OSPF issue?
Re: OSPF issue?
Hi,
Unfortunately, config didn't pass the test.
For this test I used topology just with two switches and two workstation. I attached my testing topology to this message.
I applied your ACL and OSPF config to the swithces.
So, when I pinged from workstation to workstation everything looked fine but when I did "traceroute" from workstation 10.10.100.201 I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 4 ms 2 ms 2 ms 10.10.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 <1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
As you see traffic jumped from network 10 to network 20.
So, I did "show ip route" and this I've got:
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 15 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.100.1 06:20:53 LOCAL
10.10.250.0 255.255.255.252 10.10.250.1 00:11:42 LOCAL
10.10.250.8 255.255.255.252 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.10.250.12 255.255.255.252 10.10.250.14 00:11:42 LOCAL
10.20.100.0 255.255.255.0 10.20.100.1 06:20:52 LOCAL
10.20.112.0 255.255.255.0 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.20.250.0 255.255.255.252 10.20.250.1 00:27:38 LOCAL
10.20.250.8 255.255.255.252 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.20.250.12 255.255.255.252 10.20.250.14 00:27:38 LOCAL
10.30.112.0 255.255.255.0 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
127.0.0.1 255.255.255.255 127.0.0.1 06:22:05 LOCAL
Then I physically pulled out network 20 fiber jumper and did "traceroute" and "show ip route" from workstation 10.10.100.201:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 4 ms 2 ms 2 ms 10.10.100.1
2 18 ms * 2 ms 10.10.250.13
3 2 ms <1 ms <1 ms 10.30.112.201
Trace complete.
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 8 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.100.1 06:25:15 LOCAL
10.10.250.0 255.255.255.252 10.10.250.1 00:16:04 LOCAL
10.10.250.8 255.255.255.252 10.10.250.13 00:14:05 OSPF
10.10.250.12 255.255.255.252 10.10.250.14 00:16:04 LOCAL
10.20.100.0 255.255.255.0 10.20.100.1 06:25:14 LOCAL
10.20.112.0 255.255.255.0 10.10.250.13 00:14:05 OSPF
10.30.112.0 255.255.255.0 10.10.250.13 00:14:05 OSPF
127.0.0.1 255.255.255.255 127.0.0.1 06:26:26 LOCAL
After that I tried to change ACL on both switches to:
! QOS :
policy network group vlan-10 10.10.0.0 mask 255.255.0.0 10.10.0.0 mask 255.255.0.0
policy network group vlan-20 10.20.0.0 mask 255.255.0.0 10.20.0.0 mask 255.255.0.0
policy condition vlan10_vlan20 source network group vlan-10 destination network group vlan-20
policy condition vlan20_vlan10 source network group vlan-20 destination network group vlan-10
policy action allow
policy action deny disposition deny
policy rule vlan10_vlan20 precedence 160 condition vlan10_vlan20 action deny
policy rule vlan20_vlan10 precedence 150 condition vlan20_vlan10 action deny
qos apply
So, when I did "traceroute" and "show ip route" from workstation 10.10.100.201 and local switch I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 174 ms 2 ms 2 ms 10.10.100.1
2 * * * Request timed out.
3 5 ms * 5 ms 10.30.112.201
Trace complete.
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 15 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.10.250.0 255.255.255.252 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.10.250.8 255.255.255.252 10.10.250.10 00:36:01 LOCAL
10.10.250.12 255.255.255.252 10.10.250.13 00:36:01 LOCAL
10.20.100.0 255.255.255.0 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.20.112.0 255.255.255.0 10.20.112.1 01:55:39 LOCAL
10.20.250.0 255.255.255.252 +10.10.250.14 00:05:47 OSPF
+10.20.250.14 00:05:07 OSPF
10.20.250.8 255.255.255.252 10.20.250.10 00:05:52 LOCAL
10.20.250.12 255.255.255.252 10.20.250.13 00:05:52 LOCAL
10.30.112.0 255.255.255.0 10.30.112.1 03:31:09 LOCAL
127.0.0.1 255.255.255.255 127.0.0.1 1d 6h LOCAL
As you see traffic goes through wrong gateway even with ACL applied. But when I physically pulled out network 20 fiber jumper and did "traceroute" and "show ip route" from workstation 10.10.100.201 I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 2 ms 2 ms 2 ms 10.10.100.1
2 2 ms 3 ms 2 ms 10.10.250.13
3 1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
C:\Documents and Settings\Field>
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 8 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.250.14 00:07:17 OSPF
10.10.250.0 255.255.255.252 10.10.250.14 00:07:17 OSPF
10.10.250.8 255.255.255.252 10.10.250.10 00:08:07 LOCAL
10.10.250.12 255.255.255.252 10.10.250.13 00:08:07 LOCAL
10.20.100.0 255.255.255.0 10.10.250.14 00:07:17 OSPF
10.20.112.0 255.255.255.0 10.20.112.1 02:22:59 LOCAL
10.30.112.0 255.255.255.0 10.30.112.1 03:58:29 LOCAL
127.0.0.1 255.255.255.255 127.0.0.1 1d 7h LOCAL
So, how to make ospf pick the wright gateway(path)?
This is big question for me.
Unfortunately, config didn't pass the test.
For this test I used topology just with two switches and two workstation. I attached my testing topology to this message.
I applied your ACL and OSPF config to the swithces.
So, when I pinged from workstation to workstation everything looked fine but when I did "traceroute" from workstation 10.10.100.201 I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 4 ms 2 ms 2 ms 10.10.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 <1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
As you see traffic jumped from network 10 to network 20.
So, I did "show ip route" and this I've got:
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 15 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.100.1 06:20:53 LOCAL
10.10.250.0 255.255.255.252 10.10.250.1 00:11:42 LOCAL
10.10.250.8 255.255.255.252 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.10.250.12 255.255.255.252 10.10.250.14 00:11:42 LOCAL
10.20.100.0 255.255.255.0 10.20.100.1 06:20:52 LOCAL
10.20.112.0 255.255.255.0 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.20.250.0 255.255.255.252 10.20.250.1 00:27:38 LOCAL
10.20.250.8 255.255.255.252 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
10.20.250.12 255.255.255.252 10.20.250.14 00:27:38 LOCAL
10.30.112.0 255.255.255.0 +10.20.250.13 00:09:43 OSPF
+10.10.250.13 00:09:43 OSPF
127.0.0.1 255.255.255.255 127.0.0.1 06:22:05 LOCAL
Then I physically pulled out network 20 fiber jumper and did "traceroute" and "show ip route" from workstation 10.10.100.201:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 4 ms 2 ms 2 ms 10.10.100.1
2 18 ms * 2 ms 10.10.250.13
3 2 ms <1 ms <1 ms 10.30.112.201
Trace complete.
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 8 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.100.1 06:25:15 LOCAL
10.10.250.0 255.255.255.252 10.10.250.1 00:16:04 LOCAL
10.10.250.8 255.255.255.252 10.10.250.13 00:14:05 OSPF
10.10.250.12 255.255.255.252 10.10.250.14 00:16:04 LOCAL
10.20.100.0 255.255.255.0 10.20.100.1 06:25:14 LOCAL
10.20.112.0 255.255.255.0 10.10.250.13 00:14:05 OSPF
10.30.112.0 255.255.255.0 10.10.250.13 00:14:05 OSPF
127.0.0.1 255.255.255.255 127.0.0.1 06:26:26 LOCAL
After that I tried to change ACL on both switches to:
! QOS :
policy network group vlan-10 10.10.0.0 mask 255.255.0.0 10.10.0.0 mask 255.255.0.0
policy network group vlan-20 10.20.0.0 mask 255.255.0.0 10.20.0.0 mask 255.255.0.0
policy condition vlan10_vlan20 source network group vlan-10 destination network group vlan-20
policy condition vlan20_vlan10 source network group vlan-20 destination network group vlan-10
policy action allow
policy action deny disposition deny
policy rule vlan10_vlan20 precedence 160 condition vlan10_vlan20 action deny
policy rule vlan20_vlan10 precedence 150 condition vlan20_vlan10 action deny
qos apply
So, when I did "traceroute" and "show ip route" from workstation 10.10.100.201 and local switch I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 174 ms 2 ms 2 ms 10.10.100.1
2 * * * Request timed out.
3 5 ms * 5 ms 10.30.112.201
Trace complete.
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 15 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.10.250.0 255.255.255.252 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.10.250.8 255.255.255.252 10.10.250.10 00:36:01 LOCAL
10.10.250.12 255.255.255.252 10.10.250.13 00:36:01 LOCAL
10.20.100.0 255.255.255.0 +10.10.250.14 00:34:00 OSPF
+10.20.250.14 00:05:07 OSPF
10.20.112.0 255.255.255.0 10.20.112.1 01:55:39 LOCAL
10.20.250.0 255.255.255.252 +10.10.250.14 00:05:47 OSPF
+10.20.250.14 00:05:07 OSPF
10.20.250.8 255.255.255.252 10.20.250.10 00:05:52 LOCAL
10.20.250.12 255.255.255.252 10.20.250.13 00:05:52 LOCAL
10.30.112.0 255.255.255.0 10.30.112.1 03:31:09 LOCAL
127.0.0.1 255.255.255.255 127.0.0.1 1d 6h LOCAL
As you see traffic goes through wrong gateway even with ACL applied. But when I physically pulled out network 20 fiber jumper and did "traceroute" and "show ip route" from workstation 10.10.100.201 I've got this:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 2 ms 2 ms 2 ms 10.10.100.1
2 2 ms 3 ms 2 ms 10.10.250.13
3 1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
C:\Documents and Settings\Field>
-> show ip route
+ = Equal cost multipath routes
* = BFD Enabled static route
Total 8 routes
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
10.10.100.0 255.255.255.0 10.10.250.14 00:07:17 OSPF
10.10.250.0 255.255.255.252 10.10.250.14 00:07:17 OSPF
10.10.250.8 255.255.255.252 10.10.250.10 00:08:07 LOCAL
10.10.250.12 255.255.255.252 10.10.250.13 00:08:07 LOCAL
10.20.100.0 255.255.255.0 10.10.250.14 00:07:17 OSPF
10.20.112.0 255.255.255.0 10.20.112.1 02:22:59 LOCAL
10.30.112.0 255.255.255.0 10.30.112.1 03:58:29 LOCAL
127.0.0.1 255.255.255.255 127.0.0.1 1d 7h LOCAL
So, how to make ospf pick the wright gateway(path)?
This is big question for me.
You do not have the required permissions to view the files attached to this post.
Re: OSPF issue?
Hi Gucul,
please apply entire configuration, not only ospf and acl, remove aclman config (aclman.cfg)! Please be aware your cabling according attached picture and ip/gw on the client PCs!
In your routing tables I miss some routes, compare with attached.
please apply entire configuration, not only ospf and acl, remove aclman config (aclman.cfg)! Please be aware your cabling according attached picture and ip/gw on the client PCs!
In your routing tables I miss some routes, compare with attached.
You do not have the required permissions to view the files attached to this post.
Re: OSPF issue?
Hi,
I did everything like you say.
1) During copy and paste process I ran into this issue on 10.10.100.1switch:
-> avlan 10 auth-ip 10.10.100.253
-> avlan 14 auth-ip 10.10.250.1
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 15 auth-ip 10.10.250.13
-> avlan 20 auth-ip 10.20.100.253
-> avlan 24 auth-ip 10.20.250.1
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 25 auth-ip 10.20.250.13
-> ! 802.1x :
and into this issue on 10.10.112.1 switch
-> ! AAA :
-> aaa authentication console "local"
-> ! PARTM :
-> ! AVLAN :
-> avlan 10 auth-ip 10.10.112.253
-> avlan 14 auth-ip 10.10.250.13
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 15 auth-ip 10.10.250.9
-> avlan 20 auth-ip 10.20.112.253
-> avlan 24 auth-ip 10.20.250.13
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 25 auth-ip 10.20.250.9
-> avlan 30 auth-ip 10.30.112.253
-> ! 802.1x :
But anyway, when I did "show ip route" I've got routing table very similar to yours(I attached the files) just with preferred gateways from network 20 .
So I did "traceroute" from pc 10.10.100.201:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 171 ms 2 ms 2 ms 10.10.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 4 ms * <1 ms 10.30.112.201
Trace complete
I saw "show ip route" from yours config and in your case preferred gateways on the network 10, so can you please connect additional pc to the network 20 on 10.20.100.1switch, make this pc 10.20.100.201 and try to do "traceroute" to 10.30.112.201 pc. I'm pretty sure that all traffic gonna go through 10 network...
I did everything like you say.
1) During copy and paste process I ran into this issue on 10.10.100.1switch:
-> avlan 10 auth-ip 10.10.100.253
-> avlan 14 auth-ip 10.10.250.1
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 15 auth-ip 10.10.250.13
-> avlan 20 auth-ip 10.20.100.253
-> avlan 24 auth-ip 10.20.250.1
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 25 auth-ip 10.20.250.13
-> ! 802.1x :
and into this issue on 10.10.112.1 switch
-> ! AAA :
-> aaa authentication console "local"
-> ! PARTM :
-> ! AVLAN :
-> avlan 10 auth-ip 10.10.112.253
-> avlan 14 auth-ip 10.10.250.13
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 15 auth-ip 10.10.250.9
-> avlan 20 auth-ip 10.20.112.253
-> avlan 24 auth-ip 10.20.250.13
ERROR: Configured auth-ip conflict with the router's IP addr of this vlan
-> avlan 25 auth-ip 10.20.250.9
-> avlan 30 auth-ip 10.30.112.253
-> ! 802.1x :
But anyway, when I did "show ip route" I've got routing table very similar to yours(I attached the files) just with preferred gateways from network 20 .
So I did "traceroute" from pc 10.10.100.201:
C:\Documents and Settings\Field>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 171 ms 2 ms 2 ms 10.10.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 4 ms * <1 ms 10.30.112.201
Trace complete
I saw "show ip route" from yours config and in your case preferred gateways on the network 10, so can you please connect additional pc to the network 20 on 10.20.100.1switch, make this pc 10.20.100.201 and try to do "traceroute" to 10.30.112.201 pc. I'm pretty sure that all traffic gonna go through 10 network...
You do not have the required permissions to view the files attached to this post.
Re: OSPF issue?
Hi,
you don't need avlan(only for tests, keep ip interfaces up).
Your routing entries are the same. '+' mean equal cost routes from OSPF, speak 'redundancy' and its gut;)
Here is my test what you suggested from omni10.100.10.1 port 1/11 vlan-20:
If 1/9 on cc (or 1/10 on omni10.10.100.1) is DOWN:
If 1/9(1/10) is UP
Ping to 10.10.100.0/24 is still blocked from 10.20.100.201.
you don't need avlan(only for tests, keep ip interfaces up).
Your routing entries are the same. '+' mean equal cost routes from OSPF, speak 'redundancy' and its gut;)
I get this result if I detach 1/1 on cc (or 1/2 on omni10.10.100.1), is OK because on omni10.10.100.1:1 171 ms 2 ms 2 ms 10.10.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 4 ms * <1 ms 10.30.112.201
Code: Select all
10.30.112.0 255.255.255.0 +10.20.250.13 00:11:12 OSPF
+10.10.250.13 00:11:12 OSPF
There are not the same networks 10 or 20(vlan-10,vlan-20), but transit networks vlan-14/vlan-15 and vlan-24/vlan-25, you yourself have configured. It is all Layer3! And these we don't blocked with ACLs.I saw "show ip route" from yours config and in your case preferred gateways on the network 10, so can you please connect additional pc to the network 20 on 10.20.100.1switch, make this pc 10.20.100.201 and try to do "traceroute" to 10.30.112.201 pc. I'm pretty sure that all traffic gonna go through 10 network...
Here is my test what you suggested from omni10.100.10.1 port 1/11 vlan-20:
Code: Select all
IP Address . . . . . . . . . . . : 10.20.100.201
Subnet Mask . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . : 10.20.100.1
Code: Select all
C:\>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 4 ms 4 ms 2 ms 10.20.100.1
2 4 ms 2 ms 2 ms 10.10.250.13
3 <1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
Code: Select all
C:\>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 3 ms 4 ms 2 ms 10.20.100.1
2 2 ms 2 ms 2 ms 10.20.250.13
3 <1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
Re: OSPF issue?
Hi,
According to the requirements it shouldn't be any redundancy through OSPF equal cost routes. Network 10.10.x.x has to communicate through 10.10.250.x network and network 10.20.x.x has to communicate through 10.20.250.x network, that's it. Don't forget that this is RING topology.
Do you know how to meet requirements?
P.S. I wanna let you know I very appreciate your help.
According to the requirements it shouldn't be any redundancy through OSPF equal cost routes. Network 10.10.x.x has to communicate through 10.10.250.x network and network 10.20.x.x has to communicate through 10.20.250.x network, that's it. Don't forget that this is RING topology.
Do you know how to meet requirements?
P.S. I wanna let you know I very appreciate your help.
Re: OSPF issue?
Hi,
simply put corresponding transfer ip networks to appropriate network groups.Network 10.10.x.x has to communicate through 10.10.250.x network and network 10.20.x.x has to communicate through 10.20.250.x network, that's it.
What exactly do you mean by RING. I just modified your configuration so that it works, no vlans added or removed. I see 2 cabling rings in your visio picture, but in your configs these all are separate transit networks (mask /30). The same is with vlan-10 and vlan-20, there are all have separate networks on each switch. Therefore I always thought that you mean Layer 3 configuration on all switches(OSPF). But if you are saying these RINGs are Layer 2, then your design is wrong and you need to define where is L3 and where is L2.Don't forget that this is RING topology.
Re: OSPF issue?
Hi,
Network 10.10.x.x has to communicate through 10.10.250.x network and network 10.20.x.x has to communicate through 10.20.250.x network, that's it.
"simply put corresponding transfer ip networks to appropriate network groups. "
Can you please explain what do you by this statement? Please give an example.
Don't forget that this is RING topology.
"What exactly do you mean by RING. I just modified your configuration so that it works, no vlans added or removed. I see 2 cabling rings in your visio picture, but in your configs these all are separate transit networks (mask /30). The same is with vlan-10 and vlan-20, there are all have separate networks on each switch. Therefore I always thought that you mean Layer 3 configuration on all switches(OSPF). But if you are saying these RINGs are Layer 2, then your design is wrong and you need to define where is L3 and where is L2."
Yes, I mean L3 config on all switches. All RINGs have to be L3. I'm not saying that your config doesn't work, it just doesn't go with requirements. You can modify my config as how as you want (add or remove vlans). What I need it just to meat requirements.
Network 10.10.x.x has to communicate through 10.10.250.x network and network 10.20.x.x has to communicate through 10.20.250.x network, that's it.
"simply put corresponding transfer ip networks to appropriate network groups. "
Can you please explain what do you by this statement? Please give an example.
Don't forget that this is RING topology.
"What exactly do you mean by RING. I just modified your configuration so that it works, no vlans added or removed. I see 2 cabling rings in your visio picture, but in your configs these all are separate transit networks (mask /30). The same is with vlan-10 and vlan-20, there are all have separate networks on each switch. Therefore I always thought that you mean Layer 3 configuration on all switches(OSPF). But if you are saying these RINGs are Layer 2, then your design is wrong and you need to define where is L3 and where is L2."
Yes, I mean L3 config on all switches. All RINGs have to be L3. I'm not saying that your config doesn't work, it just doesn't go with requirements. You can modify my config as how as you want (add or remove vlans). What I need it just to meat requirements.
Re: OSPF issue?
Hi,
simply add this on both switches:
Then you can get this(from vlan10) :
And this is again what you do not want, because traffic traverse vlan-20
simply add this on both switches:
Code: Select all
policy network group vlan-10 10.10.250.0 mask 255.255.255.0
policy network group vlan-20 10.20.250.0 mask 255.255.255.0
Code: Select all
C:\>tracert 10.30.112.201
Tracing route to 10.30.112.201 over a maximum of 30 hops
1 3 ms 3 ms 4 ms 10.10.100.1
2 * * * Request Time Out
3 <1 ms <1 ms <1 ms 10.30.112.201
Trace complete.
Re: OSPF issue?
Hi Gucul,
try these attached configs. Please take care of static routes on not cc switches.
try these attached configs. Please take care of static routes on not cc switches.
You do not have the required permissions to view the files attached to this post.
Re: OSPF issue?
Hi one6f,
Thanks for the config. I'll let you know the result.
Sincerely
Gucul
Thanks for the config. I'll let you know the result.
Sincerely
Gucul