>>As you grow, you'll find it won't scale well.
Care to elaborate more on this ?
By definition it is pointed out that putting hundreds of routers or
hundreds of routes are a weak point of OSPF, however there are many
different techniques available to manage that.
Regards.
Faisal Imtiaz
Snappy Internet & Telecom
7266 SW 48 Street
Miami, FL 33155
Tel: 305 663 5518 x 232
Help-desk: (305)663-5518 Option 2 or Email: [email protected]
------------------------------------------------------------------------
*From: *"Bruce Robertson" <[email protected]>
*To: *[email protected]
*Sent: *Friday, August 26, 2016 5:23:14 PM
*Subject: *Re: [AFMUG] (OSPF + ibgp) / formerly Mikrotik OSPF
weirdness
As you grow, you'll find it won't scale well.
On 08/26/2016 02:21 PM, George Skorup wrote:
I do redist with OSPF. It works fine if you know what you're
doing. MT OSPF used to act really stupid until ROS v6.27 or
thereabouts.
On 8/26/2016 2:16 PM, Faisal Imtiaz wrote:
So just for the sake of a technical discussion...
In your opinion, what is the merit of such a config (osfp
+ ibgp) ?
It can be argued that such a config,
a) Still depends on OSPF functioning.
b) Layer an additional dynamic protocol on top of it (ibgp)
c) Requires additional Routers (route reflectors).
If the merit of such an approach is to manage manage OSFP
behavior in a more granular fashion, Why not use the
those features as they are available in OSPF / Best
Practices...
(OSFP best practices, suggest that, don't advertise
connected or static routes, setup all interfaces as
passive, and control prefix advertisements via the
network section of OSPF).
OSPF also tends to be the most common denominator
(protocol) across different mfg. Bgp being the 2nd.
Regards
Faisal Imtiaz
Snappy Internet & Telecom
7266 SW 48 Street
Miami, FL 33155
Tel: 305 663 5518 <callto:305%20663%205518> x 232
Help-desk: (305)663-5518 <callto:%28305%29663-5518>
Option 2 or Email: [email protected]
------------------------------------------------------------------------
*From: *"Jesse DuPont" <[email protected]>
*To: *[email protected]
*Sent: *Friday, August 26, 2016 12:03:58 AM
*Subject: *Re: [AFMUG] Mikrotik OSPF weirdness
Right, PTP and loopback prefixes are distributed with
OSPF (and possibly management subnets for radios) and
"access" network prefixes (customer-facing) are
distributed via iBGP.
I have two of my routers configured as BGP route
reflectors and all other routers peer with only these
two; this solves the full mesh and provides redundancy.
*Jesse DuPont*
Network Architect
email: [email protected]
Celerity Networks LLC
Celerity Broadband LLC
Like us! facebook.com/celeritynetworksllc
Like us! facebook.com/celeritybroadband
On 8/25/16 8:40 PM, David Milholen wrote:
He may have meant only have the ptp and loopback
addresses listed in networks
On 8/25/2016 9:31 PM, Mike Hammett wrote:
I've heard this concept a few times now. I'm
not sure how only using OSPF for the
loopbacks works.
-----
Mike Hammett
Intelligent Computing Solutions
<http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange
<http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP
<http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp>
<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
------------------------------------------------------------------------
*From: *"Bruce Robertson" <[email protected]>
*To: *[email protected]
*Sent: *Thursday, August 25, 2016 6:28:43 PM
*Subject: *Re: [AFMUG] Mikrotik OSPF weirdness
I've said it before, and been argued with...
this is one of many reasons why you use iBGP
to distribute {customer, dynamic pool, server
subnets, anything} routes, and use OSPF
*only* to distribute router loopback
addresses.� All your weird OSPF problems
will go away.� My apologies if I'm
misunderstanding the problem, but my point
still stands.
On 08/25/2016 10:22 AM, Robert Haas wrote:
Alright, this problem has raised it head
again on my network since I started to
renumber some PPPoE pools.
Customer gets a new IP address via PPPoE
x.x.x.208/32 (from x.x.x.192/27 pool).
Customer can�t surf and I can�t ping
them from my office:
�
[office] � [Bernie Router] �
[Braggcity Router] � [Ross Router] �
[Hayti Router] � [customer]
�
A traceroute from my office dies @ the
Bernie router but I am not getting any
type of ICMP response from the Bernie
router ie no ICMP Host Unreachable/Dest
unreachable etc � just blackholes after
my office router.
A traceroute from the Customer to the
office again dies at the Bernie router
with no type of response.
�
Checking the routing table on the Bernie
router shows a valid route pointing to
the Braggcity router. It is also in the
OSPF LSA�s.
--
Another customer gets x.x.x.207/32 and
has no issue at all.
�
--
Force the original customer to a new ip
address of x.x.x.205/32 and the service
starts working again.
�
--
�
Now � even though there is no valid
route to x.x.x.208/32 in the routing
table � traffic destined to the
x.x.x.208/32 IP is still getting
blackholed.. I should be getting a
Destination host unreachable from the
Bernie router.
�
This is correct the correct response .206
is not being used and there is no route
to it:
C:\Users\netadmin>ping x.x.x.206
�
Pinging x.x.x.206 with 32 bytes of data:
Reply from y.y.y.1: Destination host
unreachable.
Reply from y.y.y.1: Destination host
unreachable.
�
Ping statistics for x.x.x.206:
��� Packets: Sent = 2, Received =
2, Lost = 0 (0% loss),
�
C:\Users\netadmin>tracert 74.91.65.206
<callto:74.91.65.206>
�
Tracing route to
host-x.x.x.206.bpsnetworks.com [x.x.x.206]
over a maximum of 30 hops:
�
� 1���� 6 ms���� 6
ms���� 7 ms� z.z.z.z
� 2���� 6 ms���� 6
ms���� 6 ms� y.bpsnetworks.com
[y.y.y.1]
� 3� y.bpsnetworks.com [y.y.y.1]
�reports: Destination host unreachable.
�
Trace complete.
�
This is what I see to x.x.x.208 even
though it is not being used and there is
no route to it.
C:\Users\netadmin>ping x.x.x.208
�
Pinging x.x.x.208 with 32 bytes of data:
Request timed out.
Request timed out.
�
Ping statistics for x.x.x.208:
��� Packets: Sent = 2, Received =
0, Lost = 2 (100% loss),
�
C:\Users\netadmin>tracert x.x.x.208
�
Tracing route to
host-x.x.x.208.bpsnetworks.com [x.x.x.208]
over a maximum of 30 hops:
�
� 1���� 6 ms���� 6
ms���� 6 ms� z.z.z.z
� 2���� *�������
*������� *����
Request timed out.
� 3���� *�������
*���� ^C
�
--
�
I�ve verified there is no firewall that
would affect the traffic � I even put
an accept rule in the forward chain for
both the source and destination of
x.x.x.208 and neither increment at all.
So the traffic is not even making out of
the routing flow and into the firewall..
�
Any pointers are where to start
troubleshooting next?
--
