08-05-2007 08:00 AM - edited 03-03-2019 06:11 PM
Here is my network configuration:
10.10.10.0/24 -(Firewall)--- R1 -- (static)ISP ---- R2 --- (OSPF)---R3----(OSPF)--- HQ -----
- R1 connects to R2 through an ISP with a default route to R2
- at R2
+ Subnet 10.10.10.0/24 is redistributed into OSPF
+ Static route IP route 10.10.10.0/24 <ISP>
(we just send traffic to 10.10.10.0/24 through the ISP next ho router and they will send it to R1)
- at R3
Subnet 10.10.10.0/24 is seen at R3 through OSPF
now i have a new dedicated link between R1 and R3
What i want to achieve is the redundancy for the 10.10.10.0/24
- Traffic to HQ shall go to ISP if R2 is reachable through ISP (first priority)
- If the link to R2 fails traffic shall go to R3
With the following conditions:
1. I am not allowed to configure dynamic routing between R1 and R2
2. No restriction on routing protocol between R1 & R3
HSRP won't work because
If the ISP link fails traffic will be sent to R3 but because the OSPF static route redistribution
at R2, the traffic going back to 10.10.10.0/24 through R3 will be dropped by ISP
If i configure OSPF for the new link between R1&R3 and redistribute 10.10.10.0/24 into OSPF at R1 (with higher metric than at R3),what shall i do to ensure that the redistributed static route to 10.10.10.0/24 through ISP will not be injected (and thus the redistributed static route through R1 will be in routing table) when the link between R1 & R2 throuhg ISP fails ?
What is the best solution to my problem ? Appreciate your help
08-05-2007 09:35 AM
Friend,
Do you still use the default route only over the ISP link or can point specific HQ routes?
Router choses a link based on the longest match and hence the default will be mayched only when the route is not learned via another routing protocol.
With Specific routes--
Say for eg. HQ has subnet 100.100.100.0/24
Then on R1 configure
ip route 100.100.100.0/24
run ospf with R3
router ospf 100
redistribute static subnets route-map test
network
route-map test permit 10
match ip address 10
access-list 10 permit 10.10.10.0 0.0.0.255
R1 uses the static route due to lower AD but also advertises the source via OSPF to R3
On R3 configure
router ospf 100
network
distance 120
access-list 10 permit 10.10.10.0 0.0.0.255
The above configuration makes the direct link less preferrable.
When the ISP link fails, the traffic to HQ will be forwarded via OSPF to R3. The redistributed static route from R2 would be flushed out of R2 and R3. R3 would start using the direct link to R1 to send the traffic.
With only default route
If you only want to use the default route from R1 then you need to deny the OSPF routing updates from being installed in the routing table.
For this you need to tweak the OSPF config at R1 in addition to what configured above
At R1 configure a floating static route via the direct link and deny the ospf updates
ip route 0.0.0.0 0.0.0.0
router ospf 100
distribute-list route-map deny-ospf-routes in
route-map deny-ospf-routes deny 10
match ip address 20
access-list 20 permit any
HTH, rate if it does
Narayan
08-05-2007 10:03 AM
Hi,
One simple solution is you can configure floating static route in R1 to reach R3 by setting some administrative distance and configure another floating static route in R3 to reach R1 with administrative value higher than OSPF routes (110). So, the link between R1 and R3 will behave as a backup link.
Eg.
ip route 192.168.11.0 255.255.255.224 192.168.11.137 240
Here 240 is the administrative distance.
I think running OSPF between R1 and R3 will not work, in that case link between R1 and R3 will take preference over the link through ISP. Since link through ISP is an external OSPF route which is less preferred than OSPF IA or intra-area routes.
Thanks,
Vijaybabu
08-05-2007 10:27 AM
Vijaybabu,
You are right and hence he needs to do configure it the way i posted above if using OSPF
Narayan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide