Complex OSPF deploy with Partitioned backbone (solved)

konstantinJFK · March 20, 2017, 3:48pm

Hi, all!

This my lab network has been build to check ospf deploy scenario with multiple datacenters joined with ipip peer to peer connections

UPD from mikrotik support:
From: Maris (MikroTik Support) <support@mikrotik.com>
Date: Tue, Mar 21, 2017 at 12:42 PM
Subject: Re: [Ticket#] OSPF Virtual Link bug

Hello,

Currently virtual-links do not work properly. This problem will be addressed in ROS v7.

Best regards,
Maris*

The lab network is shown on the picture:

I have a issue to make this network working powered by OSPF routing.

The routers OspfCore3 and OspfCore4 (joined by virtual ospf link) do not contain all routing information:

routing table of OspfCore3 is not contain a routes for OspfCore5 and OspfCore5lan
routing table of OspfCore4 is not contain a routes for OspfCore1,OspfCore1lan,OspfCore2 and OspfCore2lan networks

Is same time the ospf routing database is complete with all routes exist.

All routers outside of backbone (OspfCore5lan,OspfCore3lan,OspfCore2lan,OspfCore1lan) have complete and correct routing information
Backbone Routers OspfCore1, OspfCore2 and OspfCore5 contain correct routes as expected

Seems I have a problem with partitioned backbone but not able to solve it properly.

here are routing tables from all ospf routers in the network

all OspfCore5lan,OspfCore3lan,OspfCore2lan,OspfCore1lan, OspfCore5, OspfCore2, OspfCore1 have same table:

[admin@OspfCore5Lan] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          172.16.200.254            0
 1 ADo  10.0.1.0/24                        172.17.51.1             110
 2 ADo  10.0.2.0/24                        172.17.51.1             110
 3 ADo  10.0.3.0/24                        172.17.51.1             110
 4 ADo  10.0.4.0/24                        172.17.51.1             110
 5 ADo  10.0.5.0/24                        172.17.51.1             110
 6 ADo  10.0.11.0/24                       172.17.51.1             110
 7 ADo  10.0.22.0/24                       172.17.51.1             110
 8 ADo  10.0.33.0/24                       172.17.51.1             110
 9 ADC  10.0.55.0/24       10.0.55.1       ether3                    0
10 ADo  172.16.16.0/30                     172.17.51.1             110
11 ADo  172.16.16.4/30                     172.17.51.1             110
12 ADo  172.16.16.8/30                     172.17.51.1             110
13 ADo  172.16.16.12/30                    172.17.51.1             110
14 ADC  172.16.200.0/24    172.16.200.183  core                      0
15 ADo  172.17.1.0/24                      172.17.51.1             110
16 ADC  172.17.51.0/24     172.17.51.2     core                      0
17 ADo  172.17.101.0/24                    172.17.51.1             110
18 ADo  172.17.201.0/24                    172.17.51.1             110

here is issue 1: OspfCore4

[admin@OspfCore4] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          172.16.200.254            0
 1 ADo  10.0.3.0/24                        172.17.201.1            110
 2 ADC  10.0.4.0/24        10.0.4.1        ether3                    0
 3 ADo  10.0.5.0/24                        172.16.16.14            110
 4 ADo  10.0.33.0/24                       172.17.201.2            110
 5 ADo  10.0.55.0/24                       172.16.16.14            110
 6 ADo  172.16.16.0/30                     172.17.201.1            110
 7 ADo  172.16.16.4/30                     172.17.201.1            110
 8 ADo  172.16.16.8/30                     172.17.201.1            110
 9 ADC  172.16.16.12/30    172.16.16.13    ipipv6-tunnel5            0
10 ADC  172.16.200.0/24    172.16.200.185  core                      0
11 ADo  172.17.1.0/24                      172.17.201.1            110
12 ADo  172.17.51.0/24                     172.16.16.14            110
13 ADo  172.17.101.0/24                    172.17.201.1            110
14 ADC  172.17.201.0/24    172.17.201.3    core                      0

here is issue 2: OspfCore3

[admin@OspfCore3] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          172.16.200.254            0
 1 ADo  10.0.1.0/24                        172.16.16.9             110
 2 ADo  10.0.2.0/24                        172.16.16.1             110
 3 ADC  10.0.3.0/24        10.0.3.1        ether3                    0
 4 ADo  10.0.4.0/24                        172.17.201.3            110
 5 ADo  10.0.11.0/24                       172.16.16.9             110
 6 ADo  10.0.22.0/24                       172.16.16.1             110
 7 ADo  10.0.33.0/24                       172.17.201.2            110
 8 ADC  172.16.16.0/30     172.16.16.2     ipipv6-tunnel3            0
 9 ADo  172.16.16.4/30                     172.16.16.9             110
                                           172.16.16.1
10 ADC  172.16.16.8/30     172.16.16.10    ipipv6-tunnel2            0
11 ADo  172.16.16.12/30                    172.17.201.3            110
12 ADC  172.16.200.0/24    172.16.200.187  core                      0
13 ADo  172.17.1.0/24                      172.16.16.9             110
14 ADo  172.17.51.0/24                     172.17.201.3            110
15 ADo  172.17.101.0/24                    172.16.16.1             110
16 ADC  172.17.201.0/24    172.17.201.1    core                      0

Please ask for additional details and router data

P.S. I am ready to spend my time later to post solved scenario as manual example with all details

shaoranrch · March 20, 2017, 4:33pm

Hello, post your OSPF export please. For each of the routers.

Enviado desde mi SAMSUNG-SM-G920A mediante Tapatalk

konstantinJFK · March 20, 2017, 4:50pm

Thanks for the reply. I updated the picture as well

Here is the ospf configs

[admin@OspfCore1] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.1.1
/routing ospf network
add area=area1 network=172.17.1.0/24
add area=backbone network=172.16.16.4/30
add area=backbone network=172.16.16.8/30
/routing ospf virtual-link
add disabled=yes neighbor-id=172.17.101.1

[admin@OspfCore2] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.2 name=area2
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.101.1
/routing ospf network
add area=area2 network=172.17.101.0/24
add area=backbone network=172.16.16.4/30
add area=backbone network=172.16.16.0/30
/routing ospf virtual-link
add disabled=yes neighbor-id=172.17.1.1

[admin@OspfCore3] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.3 name=area3
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 redistribute-other-ospf=as-type-1 router-id=172.17.201.1
/routing ospf network
add area=area3 network=172.17.201.0/24
add area=backbone network=172.16.16.8/30
add area=backbone network=172.16.16.0/30
/routing ospf virtual-link
add neighbor-id=172.17.201.3 transit-area=area3

[admin@OspfCore4] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.3 name=area3
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 redistribute-other-ospf=as-type-1 router-id=172.17.201.3
/routing ospf network
add area=area3 network=172.17.201.0/24
add area=backbone network=172.16.16.12/30
/routing ospf virtual-link
add neighbor-id=172.17.201.1 transit-area=area3

[admin@OspfCore5] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.5 name=area5
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.51.1
/routing ospf network
add area=area5 network=172.17.51.0/24
add area=backbone network=172.16.16.12/30
/routing ospf virtual-link

[admin@OspfCore1Lan] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.1.2
/routing ospf network
add area=area1 network=172.17.1.0/24

[admin@OspfCore2Lan] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.2 name=area2
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.101.2
/routing ospf network
add area=area2 network=172.17.101.0/24

[admin@OspfCore3Lan] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.3 name=area3
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.201.2
/routing ospf network
add area=area3 network=172.17.201.0/24

[admin@OspfCore5Lan] > routing ospf export
#
/routing ospf area
add area-id=0.0.0.5 name=area5
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=172.17.51.2
/routing ospf network
add area=area5 network=172.17.51.0/24

konstantinJFK · March 20, 2017, 11:16pm

The update with solution:

There is wrong idea to use OSPF virtual links. This feature seems to be broken in mikrotik and in same time CCIE person had not recommend to use OSPF virtual links at all

The such complex scenario will be much better to be handled by BGP.

Here is updated picture