Deploying OSPF in a Large Scale Network https://www.google.com/url?sa=t&source=web&rct=j&url=http://andrei.clubcisco.ro/cursuri/4prc/scaling/BRKRST-2310.pdf&ved=0ahUKEwiroJ2ujODOAhVsAsAKHRx7Dl4QFggtMAQ&usg=AFQjCNEJn-_gYdPmCsRFvbE4AOdnVEQhgg&sig2=2fJL8eTFDdjNdc3TQ6EGGg
On Aug 26, 2016 5:07 PM, "That One Guy /sarcasm" <[email protected]> wrote: > Ironically I was coming in to ask about ospf and ibgp. I just figured out > how to use ospf filters, so I have to confess I have a slight chub. But it > turned out the way ospf was propagating pathways for some static space was > causing a 100mb link to run at 10. We pulled the trigger on the bgp project > for our provider circuits so that's happening, but when it does my > cobblefuckery will end up wreaking havoc with ospf. What is the benefit of > ospf over ibgp for internal distribution. We run the same routers > everywhere so if the edge can take whole routes, shouldn't every site? > > On Aug 26, 2016 4:23 PM, "Bruce Robertson" <[email protected]> wrote: > >> As you grow, you'll find it won't scale well. >> >> On 08/26/2016 02:21 PM, George Skorup wrote: >> >> I do redist with OSPF. It works fine if you know what you're doing. MT >> OSPF used to act really stupid until ROS v6.27 or thereabouts. >> >> On 8/26/2016 2:16 PM, Faisal Imtiaz wrote: >> >> So just for the sake of a technical discussion... >> >> In your opinion, what is the merit of such a config (osfp + ibgp) ? >> >> It can be argued that such a config, >> a) Still depends on OSPF functioning. >> b) Layer an additional dynamic protocol on top of it (ibgp) >> c) Requires additional Routers (route reflectors). >> >> If the merit of such an approach is to manage manage OSFP behavior in a >> more granular fashion, Why not use the those features as they are >> available in OSPF / Best Practices... >> (OSFP best practices, suggest that, don't advertise connected or >> static routes, setup all interfaces as passive, and control prefix >> advertisements via the network section of OSPF). >> >> OSPF also tends to be the most common denominator (protocol) across >> different mfg. Bgp being the 2nd. >> >> Regards >> >> Faisal Imtiaz >> Snappy Internet & Telecom >> 7266 SW 48 Street >> Miami, FL 33155 >> Tel: 305 663 5518 x 232 >> >> Help-desk: (305)663-5518 Option 2 or Email: [email protected] >> >> ------------------------------ >> >> *From: *"Jesse DuPont" <[email protected]> >> <[email protected]> >> *To: *[email protected] >> *Sent: *Friday, August 26, 2016 12:03:58 AM >> *Subject: *Re: [AFMUG] Mikrotik OSPF weirdness >> >> Right, PTP and loopback prefixes are distributed with OSPF (and possibly >> management subnets for radios) and "access" network prefixes >> (customer-facing) are distributed via iBGP. >> I have two of my routers configured as BGP route reflectors and all other >> routers peer with only these two; this solves the full mesh and provides >> redundancy. >> >> *Jesse DuPont* >> >> Network Architect >> email: [email protected] >> Celerity Networks LLC >> >> Celerity Broadband LLC >> Like us! facebook.com/celeritynetworksllc >> >> Like us! facebook.com/celeritybroadband >> On 8/25/16 8:40 PM, David Milholen wrote: >> >> He may have meant only have the ptp and loopback addresses listed in >> networks >> >> >> >> On 8/25/2016 9:31 PM, Mike Hammett wrote: >> >> I've heard this concept a few times now. I'm not sure how only using OSPF >> for the loopbacks works. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ------------------------------ >> *From: *"Bruce Robertson" <[email protected]> <[email protected]> >> *To: *[email protected] >> *Sent: *Thursday, August 25, 2016 6:28:43 PM >> *Subject: *Re: [AFMUG] Mikrotik OSPF weirdness >> >> I've said it before, and been argued with... this is one of many reasons >> why you use iBGP to distribute {customer, dynamic pool, server subnets, >> anything} routes, and use OSPF *only* to distribute router loopback >> addresses.� All your weird OSPF problems will go away.� My apologies if >> I'm misunderstanding the problem, but my point still stands. >> >> On 08/25/2016 10:22 AM, Robert Haas wrote: >> >> Alright, this problem has raised it head again on my network since I >> started to renumber some PPPoE pools. >> >> Customer gets a new IP address via PPPoE x.x.x.208/32 (from x.x.x.192/27 >> pool). Customer can�t surf and I can�t ping them from my office: >> >> � >> >> [office] � [Bernie Router] � [Braggcity Router] � [Ross Router] � >> [Hayti Router] � [customer] >> >> � >> >> A traceroute from my office dies @ the Bernie router but I am not getting >> any type of ICMP response from the Bernie router ie no ICMP Host >> Unreachable/Dest unreachable etc � just blackholes after my office router. >> >> A traceroute from the Customer to the office again dies at the Bernie >> router with no type of response. >> >> � >> >> Checking the routing table on the Bernie router shows a valid route >> pointing to the Braggcity router. It is also in the OSPF LSA�s. >> >> -- >> >> Another customer gets x.x.x.207/32 and has no issue at all. >> >> � >> >> -- >> >> Force the original customer to a new ip address of x.x.x.205/32 and the >> service starts working again. >> >> � >> >> -- >> >> � >> >> Now � even though there is no valid route to x.x.x.208/32 in the >> routing table � traffic destined to the x.x.x.208/32 IP is still getting >> blackholed.. I should be getting a Destination host unreachable from the >> Bernie router. >> >> � >> >> This is correct the correct response .206 is not being used and there is >> no route to it: >> >> C:\Users\netadmin>ping x.x.x.206 >> >> � >> >> Pinging x.x.x.206 with 32 bytes of data: >> >> Reply from y.y.y.1: Destination host unreachable. >> >> Reply from y.y.y.1: Destination host unreachable. >> >> � >> >> Ping statistics for x.x.x.206: >> >> ��� Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), >> >> � >> >> C:\Users\netadmin>tracert 74.91.65.206 >> >> � >> >> Tracing route to host-x.x.x.206.bpsnetworks.com [x.x.x.206] >> >> over a maximum of 30 hops: >> >> � >> >> � 1���� 6 ms���� 6 ms���� 7 ms� z.z.z.z >> >> � 2���� 6 ms���� 6 ms���� 6 ms� >> y.bpsnetworks.com [y.y.y.1] >> >> � 3� y.bpsnetworks.com [y.y.y.1] �reports: Destination host >> unreachable. >> >> � >> >> Trace complete. >> >> � >> >> This is what I see to x.x.x.208 even though it is not being used and >> there is no route to it. >> >> C:\Users\netadmin>ping x.x.x.208 >> >> � >> >> Pinging x.x.x.208 with 32 bytes of data: >> >> Request timed out. >> >> Request timed out. >> >> � >> >> Ping statistics for x.x.x.208: >> >> ��� Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), >> >> � >> >> C:\Users\netadmin>tracert x.x.x.208 >> >> � >> >> Tracing route to host-x.x.x.208.bpsnetworks.com [x.x.x.208] >> >> over a maximum of 30 hops: >> >> � >> >> � 1���� 6 ms���� 6 ms���� 6 ms� z.z.z.z >> >> � 2���� *������� *������� >> *���� Request timed out. >> >> � 3���� *������� *���� ^C >> >> � >> >> -- >> >> � >> >> I�ve verified there is no firewall that would affect the traffic � I >> even put an accept rule in the forward chain for both the source and >> destination of x.x.x.208 and neither increment at all. So the traffic is >> not even making out of the routing flow and into the firewall.. >> >> � >> >> Any pointers are where to start troubleshooting next? >> >> >> >> >> -- >> >> >> >> >> !DSPAM:2,57c0b2eb92841205749441! >> >> >>
