Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

What is the impact of unstable network advertisement in to OSFP AS

Hi All,

General query. I have ASA which redistributes the EZVPN client's subnets (via redistribute connected subnets) in to the internal OSPF domain with multiple areas. Question is incase if the remote client has flapping connectivity to ASA, will it creates any instability in the inside OSPF domain..? If so, is there any way to supress those subnets for time being (till the link gets stable).

Thank you

MS

1 REPLY

Re: What is the impact of unstable network advertisement in to O

Hello!

I don't know exactly how EZVPN is working, but if you redistribute connected than you will have no problem with OSPF, not matter how stable is your link to VPN remote site. You will always have an interface into the direct connected subnet which is redistributed to OSPF, and OSPF will always see this (as log as the IP is there) and advertise the subnet.

The problem is that your packet from LAN, to a remote VPN site reach OSPF router which is forwarding the packets through it's directed connected interface. If the remote end is not reachable the packet is discarded on the interface.

If you would have OSPF process with your VPN remote end, and this is flapping a lot, that's another story. You can have bigger hello time interval and dead interval and this will make OSPF process reconverge not so often.

Hope this is clear!

Cheers,

Calin

105
Views
3
Helpful
1
Replies