sorry I meant IPSEC doesn't carry multicast. OSPF technically doesn't "carry" anything.
On Thu, Apr 28, 2011 at 11:28 PM, Keegan Holley <[email protected]>wrote: > I don't think OSPF carries multicast. I know cisco routers have a neighbor > statement that will force it to unicast hello's I've never tried it on a > juniper. I think if you do GRE over IPSEC (not to be confused with IPSEC > over GRE) the multicast will work as well. It depends on your endpoints > though, I don't think firewalls will do GRE. > > > On Thu, Apr 28, 2011 at 3:59 PM, Leonardo Gama Souza < > [email protected]> wrote: > >> > Hello All: >> > >> > I'm trying to get OSPF up over IPsec. We have two IPsec tunnels, a >> > primary and a secondary that our spoke router can use. We want to >> have >> > the spoke router run OSPF across both and then in case of a failure of >> > the primary hub router (where the primary IPsec tunnel terminates) >> OSPF >> > will direct traffic over the backup tunnel to the backup hub. >> > >> > So far I have seen OSPF on the spoke router come up just a couple of >> > times but only to one or the other peer. It never has come up to both >> > peers. Here are my configurations for OSPF and the services >> interfaces >> > below. Also BGP is up on all routers and all routers are reachable >> via >> > BGP. >> > >> > If anyeone can guide me in the right direction to get OSPF working >> over >> > IPsec that would be most apprectiated! >> >> As far as I know IPSec solely is not able to carry Multicast traffic. >> Are you using GRE over IPSec? If not, you may want to try unicast >> hellos. >> >> >> _______________________________________________ >> juniper-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
