Announcement

Collapse
No announcement yet.

ospf redistribution to WAN and route summarization

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ospf redistribution to WAN and route summarization

    I am really a sys admin pretending to be a network engineer and need clarification on ospf redistribution and route summarization.

    Our topology:

    Layer3 switches (6509s and 4506s) with WAN connection to AT&T MPLS cloud to other sites. We are running OSPF at each site and redistributing tagged routes to AT&Tís router for redistribution across their BGP back into our OSPF at each site.

    Example of our routing config at each site:

    router ospf 1
    router-id 10.152.200.2
    log-adjacency-changes
    auto-cost reference-bandwidth 10000
    redistribute connected subnets tag 30
    redistribute static subnets route-map STATIC-OSPF

    passive-interface default
    no passive-interface Vlan300
    no passive-interface Vlan600
    network 10.144.0.0 0.15.255.255 area 0
    network 10.250.152.0 0.0.0.255 area 0

    route-map STATIC-OSPF permit 10
    match tag 30

    One of our sites has a ton of subnets that are being advertised and I need to summarize the routes being redistributed to AT&Tís WAN router.

    A sho ip route connected displays over a 100 connected subnets which are being redistributed:

    #sho ip route connected
    10.0.0.0/8 is variably subnetted, 102 subnets, 5 masks
    C 10.152.212.0/24 is directly connected, Vlan212
    C 10.152.200.0/22 is directly connected, Vlan200
    C 10.152.205.0/24 is directly connected, Vlan205
    C 10.250.152.0/24 is directly connected, Vlan250
    C 10.152.250.0/24 is directly connected, Vlan600
    C 10.152.18.0/24 is directly connected, Vlan18
    C 10.152.19.0/24 is directly connected, Vlan19
    C 10.152.16.0/24 is directly connected, Vlan16
    C 10.152.17.0/24 is directly connected, Vlan17
    C 10.152.22.0/24 is directly connected, Vlan22
    C 10.152.23.0/24 is directly connected, Vlan23
    C 10.152.20.0/24 is directly connected, Vlan20
    C 10.152.21.0/24 is directly connected, Vlan21
    C 10.152.26.0/24 is directly connected, Vlan26
    C 10.152.27.0/24 is directly connected, Vlan27
    C 10.152.24.0/24 is directly connected, Vlan24
    C 10.152.25.0/24 is directly connected, Vlan25
    C 10.152.30.0/24 is directly connected, Vlan30
    C 10.152.31.0/24 is directly connected, Vlan31
    C 10.152.28.0/24 is directly connected, Vlan28
    C 10.152.29.0/24 is directly connected, Vlan29
    C 10.152.255.253/32 is directly connected, Loopback100
    C 10.152.0.0/24 is directly connected, Vlan300
    C 10.152.255.254/32 is directly connected, Loopback101
    C 10.152.6.0/24 is directly connected, Vlan6
    C 10.152.7.0/24 is directly connected, Vlan7
    C 10.152.5.0/24 is directly connected, Vlan5
    C 10.152.10.0/24 is directly connected, Vlan10
    C 10.152.11.0/24 is directly connected, Vlan11
    C 10.152.8.0/24 is directly connected, Vlan8
    C 10.152.9.0/24 is directly connected, Vlan9
    C 10.152.14.0/24 is directly connected, Vlan14
    C 10.152.15.0/24 is directly connected, Vlan15
    C 10.152.12.0/24 is directly connected, Vlan12
    C 10.152.13.0/24 is directly connected, Vlan13
    C 10.152.50.0/24 is directly connected, Vlan50
    C 10.152.51.0/24 is directly connected, Vlan51
    C 10.152.48.0/24 is directly connected, Vlan48
    C 10.152.49.0/24 is directly connected, Vlan49
    C 10.152.54.0/24 is directly connected, Vlan54
    C 10.152.55.0/24 is directly connected, Vlan55
    C 10.152.52.0/24 is directly connected, Vlan52
    C 10.152.53.0/24 is directly connected, Vlan53
    C 10.152.58.0/24 is directly connected, Vlan58
    C 10.152.59.0/24 is directly connected, Vlan59
    C 10.152.56.0/24 is directly connected, Vlan56
    C 10.152.57.0/24 is directly connected, Vlan57
    C 10.152.34.0/24 is directly connected, Vlan34
    C 10.152.35.0/24 is directly connected, Vlan35
    C 10.152.32.0/24 is directly connected, Vlan32
    C 10.152.33.0/24 is directly connected, Vlan33
    C 10.152.38.0/24 is directly connected, Vlan38
    C 10.152.39.0/24 is directly connected, Vlan39
    C 10.152.36.0/24 is directly connected, Vlan36
    C 10.152.37.0/24 is directly connected, Vlan37
    C 10.152.42.0/24 is directly connected, Vlan42
    C 10.152.43.0/24 is directly connected, Vlan43
    C 10.152.40.0/24 is directly connected, Vlan40
    C 10.152.41.0/24 is directly connected, Vlan41
    C 10.152.46.0/24 is directly connected, Vlan46
    C 10.152.47.0/24 is directly connected, Vlan47
    C 10.152.44.0/24 is directly connected, Vlan44
    C 10.152.208.253/32 is directly connected, Loopback0
    C 10.152.45.0/24 is directly connected, Vlan45
    C 10.152.82.0/24 is directly connected, Vlan82
    C 10.152.80.0/24 is directly connected, Vlan80
    C 10.152.81.0/24 is directly connected, Vlan81
    C 10.152.102.0/24 is directly connected, Vlan102
    C 10.152.100.0/24 is directly connected, Vlan100
    C 10.152.101.0/24 is directly connected, Vlan101




    Iím trying to figure out which command I need to use: the range command or the summary-address command.

    Should I add

    Router ospf 1
    Area 0 range 10.144.0.0 255.240.0.0

    OR

    Router ospf 1
    Summary-address 10.144.0.0 255.240.0.0


    Also, will this actually do what I want or will the command ďredistribute connected subnets tag 30Ē still redistribute all 100+ connected subnets?

    Thanks for the help!

  • #2
    Re: ospf redistribution to WAN and route summarization

    Are both sites in area 0? If so you cannot summarzie area 0 routes. Area 0 is the backbone area. All routers in area 0 need to have the same view of the routing domain. In ospf you can summarize on ABR's (from one area to another) or on ASBR's (external routing domain into ospf). So in short you can create summarys from area 0 to another area but not area 0 to area 0.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: ospf redistribution to WAN and route summarization

      Originally posted by auglan View Post
      Are both sites in area 0? If so you cannot summarzie area 0 routes. Area 0 is the backbone area. All routers in area 0 need to have the same view of the routing domain. In ospf you can summarize on ABR's (from one area to another) or on ASBR's (external routing domain into ospf). So in short you can create summarys from area 0 to another area but not area 0 to area 0.
      Yes, each site is area 0 but with BGP between (AT&T cloud). My layer3 switches at one site don't neighbor up with the my layer3 switch at the other site but with the AT&T WAN router at the site which then redistributes to BGP and back to OSPF at the other side.

      Is this still an issue?

      Comment


      • #4
        Re: ospf redistribution to WAN and route summarization

        So essentially you have a discontigious backbone. IE 2 area 0's seperated and no adjacency between the too. I think in OSPF's eyes since there is no adjacency that it would consider both area 0's as seperate entity's. Both area 0's dont have identical link state databases. In this case you cant use the area-range command as that is for summarization on ABR's to the backbone or vice versa. I would think the summary-address command should work for you but I have my doubts as that command is used on ASBR's to summarize prefixes from an external routing domain into OSPF .In OSPF all summaries must go through area 0. A non backbone area cannot advertise a summary LSA to another area. In this case you have no adjacency with another area Technically in this case BGP is controlling route distribution and not ospf. Are you running OSPF with your provider as well and then they redistribute into BGP?

        Also let me know how this works as im interested in the results.Thanks.
        Last edited by auglan; 28th July 2010, 18:31.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: ospf redistribution to WAN and route summarization

          Yes. The WAN provider has their managed router running OSPF and we neighbor to it. They then redistribute tagged routes to their BGP.

          Comment


          • #6
            Re: ospf redistribution to WAN and route summarization

            Ok I am assuming they are in area 0 as well? If so we run into the issue of not being able to summarize from area 0 to area 0. If they are running a different area then yes you could use the area range command to summarzie to that area. Since the provider is redistributing ospf to bgp they could only advertise an aggregate (summmary) via BGP to the other remote PE device and when its redistributed back into OSPF you would only get the summary.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: ospf redistribution to WAN and route summarization

              If I dropped a router between my layer 3 switch and the vendor router and had int0 in area 0 neighbored to my layer 3 switch and int1 in area 1 neighbored the vendor router, then could I do the route summarization there so the vendor router would only receive summary routes to redistribute over their BGP?

              Comment


              • #8
                Re: ospf redistribution to WAN and route summarization

                What area is the ISP in? If they are area 0 as well then you will have a discontigious area 0.


                SW - AREA 0 ---------R1 - AREA 1 ---------ISP - AREA 0

                So you have an area 0 seperated by a non backbone area. Not a good design decision. In this case both area 0 devices wont have identical link state databases which is going to cause issues. Also remember summary LSA's cant be advertised by a non backbone routers they must pass through area 0 and from area 0 to other devices. In this case SW can send summary to R1 but R1 cant send to ISP device. You could get around this with a virtual-link between SW and ISP but virtual-links are bandaids and not a permanent solution. Like I said earlier why not just have your ISP send an aggregate in BGP to the other PE router on the remote side.

                If you ISP is in AREA 1 this wont be an issue. SW will send summary to R1 and R1 will pass those LSA's on to the ISP device.
                CCNA, CCNA-Security, CCNP
                CCIE Security (In Progress)

                Comment


                • #9
                  Re: ospf redistribution to WAN and route summarization

                  Originally posted by auglan View Post
                  What area is the ISP in?
                  If I put a router in place I would have the vendor change their ospf to area 1.

                  My SW (area 0) <---> My RTR1 (area 0)
                  My RTR1 (area 1) <---> Vendor RTR (area 1)
                  Vendor RTR (BGP) <---> MPLS


                  If this was the case, could I put an a area range command on my RTR1? Would that solve my issue?

                  Comment


                  • #10
                    Re: ospf redistribution to WAN and route summarization

                    Yes that would work as the summary from your area 0 would flood to area 1.
                    CCNA, CCNA-Security, CCNP
                    CCIE Security (In Progress)

                    Comment


                    • #11
                      Re: ospf redistribution to WAN and route summarization

                      Could I accomplish this by putting the vendor router in a new vlan on my 6509 that is in area 1 instead of deploying another physical router?


                      Core Layer 3 SW
                      core networks (10.0.0.0 - 10.31.255.255) in area 0
                      WAN vendor1 network (new vlan 400 10.253.255.0/24) area 1

                      Int Gi3/1 (vlan 400) <---> WAN vendor1 int0 (10.253.255.254/24) area 1

                      router ospf 10
                      router-id 10.2.1.251
                      log-adjacency-changes
                      area 0 range 10.0.0.0 255.224.0.0
                      auto-cost reference-bandwidth 10000
                      area 0 authentication message-digest
                      redistribute connected subnets tag 10
                      redistribute static subnets route-map STATIC-OSPF
                      passive-interface default
                      no passive-interface Vlan9
                      no passive-interface Vlan600
                      no passive-interface Vlan400
                      network 10.0.0.0 0.31.255.255 area 0
                      network 10.253.255.0 0.0.0.255 area 1

                      Comment


                      • #12
                        Re: ospf redistribution to WAN and route summarization

                        Yes that should work just got to get the ISP your peering with to put their interface in area 1 as well. I say that as Im not sure if they let you manage that device or not. As always verify your adjcency's after the configuration and take a look at the ospf database to make sure the summary is being flooded to area 1. Shouldnt have any issues though.
                        CCNA, CCNA-Security, CCNP
                        CCIE Security (In Progress)

                        Comment


                        • #13
                          Re: ospf redistribution to WAN and route summarization

                          Just a thought -

                          I am using the "redistrubute connected subnets tag 30" command mainly to tag the routes so my vendor will filter what they redistribute into their BGP based on the tag. Since this command is essentially injecting external routes (connected subnets) into ospf, could I use the command "summary-address 10.0.0.0 255.224.0.0" to summarize all the routes (connected subnets) being redistributed into OSPF? Then my vendor router would only learn the summary route with the tag to redistribute to their BGP.

                          Sample config:

                          router ospf 10
                          router-id 10.2.1.251
                          log-adjacency-changes
                          area 0 range 10.0.0.0 255.224.0.0 (summarizes between area 0 and 1 but the route is not tagged so my vendor won't redistribute)
                          summary-address 10.0.0.0 255.224.0.0 (summarizes the routes redistributed into ospf via my "redistribute connected subnets tag 10" command)
                          auto-cost reference-bandwidth 10000
                          area 0 authentication message-digest
                          redistribute connected subnets tag 10
                          redistribute static subnets route-map STATIC-OSPF
                          passive-interface default
                          no passive-interface Vlan9
                          no passive-interface Vlan600
                          no passive-interface Vlan400
                          network 10.0.0.0 0.31.255.255 area 0
                          network 10.253.255.0 0.0.0.255 area 1

                          Comment


                          • #14
                            Re: ospf redistribution to WAN and route summarization

                            That should work as that router is considered by OSPF to be an ASBR. You can verify the with:

                            sh ip ospf


                            Will tell you the roles the router is holding in OSPF
                            CCNA, CCNA-Security, CCNP
                            CCIE Security (In Progress)

                            Comment


                            • #15
                              Re: ospf redistribution to WAN and route summarization

                              The 6509 is an ASBR.

                              it01ncsw02#sho ip ospf
                              Routing Process "ospf 10" with ID 10.2.1.252
                              Start time: 1y9w, Time elapsed: 1w6d
                              Supports only single TOS(TOS0) routes
                              Supports opaque LSA
                              Supports Link-local Signaling (LLS)
                              Supports area transit capability
                              It is an autonomous system boundary router
                              Redistributing External Routes from,
                              connected, includes subnets in redistribution
                              static, includes subnets in redistribution
                              Router is not originating router-LSAs with maximum metric
                              Initial SPF schedule delay 5000 msecs
                              Minimum hold time between two consecutive SPFs 10000 msecs
                              Maximum wait time between two consecutive SPFs 10000 msecs
                              Incremental-SPF disabled
                              Minimum LSA interval 5 secs
                              Minimum LSA arrival 1000 msecs
                              LSA group pacing timer 240 secs
                              Interface flood pacing timer 33 msecs
                              Retransmission pacing timer 66 msecs
                              Number of external LSA 106. Checksum Sum 0x34314F
                              Number of opaque AS LSA 0. Checksum Sum 0x000000
                              Number of DCbitless external and opaque AS LSA 0
                              Number of DoNotAge external and opaque AS LSA 0
                              Number of areas in this router is 1. 1 normal 0 stub 0 nssa
                              Number of areas transit capable is 0
                              External flood list length 0
                              IETF NSF helper support enabled
                              Cisco NSF helper support enabled
                              Reference bandwidth unit is 10000 mbps
                              Area BACKBONE(0)
                              Number of interfaces in this area is 12
                              Area has message digest authentication
                              SPF algorithm last executed 1w6d ago
                              SPF algorithm executed 4 times
                              Area ranges are
                              Number of LSA 5. Checksum Sum 0x023042
                              Number of opaque link LSA 0. Checksum Sum 0x000000
                              Number of DCbitless LSA 0
                              Number of indication LSA 0
                              Number of DoNotAge LSA 0
                              Flood list length 0

                              Comment

                              Working...
                              X