• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1326
  • Last Modified:

ospf and bridge-groups??

Experts,
I have three routers. R1 on the left is running OSPF, R2 in the middle is running rip, and R3 on the right is running OSPF. R1 and R3 are connected to each other via a bridge group in R2 that does not have an IP address at all, just configured as transparent bridging. I can pass traffic (i.e. ping/telnet/tracert) between R1 and R3 through R2, however i am not receiving any OSPF updates. Essentially OSP does not redistribute through the bridge group in any way, shape, or form. Does anyone have a soultion for this? i can provide router configs if requested.

Thanks!!
0
mholzwarth
Asked:
mholzwarth
  • 11
  • 8
  • 6
1 Solution
 
Don JohnstonInstructorCommented:
Please provide the configs.

This should work as R2 is a transparent bridge. It should be flooding all multicast traffic.
0
 
bkepfordCommented:
OSPF adjacencies are built using multicasts with a TTL of 1 so they only talk to the routers right next to them. I think if you tunnel to the other 1 it will work. If you add this configuration it might fix your problem

R1
interface Fastethernet 0/0
description R1s interface closest to R3
ip add 10.0.0.1 255.255.255.0

int tunnel 0
ip unnumbered fa 0/0
tunnel source 10.0.0.1
tunnel destination 10.0.0.2
ip ospf 1 area 0

R3

interface Fastethernet 0/0
description R3s interface closest to R1
ip add 10.0.0.2 255.255.255.0

int tunnel 0
ip unnumbered fa 0/0
tunnel source 10.0.0.2
tunnel destination 10.0.0.1
ip ospf 1 area 0
0
 
Don JohnstonInstructorCommented:
bkepford,

R2 isn't really a router. It's a bridge.
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
mholzwarthAuthor Commented:
Below you will find the configs for the three Routers.
-R1 COnfig
-
-
-Current configuration : 2498 bytes
-!
-version 12.3
-service timestamps debug uptime
-service timestamps log uptime
-no service password-encryption
-!
-hostname R1
-!
-boot-start-marker
-boot-end-marker
-!
-logging buffered 4096 debugging
-!
-memory-size iomem 15
-no aaa new-model
-ip subnet-zero
-ip cef
-!
-!
-ip name-server x.x.x.x
-ip name-server x.x.x.x
-!
-ip audit po max-events 100
-!
-!
-interface FastEthernet0/1
- description Backup DSL Connection ***This is connected to the ATM3/0.1191 interface on R2***
- bandwidth 1500
- ip address 10.15.15.179 255.255.255.248
- duplex auto
- speed auto
-!
-!
-router ospf 1
- log-adjacency-changes
- network 10.0.0.0 0.255.255.255 area 1
-!
-no ip http server
-no ip http secure-server
-ip classless
-!
-!
-logging x.x.x.x
-access-list 120 deny   tcp any any eq 135
-access-list 120 deny   udp any any eq 135
-access-list 120 deny   udp any any eq netbios-ns
-access-list 120 deny   udp any any eq netbios-dgm
-access-list 120 deny   tcp any any eq 139
-access-list 120 deny   udp any any eq netbios-ss
-access-list 120 deny   tcp any any eq 445
-access-list 120 deny   tcp any any eq 593
-access-list 120 deny   tcp any any eq 4444
-access-list 120 deny   tcp any any eq 137
-access-list 120 deny   tcp any any eq 6121
-access-list 120 deny   tcp any any eq 18559
-access-list 120 deny   tcp any any eq 2581
-access-list 120 deny   tcp any any eq 3620
-access-list 120 permit ip any any
-!
-snmp-server community xxxxxxxxx
-snmp-server enable traps tty
 
-----------------------------------------------------------------------
`Router R2 Config
`
`
`version 12.2
`service timestamps debug uptime
`service timestamps log uptime
`no service password-encryption
`!
`hostname R2
`!
`clock timezone MST -7
`clock summer-time MST recurring
`ip subnet-zero
`!
`!
`ip domain-name xxxxxxxxxxxx
`ip name-server x.x.x.x
`ip name-server x.x.x.x
`!
`ip cef
`call rsvp-sync
`cns event-service server
`!
`!
`!
`!
`!
`!
`bridge irb
`!
`!
`interface Multilink1
` no ip address
` ppp multilink
` multilink-group 1
`!
`interface FastEthernet1/0
` description Backup DSL Link to R3
` no ip address
` duplex full
` bridge-group 6
`!
`interface FastEthernet2/0
` description Connection To New DS3
` ip address x.x.x.x 255.255.255.252
` duplex full
`!
`interface ATM3/0
` description Physical DS3 
` bandwidth 44000
` no ip address
` atm scrambling cell-payload
` no atm ilmi-keepalive
`!
`interface ATM3/0.32 point-to-point
` description 20Mbps DS3 Frag 
` bandwidth 30000
`!
`!
`interface ATM3/0.132 point-to-point
` description 30Mbps DS3 Frag 
` ip address x.x.x.x 255.255.255.252
` pvc 1/32
`  ubr 30000
`  oam-pvc manage
` !
`interface ATM3/0.1191 point-to-point
` description backup DSL link to R1
` pvc 1/191
`  encapsulation aal5snap
 `!
 `bridge-group 6
!
interface BVI6
 description CCI Wright DSL Backup
 no ip address
 clns mtu 1514
!
router rip
 version 2
 network 10.0.0.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
ip http server
!
logging 
access-list 120 deny   udp any any eq 1900
access-list 120 deny   tcp any any eq 135
access-list 120 deny   udp any any eq 135
access-list 120 deny   udp any any eq netbios-ns
access-list 120 deny   udp any any eq netbios-dgm
access-list 120 deny   tcp any any eq 139
access-list 120 deny   udp any any eq netbios-ss
access-list 120 deny   tcp any any eq 445
access-list 120 deny   tcp any any eq 593
access-list 120 deny   tcp any any eq 4444
access-list 120 permit ip any any
access-list 130 deny   tcp any any eq www
access-list 130 deny   tcp any any eq smtp
access-list 130 permit ip any any
access-list 135 deny   tcp any any eq smtp
access-list 135 permit ip any any
access-list 140 deny   tcp any any eq 6129
access-list 140 permit ip any any
snmp-server engineID local 
snmp-server community xxxxxxxxx
snmp-server community xxxxxxxxx
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps casa
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps channel
snmp-server enable traps hsrp
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps envmon
snmp-server enable traps bgp
snmp-server enable traps rsvp
snmp-server enable traps frame-relay
snmp-server enable traps syslog
snmp-server enable traps rtr
snmp-server enable traps dlsw
snmp-server enable traps dial
snmp-server enable traps voice poor-qov
!
tftp-server x.x.x.x
bridge 6 protocol ieee
bridge 6 route ip
 
!
dial-peer cor custom
!
!
!
!
gatekeeper
 shutdown
!
!
line vty 0 4
 password xxxxxxxxxxxx
 transport input lat pad v120 mop telnet rlogin udptn nasi
 
!
ntp clock-period 17179806
ntp master 2
ntp update-calendar
ntp server x.x.x.x
end
 
-----------------------------------------------------------------------
 
R3 COnfig 
 
Current configuration : 7057 bytes
!
! Last configuration change at 09:09:55 MST Mon Apr 20 2009
! NVRAM config last updated at 11:12:07 MST Sat Apr 18 2009
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
clock timezone MST -7
clock summer-time MST recurring
ip subnet-zero
ip routing
!
ip name-server x.x.x.x
ip name-server x.x.x.x
!
!
spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 2
!
!
!
vlan dot1q tag native
!
!
 
!
interface FastEthernet0/15
 description backup DSL link **this port is connected to the FA1/0 on R2 router**
 no switchport
 bandwidth 1500
 ip address 10.15.15.177 255.255.255.248
!
 
!
router ospf 1
 log-adjacency-changes
 redistribute static subnets
 network 10.0.0.0 0.255.255.255 area 1
 network x.0.0.0 0.255.255.255 area 1
 default-information originate
!
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
ip http server
!
logging x.x.x.x
access-list 10 permit x.x.x.x 0.0.0.255 log
access-list 10 permit x.x.x.x 0.0.0.255 log
access-list 115 deny   udp any any eq tftp
access-list 115 deny   tcp any any eq 135
access-list 115 deny   udp any any eq 135
access-list 115 deny   udp any any eq netbios-ns
access-list 115 deny   udp any any eq netbios-dgm
access-list 115 deny   tcp any any eq 139
access-list 115 deny   udp any any eq netbios-ss
access-list 115 deny   tcp any any eq 445
access-list 115 deny   tcp any any eq 593
access-list 115 deny   tcp any any eq 4444
access-list 115 deny   icmp any any
access-list 115 permit ip any any
access-list 180 permit ip x.x.x.x 0.0.0.255 any
access-list 180 permit ip x.x.x.x 0.0.0.255 any
access-list dynamic-extended
route-map route65 permit 10
 match ip address 10
 set ip next-hop x.x.x.x
!
snmp-server community xxxxxx
snmp-server community yyyyyy
!
!
ntp clock-period 17180172
ntp peer x.x.x.x
!
end

Open in new window

0
 
mholzwarthAuthor Commented:
To give you all more info, R1 and R3 are also connected via T1 lines that do redistribute the OSPF networks. The bridge that we are trying to create is to setup a transparent bridge DSL line as a backup link for R1 and R3. However when turning off the T1 lines, the OSPF routes are not redistributed across this backup link. I have traced my issue down to the bridge-group in R2. It currently passes traffic, and if i turn off the T1link in R1 and manually input a static defualt route then it will pass traffic with no problem....However that really defeats one of my current purposes for using OSPF, if i loose the T1 i don't want to have to manually do this everytime, OSPF should just update the new routes over the R2 brdige until i can get onsite to repair the original T1 links
0
 
mholzwarthAuthor Commented:
I have been working on this all day, and google has not uncovered much for me.......looking into "source route bridging" as a possible solution.....
0
 
Don JohnstonInstructorCommented:
Quick and dirty solution would be to create a floating static route. Just set the AD to 130. The router will not use the static route unless the OSPF path over the T1 is lost.

OSPF problem over the bridge may have something to do with the translational bridging going on in R2.
0
 
Don JohnstonInstructorCommented:
SRB is used in token ring. I don't think I've ever heard of SRB in an Ethernet environment.
0
 
mholzwarthAuthor Commented:
thanks don just saw that.

we have tried the dirty solution already, and while it works...well its dirty, and my ultimate goal with this project is to get a perminent clean solution in place.
0
 
Don JohnstonInstructorCommented:
I'm pretty sure your problem is the translation between ethernet and ATM.

Have you tried manually defining the neighbor?



R1
router ospf 1
 neighbor 10.15.15.177
 
R3
router ospf 1
 neighbor 10.15.15.179

Open in new window

0
 
mholzwarthAuthor Commented:
tried your config don, get a respones back as:
OSPF: Neighbor commonad is allowed only on NBMA and point-to-multipoint networks.
And they will not accept the neighbor command.

The idea was great though!
0
 
bkepfordCommented:
When I see bridging done with ATM they use

bridge 6 protocol dec

not

bridge 6 protocol ieee
0
 
mholzwarthAuthor Commented:
now looking at going down the road of the bitswap-layer3-addresses or circuit-group commands....any thoughts
0
 
mholzwarthAuthor Commented:
but will protocol dec work with the thernet interface?
0
 
bkepfordCommented:
Well actually I've seen it both ways.
0
 
bkepfordCommented:
In the below example off of Cisco's site they use it to bridge a fiber, Token ring and Ethernet connection.

Here's the link
http://www.cisco.com/en/US/docs/ios/bridging/configuration/guide/br_transprnt_brdg_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1004432
interface tokenring 0
 ip address 131.108.1.1 255.255.255.0
 bridge-group 1
!
interface fddi 0
 ip address 131.108.2.1 255.255.255.0
 bridge-group 1
!
interface ethernet 0
 ip address 192.31.7.26 255.255.255.240
 bridge-group 1
!
interface serial 0
 ip address 192.31.7.34 255.255.255.240
 bridge-group 1
!
interface ethernet 1
 ip address 192.31.7.65 255.255.255.240
 bridge-group 1
!
bridge 1 protocol dec

Open in new window

0
 
bkepfordCommented:
PS notice that the bridge irb command is not used.
0
 
bkepfordCommented:
or the

 bridge 6 route ip
0
 
mholzwarthAuthor Commented:
after doing some digging i can not remove the bridge irb or even change it do to another bridge group currently in use by a large number of DSL customers, i have however remove the BVI6 as it was also missing in the examples you provided as well as the route ip command. going to do a little more testing then make the switch and see if it will now update the routes, will be a few before i am back.
0
 
Don JohnstonInstructorCommented:
I don't think this is your problem.

IRB (Integrated Routing and Bridging) is used when you want the router to bridge traffic but you also want to route traffic between the bridge group and layer 3 interfaces. The BVI (Bridge Virtual Interface) is the layer 3 interface for the bridge group.

If there was a problem with the bridging function, you would not be able to move ANY traffic across the link. Since you can move traffic across the bridge, it's working. The problem is broadcast/multicast traffic only.

There are numerous papers that cover this topic.

For example:

http://www.faqs.org/rfcs/rfc2226.html
http://www.faqs.org/rfcs/rfc2844.html

It's been sooo long since I did any ATM, I can't remember the fix. I seem to recall changing the ospf network type on an interface.

Maybe on R3 issuing the command "ip ospf network non-broadcast" on the f1/0 interface and then define the neighbor.

Did you try the neighbor command on R1?



0
 
bkepfordCommented:
This is true both sides need to have matching hello/dead timers. If they do not match no peering will take place.
0
 
bkepfordCommented:
If you do a show ip ospf interfaces on both routers you can compare them. Changing the network type chanes the timers and if one side is ethernet and the other ATM the ATM will not require a DR while the ehternet side will. You need to make sure both require the same thing.
0
 
mholzwarthAuthor Commented:
Good Morning Don,

Didn't get a chance until this morning to try the IP ospf command. After working through it and cleaning up everything i did yesterday the backup link is now working correctly.

The one catch i found is i did have to put the "ip ospf network non-broadcast" in both R1 and R2 with the neighbor commands. Once done everything came right up and started working.

Thank You for all your help on this, and thank you to the other guys that have posted as well.
0
 
mholzwarthAuthor Commented:
Please read the entire post for the solution and see the router configs.

Thanks for everybody's help!!
0
 
mholzwarthAuthor Commented:
Final configs
R1
 
 
interface FastEthernet0/1
 description Backup DSL
 bandwidth 1500
 ip address 10.15.15.179 255.255.255.248
 ip ospf network non-broadcast
 duplex auto
 speed auto
!
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.0 0.255.255.255 area 1
 neighbor 10.15.15.177
!
--------------------------------------------------------------------------------------------
 
R2
 
!
bridge irb
!
!
interface FastEthernet1/0
 description Backup DSL Link
 no ip address
 duplex full
 bridge-group 6
!
interface ATM3/0.1191 point-to-point
 description Backup DSL Link
 pvc 1/191
  encapsulation aal5snap
 !
 bridge-group 6
!
!
interface BVI6
 description DSL Backup
 no ip address
 clns mtu 1514
!
bridge 6 protocol ieee
bridge 6 route ip
 
------------------------------------------------------------------------------------------------
 
R3
 
 
interface FastEthernet0/15
 description backup link to DSL
 no switchport
 bandwidth 1500
 ip address 10.15.15.177 255.255.255.248
 ip ospf network non-broadcast
!
router ospf 1
 log-adjacency-changes
 redistribute static subnets
 network 10.0.0.0 0.255.255.255 area 1
 neighbor 10.15.15.179 priority 1
 default-information originate
!

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

  • 11
  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now