2013年8月15日星期四

OSPF routing with ISP

Question:

I am new to WS-C3750X-24P-L this technology so please be kind.  I need assistance in making OSPF work between out Head Office (HO) and the Branch Offices where the ISP is not involved in OSPF routing.

We are using OSPF protocol on our entire network and our ISP 1 is involved in OSPF routing between the HO and the branch.  We are now trying to establish another link to the branches with a second ISP but they do not support OSPF like the first ISP and only use static routing.  They redistribute our routes via BGP.  The HO can talk to the branch using static routes but of course I would like to use dynamic routing instead.

How could I make OSPF work in the new backup link?  The  Engineer for the IS said that I need to use tunneling but I don't know how to configure it.  Is there any other way to make it work aside from tunneling?

Please see attached diagram.

Answer:

Hello Gensonator,
you need to use a GRE p2p tunnel in order to run OSPF over it.

On new ISP facing routers you just need one static route to reach the remote end router

MAIN office new  ISP CE

ip route 10.90.0.8 255.255.252 10.90.0.5

interface tunnel  12
description GRE tunnel over new ISP
tunnel source 10..90.0.6
tunnel destination 10.90.0.10
ip address 10.91.0.1 255.255.255.252
!

router ospf 10
network 10.91.0.0 0.0.0.3 area 0

Note: do not configure network area commands in OSPF for the PE-CE IP subnets of new ISP to avoid instabilities

The same has to be done in a mirrored way on the branch office CE router facing the new ISP.

The tunnel creates a logical common subnet (10.91.0.0/30 in my example) that allows to run OSPF over it.
Both OSPF messages and user traffic are encapsulated in GRE packets with source and destination according to the commands tunnel source and tunnel destination and new ISP will see only packets like IP SA 10.90.0.6 IP DA 10.90.0.10 and does not need to inspect the inner payload

Edit:

You can tune OSPF cost with ip ospf cost under interface tunnel configuration

Another important note is that the aggregated traffic that can travel on the GRE tunnel is limited to 8 Mbps by default. WS-C3750X-24P-S Price
This parameter can be changed in advanced security packages

For more info, http://switch.blogcindario.com/2013/06/00001-bienvenido-a-blogcindario.html

发帖者 时间:

没有评论:

发表评论

订阅: 博文评论 (Atom)