I am having a path selection problem here, hope someone can help. Please refer to the attached diagram.
Basically, the VPN gateway in HQ needs to communicate with the VPN peer in Partner office. Both A.A.A.0/24 and B.B.B.0/24 subnets are global addresses, and therefore routable across the Internet.
HQ has 4 paths to A.A.A.0, arranged in order of priority
1. Point-to-point between HQ-A and R01
2. Point-to-point between DR-A and R02
3. Via Private ISP cloud
4. Via public Internet
I'm am trying to make Path 3 the preferred path, but unable to do so because of the following reasons:
a> Path 1 & 2 are currently seen by OSPF process as internal routes
b> Router ISP-B is redistributing A.A.A.0/24 from BGP into OSPF. Thus, ISP-B is advertising A.A.A.0/24 as an external route in OSPF to HQ-B, which is then propagated to HQ-A and DR-A.
Thus, Path 3 loses out to Path #1 and #2
Someone recommended me to perform the following actions:
a> Remove network A.A.A.0 from the OSPF process in R01 and R02
b> Add the command 'redistribute static' in the OSPF process of R01 and R02
c> Add the following static routes in R01 and R02
-R01 : ip route A.A.A.0 255.255.255.0 Gi3/0
-R02 : ip route A.A.A.0 255.255.255.0 Fa0/1
The objective is to make all the paths advertised as an 'external' type, which would then enable the use of metrics as a deciding factor.
Another reason why this alternative was suggested was because when I run a 'show ip ospf borders', the private ISP's routers (ISP-A and ISP-B) have a better metric than the other routers. Therefore, we assume that if all routes are of the same type (external), the router would make use of this metric.
I think making all of the routes as external would work. Another way to make path 1 and 2 external routes is to remove the network statement for a.a.a.0 on r1 and r2 and use the "redistribute connected" command instead.
I would also recommend to configure path # 3 as an external type 1 so that it is always prefer over path 1 and 2.
Let me know if I answered your question,
Harold Ritter Sr. Technical Leader CCIE 4168 (R&S, SP) firstname.lastname@example.org México móvil: +52 1 55 8312 4915 Cisco México Paseo de la Reforma 222 Piso 19 Cuauhtémoc, Juárez Ciudad de México, 06600 México
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...