Re: OSPF Virtual Link Needed?

jrogalski · ‎01-16-2002

Hello,

we are running an IPSEC VPN through an internet provider. Since I only control the end routers, if I wanted to use OSPF, should I make the main router area0 and the remote routers areas1,2,3,etc. and connect them using virtual links? If so, would I make each remote router a stub (there is only one network behind each remote router) and the main router a ASBR (there is an AT&T router at the main site which is the default gateway for the main VPN router). Any thoughts would be appreciated.

John.

MickPhelps · ‎01-16-2002

If your VPN is a tunnel going over the net and each end of the tunnel is in an OSPF area, as long as one of the areas is area 0, you shouldn't need virtual links.

You could make each remote site a stub (or totally stuby) area to cut down on LSAs traversing the entire VPN.

Mick.

agrewal · ‎01-16-2002

Does it mean atleaset one router interface at each of the remote site should be in area 0 and the other area connected to it be defined as a stub.

Avi

MickPhelps · ‎01-16-2002

You would probably want to make the central router the ABR (area 0 and stub area) so that LSAs don't travel over the VPN for area 0. Remote routers would be totally in the remote area.

Mick.