Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
6
Replies

Question on OSPF and default gateway

patas1975
Level 1
Level 1

‎01-05-2006 04:20 PM - edited ‎03-03-2019 11:22 AM

We have a WAN that consists of 4 locations. Site A has 2 T1 connections to the Internet and there is a 3825 router running BGP to handle the connections. Behind it are 2 PIX 515e's in failover mode. Site B has a connection to Site A using SBC's Gigaman line, which is a Gigabit fiber connection. The main route for Internet is through Site A. Site B has a 3825 as it's core router. Site B also has a DSL connection that is being used by consultants, which is connected by a Cisco 871 router. Site C has a T1 line to the Internet, connected through a 2600 router and a T3 line to Site B, connected through a 3825 router. Also, Site C is connected to Site A through a PIX-2-PIX VPN through the Internet. Site D has a T1 connection to the Internet, connected through a 2600 router, with a PIX-2-PIX VPN over the Internet to Site A. Hope that made sense.

We are planning on changing from static routing to dynamic routing to reroute traffic in case a connection were to go down. We are thinking about using OSPF to update the routes on the routers. There is also redundancy in Sites A, B, and C. If the Gigaman link between sites A and B were to go down, traffic can be rerouted through the DSL by establishing a VPN tunnel. If the T3 were to go down between sites B and C, traffic can be rerouted through the VPN tunnel across sites A and C and down the Gigaman. Site D can get to A by using dial-up Internet accounts if needed.

The question is how do we configure the route to the Internet and have Internet traffic reroute in case a link were to go down? For example, if the T1 line were to go down in Site B, how can we reroute Internet traffic through the T3 to Site B, through the Gigaman to Site A 's Internet link? I've tried looking at some sample configurations but they all had one gateway to the Internet and not multiple.

We would prefer to have each site use it's own Internet link and use the VPN tunnels as backups in case the main WAN links were to go down.

Thanks for the help.

Labels:
0 Helpful
6 Replies 6

patas1975
Level 1
Level 1

‎01-05-2006 04:38 PM

Here's a simple diagram.

Preview file
22 KB
0 Helpful

mheusinger
Level 10
Level 10
In response to patas1975

‎01-06-2006 02:07 AM

Hi,

you can conditionally insert default routes into OSPF with different metrics and of type E1 from your internet BGP routers.

Choosing the metric properly your routers will take the closest exit to the internet following the respective default route.

you could do the following:

ip route 0.0.0.0 0.0.0.0

router ospf 123

default-information originate metric 1234 metric-type 1

In case the default route vanishes then the advertisement will be withdrawn by OSPF. This can be refined with a route-map for additional conditions like the availability of a certain upstream network.

Metric type 1 assures to add the cost to reach the ASBR/BGP router, so that every router considers the closest internet exit only.

With a detailed knowledge of all involved topology and metrics you can figure out values such that in each location only the local internet exit will be used in case it´s available.

Hope this helps

Martin

0 Helpful

patas1975
Level 1
Level 1
In response to mheusinger

‎01-06-2006 10:06 AM

As far as setting up the OSPF Areas, would it be best to have it all in one area, Area 0? Or each site will be it's own area and have Site A be Area 0?

Thanks

0 Helpful

patas1975
Level 1
Level 1

‎01-10-2006 09:26 AM

Now to add to the mystery. In Site A and C there are PIX firewalls

sitting behind the Internet gateway routers. The internal routers use

the PIX as the default route to the Internet. If the Internet link

were to go down, how will the routes be rerouted to the alternative

Internet routes since the internal routers "think" the default route is

good since they are able to get to the PIX firewalls. Hope this makes

sense.

0 Helpful

mheusinger
Level 10
Level 10
In response to patas1975

‎01-10-2006 03:17 PM

Hello,

you could use OSPF from the PIX to announce the default route in case the internet connection is gone. This can be done according the first post - conditionally advertising the default route by the PIX.

In case there is another WAN router in frot of the PIX which has the internet access line you could use BGP between the WAN router and your internal router to announce the default route depending on the state of your WAN access line.

There is a configuration example for this case on CCO.

Hope this helps! Please rate all posts.

Martin

0 Helpful

arvenugopal
Level 1
Level 1
In response to mheusinger

‎01-10-2006 10:18 PM

Hi

The following is the sample configuration. you can replace the static with the ospf.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094769.shtml

if its useful please rate it

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card