Search This Blog

Sunday, January 8, 2012

OSPF Virtual-link and GRE tunnel


Here is the following scenario:


As you can see we will need to configure some kind of area 0 connection between R1 to R2 and R4 to R5.

Virtual-Link
So for the first example I will use virtual-link, let’s have some notes regarding those:
      1.       Virtual-link configured on an ABR (Area Border Router) which connects, through the    transit area, to Area 0.
      2.       Transit area is an area with next-hop to Area 0
      3.       Virtual-link is configured between router-id’s

For example:
R1 loopback1 is in area 1 and need to be connected to Area 0 in order to advertise his subnet. R1 is also the ABR, which connects area 1 to area 12. Area 12 is the transit area because it connected to R2 which connected to Area 0 (next-hop idea…)
Based on the following example R1 should have virtual-link to R2, while configuring a virtual-link based on the interfaces addresses won’t work:

R1:
R1(config-if)#router ospf 1
R1(config-router)# area 12 virtual-link 10.1.12.2
R1#sh ip ospf virtual-links
Virtual Link OSPF_VL0 to router 10.1.12.2 is down
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 12, Cost of using 65535
  Transmit Delay is 1 sec, State DOWN,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

R2:
R2(config-if)#router ospf 1
R2(config-router)# area 12 virtual-link 10.1.12.1
R2#sh ip ospf virtual-links
Virtual Link OSPF_VL0 to router 10.1.12.1 is down
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 12, Cost of using 65535
  Transmit Delay is 1 sec, State DOWN,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

As you may recall router-id is based on highest loopback IP or else higher interface IP, hence in our example were R1 has lo1 and R2 has loopback 0, we will have to configure the virtual-link between these IP’s in order to make it work.
Using show ip protocol will reveal the router-id:

R1#sh ip protocols
Routing Protocol is "ospf 1"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Router ID 172.16.1.1
  It is an area border router
  Number of areas in this router is 3. 3 normal 0 stub 0 nssa
  Maximum path: 4
  Routing for Networks:
    10.1.12.1 0.0.0.0 area 12
    172.16.1.1 0.0.0.0 area 1
 Reference bandwidth unit is 100 mbps
  Routing Information Sources:
    Gateway         Distance      Last Update
    3.3.3.3              110      00:16:10
    2.2.2.2              110      00:16:10
  Distance: (default is 110)

So correcting the configuration to look like that:

R1:
router ospf 1
 log-adjacency-changes
 area 12 virtual-link 2.2.2.2
 network 10.1.12.1 0.0.0.0 area 12
 network 172.16.1.1 0.0.0.0 area 1

R2:
router ospf 1
 log-adjacency-changes
 area 12 virtual-link 172.16.1.1
 network 2.2.2.2 0.0.0.0 area 0
 network 10.1.12.2 0.0.0.0 area 12
 network 10.1.23.2 0.0.0.0 area 0

Verify the result:
R1#show ip ospf virtual-links
Virtual Link OSPF_VL1 to router 2.2.2.2 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 12, via interface FastEthernet0/0, Cost of using 10
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:02
    Adjacency State FULL (Hello suppressed)
    Index 1/2, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec

GRE Tunnel
Now for the second example, we will need to connect area 45 to Area 0 through area 34. For this task I will configure a GRE tunnel between R4, which have interface in area 45, to R3 which have interface in Area 0.

R3:
R3(config)#interface tunnel1
R3(config-if)#ip address 10.0.0.3 255.255.255.0
R3(config-if)#tunnel source 10.1.34.3
R3(config-if)#tunnel destination 10.1.34.4

R4:
R3(config)#interface tunnel1
R3(config-if)#ip address 10.0.0.3 255.255.255.0
R3(config-if)#tunnel source 10.1.34.3
R3(config-if)#tunnel destination 10.1.34.4

Note that I have used the directly connected interface for tunnel source/destination but I could use the loopback as well. 
Now that the tunnel is up but it won’t be enough, we will have to configure the tunnel IP under OSPF process in order to start see area 45 in R3 routing table.

R3#show ip route ospf
     2.0.0.0/32 is subnetted, 1 subnets
O       2.2.2.2 [110/11] via 10.1.23.2, 00:36:59, FastEthernet0/0
     172.16.0.0/24 is subnetted, 1 subnets
O IA    172.16.1.0 [110/21] via 10.1.23.2, 00:36:59, FastEthernet0/0
     10.0.0.0/24 is subnetted, 4 subnets
O IA    10.1.12.0 [110/20] via 10.1.23.2, 00:36:59, FastEthernet0/0

So I have configured the tunnel into OSPF process:
R4:
R4(config)#router ospf 1
R4(config-router)#network 10.0.0.4 0.0.0.0 area 0

R3:
R3#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#network 10.0.0.3 0.0.0.0 area 0

Note that unlike virtual-link were we configure the transit area, in GRE we need to connect the tunnel to Area 0.

The result:
R3(config-router)#do show ip route ospf
     2.0.0.0/32 is subnetted, 1 subnets
O       2.2.2.2 [110/11] via 10.1.23.2, 00:00:01, FastEthernet0/0
     4.0.0.0/32 is subnetted, 1 subnets
O IA    4.4.4.4 [110/11112] via 10.0.0.4, 00:00:01, Tunnel1
     172.16.0.0/24 is subnetted, 1 subnets
O IA    172.16.1.0 [110/21] via 10.1.23.2, 00:00:01, FastEthernet0/0
     10.0.0.0/24 is subnetted, 5 subnets
O IA    10.1.12.0 [110/20] via 10.1.23.2, 00:00:01, FastEthernet0/0
O IA    10.1.45.0 [110/11121] via 10.0.0.4, 00:00:01, Tunnel1

GRE may be more flexible solution as it may connect through boundaries and segments that doesn’t related to OSPF domain at all.

No comments:

Post a Comment