cisco, OSPF - What am I missing

comp.dcom.sys.cisco - Info on Cisco routers and bridges.


cisco >> OSPF - What am I missing

by Scooty » Sun, 16 Mar 2008 15:54:48 GMT

Hi
I am not too sure what I am missing here
Currently my network is running RIP and I am seeing a lot of routes
advertised via RIP but I would like to implement OSPF
What I have from a network point of view is
My router Ethernet 192.168.253.1 ---> Serial 10.200.3.17/30 ---> ISP
10.200.3.18/30 --->ISP (IP WAN) NETWORK ---> ISP 10.200.5.18/30 --->
My Router Serial 10.200.5.17/30 ---> Ethernet 192.168.200.1

This is just one of my links, I have others setup in a similar way to
other sites using a /30 between myself and our ISP
I am not seeing any routes advertised


Config on these 2 routers are
RouterA
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 1
network 192.168.253.0 0.0.0.255 area 1


RouterB
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 1
network 192.168.201.0 0.0.0.255 area 1


sh ip ospf nei shows nothing


sh ip ospf
Routing Process "ospf 1" with ID 192.168.253.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
Area 1
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm last executed 00:24:39.040 ago
SPF algorithm executed 4 times
Area ranges are
Number of LSA 1. Checksum Sum 0x00C824
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0


sh ip ospf data


OSPF Router with ID (192.168.253.1) (Process ID 1)


Router Link States (Area 1)


Link ID ADV Router Age Seq# Checksum Link
count
192.168.253.1 192.168.253.1 844 0x80000003 0x00C824 2


Can anyone suggest what I might be missing. Any further info required
don't hesitate to contact me


Scott


Top

cisco >> OSPF - What am I missing

by Merv » Sun, 16 Mar 2008 18:12:34 GMT



Did you speak to your ISP about making this change ?

If for example your ISP is using MPLS to transport your traffic
accross their network,
then they would need to reconfigure their routers to permit you to
change from RIP to OSPF
Top

cisco >> OSPF - What am I missing

by Scooty » Sun, 16 Mar 2008 20:15:03 GMT


Thanks Merv, I believe the ISP uses MPLS in their core, so I will get
onto them about this.
Regards
Scott
Top

cisco >> OSPF - What am I missing

by Merv » Mon, 17 Mar 2008 02:53:04 GMT


So your ISP is probably providing your with a service that is known as
a Layer 3 VPN (L3VPN for short) which typically uses BGP and MPLS in
the ISP core.

In L3VPN parlance your routers are CE routers (Customer Equipment) and
the ISP router at the other end of the link is known as a PE router
(Provider Equipment)

The routing protocol used between the CE and PE router terminates at
the PE router. in other words your RIP updates, as such, do not flow
across the ISP backbone. The RIP updates sent by your router are
converted into BGP updates and carried across the ISP backbone. At the
far end PE router, RIP updates are generated and sent to your CE
router.

This is all quite invisible to your CE router which is simply
configured with RIP and it would appear that it is exchanging RIP
routes directly with your other CE routers. There is a LOT going on
inside the ISP network to perfrom this "magic".


Take a look at slide 11 of Introduction to MPLS-based VPNs

http://p2004ir.free.fr/NE520-Networking_And_Internetworking/MPLS/MPLS-VPN-Tutorial %20Dang.pdf
Top
Similar Threads

1. BGP Loadsharing, What am I missing? 

Loadsharing and redundancy are broke. What am I missing? Here are the
BGP configs (IP's are changed to protect the innocent :) )

R1 & R2 in the same ASN, R1 connects to Provider1 ASN and R2 connects
to Provider2 ASN:

R1 Config

interface Loopback0
 ip address 4.4.66.253 255.255.255.255

router bgp 22105
 bgp log-neighbor-changes
 neighbor 4.4.66.254 remote-as 22105
 neighbor 4.4.66.254 update-source Loopback0
 neighbor 10.200.200.3 remote-as 105
 neighbor 10.200.200.3 description -=-=- ebgp peer with Provider1-=-=-
 neighbor 10.200.200.3 version 4
 !
 address-family ipv4
 neighbor 4.4.66.254 activate
 neighbor 4.4.66.254 send-community
 neighbor 4.4.66.254 soft-reconfiguration inbound
 neighbor 10.200.200.3 activate
 neighbor 10.200.200.3 send-community
 neighbor 10.200.200.3 prefix-list provider1-out out
 no auto-summary
 no synchronization
 network 4.4.66.0 mask 255.255.255.0
 network 192.168.10.0 mask 255.255.254.0
 exit-address-family
!
ip route 4.4.66.0 255.255.255.0 Null0
ip route 4.4.66.254 255.255.255.255 FastEthernet4/0
ip route 192.168.10.0 255.255.254.0 Null0


ip prefix-list provider1-out description advertised prefixes to
provider1
ip prefix-list provider1-out seq 5 permit 192.168.10.0/23
ip prefix-list provider1-out seq 10 permit 4.4.66.0/24
logging alarm informational

access-list 2 permit 4.4.66.0 0.0.0.255
access-list 3 permit 192.168.10.0 0.0.1.255

route-map comm permit 10
 match ip address 2
 set community 105:70
!
route-map comm permit 20
 match ip address 3
 set community 105:100
!
route-map comm permit 30


R2 Config

interface Loopback0
 ip address 4.4.66.254 255.255.255.255


router bgp 22105
 bgp log-neighbor-changes
 neighbor 10.10.10.3 remote-as 1234
 neighbor 10.10.10.3 description -=-=- eBGP peer with Provider2 -=-=-
 neighbor 10.10.10.3 version 4
 neighbor 4.4.66.253 remote-as 22105
 neighbor 4.4.66.253 update-source Loopback0
 maximum-paths 4
 !
 address-family ipv4
 neighbor 10.10.10.3 activate
 neighbor 10.10.10.3 send-community
 neighbor 10.10.10.3 prefix-list lvlt-out out
 neighbor 10.10.10.3 route-map comm out
 neighbor 4.4.66.253 activate
 neighbor 4.4.66.253 send-community
 neighbor 4.4.66.253 soft-reconfiguration inbound
 maximum-paths 4
 no auto-summary
 no synchronization
 network 4.4.66.0 mask 255.255.255.0
 network 192.168.10.0 mask 255.255.254.0
 exit-address-family
!
ip route 4.4.66.0 255.255.255.0 Null0
ip route 4.4.66.253 255.255.255.255 FastEthernet4/0
ip route 192.168.10.0 255.255.254.0 Null0

ip bgp-community new-format
!
!
!
ip prefix-list Provider2-out description advertised prefixes to
Provider2
ip prefix-list Provider2-out seq 5 permit 192.168.10.0/23
ip prefix-list Provider2-out seq 10 permit 4.4.66.0/24
logging alarm informational
!
access-list 2 permit 192.168.10.0 0.0.1.255
access-list 3 permit 4.4.66.0 0.0.0.255

route-map comm permit 10
 match ip address 2
 set community 1234:70
!
route-map comm permit 20
 match ip address 3
 set community 1234:100
!
route-map comm permit 30

2. RSPAN: What am I missing here ?

3. What am I missing? (BRI dialin) 

Somehow I must be blind ... though it's been a while since I last used a 
BRI for dialin services, it's not _that_ complicated ... especially as 
I'm using parts of an old router config that worked before (though with 
an 11.x IOS)

OK, I need to provide some temporary ISDN dialin, with radius auth. 
Router is a 7206 w/BRI PA ... here's the port config:

aaa authentication login dialin local group radius
aaa authentication ppp dialin local group radius
aaa authorization network default group radius
aaa accounting network default start-stop group radius
aaa accounting connection default start-stop group radius
aaa session-id common
[..]
interface BRI4/0
  ip unnumbered FastEthernet2/0
  ip accounting access-violations
  encapsulation ppp
  dialer idle-timeout 600
  dialer-group 1
  isdn switch-type basic-net3
  isdn answer1 77
  peer default ip address pool dialin
  no keepalive
  no cdp enable
  ppp authentication pap chap callin dialin
!

here's some output from the dialin attempt ... I don't even see any 
attempt at querying our radius server ... what really puzzles me is that 
just about the same config worked fine on an old 3620 some years ago ...


3w4d: ISDN BR4/0 EVENT: process_rxstate: ces/callid 1/0x17 calltype 1 
HOST_INCOMING_CALL
3w4d: ISDN BR4/0 EVENT: UserIdle: callid 0x17 received ACCEPT_CALL (0x13)
3w4d: %LINK-3-UPDOWN: Interface BRI4/0:2, changed state to up
3w4d: BR4/0:2 PPP: Using dialer call direction
3w4d: BR4/0:2 PPP: Treating connection as a callin
3w4d: BR4/0:2 PPP: I pkt type 0xC021, datagramsize 48 link[ppp]
3w4d: BR4/0:2 LCP: I CONFREQ [Listen] id 0 len 44
3w4d: BR4/0:2 LCP:    MagicNumber 0x465E2C9A (0x0506465E2C9A)
3w4d: BR4/0:2 LCP:    PFC (0x0702)
3w4d: BR4/0:2 LCP:    ACFC (0x0802)
3w4d: BR4/0:2 LCP:    Callback 6  (0x0D0306)
3w4d: BR4/0:2 LCP:    MRRU 1614 (0x1104064E)
3w4d: BR4/0:2 LCP:    EndpointDisc 1 Local
3w4d: BR4/0:2 LCP:     (0x1317018E88130EEA6D43DFA62E20450C)
3w4d: BR4/0:2 LCP:     (0xD0547F00000000)
3w4d: BR4/0:2 PPP: Authorization required
3w4d: BR4/0:2 LCP: O CONFREQ [Listen] id 57 len 14
3w4d: BR4/0:2 LCP:    AuthProto PAP (0x0304C023)
3w4d: BR4/0:2 LCP:    MagicNumber 0x52241655 (0x050652241655)
3w4d: BR4/0:2 LCP: O CONFREJ [Listen] id 0 len 11
3w4d: BR4/0:2 LCP:    Callback 6  (0x0D0306)
3w4d: BR4/0:2 LCP:    MRRU 1614 (0x1104064E)
3w4d: BR4/0:2 PPP: I pkt type 0xC021, datagramsize 48 link[ppp]
3w4d: BR4/0:2 LCP: I CONFREQ [REQsent] id 1 len 44
3w4d: BR4/0:2 LCP:    MagicNumber 0x465E2C9A (0x0506465E2C9A)
3w4d: BR4/0:2 LCP:    PFC (0x0702)
3w4d: BR4/0:2 LCP:    ACFC (0x0802)
3w4d: BR4/0:2 LCP:    Callback 6  (0x0D0306)
3w4d: BR4/0:2 LCP:    MRRU 1614 (0x1104064E)
3w4d: BR4/0:2 LCP:    EndpointDisc 1 Local
3w4d: BR4/0:2 LCP:     (0x1317018E88130EEA6D43DFA62E20450C)
3w4d: BR4/0:2 LCP:     (0xD0547F00000000)
3w4d: BR4/0:2 LCP: O CONFREJ [REQsent] id 1 len 11
3w4d: BR4/0:2 LCP:    Callback 6  (0x0D0306)
3w4d: BR4/0:2 LCP:    MRRU 1614 (0x1104064E)
3w4d: BR4/0:2 LCP: TIMEout: State REQsent
3w4d: BR4/0:2 LCP: O CONFREQ [REQsent] id 58 len 14
3w4d: BR4/0:2 LCP:    AuthProto PAP (0x0304C023)
3w4d: BR4/0:2 LCP:    MagicNumber 0x52241655 (0x050652241655)
3w4d: BR4/0:2 PPP: I pkt type 0x008F, datagramsize 24 link[illegal]
3w4d: BR4/0:2 : Non-NCP packet, discarding
3w4d: BR4/0:2 LCP: TIMEout: State REQsent
3w4d: BR4/0:2 LCP: O CONFREQ [REQsent] id 59 len 14
3w4d: BR4/0:2 LCP:    AuthProto PAP (0x0304C023)
3w4d: BR4/0:2 LCP:    MagicNumber 0x52241655 (0x050652241655)
3w4d: %ISDN-6-CONNECT: Interface BRI4/0:2 is now connected to 59 
8e88130eea6d43dfa62e20450cd0547f00000000
3w4d: ISDN BR4/0 EVENT: process_rxstate: ces/callid 1/0x17 calltype 1 
HOST_DISCONNECT_ACK
3w4d: %ISDN-6-DISCONNECT: Interface BRI4/0:2  disconnected from 59 
8e88130eea6d43dfa62e20450cd0547f00000000, call lasted 6 seconds
3w4d: %LINK-3-UPDOWN: Interface BRI4/0:2, changed state to down

Any hints appreciated ...

gg

4. Solved - was: What am I missing? (BRI dialin)

5. BGP - Transitive / Route-Map What am I missing. 

I am working with BGP in a lab and I am missing something that I
clearly don't understand.

The lab is as follows - one site (AS1234) connected to two providers
(7018,209).

Again this is in a lab so please do not mind the private addresses or
any of the other fictious info I use.

I am using the following route-map to control outbound routing updates

access-list 10 permit 10.10.10.0 0.0.0.255
access-list 15 permit 20.20.20.0 0.0.0.255

!
route-map AS-7018-OUTGOING permit 10
 match ip address 10
 set as-path prepend 12345
!
route-map AS-7018-OUTGOING permit 20
 match ip address 15
 set community 7018:20

!Route map is applied...
router bgp 12345
 neighbor 50.0.1.1 route-map AS-7018-OUTGOING out

My understanding is that only the two IP blocks would be sent outbound
and not the other routes learned by my IBGP neighbor.  However in my
lab when I do

sh ip bgp nei <external peer> advertised-routes

I see that I am advertising all of the partials I received from the
other provider through my IBGP connection.  What am I missing?  I
thought that if none of the conditions were met on the route-map that
the route would be silently discarded and not redistributed.

Amy.

6. weird VLAN issue - what am I missing?

7. SSH Sentinel to Netgear FVS318...what am i missing 

I've established a VPN connection.  I can ping the remote computers, 
etc.  Now I need to mount network drives.  When I attempt I get Access 
Denied on everything.

I've tried NET USE and passing the administrator account but still get 
access denied.

net use * \\192.168.1.100\c$ /user:administrator

SSH Sentinel 1.3 (I think  :-) )
Static IP but need configured for dynamic (for someone else)
192.168.0.0

Netgear FVS318 1.4 firmware
Static IP
DHCP Enabled
NETBIOS Enabled
192.168.1.0


When I do a "ipconfig /all" I see the SSH Virtual Network Adapter. Media 
State == Media Disconnected. Shouldn't I have a 192.168.1.x on this 
adapter with DNS info?

Please help a noober.  :-)

Thanks

8. basic/weird ospf question- ospf gurus need help!!!