that you are simply seeing the effect of the order in which the routes are installed. If you want to force one route or the other to be installed consistently, set the administrative distance on one of the processes lower than the other one.

Hope that helps.

:-)

Russ.W

View solution in original post

ruwhite · ‎03-12-2004

Any chance of attaching a diagram of the way this is layed out?

:-)

Russ.W

neil.robinson · ‎03-13-2004

Please find diagram attached.

Hope this helps to explain the problem.

Many Thanks

Neil

ruwhite · ‎03-14-2004

Okay, from your description, it sounds like the 2600's are receiving external ospf routes from the ospf process through the external link, and also from the pix locally (through the ethernet). Is this correct? And there are two processes on the 2600's, as well, correct?

If this two processes, and not two areas (I'm having a hard time with all the redistribution, it sounds like you have three points of redistribution here between the customer and the backbone, or maybe four), then.... We don't compare the metrics of ospf routes between two processes, the last one installed wins. So, it could be that you are simply seeing the effect of the order in which the routes are installed. If you want to force one route or the other to be installed consistently, set the administrative distance on one of the processes lower than the other one.

Hope that helps.

:-)

Russ.W

neil.robinson · ‎03-15-2004

I have changed the distance for external routes being redistributed into the backbone area on the PIX. This seems to have done the trick. I have monitored the routing tables this morning, and all looks ok.

Many thanks for your help Russ.

Cheers

Neil