Solved: Re: Default-route originate

kunal-united · ‎09-24-2006

Hi,

The topology in my network is Star. I am the Core router(central. I am running OSPF with the branch locations.

Now I want to provide a backup for all these branches. So I decided to get another Core router2. 10 of the branches are directly connected to Core-router2

Now the scenario is that Core router1 is connected to Core router2. 100 branches connected to core-router1 and 10 branches connected to core-router2. the 10 branches also connects to core-router1

Corerouter1---Corerouter2

.....|..............|

......----branch----

So the plan is: if any branch-to-core-router1 link fails. The branch-to-core-router2 should take up.

if I advertise on the core-router1

router ospf 100

net x.x.0.0 area 0

default-information originate metric 200

ip route 0.0.0.0 0.0.0.0 core-router2(next hop)

So all branch routers will have a default route pointing core-router2.

My confusion is how will the default information originate command affect me.

And what needs to be configured core-router2.

Please note that there are 100 branch locations connected to core-router1 and only 10 branch locations are connected to core-router2 ad a backup.

So in this case do I have to use route maps with the default originate command.

Thanks

tdrais · ‎09-25-2006

For the remote sites that have 2 connection you do not need default-information orginate but for the sites that only connect to core 1 you may want it. Say you have 2 remote sites. "A" that has a connection to both cores and "B" that only connects to core 1. If the connection between A and core 1 goes down router A knows to use core 2. The issue is that B has lost the OSPF route. B still has a connection to core 1 he just does not know anymore that you can get to route A via that connection. Your options are to use default routes or to redistribute the floating statics as I descibe below. It is generally safer to use default routes that redistribution of floating routes.

Remote site. (dual connected ones only)

Default static route points to core 2.

Core 2

Default route points to core 1.

Static routes to all the directly connected remote sites

Core 1

Static route to all the remote sites pointing to core 2 with a administrative distace above ospf. This is called a floating static route.

A administrative distance of 250 works well.

Configure default orginate or redistrute the floating statics.

During normal operation traffic from a remote will go to core 1 since a more specific route is preferred over the default route. Core 1 will send the traffic to another location via the OSPF route since it is preferred over the floating static route that is configured to core2

During a failure.

Traffic from a failed remote site will go to core 2 since it has no other path. Once the traffic gets to core 2 if the destination remote site also is connected to core 2 it will go directly. If the remote site is only connected to core 1 the traffic will take the default route to core 1. core 1 will now send it to the remote site. Now return traffic will depend on the type of remote site. On sites that only connect to core1. If you have used the default orginate from core1 this will be the only path so the traffic will return via core 1. When the traffic gets to core 1 the floating static route will have taken over (since ospf route is gone) and it will send the traffic to core 2 which will forward it back to the remote site. Now on the sites that have operational connections to both core1 and core2 it must select between the 2 default routes. Since a static default route is preferred over the one it learns via ospf traffic will go directly back to core 2.

There are more complex failures but this design should work as long as there is any connection to a remote site. I bet you wish you could just run OSPF on the second core box.

View solution in original post

Harold Ritter · ‎09-24-2006

If you are running just one area, all branch routers will get connectivity to one another without needing a default route.

What is the purpose of injecting a default route in this design? Do the core routers provide Internet access to the branches?

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

kunal-united · ‎09-25-2006

Yes, I am running only one area. My core-router1 which is connected to branches offices are running with OSPF.

But the core router2 doesn't support OSPF.

And 100 branches are connected to core-router1 and only 10 branches are connected to core-router2.

So if the branches go down from core-router1, say about 7 of them went down then I would have to configure static routes on core-router1 pointing to the LANs of the branch offices via core-router2 and the branches will have a static route toward core-router1 to communicate all the other 93 branches. And those 7 branches have atleast 8 LANs in each. So total I have to put 56 static routes.

Configuring 56 static routes is a pain. I want to put a default route on core-router1 pointing to core-router2 using the default-information originate command. In this way I will not do all that static routing.

And the branches and core-router2 will have a static route with higher administrative distance.

Am I right or wrong?

tdrais · ‎09-25-2006

First the default orginate does not work the way you think. You cannot say the default route is the destination router2. It can only say send the default traffic to me.

Now you could manually put in a static route that does the same thing in each remote router pointing to core2. It would only be used if a more specific route is not in the table and that should only happen when you lose your connection to core1.

Now in core2 without a routing protocol you are going to have lots of static routes.

You will need to have static routes in core 2 to all the subnets at all the remote sites directly connected. Core 1 will also need the same list of static routes with a administrative distance set higher than ospf pointing to core2. This will allow it to take over when OSPF loses the remote site. You will also need to have a default route in core 2 pointing to core1.

kunal-united · ‎09-25-2006

so when the link fails ...on branches should I configure a static route or default route pointing to the core 2.

And the core 2 should have a static route to all subnets of core1

OR

the core2 should have a default route towards core 1 and the branch routers be configured with a static route pointing to core 1 via core 2. and core 2 is having a default route.

Is this the Only solution.

So according to you ...in my scenario there is no need to have a default-information orginate

Thanks

sundar.palaniappan · ‎09-25-2006

Hi,

There are 3 things you need to take care for routing via the core_2 router as a backup.

1. Core_2 needs to get to those branch LANs - This can be done by adding static routes or enabling a dyanmic routing protocol between core_2 and branch routers.

2. Core_1 needs to have a backup route to those branches via core_2.

This can be achieved by configuring floating static routes (route_w/higher_admin_distance) on core_1 for the branch LANs or by enabling a dynamic routing protocol (like RIP or EIGRP) between core_1 and core_2 routers. If you implement the second sceanrio, you need to redistribute the static routes into the dynamic protocol on core_2.

3. The branch routers need a failover route to core_2.

The easy way to accomplish this would be configure a floating static default route to point to core_2. When the OSPF route goes away the floating static route should come in and route the traffic via core_2.

HTH

Sundar

tdrais · ‎09-25-2006

For the remote sites that have 2 connection you do not need default-information orginate but for the sites that only connect to core 1 you may want it. Say you have 2 remote sites. "A" that has a connection to both cores and "B" that only connects to core 1. If the connection between A and core 1 goes down router A knows to use core 2. The issue is that B has lost the OSPF route. B still has a connection to core 1 he just does not know anymore that you can get to route A via that connection. Your options are to use default routes or to redistribute the floating statics as I descibe below. It is generally safer to use default routes that redistribution of floating routes.

Remote site. (dual connected ones only)

Default static route points to core 2.

Core 2

Default route points to core 1.

Static routes to all the directly connected remote sites

Core 1

Static route to all the remote sites pointing to core 2 with a administrative distace above ospf. This is called a floating static route.

A administrative distance of 250 works well.

Configure default orginate or redistrute the floating statics.

During normal operation traffic from a remote will go to core 1 since a more specific route is preferred over the default route. Core 1 will send the traffic to another location via the OSPF route since it is preferred over the floating static route that is configured to core2

During a failure.

Traffic from a failed remote site will go to core 2 since it has no other path. Once the traffic gets to core 2 if the destination remote site also is connected to core 2 it will go directly. If the remote site is only connected to core 1 the traffic will take the default route to core 1. core 1 will now send it to the remote site. Now return traffic will depend on the type of remote site. On sites that only connect to core1. If you have used the default orginate from core1 this will be the only path so the traffic will return via core 1. When the traffic gets to core 1 the floating static route will have taken over (since ospf route is gone) and it will send the traffic to core 2 which will forward it back to the remote site. Now on the sites that have operational connections to both core1 and core2 it must select between the 2 default routes. Since a static default route is preferred over the one it learns via ospf traffic will go directly back to core 2.

There are more complex failures but this design should work as long as there is any connection to a remote site. I bet you wish you could just run OSPF on the second core box.