24 nov. 2011

OSPF - Network Type NON_BROADCAST

Default mode for Frame-Relay main interfaces and multipoint subinterfaces.


In Hub & Spoke topology, the Hub MUST be the DR. Spoke not always have connectivity with other routers.
On the Spokes, configure ip ospf priority 0.
In this mode, you have to configure neighbors on the HUB router. There is no need to configure the neighbor on the Spokes: spokes will reply to unicast hellos from the Hub.

On r1:
!
interface Loopback0
 ip address 150.1.1.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 150.10.0.11 255.255.255.0
 ip ospf network point-to-point
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 150.0.0.1 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 150.0.0.4 104 broadcast
 frame-relay map ip 150.0.0.3 103 broadcast
 frame-relay map ip 150.0.0.2 102 broadcast
 no frame-relay inverse-arp
!
router ospf 1
 router-id 150.1.1.1
 log-adjacency-changes
 passive-interface Loopback0
 network 150.0.0.1 0.0.0.0 area 0
 network 150.1.1.1 0.0.0.0 area 0
 network 150.10.0.11 0.0.0.0 area 0
 neighbor 150.0.0.2
 neighbor 150.0.0.3
 neighbor 150.0.0.4
!


R1 S0/0 is NON_BROADCAST and R1 is the DR (default priority is 1).
Three neighbors are configured.

r1#show ip ospf interface S0/0
Serial0/0 is up, line protocol is up
  Internet Address 150.0.0.1/24, Area 0
  Process ID 1, Router ID 150.1.1.1, Network Type NON_BROADCAST, Cost: 64
  Transmit Delay is 1 sec, State DRPriority 1
  Designated Router (ID) 150.1.1.1, Interface address 150.0.0.1
  No backup designated router on this network
  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
    oob-resync timeout 120
    Hello due in 00:00:24
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 4 msec, maximum is 4 msec
  Neighbor Count is 3, Adjacent neighbor count is 3
    Adjacent with neighbor 150.2.2.2
    Adjacent with neighbor 150.3.3.3
    Adjacent with neighbor 150.4.4.4
  Suppress hello for 0 neighbor(s)


The neighbors are in FULL/DROTHER state, they are no DR, nor BDR.

r1#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
55.0.0.5          0   FULL/  -        00:00:35    150.10.0.15     FastEthernet0/0
150.2.2.2         0   FULL/DROTHER    00:01:59    150.0.0.2       Serial0/0
150.3.3.3         0   FULL/DROTHER    00:01:41    150.0.0.3       Serial0/0
150.4.4.4         0   FULL/DROTHER    00:01:36    150.0.0.4       Serial0/0
r1#


On r2:
!
interface Loopback0
 ip address 150.2.2.2 255.255.255.0
!
interface Serial0/0
 ip address 150.0.0.2 255.255.255.0
 encapsulation frame-relay
 ip ospf priority 0
 frame-relay map ip 150.0.0.4 201
 frame-relay map ip 150.0.0.3 201
 frame-relay map ip 150.0.0.1 201 broadcast
 no frame-relay inverse-arp
!
router ospf 1
 router-id 150.2.2.2
 log-adjacency-changes
 passive-interface Loopback0
 network 150.0.0.2 0.0.0.0 area 0
 network 150.2.2.2 0.0.0.0 area 0
!

r2#show ip ospf interface Serial 0/0
Serial0/0 is up, line protocol is up
  Internet Address 150.0.0.2/24, Area 0
  Process ID 1, Router ID 150.2.2.2, Network Type NON_BROADCAST, Cost: 64
  Transmit Delay is 1 sec, State DROTHERPriority 0
  Designated Router (ID) 150.1.1.1, Interface address 150.0.0.1
  No backup designated router on this network
  Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
    oob-resync timeout 120
    Hello due in 00:00:22
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 150.1.1.1  (Designated Router)
  Suppress hello for 0 neighbor(s)
r2# 

r2#show ip ospf neighbor 

Neighbor ID     Pri   State           Dead Time   Address         Interface
150.1.1.1         1   FULL/DR         00:01:57    150.0.0.1       Serial0/0
r2#


And so on for r3 and r4.

The routing table on r2 is the following:
r2#show ip route ospf
     55.0.0.0/32 is subnetted, 1 subnets
O       55.0.0.5 [110/66] via 150.0.0.1, 00:03:58, Serial0/0
     150.1.0.0/32 is subnetted, 1 subnets
O       150.1.1.1 [110/65] via 150.0.0.1, 01:11:34, Serial0/0
     150.3.0.0/32 is subnetted, 1 subnets
O       150.3.3.3 [110/65] via 150.0.0.3, 00:15:45, Serial0/0
     150.4.0.0/32 is subnetted, 1 subnets
O       150.4.4.4 [110/65] via 150.0.0.4, 01:10:26, Serial0/0
     150.10.0.0/24 is subnetted, 1 subnets
O       150.10.0.0 [110/65] via 150.0.0.1, 00:08:48, Serial0/0

We can see that the next-hop is handled as on BROADCAST networks. Even if the packets have to go via the Hub, NEXT-HOP is the spoke router that announces the route.
This behaviour implies that frame-relay mapping is present between each spokes.

r2#show ip route 150.4.4.4
Routing entry for 150.4.4.4/32
  Known via "ospf 1", distance 110, metric 65, type intra area
  Last update from 150.0.0.4 on Serial0/0, 00:06:46 ago
  Routing Descriptor Blocks:
  * 150.0.0.4, from 150.4.4.4, 00:06:46 ago, via Serial0/0
      Route metric is 65, traffic share count is 1

r2#show ip route 55.0.0.5
Routing entry for 55.0.0.5/32
  Known via "ospf 1", distance 110, metric 66, type intra area
  Last update from 150.0.0.1 on Serial0/0, 00:10:36 ago
  Routing Descriptor Blocks:
  * 150.0.0.1, from 55.0.0.5, 00:10:36 ago, via Serial0/0
      Route metric is 66, traffic share count is 1

r1 is seen as a transit network, so it has the hability to change the next-hop:

r2#show ip ospf database router 150.4.4.4

            OSPF Router with ID (150.2.2.2) (Process ID 1)

          Router Link States (Area 0)

  LS age: 222
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 150.4.4.4
  Advertising Router: 150.4.4.4
  LS Seq Number: 8000000B
  Checksum: 0xB608
  Length: 48
  Number of Links: 2

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 150.4.4.4
     (Link Data) Network Mask: 255.255.255.255
      Number of TOS metrics: 0
       TOS 0 Metrics: 1

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 150.0.0.1
     (Link Data) Router Interface address: 150.0.0.4
      Number of TOS metrics: 0
       TOS 0 Metrics: 64


Notes/Tips/Traps:
Using ospf network NON_BROADCAST type in Hub & Spoke topology requires that a mapping exists on each spokes to reach each other spoke because the spoke's IP address is the next-hop for the prefix it advertises in the NBMA network.
So, if static mapping is not allowed, we are facing an issue with ospf network NON_BROADCAST type.

The broadcast statement in the mapping is not mandatory as the hellos are sent unicast.

-
Libellés : , , ,

NTP - ACL

NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...

  • NTP - ACL
    NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...
  • Unicast Reverse Path Forwarding (uRPF)
    Unicast Reverse Path Forwarding (uRPF) uRPF est une feature permettant d'éviter l'IP Spoofing. Lorsque urpf est activé sur une in...
  • Basic IPsec Virtual Tunnel Interface - VTI
    Le but est de monter un tunnel IPSec entre deux routeurs en utilisant des VTI. La clé partagée est: 1234. hostname R1 ! crypto isakm...