Routing

last person joined: yesterday 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  VPN Redundancy over OSPF Issue

    Posted 12-21-2016 12:26


  • 2.  RE: VPN Redundancy over OSPF Issue

     
    Posted 12-21-2016 20:53

    Hello,

     

    In the snippet of the configuration in PDF, I do not see any configuration that will prefer st0.1 over sr0.2 over st0.3 and so on.

    Also do you have IP monitoring configured to give preference to ISP connections & enable failover mechanism?

     

    Regards,

     

    Rushi



  • 3.  RE: VPN Redundancy over OSPF Issue

    Posted 12-22-2016 11:36

    Thank you Rushi for the comment!

    I did configure metric for primary, secondary, third, and forth, 0, 5, 10, 15  respectively. Since the traffic routed through New York after disabling the primary link, therefore, I removed them.

    Also, I've configure rpm and IP monitoring for the ISPs. Since I want the VPNs route through OSPF, so I don't want to configure them under rpm and IP monitoring.

     

     

    I believe I just need to find a way to send 10.4.0.0/16 only to New Jersey, no where else, ever; even if all the routes to New Jersey are down.

    Also,  to send 10.2.0.0/16 only to New York, no where else, ever; even if all the routes to New York are down

    Any idea about that?



  • 4.  RE: VPN Redundancy over OSPF Issue
    Best Answer

    Posted 12-22-2016 17:57

    Basically you need to have a higher cost for your primary link and then immediately the next cost value for each following link as I outlined above.

     

    5 - primary

    6 - secondary

    7 - tertiary

    8 - quaternary

     

    The reason is when you lose the primary from A to B you now have two paths:

    A secondary to B

    A primary to C primary to B 

     

    So the cost of 2 primary links must be greater than the cost of one secondary, tertiary and quaternary link or the dual hop path will win.  By setting the primary cost to 5 a dual primary is 10 which is higher than 6, 7 or 8 meaning all the alternate direct links will win when needed.



  • 5.  RE: VPN Redundancy over OSPF Issue

    Posted 12-22-2016 03:47

    From what I see on your chart you have 3 sites and 4 paths per site for the OSPF mesh.

     

    I think your issue is that two primary OSPF cost paths will sometimes be lower cost than your secondary, tertiary or quaternary path.

     

    To alleviate this problem I would set the OSPF link costs on the tunnel as follows:

     

    5 - primary

    6 - secondary

    7 - tertiary

    8 - quaternary

     

    This way even two primary paths will always be greater than a quaternary path.



  • 6.  RE: VPN Redundancy over OSPF Issue

    Posted 12-22-2016 11:45

    Thank you Steve for the comment!

     

    I already tried changing the metric which I believe affects the route preference, caused the traffic to go to New York instead of taking one of the paths (vpn tunnels) to New Jersey. So, I need to somehow stop receiving LSAs about 10.4.0.0/16 (New Jersey) from New York. 

    Any idea please?