Solved: OSPF Stub Areas with X2 /30 Vlan int's from Core Routers - Can you help?

Matthew burnley · ‎01-23-2014

Hello all,

I am a CCNA studying with GNS3 for my CCNP route and need a bit of help, i have built a situation with 2 core routers and 5 distribution layer 3 switches. I have OSPF running as a /30 vlan interface trunked through to each layer 3 switch. So stub router 1 has a /30 with Core router 1 on a vlan interface and a /30 with Core router 2 all using layer 2 vlan interfaces so i can trunk them through each other. I have made the layer 3 switches total stub areas to reduce the routing table so each Core router will inject a default route instead.

NOTE: Stub router is in its own OSPF area.

The /30 between Stub 1 and Core 1 is fine, Core router 1 injects a default route into stub router 1 and does not use the other default route received from core router 2 as the OSPF cost is set on those legs as 65000 to indicate its a backup link, t he backup links are trunked through the layer 2 switches so if core router 1 fails then it has a backup path to core router 2 as seen on diagram linked below. All outgoing traffic from the stub networks goes OUTBOUND via the correct core router but the problem arises with INBOUND traffic from the internet into the core router which the stub areas use as a backup. The INBOUND traffic from the internet is routed via the backup OSPF legs over the 1GB Fibre link and not via the 10Gb link because the backup routers are directly connected with a /30 to the stub area via the layer 2 vlan interface/trunk

Please refer to the diagram in the link below for reference.

http://www.postimg.org/image/tj9i8r5q5/

The example below is that Stub area 1 wants to send traffic to the internet, it has 2 default routes in the OSPF topology table but only injects 1 default route into the routing table, and thats core router 1, as core router 2 has to traverse two layer 2 switches trunked and a 1GB fibre connect. When the traffic comes back from the internet and it arrives at say Core router 2, core router two looks at its routing table but prefers to send it to stub 1 via its own /30 vlan interface even though it has to go over a slow bit of fibre and two layer 2 switches, surely the 10Gb fibe to core router 1 and then to stub 1 would be better?

I have set the OSPF costings of each backup vlan interface on each router to 65000 but yet it still prefers this link as its directly connected to Stub 1 even though its trunked over a worse path, i want Core router 2 to send it to core router 1 and then to stub area even though is an extra hop, its a better path and besides the 1Gb connection is suppose to be a backup and cannot support any traffic only in an emergency. If i shut the vlan 20 down it sends the traffic to the other BGP router, when i unshut it it sends inbound traffic from the internet via the backup link i THINK because it appears to be "directly connected" over the trunk.

When this was setup with every stub router in area 0, all inbound traffic from the internet that arrived at core router 2 would be passed to core router 1 and onto the stub, where as now i have stub routers each in their own area inbound traffic from the internet on core router two is being routed directly to the stub over the backup trunk link, it no longer passes the traffic to core router 1 even though it has the faster links.

Can anyone help me with my problem, i am very much interested on hearing your solutions,

If any OSPF genius's can help me i would really appreciate the solution!

Many Thanks.

Rolf Fischer · ‎01-23-2014

Hi Matthew,

Jon has already pointed out the reason for your problem: The best path selection rule in OSPF (RFC 1583).

Even with the newer rule, defined in RCF 2328 and a non-default option in Cisco IOS (command: no compatible rfc1583), the result would be the same in your topology:

Intra-area paths using non-backbone areas are always the most preferred.

The other paths, intra-area backbone paths and inter-area paths, are of equal preference.

So I think the only solution to overcome this would be a second OSPF link between the Cores in the same area as Stub-1, e.g. by configuring the 10G-link as a trunk and add SVIs on the cores. The result would be a triangle in that area and then you can influence paths by costs within that triangle.

HTH

Rolf

Btw: Very good work for exam-preparation!

View solution in original post

Jon Marshall · ‎01-23-2014

Matthew

I am no OPSF genius by any means and there are people on these forums who know it much better than me but this is your problem.

I am assuming the interfaces connecting core 1 to core 2 are in area 0. So core 1 is an ABR. This means any routes it receives from the stub1 switch when it sends them to core 2 they are now inter area routes ie. it was received by core 1 on it's area 1 interface and sent to core 2 in area 0.

But core 2 has a direct link to stub1 in area 1 so it receives an intra area route.

Intra area routes are always preferred over inter area routes so no matter what you do with the costs it isn't going to work the way you want because cost is taken into account only after the route type has been considered ie. in order of preference -

intra area

inter area

external type 1

external type 2

so your topology won't work in the way you intended.

There is no obvious solution to this although others may be able to contribute. But i would argue that if traffic from the internet can come in to either core router then core2 is not really a backup and so you need to accept that traffic will go direct to stub1 from core2 and provision the links accordingly.

Of course if you are using BGP to advertise your routes you can use AS prepending to make sure that all traffic inbound from the internet goes to core1 and only if it fails does traffic then go to core2. In which case core2 now is a true backup ie. it is only used when core1 fails.

Jon

Nagendra Kumar Nainar · ‎01-23-2014

Hi Mathew,

Very clear writeup about your problem

How do you have the 10G between core1 and core2?. Is it Laer 2 or Layer3?. If it is Layer2, can you convert it as Layer 3 and increase the cost on vlan interface on core2?.

-Nagendra

Rolf Fischer · ‎01-23-2014

Hi Matthew,

Jon has already pointed out the reason for your problem: The best path selection rule in OSPF (RFC 1583).

Even with the newer rule, defined in RCF 2328 and a non-default option in Cisco IOS (command: no compatible rfc1583), the result would be the same in your topology:

Intra-area paths using non-backbone areas are always the most preferred.

The other paths, intra-area backbone paths and inter-area paths, are of equal preference.

So I think the only solution to overcome this would be a second OSPF link between the Cores in the same area as Stub-1, e.g. by configuring the 10G-link as a trunk and add SVIs on the cores. The result would be a triangle in that area and then you can influence paths by costs within that triangle.

HTH

Rolf

Btw: Very good work for exam-preparation!

Matthew burnley · ‎01-24-2014

Thanks Jon and Rolf.

Rolf your solution works, i have added another SVI on the trunk between the two core routers and put it in the same area as the stub and now i can influence traffic with the costs on the vlan interfaces.

Thanks very much that has been very helpful!

Rolf Fischer · ‎01-24-2014

Matthew,

you're welcome! Thanks for using the rating system and good luck for your exam!

Regards

Rolf