do not forget to remove vlan authentication(otherwise it does not work by link down/up events for transit connections!)
Code: Select all
vlan 10-30 authentication disableOSPF issue?
Re: OSPF issue?
Hi,
do not forget to remove vlan authentication(otherwise it does not work by link down/up events for transit connections!)
do not forget to remove vlan authentication(otherwise it does not work by link down/up events for transit connections!)
Re: OSPF issue?
Hi one6f,
Thanks for reminding me about vlan authentication.
I think this config with static routes is fine.
Here is my static routes config for three routers:
omni10.10.100.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.13 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.13 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.2 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.2 metric 2
omni10.10.104.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.1 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.1 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.6 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.6 metric 2
omni10.10.108.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.10 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.10 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.5 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.5 metric 2
I changed a little bit ACL:
! QOS :
policy network group vlan-10 10.10.0.0 mask 255.255.0.0
policy network group vlan-20 10.20.0.0 mask 255.255.0.0
policy condition vlan10_vlan20 source network group vlan-10 destination network group vlan-20
policy condition vlan20_vlan10 source network group vlan-20 destination network group vlan-10
policy action allow
policy action deny disposition deny
policy rule vlan10_vlan20 precedence 160 condition vlan10_vlan20 action deny
policy rule vlan20_vlan10 precedence 150 condition vlan20_vlan10 action deny
qos apply
I also have to apply BPDU guard L2 and L3 switches but I'm still reading about this technology.
If you know something about BPDU guard I'll appreciate any help.
But anyway I want to say big thank you to you for all your help so far.
Take care and good luck !
Gucul
Thanks for reminding me about vlan authentication.
I think this config with static routes is fine.
Here is my static routes config for three routers:
omni10.10.100.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.13 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.13 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.2 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.2 metric 2
omni10.10.104.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.1 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.1 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.6 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.6 metric 2
omni10.10.108.1>
ip static-route 10.30.112.0/24 gateway 10.10.250.10 metric 1
ip static-route 10.30.112.0/24 gateway 10.20.250.10 metric 1
ip static-route 10.30.112.0/24 gateway 10.10.250.5 metric 2
ip static-route 10.30.112.0/24 gateway 10.20.250.5 metric 2
I changed a little bit ACL:
! QOS :
policy network group vlan-10 10.10.0.0 mask 255.255.0.0
policy network group vlan-20 10.20.0.0 mask 255.255.0.0
policy condition vlan10_vlan20 source network group vlan-10 destination network group vlan-20
policy condition vlan20_vlan10 source network group vlan-20 destination network group vlan-10
policy action allow
policy action deny disposition deny
policy rule vlan10_vlan20 precedence 160 condition vlan10_vlan20 action deny
policy rule vlan20_vlan10 precedence 150 condition vlan20_vlan10 action deny
qos apply
I also have to apply BPDU guard L2 and L3 switches but I'm still reading about this technology.
If you know something about BPDU guard I'll appreciate any help.
But anyway I want to say big thank you to you for all your help so far.
Take care and good luck !
Gucul
Re: OSPF issue?
You are welcome!
Regarding BPDU Guard also known as BPDU Shutdown.
Please note in 6.4.4 there is also a new feature - stp loop guard.
Regarding BPDU Guard also known as BPDU Shutdown.
Please note in 6.4.4 there is also a new feature - stp loop guard.
The STP loop guard provides additional protection against Layer 2 STP loops. When enabled it ensures that The actual function of Loop guard is to protect non designated ports (Alternate, Backup or Root ports) when they fail to receive (usually) two BPDU in a row. The port is moved into the protected mode instead of the listening/learning/forwarding state. In this mode the port is not impacted by a topology change notification that may arise in the network - thus preventing loops.
A port exits the protected mode when:
• Loop guard is disabled on the port (or globally)
• The port is down (admin down or link down).
• The port starts receiving BPDUs
• Any configuration changes that affect spanning tree on this port
Note:
• Loop Guard cannot be configured on ports that are also Root Guard enabled
The root guard is mutually exclusive with the loop guard. The root guard is used on designated ports, and it does not allow the port to become non-designated. The loop guard works on non-designated ports and does not allow the port to become designated through the expiration of max_age.
