ospf 2 default routes

hi ilcram,

how about creating another static route using the second router as the default gateway to the internet using different metric/odr?

HTH.

i tried that that the thing is the defaul routes are being replicated and is not that ospf is not doinf it job the problem is that it doesnt know when the isp goes down because the interface is up up and it doesnt recalculate the path for the default route

Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 10.1.2.1 1195 0x80000004 0x00BEE2 1
0.0.0.0 192.168.2.8 1847 0x8000000B 0x00DC58 1

both routers are advertizing the default route

tech-airman

ilcram19-2,

How many sites are involved?

networker050184

You can look into sla monitoring with tracking on the default route to remove it. I'm not sure if will fit your situation exactly because you will need a device to ping to track it, but its something to take a look at.

2 sites

how about ospf interface
#ip ospf priority?
have you tried that?

tech-airman

ilcram19-2 wrote: »

2 sites

ilcram19-2,

How are those two sites connected?

Leased Line
Frame Relay
Other?

they are connected with a lease line connection but the connection is not the problem,

I see 2 possible solutions here.

1)Implement BGP

2) Config a GRE tunnel with keepalives, advertise the default-routes with a condition.
The condition should be the route to the farend tunnel interface.So if the fastethernet interface goes down, the tunnel goes down,there is no longer a route to the farend tunel interface present in the route table,the default route will no longer be advertised.

tech-airman

ilcram19-2 wrote: »

they are connected with a lease line connection but the connection is not the problem,

ilcram19-2,

So if the following is the physical topology between the two sites...

[Site 1]-----{Leased Line}------[Site 2]

Which site are you trying to configure 2 default routes at?

tech-airman wrote: »
ilcram19-2,

So if the following is the physical topology between the two sites...
[Site 1]-----{Leased Line}------[Site 2]
Which site are you trying to configure 2 default routes at?

The original description is very bad, but if you read between the lines you should be able to make it out.
Hes got two routers acting as gateways to an isp,these routers are setup to adverise default routes via ospf to the rest of the network.
Due to the physical topology, its possible to lose ip connectivity to the isp while the physical interface stays up.Since the advertisement of the default route is just dependent on the physical interface being up,the rest of the network still receives a default route even though the isp is not reachable.The result is traffic is being blackholed.
How site 1 & 2 are connected is not important.

perhaps like this?

ISP --- R1 ------------------- LAN1
            |   --> failover
      --- R2 ------------------- LAN2

@ ed,
BGP is good - but he has to make a huge deal with his ISP to make it possible.
the second (tunnel) will almost have the same effect as his current (no-tunnel) condition since there are no mechanism to detect ISPs problem like ilcram said - the interface is up up hence OSPF still acknowledge it as working interface.

@ ilcram,
how about my ip ospf priority solution?

kryolla

Like what networker said above how about setting a tracking object and tying it into the default route then set IP SLA to the tracking object. It will send pings every so often and when it looses reachability the tracking object will withdraw the default route and in turn will propagate via OSPF. Im too lazy to lab it up lol. Do you have traffic going across both ISP?

HTH

rossonieri#1 wrote: »
perhaps like this?
ISP --- R1 ------------------- LAN1
            |   --> failover
      --- R2 ------------------- LAN2
@ ed,

the second (tunnel) will almost have the same effect as his current (no-tunnel) condition since there are no mechanism to detect ISPs problem like ilcram said - the interface is up up hence OSPF still acknowledge it as working interface.

@ ilcram,
how about my ip ospf priority solution?

The GRE terminating on on the farend of the isp with keepalives will detect a loss of connectivity to the isp even if the local interface stays up.
I dont get what you wanna do with ospf priority, the priority is used to elect a DR,hows it gonna help here?

@ ed,

nice idea, but that also required the whole regular traffic to pass thru the tunnel dont you think?

and on a second thought,
i think we cant propose any solution to overcome ilcram problem,
sorry ilcram - unless you do want to take a 3rd party solution with 3rd router installation.

ed, you were right at that BGP point - we have this boundary that the fact is ilcram doesnt have any BGP peering (or any link-state routing) with his ISP. Knowing he only have a basic static default-route (behind that NAT) which doesnt calculate any failure link to propagate (to be injected to OSPF) hence the OSPF no matter how - will see those 2 default gateways are working.

why we need BGP? simply for that failure link detection mechanism.

@ ilcram,
you need to deploy another router (a smarter one - layer 7 capable) - that "ping" outer world and switch the default gateway if any failure occurs - like F5 Link Controller.

just my thought,

HTH

jason_lunde

When I first read this post the first thing I thought of was SLA. Networker hit it though. A while back this was posted on Ciscoblog....
"I just stumbled across this killer post on Shawn's Blog that describes how to set up IP SLA to allow a static route to failover if pings to a specified internet host should fail. This is really useful if you have two ISPs (and thus, two default routes) where the router cannot detect a link failure. This is really common if you have a cable/DSL modem or some type of wireless connectivity. Here's the basic config, taken directly from Shawn's Blog:

ip sla 1 < The number 1 here is arbitrary, used only to identify this sla. It is otherwise knows as the operation number>

icmp-echo 4.2.2.2 < 4.2.2.2 is a DNS server that responds to pings out on the internet>

timeout 500 < This is how long to wait for a response from the ping>

frequency 3 < This is the repeat rate for the SLA>

ip sla schedule 1 start-time now life forever < This command says "start SLA 1 now and keep it running forever>

track 1 rtr 1 reachability < This comand creates the track object "1" and monitors the SLA 1>

now for the routing, we need to change the default route and associate it with the tracker

no ip route 0.0.0.0 0.0.0.0 1.1.1.1

and then put it back with the tracking

ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1

Then we need to add our secondary route

ip route 0.0.0.0 0.0.0.0 1.1.1.2 10

Now when the ping to 4.2.2.2 fails the primary route is removed and the secondary route with the higher metric becomes the default. The route will be reinstated when the connectivity is restored.

With the 12.4 and higher releases the commands have changed slightly but the "?" is your friend. If I receive requests for the syntax I will post it as well, but it is pretty easy to convert."

I have labbed it up a couple times and it works like a charm. Maybe you can use its idea to fit your situation. It seems to me like it should work in your situation.... Hope maybe this will help.

rossonieri#1 wrote: »

@ ed,

nice idea, but that also required the whole regular traffic to pass thru the tunnel dont you think?

Nope, no traffic will transverse the tunnel.The tunnel is a made as a route to a fictitious network.As long as this fictitious network is present in the route table the default route is advertised.
The only problem with this solution is the isp or someone on the other side of the isp who is single homed would need to terminate the tunnel.

The SLA stuff looks like a winner.Never saw that before.