• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 546
  • Last Modified:

Configure default route injection through OSPF

The network is depicted below.  Everything works currently, both sites have access to networks on each side via static routing.  Site one's router sends all outbound traffic access the MPLS to either the lan or internet.  At site 2 I am trying to inject a default route so that each device in both sites gets the route, this is because eventually both sites with have internet.  On the firewall  I added to the OSPF config default-information originate.

router ospf 200
 router-id 10.20.1.3
 network 10.20.0.0 255.255.0.0 area 0
 network 172.16.1.0 255.255.255.0 area 0
 area 0
 log-adj-changes
 redistribute static
default-information originate

Then on the lan router at site 2 I removed that static default route which was that pointed to the firewall.  I lost connection to the lan router from everywhere.  Site 1 still had internet access and could get to site 2's 10.20.1.x lan but not 172.31.2.x.

I hooked up a console cable to the lan router at site 2 and could see the default route did make it over as external type 2.   Can't figure out why  I lost the connection to the lan router, I could not ping it and could not ping anything from it.

 EE-OSPF-diag.pdf
3400# sh run

Running configuration:

; J4905A Configuration Editor; Created on release #M.10.06

hostname "3400"
snmp-server contact 
snmp-server location 
time timezone -300
time daylight-time-rule
interface 1
   name "Rack1-iLO1 23 10.20.5.1"
   lacp Active
exit
interface 2
   name "Rack1-iLO1 24 10.20.5.1"
   lacp Active
exit
interface 3
   name "Rack1-NIC1 23 10.20.5.11"
   lacp Active
exit
interface 4
   name "Rack1-NIC1 24 10.20.5.11"
   lacp Active
exit
interface 5
   name "Rack1-NIC2 23 10.20.5.21"
   lacp Active
exit
interface 6
   name "Rack1-NIC2 24 10.20.5.21"
   lacp Active
exit
interface 7
   name "Rack2-iLO1 23 10.20.5.2"
   lacp Active
exit
interface 8
   name "Rack2-iLO1 24 10.20.5.2"
   lacp Active
exit
interface 9
   name "Rack2-NIC1 23 10.20.5.12"
   lacp Active
exit
interface 10
   name "Rack2-NIC1 24 10.20.5.12"
   lacp Active
exit
interface 11
   name "Rack2-NIC2 23 10.20.5.22"
   lacp Active
exit
interface 12
   name "Rack2-NIC2 24 10.20.5.22"
   lacp Active
exit
interface 22
   name "Trunk"
   lacp Active
exit
interface 23
   name "ASA Inside 0/0 10.20.1.3"
   speed-duplex 100-full
exit
interface 24
   name "MPLS Handoff"
exit





sntp server 
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-24
   ip address 10.20.1.1 255.255.0.0
   exit
vlan 2
   name "VLAN2"
   exit
vlan 5
   name "VLAN5"
   ip address 172.31.2.1 255.255.255.0
   tagged 22
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
ip route 10.10.0.0 255.255.0.0 10.20.1.2
ip route 192.168.128.0 255.255.255.0 10.20.1.2
ip route 172.31.1.0 255.255.255.0 10.20.1.2
spanning-tree
ip router-id 10.20.1.1
router ospf
   area backbone
   exit
vlan 1
   ip ospf area backbone
   exit
vlan 5
   ip ospf area backbone
   exit
password manager

Open in new window

0
dmwynne
Asked:
dmwynne
1 Solution
 
Jan SpringerCommented:
default-information originate always metric 1
0
 
dmwynneAuthor Commented:
Does it make sense that what I changed would cause the lan router to become inaccessible?
0
 
rfc1180Commented:
Technically, vlan 1 and Vlan5 should be there own area and NOT part of area 0
You should create a dedicated vlan for the MPLS handoff and put the vlan interface into area 0; then designate the new vlan as a point-point in the OSPF config. Your design is less than optimal; additionally, we do not have the configs or the status of the routing table to make a diagnose for your question; however, based on what is configured so far, I am not surprised that you had issues.

Billy

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now