I have two sites connected over 2 links, one PPP and other over VPN. I am using OSPF to route between the sites and make some redundance. I have the network 172.17.0.0 in one side and the 172.18.0.0 in the other. I want all the traffic to come over VPN except the traffic for an specific IP, 172.17.1.10, this IP should be accessed over PPP link from 172.18.0.0, I could put a static route, but I want redundancy on it so is there anyway to do it with ospf??
This is possible, however since VPNs usually can't carry ospf, you need to set a gre tunnel on the vpn, and have ospf over the tunnel.
Hope this helps, please rate post if it does!
The ospf over vpn is ok, we could even consider any type of link just to focus on ospf. The problem is how to set the OSPF to do that, send all traffic over one link and only a specific IP over the other.
I belive you have make Site to site IP Sec tunnel and you are using OSPF , But this is not possible because IP Sec tunnel not support Multicast traffic ( i.e OSPF, EIRGP. RIP V2 etc ). So you need to create GRE end to end tunnel which suppport to carry Multicast traffic and it will work,
I hope this will clarify your points. Please rate this post
I already have a GRE, the VPN is not the problem, only the ospf configuration to send all traffic over one link and the traffic for a specific IP over other.
please dont worry about OSPF over VPN it's working fine.
We can consider it's 2 ethernet links between site.
ospf will not send certain traffic over one link, etc. It route by destionation only.
For that, you need PBR. Then if you want PBR and redundancy, it's a more advanced configuration.
Thanks, but lets say i have
site 1 Site2
Two links and simple ospf
network 172.17.0.0 area 0
network 172.18.0.0 area 0
This way all traffic will go over one link or other depending what ospf consider better, thats ok. I just want to force ospf to send traffic for one IP over other link that is unused. what do I put in the configuration of router for that to say to others that this route for this single IP is better to come over other link?
You can't do that with ospf. Speacifying traffic _to_one IP wuld be a static route. Specifying traffic _from_ one IP would PBR.
But if i configure a static route I will have no redundancy right? That's the problem I need it going over one link but if the link goes down this IP go through the other concurring with all other traffic.
You can have static routes and redundancy. That is done with object tracking and probes.
Or, if the static is over a physical interface, once it goes down, dynamic routing ospf will take precedence.
Yea, i didn't want to use tracking and probes because I have a lot of sites in full mesh topology and it's too complicated.
I was wandering if I could use someting like route-map in the incoming interface and match this route map in an ACL with this single IP then set metric for that and ospf would see this route as better for this single IP.
Should it work?
It's not a physical link also, so when one side goes down, the other one is up.
With some protocols like EIGRP you do have the ability to manipulate the metric for individual routes. But you can not do that with OSPF. As a link state protocol it calculates its metric based on its map of the topology and all routes learned from a source over an interface will get the same metric.
If you want to route a specific IP address over the PPP link then I see no good alternative to static route/object tracking or PBR.
Yes, with ospf or even easier with rip, you can inject a more specific route for the IP you are interested in. Then with a distribute list you make sure it's advertised on one link only.