Addressing IP OSPF
I read a lot about the OSPF design and tuning, and I was unable to find something between routers in IP address space. OSPF elects a DR and a BDR for each broadcast domain, so you can end up having several DR/BDR in the same area. If you have any links between routers in the same broadcast domain, then it won't be a DR and the BDR for this particular area; is this favorite? All routers have yet to run the algorithm SPF, but DR/BDR send routers intra-zone of the LSA. All routers in the field of broadcast one would save a little bandwidth or processing power?
It is a common misunderstanding to believe that an area should have a single DR and one BDR. But this isn't the case. Indeed, DR and the BDR have nothing to do with the regions.
I think that the situation you describe could be like this
RouterA has an Ethernet to RouterB
RouterA has a separate RouterC Ethernet connection
RouterA has a separate RouterD Ethernet connection
RouterA has a separate routers Ethernet connection
Then RouterA is a member of 4 separate broadcast domains. And Yes RouterA would DR or BDR in each of the 4 areas broadcast (assuming it's not all routers connected to one of these broadcast domains). It is not necessarily a problem for RouterA be DR or BDR in multiple channels).
HTH
Rick
Tags: Cisco Network
Similar Questions
-
Area ID ospf ESG in form of IP address problem
Hi, I am trying to configure OSPF between the GSS and a Fortigate device, Fortigate use the id as a form of address IP ospf area, but when I try to configure the GSS with the same area as IP address id, I can't do that, because the webclient service do not allow me to write a point, same, I try to use the REST API but the reference says xml this area id is a number between 0 and a lot, that I don't remember, documentation of the NSX says we can configure the zone id ospf as a number or as an IP address, but I can't.
Any help?
There are a few videos online to integrate a Fortigate with a Cisco router. It shows that a configuration on a Fortigate 0.0.0.0 will establish links to a Cisco router that is configured for zone 0, due to the fact that OSPF sees real value in hexadecimal. 0.0.0.50 converting to 50 NSX area; 10.1.1.1 converts area 167837953.
This blog can explain a bit more: https://mellowd.co.uk/ccie/?p=910
-
When configuring OSPF in DLR configure us the address and Protocol addresses.
This IP address is the same as the address of the DLR VM control management.
Protocol address: 192.168.10.3. This address is assigned to DLR control VM vNIC.
But you have not shown where it has been configured. It is automatically assigned in the DLR VM control or you configure this address manually in control VM.
Answer: In the user interface when you configure this address it automatically send to DLR control VM and the ESXi running of the DLR
during the configuration of interfaces in DLR you must first configure address management for VM control.
Answer: you don't have to configure an ip address any management, that's what I'm trying to explain in my first message, the perfect DLR work without any management ip address.
My question was is this address mgmt control VM as a protocol address
Answer: No, if you have decided to put the management ip address, you have different ip address of the transmission or the Protocol address.
-
NO OSPF routes in the database, but in the Routing Table (read you correct)
Hi all
I have a lab of two roads R1 & R2 (connected with Ethernet link) like:<------------------>R1, R2
I can see, OSPF learned routes are Routing Table, but not in the database (read you right).
How can it be possible? I saw the other direction several times i.e. the routes in the database but not in the routing table (like, VPN L3 remote end when we use the ability VRF-lite, or we try to remove from the interarea road of the LSA, but that is not the concern here)
I captured a few newspapers & running Setup two routers. Please check and let me know what I am doing wrong.
I erased the OSPF neighborship several times but still the same. Tried to bounce e1/1 on R2, but no luck.
R2 #ping 3.3.3.3 lo3 Yes
Type to abort escape sequence.
Send 5, echoes ICMP 100 bytes to 3.3.3.3, time-out is 2 seconds:
Packet sent with the source 2.2.2.2 address
!!!!!
Success rate is 100 per cent (5/5), round-trip min/avg/max = 64/76/108 ms
R2 #.
R1
R1 #.
R1 #show int ip short bones
Interface area PID IP address/mask cost of State Nbrs F/C
Lo0 9.9.0.1/32 LOOP 1 1 0 0/0
Lo3 3.3.3.3/32 LOOP 1 1 0 0/0
Et1/0 1 0 9.9.12.1/24 10 DR 1/1
R1 #.
R1 #.
R1 #show ip ospf da
Router OSPF with ID (9.9.12.1) (process ID 1)
Router link States (zone 0)
Number of links ID ADV router age Seq # Link Checksum
9.9.12.1 9.9.12.1 255 0 x 80000028 0x00BE86 3
9.9.12.2 9.9.12.2 256 0 80000032 0x0067F8 x 2
NET link States (zone 0)
Link ID ADV router age Seq # Checksum
9.9.12.1 9.9.12.1 255 0 x 80000003 0x00BDFC
R1 #.
R1 #.
#show ip route R1 | b door
Gateway of last resort is not set
2.0.0.0/32 is divided into subnets, subnets 1
O 2.2.2.2 [110/11] via 9.9.12.2, 00:04:17, Ethernet1/0
3.0.0.0/32 is divided into subnets, subnets 1
C 3.3.3.3 is directly connected, Loopback3
9.0.0.0/8 is variably divided into subnets, 3 subnets, 2 masks
C 9.9.0.1/32 is directly connected, Loopback0
C 9.9.12.0/24 is directly connected, Ethernet1/0
The 9.9.12.1/32 is directly connected, Ethernet1/0
R1 #.
R1 #.
R1 #show ip os not
Neighbor ID Pri State Dead Time Interface address
9.9.12.2 1 FULL/BDR 9.9.12.2 Ethernet1/0 00:00:36
R1 #.
R1 #.
R1 #show run | s r o
router ospf 1
Log-adjacency-changes
R1 #.
R1 #.
************* R2 ********************
R2 #.
R2 #show int ip short bones
Interface area PID IP address/mask cost of State Nbrs F/C
Lo3 2.2.2.2/32 LOOP 1 1 0 0/0
Et1/1 1 0 10 BDR 1/1 9.9.12.2/24
R2 #.
R2 #.
R2 #show run | router s o
router ospf 1
Log-adjacency-changes
passive-interface Loopback3
2.2.2.2 network 0.0.0.0 area 0
Network 9.9.12.0 0.0.0.255 area 0
R2 #.
R2 #show da os ip
Router OSPF with ID (9.9.12.2) (process ID 1)
Router link States (zone 0)
Number of links ID ADV router age Seq # Link Checksum
9.9.12.1 9.9.12.1 326 0 x 80000028 0x00BE86 3
9.9.12.2 9.9.12.2 325 80000032 0x0067F8 0 x 2
NET link States (zone 0)
Link ID ADV router age Seq # Checksum
9.9.12.1 9.9.12.1 326 0 x 80000003 0x00BDFC
R2 #.
R2 #.
R2 #show ip road | b door
Gateway of last resort is not set
2.0.0.0/32 is divided into subnets, subnets 1
C 2.2.2.2 is directly connected, Loopback3
3.0.0.0/32 is divided into subnets, subnets 1
O 3.3.3.3 [110/11] via 9.9.12.1, 00:05:22, Ethernet1/1
9.0.0.0/8 is variably divided into subnets, 3 subnets, 2 masks
9.9.0.1/32 [110/11] via 9.9.12.1, 00:05:22, Ethernet1/1
C 9.9.12.0/24 is directly connected, Ethernet1/1
The 9.9.12.2/32 is directly connected, Ethernet1/1
R2 #.
R2 #.
R2 #show ip os not------------------>
Neighbor ID Pri State Dead Time Interface address
9.9.12.1 1 FULL/DR 00:00:30 9.9.12.1 Ethernet1/1
R2 #.
R2 #.
Hello
an OSPF router generates only a router-LSA (Type-1) by Area.This router-LSA contains a list with all the links in this area.
You can see your telesignalisations with 'show ip ospf router of database' - 'show ip ospf database' rather an overview:
Router Link States (Area 0)Link ID ADV Router Age Seq# Checksum Link count9.9.12.1 9.9.12.1 326 0x80000028 0x00BE86 3
Router 9.9.12.1 announces a router-LSA for area 0 and the LSA contains 3 links. Apparently, you created the Loopback IPs when adjacency was already formed, if not the router ID would be defined the highest loopback IP (maybe that's the reason for your confusion). HTHRolf -
OSPF in VRF with the same area ID.
Hi all
On a PE MPLS/VPN router, I configured OSPF as the routing PE Protocol / THIS.
I configured several OSPF (one for each VRF) process.
But if I have several customers who use the same ID in OSPF area on the side, can I set up the same area ID for multiple OSPF processes on the side of PE? Of course, all these areas are independent and I don't want to see customer1 routes into the OSPF customer2!
In the following example, I have 2 clients. Each client has 2 sites and has a backbone OSPF area which spreads across 2 sites. For each customer, I want to interconnect its 2 sites and extend the dorsal area OSPF MPLS.
Customer1 OSPF backbone area is different from that of customer2, although the ID is the same...
Here is an example of configuration of the EP:
G0/1 interface
IP vrf forwarding customer1
10.1.1.1 IP address 255.255.255.0
!
G0/2 interface
IP vrf forwarding customer2
10.1.2.1 IP address 255.255.255.0
!
!
router ospf 1 vrf customer1
Network 10.1.1.0 0.0.0.255 area 0
!
router ospf 2 vrf customer2
Network 10.1.2.0 0.0.0.255 area 0
Will not have problems if I use the same area ID here?
Thanks for your help!
Hello Sam,.
You will not face any problem because you have configured cust1 and cust2 under vrf instance in ospf. There will be no
mix with cust1 cust2 roads.
In addition to this, also set up the id of the field (a 32 unique ip address) under process ospf for each customer. The reason why if you configure the ospf process
ID 1 for cust1 at the end and if configure you the process id 2 for the same client on the spread of roads from start to finish B will be considered
inter-area at the B end
router ospf 1 vrf customer1
field id 1.1.1.1 OSPF > keep this even to this vrf on each site
Network 10.1.1.0 0.0.0.255 area 0
Hope this is useful
Concerning
Mahesh
-
Hello
I use a router THAT WAN Cisco ASR1001 connected via BGP AS65075 with our ISP.
This router is connected through OSPF with our Cisco 7206VXR/NPE-G2 firewall.
Topology:
ISP <- bgp="" -="">RT 1001 <- ospf="" -="">FW 7206 <->LAN
On the WAN router, static routes are set to null0 to always announce our class C networks.
Route IP 192.168.10.0 255.255.255.0 Null0 250
...
Network guidelines are placed in our BGP configuration:
router bgp 65075
The log-neighbor BGP-changes
neighbor EBGP-PEER-IPv4-peer group
EBGP-PEER-IPv4 neighbor fall-over bfd
neighbour 192.168.88.138 distance - as 65200
192.168.88.138 a neighbor EBGP peers PEERS-IPv4
192.168.88.138 ISP IPv4 neighbor description
next password 192.168.88.138 7 unknown
!
ipv4 address family
...
network 192.168.10.0
...
a neighbor EBGP-PEER-IPv4 soft-reconfiguration inbound
EBGP-PEER-IPv4 neighbor distribute-list prefix-v4 on
an EBGP-PEER-IPv4 neighbor prefix-maximum 100
neighbor EBGP-PEER-IPv4-1 filter list out
neighbor 192.168.88.138 activate
neighbor 192.168.88.138 filter-list 2
output-address-family
A part of these networs are also learned through OSPF. If these routes are present in the routing table:
RT-01 #sh ro ip 192.168.10.0
Routing for 192.168.10.0/24 entry
Known via "ospf 1", distance 110, metric 20, type extern 2, metric 1 forward
Published by bgp 65075
Last update to 192.168.0.79 on Port - channel1.28, 7w0d there is
Routing descriptor blocks:
* 192.168.0.79, from 192.168.0.71, 7w0d there is, through Port - channel1.28
See metric: 20, number of share of traffic is 1
Because these roads are active in the rounting table. Announcing BGP based on his and attributes "next hop" and "metric" are inherited from OSPF:
RT-01 #sh ip bgp neighbors 192.168.88.138 announced-routes
...
Network Next Hop path metrics LocPrf weight
...
* > 192.168.10.0 192.168.0.79 20 32768 I
...
Is it possible to remove the legacy of OSPF into BGP attributes?
How to set the "next hop" to the value 0.0.0.0 and "metric" to 0?
Thank you
Best regards
Jérôme
Hello Berthier,
NEXT_HOP is a hill & attribute mandatory path including the eBGP value is the IP address of the BGP peer (specified in the neighbor's remote control) where the router learns the prefix. Thus, your peers (eBGP) will still see the IP 192.168.88.138 in your BGP Next Hop as updates. I agree you the output of the command ' sh ip bgp neighbors 192.168.88.138 roads announced "can be confusing, but not worried about it.
Metric 20 is cause of path must be acquired by OSPF. Copy in default atributte MED BGP metric. So I see that you have only a peer is very important change this value because MED is not transitive, if this value is not propagated by other ACE access your provider. Anyway, if you want to change, you must:
1. create a list of prefixes with one or more prefixes that you want to "reset" the MED value:
list of prefixes prefix-to-reset-MED seq 5 permit 192.168.10.0/24
list of prefixes prefix-to-reset-MED seq 10 permit X.X.X
2. create a roadmap
allowed to reset - MED card route 5
match of prefix-to-reset-MED IP prefix-list
the metric value 0
road map provided to zero-MED allowed 10
!
The last road map is necessary to ensure that the rest of the prefixes are sent.
3. apply the road map
a neighbor EBGP-PEER-IPv4-roadmap given to zero-MED on
Concerning
->->-> -
Hi all
I have 2 - E1 links from place A to place b. I am running OSPF in the network.
For both the serial interface, I gave cost ospf as 100.
How can I configure loadbalancing over links series that takes place in OSPF?
Is - is my setup load balancing?
How to verify that OSPF is loadbalancing links?
Hello
You need not specifically configure OSPF to balance the load too long that the two links have the same administrative distance then your peer routers will learn the same routing information from two different IP addresses that are the opposite of your E1 links.
To check if you are balancing you can use 'show ip route '.
The following example uses EIGRP but this will output similar to OSPF with different codes and distance from the admin:
D [90/289536] 192.168.72.0/24 through 10.48.1.2, 1w2d, FastEthernet4/1/1
[90/289536] through 10.48.1.6, 1w2d, FastEthernet0/1/1
You can see that 192.168.72.0/24 is announced two IP addresses.
You can do per package or per destination load balancing, I think that by default on a fast router switching is enabled, which means the load balancing is done by destination. If you want to package you can disable the quick change on the interface in question using "no ip route-cache".
HTH
PJD
-
Passive routes with OSPF on the PIX
Hello
Having just upgraded my PIX to software v8 finally hoping to participate in OSPF on the network.
The PIX have all many DMZ I want to advertise on OSPF to remove a * much * of fragile static routes but of course I would * not * advertise or get OSPF of these demilitarized. I thought I could do these interfaces passive - or better still, question:
router ospf 1
passive-interface defaultAnd then exempt only the internal interface.
However, (unlike IOS) it seems to be without notion of passive in the implementation of OSPF from the PIX - a place where I thought it would be very useful...
How to distribute the these DMZ on OSPF without advertising OSPF in them?
I had planned to use:
redistributed connected subnets
However, which redistributes things like the public interface of the Internet, I don't want to. In addition, even if there is a way to stop there including the public interface, it seems more prone to the error of the user than passive by default with one exception.
Any ideas? If this is not the case, can I restrict the interfaces in connected subnets redrawn?
Thanks for all the ideas!
Hi Peter,.
Thank you, Yes... I was suggesting to remove network dmz under the OSPF process commands. As you said, it used to really do what you want to do with the removal of the static since its disabling ospf for this network.
Start-up eigrp would seem to be a lot of extra work just to eliminate the static if that's what it will be used for, but it would allow you to make the passive interface that would not accomplish snd/RRs eigrp on the specific interface.
I just re-read your first message and I think I understand now what you're after - which goes back to your first survey of redistribution... you can redistribute static electricity and use a road map to control what roads you want to redistribute. You can then remove the networks for the demilitarized zone under router ospf process.
example:
access-list ospfredist standard permit 10.10.10.0 255.255.255.0
access-list ospfredist standard permit 192.168.10.0 255.255.255.0route-map static-ospf
match ip address ospfredistrouter ospf 10
redistribute static subnets route-map static-ospfthis should redistribute only the statics that you listed above.
hope this helps a bit.
-scott
-
I have a problem with rountig OSPF on the routers configured in the hub-and-spoke topology.
One question is on a course that OSPF don't advertise hub to rays.
Created on a hub, router subnets are not seen on the rays, but new added subnet on talk appears in the table of routing hub.
The addition of broadcast command network ip ospf on a virtual-template interface hub causes OSPF adjacency downstairs.
Also, EIGRP works very well.
A that someone has experienced this problem with OSPF.
Please, look at a few config below;
-----------------------HUB-------------------------------
IKEv2 crypto by default authorization policy
Road enabled interface
!
Crypto ikev2 proposal ikev2_prop
encryption aes-cbc-256
integrity sha512
Group 16
!
IKEv2 crypto policy ikev2_policy
proposal ikev2_prop
!
Crypto ikev2 keyring Flex_key
Rays peer
address 192.168.50.197
pre-shared key local 12345
pre-shared key remote 12345
!
peer RTB
address 192.168.50.199
pre-shared key local 12345
pre-shared key remote 12345
!
Profile of ikev2 crypto Flex_IKEv2
match one address remote identity 192.168.50.197 255.255.255.255
match one address remote identity 192.168.50.199 255.255.255.255
sharing front of remote authentication
sharing of local meadow of authentication
local Flex_key keychain
virtual-model 1
!
no default isakmp crypto policy
!
Crypto ipsec transform-set esp - aes 256 esp-sha512-hmac ipsec_trans
tunnel mode
!
by default the crypto ipsec profile
Set transform-set ipsec_trans
Flex_IKEv2 Set ikev2-profile
!
interface Loopback1
address 172.16.10.1 IP 255.255.255.0
IP ospf 10 area 0
!
interface Loopback10
10.1.1.1 IP address 255.255.255.0
IP ospf 10 area 0
!
interface Loopback50
IP 50.1.1.1 255.255.255.0
IP 10 50 ospf area
!
the Embedded-Service-Engine0/0 interface
no ip address
!
interface GigabitEthernet0/1
bandwidth 100000
IP 192.168.50.198 255.255.255.0
automatic duplex
automatic speed
!
type of interface virtual-Template1 tunnel
IP unnumbered Loopback1
IP 1400 MTU
IP tcp adjust-mss 1360
source of tunnel GigabitEthernet0/1
ipv4 ipsec tunnel mode
tunnel path-mtu-discovery
tunnel protection ipsec default profile
!
router ospf 10
redistribute connected subnets
Network 10.1.1.0 0.0.0.255 area 0
SH cryp ike his
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf status
1 192.168.50.198/500 192.168.50.197/500 no/no LOAN
BA: AES - CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth check: PSK
Duration of life/active: 86400/77565 sec
Tunnel-id Local Remote fvrf/ivrf status
2 192.168.50.198/500 192.168.50.199/500 no/no LOAN
BA: AES - CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth check: PSK
Duration of life/active: 86400/77542 sec
IPv6 Crypto IKEv2 SA
SH ip rou
S * 0.0.0.0/0 [1/0] via 192.168.50.1
10.0.0.0/8 is variably divided into subnets, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback10
L 10.1.1.1/32 is directly connected, Loopback10
50.0.0.0/8 is variably divided into subnets, 2 subnets, 2 masks
C 50.1.1.0/24 is directly connected, Loopback50
L 50.1.1.1/32 is directly connected, Loopback50
100.0.0.0/32 is divided into subnets, subnets 1
AI 100.1.1.1 [110/2] via 172.16.10.254, 21:32:58, Virtual Network1
172.16.0.0/16 is variably divided into subnets, 2 subnets, 2 masks
172.16.10.0/24 C is directly connected, Loopback1
L 172.16.10.1/32 is directly connected, Loopback1
192.168.50.0/24 is variably divided into subnets, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, GigabitEthernet0/1
The 192.168.50.198/32 is directly connected, GigabitEthernet0/1
200.1.1.0/32 is divided into subnets, subnets 1
AI 200.1.1.1 [110/2] via 172.16.10.253, 21:32:38, Access2-virtual
201.1.1.0/32 is divided into subnets, subnets 1
AI 201.1.1.1 [110/2] via 172.16.10.253, 21:32:38, Access2-virtual
220.1.1.0/32 is divided into subnets, subnets 1
AI 220.1.1.1 [110/2] via 172.16.10.253, 00:06:11, Access2-virtual
---------------------------SPOKE---------------------------------------------
Crypto ikev2 proposal ikev2_prop
encryption aes-cbc-256
integrity sha512
Group 16
!
IKEv2 crypto policy ikev2_policy
proposal ikev2_prop
!
Crypto ikev2 keyring Flex_key
Rays peer
address 192.168.50.198
pre-shared key local 12345
pre-shared key remote 12345
!
Profile of ikev2 crypto Flex_IKEv2
match one address remote identity 192.168.50.198 255.255.255.0
sharing front of remote authentication
sharing of local meadow of authentication
local Flex_key keychain
virtual-model 1
!
no default isakmp crypto policy
!
!
Crypto ipsec transform-set esp - aes 256 esp-sha512-hmac ipsec_trans
tunnel mode
!
by default the crypto ipsec profile
Set transform-set ipsec_trans
Flex_IKEv2 Set ikev2-profile
!
interface Loopback200
200.1.1.1 IP address 255.255.255.0
IP ospf 10 200 area
!
interface Loopback201
IP 201.1.1.1 255.255.255.0
IP ospf 10 201 area
!
interface Loopback220
IP 220.1.1.1 255.255.255.0
IP ospf 10 220 area
!
Tunnel1 interface
IP 172.16.10.253 255.255.255.0
IP 1400 MTU
IP tcp adjust-mss 1360
source of tunnel GigabitEthernet0/1
ipv4 ipsec tunnel mode
tunnel destination 192.168.50.198
tunnel path-mtu-discovery
tunnel protection ipsec shared default profile
!
interface GigabitEthernet0/1
IP 192.168.50.199 255.255.255.0
automatic duplex
automatic speed
!
router ospf 10
network 172.16.10.0 0.0.0.255 area 0
SH cryp ike his
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf status
1 192.168.50.199/500 192.168.50.198/500 no/no LOAN
BA: AES - CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth check: PSK
Duration of life/active: 77852/86400 sec
IPv6 Crypto IKEv2 SA
SH ip route
S * 0.0.0.0/0 [1/0] via 192.168.50.1
172.16.0.0/16 is variably divided into subnets, 2 subnets, 2 masks
172.16.10.0/24 C is directly connected, Tunnel1
L 172.16.10.253/32 is directly connected, Tunnel1
192.168.50.0/24 is variably divided into subnets, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, GigabitEthernet0/1
The 192.168.50.199/32 is directly connected, GigabitEthernet0/1
200.1.1.0/24 is variably divided into subnets, 2 subnets, 2 masks
C 200.1.1.0/24 is directly connected, Loopback200
L 200.1.1.1/32 is directly connected, Loopback200
201.1.1.0/24 is variably divided into subnets, 2 subnets, 2 masks
C 201.1.1.0/24 is directly connected, Loopback201
L 201.1.1.1/32 is directly connected, Loopback201
220.1.1.0/24 is variably divided into subnets, 2 subnets, 2 masks
C 220.1.1.0/24 is directly connected, Loopback220
L 220.1.1.1/32 is directly connected, Loopback220
SH ip ospf database ro 172.16.10.1
Router OSPF with ID (200.1.1.1) (the process ID of 10)
Router link States (zone 0)
ADV router is accessible via is not in the Base with MTID topology 0
LS age: 336
Options: (no TOS-capability, DC)
LS type: Router links
Link state ID: 172.16.10.1
Advertising router: 172.16.10.1
LS number of Seq: 80000065
Checksum: 0x4B6E
Length: 60
Area border router
ROUTER limits
Number of links: 3
Link to: a Stub network
(Link ID) Network/subnet number: 10.1.1.1
(Data link) Network mask: 255.255.255.255
Number of parameters MTID: 0
TOS 0 metric: 1
Link to: another router (point to point)
(Link ID) Neighbors router ID: 100.1.1.1
(Data link) Address of the router Interface: 0.0.0.18
Number of parameters MTID: 0
TOS 0 metric: 1
Link to: another router (point to point)
(Link ID) The router ID neighbors: 200.1.1.1
(Data link) Address of the router Interface: 0.0.0.17
Number of parameters MTID: 0
TOS 0 metric: 1
Kamil,
A tunnel in this deployment (and VT / going also) is an interface point to point, there is really no good reason to keep anything other than 32 (I might not be aware of some subtleties in more complex deployment).
'Set interface route' is your greatest friend ;-)
M.
-
CISCO 3750: OSPF interface IP unnumbered
Hi Expert,
This is the first time that I'm working on OSPF and IP Unnumbered interfaces.
My task is to adjacencies OSPF put forward two switches CISCO 3750 connected back-to-back by IP of interfaces not numbered. I use the loopback interface to borrow the IP addresses for the interfaces not numbered on both CISCO switches. After trying so many times, OSPF is not at all to come through Unnumbered interfaces but when tried with numbered interface was fine.
I'm pasting here complete running-config. Please help me to solve the problem:
Here is the brief info put in place:
R1(Gi1/0/19) - R (article gi1/0/19)
Swicth R1:
===========
Current configuration: 2129 bytes
!
version 12.2
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
no password encryption service
!
Switch host name
!
boot-start-marker
boot-end-marker
!
!
No aaa new-model
1 supply ws-c3750g-24ts-1u switch
mtu 1500 routing system
IP subnet zero
IP routing
!
!
!
!
!
!
!
!
!
!
pvst spanning-tree mode
spanning tree extend id-system
!
internal allocation policy of VLAN ascendant
!
!
!
!
interface Loopback1
IP 10.10.10.10 address 255.255.255.0
!
GigabitEthernet1/0/1 interface
Shutdown
!
interface GigabitEthernet1/0/2
Shutdown
!
interface GigabitEthernet1/0/3
Shutdown
!
interface GigabitEthernet1/0/4
Shutdown
!
interface GigabitEthernet1/0/5
Shutdown
!
interface GigabitEthernet1/0/6
Shutdown
!
interface GigabitEthernet1/0/7
Shutdown
!
interface GigabitEthernet1/0/8
Shutdown
!
interface GigabitEthernet1/0/9
Shutdown
!
interface GigabitEthernet1/0/10
Shutdown
!
interface GigabitEthernet1/0/11
Shutdown
!
interface GigabitEthernet1/0/12
Shutdown
!
interface GigabitEthernet1/0/13
Shutdown
!
interface GigabitEthernet1/0/14
Shutdown
!
interface GigabitEthernet1/0/15
Shutdown
!
interface GigabitEthernet1/0/16
Shutdown
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
Shutdown
!
interface GigabitEthernet1/0/19
No switchport
IP unnumbered Loopback1
IP ospf network point
!
interface GigabitEthernet1/0/20
Shutdown
!
interface GigabitEthernet1/0/21
Shutdown
!
interface GigabitEthernet1/0/22
Shutdown
!
interface GigabitEthernet1/0/23
Shutdown
!
interface GigabitEthernet1/0/24
Shutdown
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
no ip address
Shutdown
!
router ospf 100
router ID - 100.100.100.100
Log-adjacency-changes
Network 10.10.10.0 0.0.0.255 area 0
!
IP classless
IP route 20.20.20.20 255.255.255.255 GigabitEthernet1/0/19
IP http server
IP http secure server
!
!
!
control plan
!
!
Line con 0
line vty 5 15
!
!
control the source session interface 1 item in gi1/0/19
control interface of destination session 1 item in gi1/0/17
end
===
The #show switch ip interface brief | include the
The #show switch ip interface brief | include the
GigabitEthernet1/0/17 no undefined upward down YES
GigabitEthernet1/0/19 10.10.10.10 YES manual up up
Loopback1 10.10.10.10 YES manual up up
==================================================
Switch R2:
==================
Switch #sho run
Switch #sho running-config
Building configuration...
Current configuration: 2079 bytes
!
version 12.2
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
no password encryption service
!
Switch host name
!
boot-start-marker
boot-end-marker
!
!
!
!
No aaa new-model
switch 1 supply ws-c3750g-24 t
mtu 1500 routing system
allow authentication mac-move
IP subnet zero
IP routing
!
!
!
!
!
!
!
!
pvst spanning-tree mode
spanning tree etherchannel guard misconfig
spanning tree extend id-system
!
internal allocation policy of VLAN ascendant
!
!
!
!
interface Loopback1
IP 20.20.20.20 255.255.255.0
!
GigabitEthernet1/0/1 interface
Shutdown
!
interface GigabitEthernet1/0/2
Shutdown
!
interface GigabitEthernet1/0/3
Shutdown
!
interface GigabitEthernet1/0/4
Shutdown
!
interface GigabitEthernet1/0/5
Shutdown
!
interface GigabitEthernet1/0/6
Shutdown
!
interface GigabitEthernet1/0/7
Shutdown
!
interface GigabitEthernet1/0/8
Shutdown
!
interface GigabitEthernet1/0/9
Shutdown
!
interface GigabitEthernet1/0/10
Shutdown
!
interface GigabitEthernet1/0/11
Shutdown
!
interface GigabitEthernet1/0/12
Shutdown
!
interface GigabitEthernet1/0/13
Shutdown
!
interface GigabitEthernet1/0/14
Shutdown
!
interface GigabitEthernet1/0/15
Shutdown
!
interface GigabitEthernet1/0/16
Shutdown
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
Shutdown
!
interface GigabitEthernet1/0/19
No switchport
IP unnumbered Loopback1
IP ospf network point
!
interface GigabitEthernet1/0/20
Shutdown
!
interface GigabitEthernet1/0/21
Shutdown
!
interface GigabitEthernet1/0/22
Shutdown
!
interface GigabitEthernet1/0/23
Shutdown
!
interface GigabitEthernet1/0/24
Shutdown
!
interface Vlan1
no ip address
Shutdown
!
router ospf 100
router ID - 200.200.200.200
Log-adjacency-changes
network 20.20.20.0 0.0.0.255 area 0
!
IP classless
Route IP 10.10.10.10 255.255.255.255 GigabitEthernet1/0/19
IP http server
IP http secure server
!
!
activate the IP sla response alerts
!
!
!
Line con 0
line vty 5 15
!
!
control the source session interface 1 item in gi1/0/19
control interface of destination session 1 item in gi1/0/17
end
====================
The #sho switch ip interface brief | include the
GigabitEthernet1/0/17 no undefined upward down YES
20.20.20.20 GigabitEthernet1/0/19 YES manual up up
Loopback1 20.20.20.20 YES manual up up
====================================
Thank you very much in advance for your answer!
Kind regards
Aerts
Hi AEK.
the IP unnumbered command does not work on multiaccess-interfaces such as Ethernet (even when you set it up as a point-to-point OSPF):
Understand and configure the IP without order number
Cisco IOS IP Addressing Services Command Reference #ip unnumberd
HTH
Rolf
[EDIT]:
... apparently, with the exception of high range as the 6 k platforms:
Order history
(...)
12.2 (18) SXF: this command has been modified to support the physical Ethernet interfaces and switched virtual interfaces (LASS).
-
Hi, I'm studying for my CCNA exam and using tracers package I designed a network such as configured below. OSPF works well sense that I can ping all devices from any network. However, if I remove a serial interface in any router, there is no failover (redundancy) which means I can't ping all devices more. OSPF does not redundancy? My setup is false? Help, please. Thank you
Anil
Trinidad and TobagoROUTER1
interface GigabitEthernet0/1
IP 192.168.1.1 255.255.255.0
automatic duplex
automatic speed
!
interface GigabitEthernet0/2
no ip address
automatic duplex
automatic speed
Shutdown
!
interface Serial0/0/0
10.1.3.2 IP address 255.255.255.0
!
interface Serial0/0/1
10.1.1.1 IP address 255.255.255.0
!
interface Vlan1
no ip address
Shutdown
!
router ospf 1
Log-adjacency-changes
network 192.168.1.1 0.0.0.0 area 1
10.1.1.1 to network 0.0.0.0 area 1
10.1.3.4 network 0.0.0.0 area 1ROUTER2
interface GigabitEthernet0/1
10.1.4.1 IP address 255.255.255.0
automatic duplex
automatic speed
!
interface GigabitEthernet0/2
no ip address
automatic duplex
automatic speed
Shutdown
!
interface Serial0/0/0
10.1.3.1 IP address 255.255.255.0
!
interface Serial0/0/1
10.1.2.2 IP address 255.255.255.0
!
interface Vlan1
no ip address
Shutdown
!
router ospf 1
Log-adjacency-changes
10.1.4.1 network 0.0.0.0 area 1
10.1.3.1 network 0.0.0.0 area 1
10.1.2.2 network 0.0.0.0 area 1Router3
interface GigabitEthernet0/1
IP 172.16.110.1 255.255.255.0
automatic duplex
automatic speed
!
interface GigabitEthernet0/2
no ip address
automatic duplex
automatic speed
Shutdown
!
interface Serial0/0/0
IP 10.1.1.2 255.255.255.0
!
interface Serial0/0/1
10.1.2.1 IP address 255.255.255.0
!
interface Vlan1
no ip address
Shutdown
!
router ospf 1
Log-adjacency-changes
network 172.16.110.1 0.0.0.0 area 1
Network 10.1.1.2 0.0.0.0 area 1
10.1.2.1 network 0.0.0.0 area 1Hello
On Router 1 to correct the network return 10.1.3.4 0.0.0.0 area 1 network 10.1.3.2 0.0.0.0 area 1.
Cordially. Aref.
-
Hello
I hope that someone knows better than me:
Sometimes I address of 'bad' on the NVI0 Interface. I use the 'old' Setup nat with nat inside and outside. Sometimes the address of the NVI is that of a local loop (then everything works, as ospf between two routers) and the next router has the address of the external interface on the NVI. How that decision is made?
----------------------------------------
NVI0 is up, line protocol is up
The interface is unnumbered. Using the address of Loopback10 (10.51.2.10)
Broadcast address is 255.255.255.255
MTU is 1 514 bytes
Support address is not set
Transfer of directed broadcast is disabled
Multicast reserved joined groups: 224.0.0.5
Outgoing access list is not defined
Inbound access list is not defined
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachable is always sent
Mask the ICMP responses are never sent
IP fast switching is disabled
Fast on the same switching interface IP is disabled
IP stream switching is disabled
IP CEF switching is disabled
Turbo IP vector draw
Quick change IP multicast is enabled
Fast switching of distributed IP multicast is disabled
Flags of IP route cache is fast, CEF
Router discovery is disabled
Output IP packet accounting is disabled
Accounting of IP access violation is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP policy mapping is disabled
WCCP redirect outgoing is disabled
WCCP redirect incoming is disabled
WCCP redirect exclude is disabled
----------------------------------------
NVI0 is up, line protocol is up
The interface is unnumbered. Using FastEthernet0/0 address (87.193. *. *)
Broadcast address is 255.255.255.255
MTU is 1 514 bytes
Support address is not set
Transfer of directed broadcast is disabled
Outgoing access list is not defined
Inbound access list is not defined
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachable is always sent
Mask the ICMP responses are never sent
IP fast switching is disabled
Fast on the same switching interface IP is disabled
IP stream switching is disabled
IP CEF switching is disabled
Turbo IP vector draw
Quick change IP multicast is enabled
Fast switching of distributed IP multicast is disabled
Flags of IP route cache is fast, CEF
Router discovery is disabled
Output IP packet accounting is disabled
Accounting of IP access violation is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP policy mapping is disabled
WCCP redirect outgoing is disabled
WCCP redirect incoming is disabled
WCCP redirect exclude is disabled
--------------------------------------
Thanks in advance
NVI is a new feature in IOS 12.3 and later versions.
It is activated using 'ip nat enable' on interfaces and we do not 'ip nat inside' or 'ip nat outside '.
If you want to understand how translation and routing differs verifying implementation following the link:
http://blog.internetworkexpert.com/2008/02/15/the-inside-and-outside-of-NAT/
-
Hello
I have set up a LAB and try to apply a tag set and match tag for the prevention of the loop.
I used R1, R2, R3 BGP and OSPF R3 - R5 now I want to put the tag on the side of R2 to OSPF so that I can match and denied him on the side of R3, R2 - R4!
I have attached my lab with this post.
I'm sticking R2 and R3 config here:
R2:
router ospf 1
Log-adjacency-changes
redistribute bgp 200 subnets
network 192.168.1.0 0.0.0.255 area 1
!
router bgp 200
no synchronization
The log-neighbor BGP-changes
network 200.200.200.0
redistribute ospf 1 match external internal 1 external TAG route-map 2
neighbour 200.200.200.1 distance-100
No Auto-resume
!
no ip address of the http server
no ip http secure server
!
!
!
!
route TAG allowed 10 map
the tag 50 value
!
!
!
R3:::::::::
router ospf 1
Log-adjacency-changes
redistribute bgp 300 subnets tag route-map
network 192.168.2.0 0.0.0.255 area 1
Distribute-list route map TAG in
!
router bgp 300
no synchronization
The log-neighbor BGP-changes
network 200.200.201.0
redistribute ospf 1 match external internal 1 external 2
neighbour 200.200.201.1 distance-100
No Auto-resume
!
no ip address of the http server
no ip http secure server
!
!
!
!
route TAG map deny 10
game tag 50
!
allowed TAG 20 route map
!
My problem is why R2 of OSPF not slaughter to R3 where I used the tag match?
Thank you
Anand,
The technique of the distribution list can be very difficult to maintain in a network of real life that the list should be changed every time a new prefix is added somewhere in the network. The technique of the Roadmap (tag match / per set) is really easy to maintain.
Concerning
-
Bad VPN ASA injection road on OSPF when using remote access
Has anyone ever seen the ASA by inserting a bad road in a connection that has been set up with it? I'll explain more below:
I'm using a reverse road Injection. When access remotely with IPSEC (CLIENT) connects to the camera ASA, ASA create a static route to the remote access to the closest router for the SAA to come to this remote access. This itinerary is distributed on OSPF. OK, it may be a normal situation. But, the problem is when I ask another participant of this OSPF area, which is the road to this remote access (CLIENT), the answer is the router closer to the ASA and don't have to ASA. Does anyone have a solution for this? I tried to create a roadmap but that you did not.
If I understand your question, my question for you is whether the OSPF route to the remote VPN client is source by ASA or another device?
Is the IP address in the space I wrote ASA_ROUTER_ID ASA router ID or it is the router from another device ID? What I've listed below are an example of the output of "show ip route. The value in bold must be ASA router ID, if she is from the road to the VPN client. Other OSPF routers will forward packets destined to VPN to ASA client.
#sh ip route 1.1.1.0
Routing for 1.1.1.0/24 entry
Known through the "ospf 1", metric 110, distance 310, type intra zone
Last updated on GigabitEthernet0 1.2.2.2, 2w there
Routing descriptor blocks:
* 1.2.2.2, ASA_ROUTER_ID, there is, through GigabitEthernet0 2w
Path metric is 310, number of shares of traffic 1 -
PIX OSPF question load balancing
I have a pix 515e with two default routes, via OSPF from two routers on the "outside" interface
Route #2 is currently being preferred spending much more than the #1 router. There are thousands of destinations for traffic. These two routers are still NAT nat rfc1918 IP Internet (the pix doesn't nat)
Can you get it someone please let me know how the PIX is load balancing? is it by destination IP address? is it something else?
Thank you
Joe
TAC:
"the PIX will be per destination load balancing instead of by package
load balancing. The algorithm will look at the source and destination
addresses. It is not 1:1 load balancing. Given quite different
the source address and destination, the packets will reach more or less one
spindle of 50-50 between the two next-hops. However, in the real world test
with the same source and destination addresses, it may not reach the same
load balancing. »
Maybe you are looking for
-
Ignore the scale of the windows fonts
Often enough, develop you on a computer with X % police scaled, but deploy on a computer with scaling of Y % police and it just looks like crap. Is it possible to ignore this scaling for fonts have their planned sizes? /Y
-
Boot from the cd/dvd internal
Hello, I have a hp d035-dx that will not boot from cd/dvd drive. Please advice. The startup option, there is no option to boot from the cd/dvd drive
-
No etters when I hit the kes
-
You can save a file to an ISO in Windows XP SP3?
do I need a software to save a file as a .iso or is there a way I can do this in windows xp sp 3?
-
Windows 7/SBS 2003 network complicated by Verizon router problem
I posted here ( http://answers.microsoft.com/en-us/windows/forum/windows_7-networking/windows-7-suddenly-wont-talk-to-sbs-2003-server/e8116774-6b4f-44d3-91cf-b10df236805a?tm=1405553282721 ) and at TechNet ( http://social.technet.microsoft.com/Forums/