Question

Checkpoint OSPF Routing

Asked by: skywalker101

I have a Checkpoint Firewall and I need to configure OSPF Routing to L3 Cisco Switches in another site which are connected by 2 LES Circuits by 2 differnet provider, the 2nd circuit is resilency only.  If one circuit fails the traffic will route via the 2nd circuit.

Cisco L3 Switch is configured to use routed ports on the LES (Circuit Primary) 10.15.10.10 and 10.15.10.11 (Seconday Les Circuit)

Currently there are static routes configured on the Checkpoint firewall to the next hop addresses of the Cisco Switches of 10.15.10.10 (primary LES)

CP static Routes 10.15.1.0/24 next hop 10.15.10.10
                            10.15.1.2/24 next hop 10.15.10.10
                            10.15.1.6/24 next hop 10.15.10.10

 I have OSPF working between the 2 sites, by using interfaces that are directly connected to the Checkpoint.

Checkpoint Interfaces 10.15.10.100 (Primary Les Circuit)
                                   10.15.11.100 (Secondary Les Circuit)

Switch configuration

 network 10.15.10.0 0.0.0.255 area 0
network 10.15.11.0 0.0.0.255 area 0

Any idea on how to implement ths solution.  do I need to redistruute static into OSPF and increase the priorty on the static higher than 110 ?

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-09-09 at 05:48:43ID24717887
Topics

Network Design & Methodology

,

Network Routers

Participating Experts
2
Points
500
Comments
77

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. OSPF configuration
    Hi, I have 2 routers with connections to the same ISP which handle the same range of IP addresses (NON-BGP). behind these i have a pair of Nokia IP350 firewalls. All units are capable of OSPF. I would like to run OSPF between these 4 machines to select the best route out of ...
  2. OSPF
    Dear Sirs, Kindly answer me the following 1) Can we trace the Telnet attempt to a Router ? From which IP e.t.c 2) Could you please explain me the difference between this (110/20, 110/74, 110/66) in the given IP route. ? How do we select the Areas in OSPF routing ? is t...
  3. MPLS and OSPF
    I'm setting up a network over two sites linked primarily by a LES circuit and as a backup a MPLS VPN link. I want to setup an OSPF area for the two sites as there are numerous vlans etc, this is all straight forward with the LES link but i've been informed by the MPLS service...
  4. OSPF Routing
    I am looking to implement OSPF routing on Cisco L3 Switches and Checkpoint NGX R65, I have 2 sites connected via Les Circuit. The idea is to have the routes redistrubite into OSPF to provide resiliency if the link fails it will use the secondary Les circuit. 1. 2 site...
  5. Cisco OSPF Default Route
    Hi, I want configuring a network with OSPF across 2 Les Circuits. I am trying to build in as much redundancy as possible if one circuit fails it will route traffic down the 2nd circuit In site A Cisco Layer 3 switch connected to both Les circuits Site B Nokia/Checkpoint (s...
  6. OSPF Routes
    Hi, I have a Checkpoint firewall, which out of the box supports OSPF and a pair of Cisco L3 switches and I want to implement OSPF for redunancy. I Have 2 sites connected by a LES Circuit, with a 2nd Les Circuit for redunancy which will failover when the primary circuit fail...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: donjohnstonPosted on 2009-09-09 at 06:54:32ID: 25291291

I don't think I follow what you want.

If you've got OSPF running between the CP firewall and the Cisco switches. Why do you want the static routes?

 

by: skywalker101Posted on 2009-09-09 at 07:04:49ID: 25291396


I have static routes configured, and now I want to implement OSPF Routing over the LES Circuits.  The LES Circuit have been recently installed, and I now need to route traffic over the circuits

 

by: donjohnstonPosted on 2009-09-09 at 07:06:33ID: 25291415

So do you want to know how to configure OSPF? On the firewall or the switches?

 

by: skywalker101Posted on 2009-09-09 at 07:12:46ID: 25291477

I have OSPF configured on both Firewall and Switches and have formed neighbour relationships.

I need to able to advertise the static routes on the firewall to the switches, If I do not need static routes how will be able to advertise the routes in OSPF as these networks are not directly connected on the firewall.

i.e. Firewall Static Route 10.15.1.0/24 10.15.10.10 (Switch nest hop)

The 10.15.1.0 network is located of the Cisco switch, On the firewall I am able to advertise directly connected networks.

 

by: donjohnstonPosted on 2009-09-09 at 07:18:36ID: 25291531

>I need to able to advertise the static routes on the firewall to the switches,
>The 10.15.1.0 network is located of the Cisco switch,

If the network is connected to the cisco switch, why does the firewall need to advertise it to the cisco switch???

I must be missing something...



 

by: rochey2009Posted on 2009-09-09 at 07:33:58ID: 25291694

so you've formed an OSPF adjacency between 1 or 2 Layer 3 switches?. Where in relation to the firewall are the routes that you want to redistribute?

 

by: skywalker101Posted on 2009-09-09 at 10:26:02ID: 25293548

I have formed adjacency between 1 layer 3 switch and the firewall. The routes I want to redistribute are hanging off the layer 3 switches.

Currently on the firewall they are configured as static routes and I want to provide resilency for the les circuit.

Don,
this is might be a mis-configurtion on my behalf, although I was under the impression that you could only advertise directly connected network or static routes within ospf

 

by: rochey2009Posted on 2009-09-09 at 11:02:01ID: 25293918

please can you post you layer switch config.

 

by: donjohnstonPosted on 2009-09-09 at 11:04:13ID: 25293929

>The routes I want to redistribute are hanging off the layer 3 switches.

If the networks are connected to the switch, you can either add a network statement for those networks, or you can redistribute them as connected.

Personally, I would add a network statement.

 

by: rochey2009Posted on 2009-09-09 at 11:19:14ID: 25294061

I agree with donjohnston. You could also make them OSPF passive-interfaces.

 

by: skywalker101Posted on 2009-09-09 at 11:20:22ID: 25294070

Don,

L3 SW ------------------------------------ FW

The Firewall and the switch are on 2 differenet sites seprated by the LES Circuit, I want to advertise the route from the firewall not switch, I want the LES Circuit to failover if either les circuit is unavailable.

THe network statement can explain what do I need to advertise

 

by: rochey2009Posted on 2009-09-09 at 11:34:58ID: 25294201

please can you do

show ip ospf ne

from the L3 switch

can you also do

show ip int brief

 

by: donjohnstonPosted on 2009-09-09 at 11:47:16ID: 25294301

>The Firewall and the switch are on 2 differenet sites seprated by the LES Circuit,

Doesn't matter.

>I want to advertise the route from the firewall not switch,

Right. But why have the FW advertise a static route? It's so much easier to let the FW learn the route through OSPF.

>I want the LES Circuit to failover if either les circuit is unavailable.

And it will... If you let the FW learn about the router through OSPF. Otherwise you have to implement SLA.

 

by: skywalker101Posted on 2009-09-10 at 04:35:10ID: 25299155

I have advertised connected networks via the switch by using the following commands.

The routes are not being advertised on the firewall, the only networks that it see are the LES link of 10.15.10.0 and 10.15.11.0

Router ospf 1
net 10.15.1.0  0.0.0.255 area 0
net 10.15.5.0  0.0.0.255 area 0
net 10.15.6.0  0.0.0.255 area 0

 

by: donjohnstonPosted on 2009-09-10 at 04:51:11ID: 25299242

Then it seems that an adjacency is not being formed. Please post the output of a "show ip ospf neigh" on the switches and the equivalent on the FW.  

Also, it would help if we could see the interface config and the OSPF config on the switches and FW.

 

by: skywalker101Posted on 2009-09-10 at 05:27:17ID: 25299460

Don,

The adjacency seems to be OK, I have attached the config.

 

by: rochey2009Posted on 2009-09-10 at 05:42:34ID: 25299554

please can you post the routing table for the firewall.

 

by: skywalker101Posted on 2009-09-10 at 06:47:10ID: 25300125

I have attached the routing table

 

by: donjohnstonPosted on 2009-09-10 at 07:00:12ID: 25300270

It's the 10.15.1.0/24 network that you want the switches to advertise to the FW, right?

If so, you'll need a network statement on the switches.

network 10.15.1.0 0.0.0.255 area 0

And you've got a static route on the FW for the 10.15.1.0 network. Static routes are preferred by default. If you want to see the OSPF route, you'll need to either delete the static route or raise it's administrative distance (AD) to be greater than the OSPF AD on the FW.

 

by: skywalker101Posted on 2009-09-10 at 07:06:38ID: 25300339

Don,

I have about 10 networks I wnat the switch to advertise and yes 10.15.1.0/24 is one of the net. I had added the static route back in to the firewall as once I removed the route, the packets were dropped.

The networks I advertised are below

net 10.15.1.0  0.0.0.255 area 0
net 10.15.5.0  0.0.0.255 area 0
net 10.15.6.0  0.0.0.255 area 0

 

by: donjohnstonPosted on 2009-09-10 at 07:12:40ID: 25300401

The reason the packets were dropped is switch wasn't advertising the networks.

Assuming the 1.0, 5.0 and 6.0 networks are connected to the switches, you'll need OSPF network statements for those networks in your config (or redistribute the connected networks into OSPF).


 

by: skywalker101Posted on 2009-09-10 at 07:18:43ID: 25300470

Don,

I had network statement on the switch 5.0 and 6.0 as below, is this correct network statement on the switch ?

net 10.15.5.0  0.0.0.255 area 0
net 10.15.6.0  0.0.0.255 area 0


 

by: donjohnstonPosted on 2009-09-10 at 07:22:15ID: 25300505

For the 5.0 and 6.0 networks, yes. But 1.0 is missing.

Can you post the routing table of the switch please?

 

by: skywalker101Posted on 2009-09-10 at 07:36:42ID: 25300658

Hi Don,

I have posted the switched routing table

 

by: donjohnstonPosted on 2009-09-10 at 07:42:24ID: 25300709

Good.

Make sure you have network statements for the networks you want advertised (1.0, 5.0 and 6.0).

Then either delete the static routes from the FW or raise their ADs.

 

by: rochey2009Posted on 2009-09-10 at 07:43:18ID: 25300716

can you post

show ip ospf database router


from the switch.

 

by: skywalker101Posted on 2009-09-10 at 08:00:05ID: 25300887

OK I added the network statement on the switch 10.15.1.0 0.0.0.255 area 0
Still not working I ran a ping from box on the 10.15.1.x subnet and once I remove the static route from the firewall the ping failed

 

by: donjohnstonPosted on 2009-09-10 at 08:05:21ID: 25300960

Please post the config of the switch.

 

by: skywalker101Posted on 2009-09-10 at 08:06:02ID: 25300966

Here you go!

show ip ospf database router

 

by: skywalker101Posted on 2009-09-10 at 08:16:08ID: 25301081

Here you go!

 

by: donjohnstonPosted on 2009-09-10 at 08:36:46ID: 25301265

Can you post the OSPF database from the FW?

Also, what IP address are you pinging and what IP address are you sending the ping from?

 

by: rochey2009Posted on 2009-09-10 at 08:55:41ID: 25301479

http://www.techsneeze.com/ospf-issue-nokia-checkpoint-cisco-12-3

It maybe a compatibility problem

try the following on the cisco switch

router ospf 1
 no capability lls

 

by: skywalker101Posted on 2009-09-10 at 09:53:48ID: 25302067

Bud I try that command still not working, although the Cisco and Checkpoint can form adjacency, just not advertising the networks to the Nokia

 

by: rochey2009Posted on 2009-09-10 at 10:07:15ID: 25302208

did you reset the ospf adjacencies?

 

by: skywalker101Posted on 2009-09-10 at 10:12:59ID: 25302249

yea I use the command clear ip opsf process, on the nokia i am only seeing 4 net. regardless of how many net statement i advertise on the cisco sw

 

by: rochey2009Posted on 2009-09-10 at 10:15:08ID: 25302272

On cisco, you can do "show ip ospf database router"

Can you do an equivalent command on the Nokia and post the output.

Thanks.

 

by: donjohnstonPosted on 2009-09-10 at 10:21:46ID: 25302343

Wait a minute...

"on the nokia i am only seeing 4 net."

What Nokia??? I thought we were dealing with a CheckPoint Firewall and a Cisco Switch.

 

by: skywalker101Posted on 2009-09-10 at 10:24:46ID: 25302366

OK, Nokia is the platform with uderlying OS which controls the routing, interfaces etc.. Checkpoint is on top of Nokia which with the firewall rules

 

by: skywalker101Posted on 2009-09-10 at 10:28:34ID: 25302409

rochey2009,

sh ip ospf database router

 

by: donjohnstonPosted on 2009-09-10 at 10:29:25ID: 25302414

So you don't have a CheckPoint Firewall appliance? You're running CheckPoint software on a Nokia box?

 

by: skywalker101Posted on 2009-09-10 at 10:36:51ID: 25302476

 

by: rochey2009Posted on 2009-09-10 at 10:44:10ID: 25302551

Please can you post Checkpoint, OSPF config

 

by: skywalker101Posted on 2009-09-10 at 10:48:00ID: 25302590

Rochey2009,

The OSPF is done on the Nokia

 

by: rochey2009Posted on 2009-09-10 at 10:49:14ID: 25302607

Sorry, can you post the Nokio OSPF config?

 

by: skywalker101Posted on 2009-09-10 at 10:56:22ID: 25302669

I have attached ospf-config in a post above, if you need more info let me know!

 

by: rochey2009Posted on 2009-09-10 at 11:01:44ID: 25302707

Sorry, I can't see the Nokia ospf config

 

by: skywalker101Posted on 2009-09-10 at 11:24:55ID: 25302895

Hi,

All the config is done by the web interface, I can do show commands from the cli

 

by: rochey2009Posted on 2009-09-10 at 12:27:29ID: 25303399


Have you tried setting the cisco as an ospf point-to-point.

interface GigabitEthernet1/0/18
 ip ospf network point-to-point


interface GigabitEthernet2/0/25
 ip ospf network point-to-point

 

by: skywalker101Posted on 2009-09-10 at 12:33:10ID: 25303443

I will give that a go

 

by: rochey2009Posted on 2009-09-10 at 17:11:31ID: 25305783

You can also try some debugging on the voyager.

In Voyager, go to Configuration > Routing > Routing Options. Under OSPF drop-down list, select All and click on Apply. This will generate ipsrd.log.* files under /var/log. Collect the logs during the time when OSPF errors are occuring. There might be multiple files created.

 

by: rochey2009Posted on 2009-09-10 at 17:26:35ID: 25305849


The OSPF LSA from the L3 switch is being received by the Nokia. I'm wondering if there is a bug in the Nokia.

As an alternative to running OSPF:

If you install another Cisco switch next to the Nokia. You could use Etherchannel to combine the two LES circuits together and continue using static routes on the Nokia. The Etherchannel will load balance traffic over both of the LES circuits and continue to work if one of LES circuits fails.

 

by: rochey2009Posted on 2009-09-10 at 18:22:46ID: 25306041

Do you have any Inbound Route Filters defined under

Config on the home page
Inbound Route Filters Link in the Routing Configuration section
Filter Inbound OSPF routes

Also, what protocol rank have you given to OSPF?

 

by: skywalker101Posted on 2009-09-11 at 00:23:32ID: 25307251

Rochey,

no inbound router filters defined

no OSPF rank

The only config is on the advertising the connected networks on the backone area for  10.15.10.0, 11.0

 

by: skywalker101Posted on 2009-09-11 at 00:41:56ID: 25307323

Rochey,

I have attached the routing options for rank ospf and inbound route filters

 

by: rochey2009Posted on 2009-09-11 at 02:02:37ID: 25307677

Give the debugging a shot.

In Voyager, go to Configuration > Routing > Routing Options. Under OSPF drop-down list, select All and click on Apply. This will generate ipsrd.log.* files under /var/log. Collect the logs during the time when OSPF errors are occuring. There might be multiple files created.

Then clear  the adjacencies from the Cisco end.

 

by: skywalker101Posted on 2009-09-11 at 02:26:27ID: 25307779

Log file attached

 

by: rochey2009Posted on 2009-09-11 at 02:54:47ID: 25307905

What is the state of the adjacency at the moment?

 

by: skywalker101Posted on 2009-09-11 at 03:16:44ID: 25307981

They are both up Full/DR

 

by: rochey2009Posted on 2009-09-11 at 03:42:24ID: 25308074

Please can you shut down one of the OSPF links - subnet 10.15.10.0, so that we only have one link between the Nokia and the Cisco.

Then switch on the OSPF debug on the Nokia.

Then clear the OSPF process from the cisco end.

Repost the debug.

Thanks.

 

by: rochey2009Posted on 2009-09-11 at 03:47:39ID: 25308093

From my previous post

Have you tried setting the cisco as an ospf point-to-point.

interface GigabitEthernet1/0/18
 ip ospf network point-to-point


interface GigabitEthernet2/0/25
 ip ospf network point-to-point

Have you removed this config.

 

by: skywalker101Posted on 2009-09-11 at 03:49:58ID: 25308099

Yes I have set the interfaces ip ospf network point-to-point, and reset ospf still no joy

 

by: rochey2009Posted on 2009-09-11 at 03:52:06ID: 25308108

Have you removed the

ip ospf network point-to-point command.

 

by: skywalker101Posted on 2009-09-11 at 03:53:13ID: 25308111

No do you want me to remove it ?

 

by: rochey2009Posted on 2009-09-11 at 03:59:00ID: 25308141

yes please remove the

ip ospf network point-to-point

from both of the ports going to the LES links

shut down one of the ports going to LES links so that you only have one OSPF adjacency formed between the Nokia and the Cisco

Then start another OSPF debug on the nokia.

Then restart the OSPF process on the cisco.

repost the debug.

 

by: skywalker101Posted on 2009-09-11 at 04:50:54ID: 25308432

OSPF Logs, the 10.15.1.0 route is getting advertise but I am still unable to ping from the 10.15.1.x subnet

 

by: rochey2009Posted on 2009-09-11 at 05:20:28ID: 25308602

try the following on the cisco

paste the following into the config


router ospf 1
 no network 10.15.1.0 0.0.0.255 area 0
 no network 10.15.6.0 0.0.0.255 area 0
 no net 10.15.5.0  0.0.0.255 area 0
 redistribute connected subnets

 

by: skywalker101Posted on 2009-09-11 at 06:56:28ID: 25309543

The Nokia is not advertsing any ospf routes

 

by: rochey2009Posted on 2009-09-11 at 08:03:45ID: 25310258

Did you mean that the Nokia isn't receiving any OSPF routes?

 

by: skywalker101Posted on 2009-09-11 at 08:04:12ID: 25310266

Got it working mate, changed the Router ID on the Nokia to 10.15.10.101 and it started adding the OSPF Routes into the routing table.

Thanks for your help

 

by: rochey2009Posted on 2009-09-11 at 08:05:58ID: 25310281

excellent. I'm glad you've got it working.

Regards.

 

by: rochey2009Posted on 2009-09-11 at 09:37:32ID: 25311196

Hi,

Did you bring both links back to the up state?

 

by: skywalker101Posted on 2009-09-11 at 10:38:28ID: 25311739

Yep I did, to test the connection I ran a continuous Ping from 10.15.1.x and shutdown one interface it dropped a few pings and then re-established.

Now the question should I remove the redistrubute connected and add the network statements manually ?

 

by: rochey2009Posted on 2009-09-11 at 10:45:16ID: 25311798

The preferred way is to enable OSPF on the interfaces with the network statement and remove the redistribute connected subnets.

If you don't want to form an adjacency on those interfaces (eg 10.15.1.0) you could use the passive-interface command under the ospf config e.g. passive-interface Vlan2. This stops hellos being sent out of those interfaces and so prevents adjacencies being formed.

 

by: skywalker101Posted on 2009-09-11 at 10:51:00ID: 25311837

So I have remove redist connected subnets and add in the the manually network statements. by adding net statement will this broadcast hello's for all interface in this network ?

network 10.15.1.0 0.0.0.255 area 0

no passive-interface vlan 2

 

by: rochey2009Posted on 2009-09-11 at 10:56:48ID: 25311897

Yes, when you use the network statement OSPF will send hello's out onto that VLAN. To stop OSPF from sending hellos use

passive-interface vlan 2

 

by: skywalker101Posted on 2009-09-14 at 23:35:16ID: 31626571

Rochey, The OSPF is all working as expected. Thanks again for sticking with it!

 

by: rochey2009Posted on 2009-09-15 at 02:06:10ID: 25333053

I enjoyed working on this. You solved the problem so the credit goes to you.

Thanks,
Paul.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...