?
Solved

Configure default route injection through OSPF

Posted on 2011-04-29
3
Medium Priority
?
542 Views
Last Modified: 2012-05-11
The network is depicted below.  Everything works currently, both sites have access to networks on each side via static routing.  Site one's router sends all outbound traffic access the MPLS to either the lan or internet.  At site 2 I am trying to inject a default route so that each device in both sites gets the route, this is because eventually both sites with have internet.  On the firewall  I added to the OSPF config default-information originate.

router ospf 200
 router-id 10.20.1.3
 network 10.20.0.0 255.255.0.0 area 0
 network 172.16.1.0 255.255.255.0 area 0
 area 0
 log-adj-changes
 redistribute static
default-information originate

Then on the lan router at site 2 I removed that static default route which was that pointed to the firewall.  I lost connection to the lan router from everywhere.  Site 1 still had internet access and could get to site 2's 10.20.1.x lan but not 172.31.2.x.

I hooked up a console cable to the lan router at site 2 and could see the default route did make it over as external type 2.   Can't figure out why  I lost the connection to the lan router, I could not ping it and could not ping anything from it.

 EE-OSPF-diag.pdf
3400# sh run

Running configuration:

; J4905A Configuration Editor; Created on release #M.10.06

hostname "3400"
snmp-server contact 
snmp-server location 
time timezone -300
time daylight-time-rule
interface 1
   name "Rack1-iLO1 23 10.20.5.1"
   lacp Active
exit
interface 2
   name "Rack1-iLO1 24 10.20.5.1"
   lacp Active
exit
interface 3
   name "Rack1-NIC1 23 10.20.5.11"
   lacp Active
exit
interface 4
   name "Rack1-NIC1 24 10.20.5.11"
   lacp Active
exit
interface 5
   name "Rack1-NIC2 23 10.20.5.21"
   lacp Active
exit
interface 6
   name "Rack1-NIC2 24 10.20.5.21"
   lacp Active
exit
interface 7
   name "Rack2-iLO1 23 10.20.5.2"
   lacp Active
exit
interface 8
   name "Rack2-iLO1 24 10.20.5.2"
   lacp Active
exit
interface 9
   name "Rack2-NIC1 23 10.20.5.12"
   lacp Active
exit
interface 10
   name "Rack2-NIC1 24 10.20.5.12"
   lacp Active
exit
interface 11
   name "Rack2-NIC2 23 10.20.5.22"
   lacp Active
exit
interface 12
   name "Rack2-NIC2 24 10.20.5.22"
   lacp Active
exit
interface 22
   name "Trunk"
   lacp Active
exit
interface 23
   name "ASA Inside 0/0 10.20.1.3"
   speed-duplex 100-full
exit
interface 24
   name "MPLS Handoff"
exit





sntp server 
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-24
   ip address 10.20.1.1 255.255.0.0
   exit
vlan 2
   name "VLAN2"
   exit
vlan 5
   name "VLAN5"
   ip address 172.31.2.1 255.255.255.0
   tagged 22
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
ip route 10.10.0.0 255.255.0.0 10.20.1.2
ip route 192.168.128.0 255.255.255.0 10.20.1.2
ip route 172.31.1.0 255.255.255.0 10.20.1.2
spanning-tree
ip router-id 10.20.1.1
router ospf
   area backbone
   exit
vlan 1
   ip ospf area backbone
   exit
vlan 5
   ip ospf area backbone
   exit
password manager

Open in new window

0
Comment
Question by:dmwynne
3 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 35494393
default-information originate always metric 1
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35494845
Does it make sense that what I changed would cause the lan router to become inaccessible?
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 2000 total points
ID: 35495363
Technically, vlan 1 and Vlan5 should be there own area and NOT part of area 0
You should create a dedicated vlan for the MPLS handoff and put the vlan interface into area 0; then designate the new vlan as a point-point in the OSPF config. Your design is less than optimal; additionally, we do not have the configs or the status of the routing table to make a diagnose for your question; however, based on what is configured so far, I am not surprised that you had issues.

Billy

0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Considering cloud tradeoffs and determining the right mix for your organization.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question