manipulate ospf equal cost multi-path

tonny · October 31, 2019, 1:23pm

Hi,
I have a setup with multiple routers in two OSPF area’s, which basicly runs fine. Simplified it looks like this :

+---------+    |
                             +---+ rtr-B1  +----+
             +---------+     |   +---------+    |
Net-A -------+  rtr-A  +-----+                  | 
             +---------+     |   +---------+    |
                             +---+ rtr-B2  +----+
                                 +---------+    |
                                                |    +---------+
                                                +----+ rtr-C1  +------ Net-C1
                                                |    +---------+
                                                |  
                                                |    +---------+
                                                +----+ rtr-C2  +------ Net-C2
                                                |    +---------+
                                                |  
                                                |    +---------+
                                                +----+ rtr-C3  +------ Net-C3
                                                     +---------+
                                                    
                 Area 0.0.0.2              Area 0.0.0.3

Router A has two equal routes for netA to NetC1 to 3, Just like NetC1 to 3 have two equal routes to NetA. By nature it will now load-balance over router B1 & B2.
And so the route to Net-A seen from Net-Cx looks like

[admin@net-C1] > ip route print 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
....
....
 5 ADo  192.168.1.0/24                     10.217.217.1            110
                                           10.217.217.2

Due to the locations and links available, we prefer to have rtr-b1 take the whole load and rtr-B2 takes over only if B1 fails.
I played with all kinds of settings, tried OSPF in/out filters and even changed all interfaces on trt-B2 to 10mb, but nothing changes the routing tables.

How can I manipulate OSPF to avoid load-balance and route over rtr-B1 and have rtr-B2 take over on failure only?
rtr-b1

/routing ospf instance
set [ find default=yes ] disabled=yes redistribute-connected=as-type-2 redistribute-static=as-type-2 router-id=0.0.0.1
add name=mgmt redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 router-id=10.17.17.101
add name=routenet-2 redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 router-id=10.217.217.1
/routing ospf area
add area-id=0.0.0.3 instance=mgmt name=area-mgmt
add area-id=0.0.0.2 instance=routenet-2 name=routenet-2
/ip address
add address=10.217.217.1/24 interface=ether2 network=10.217.217.0
add address=10.17.17.1/24 interface=ether1 network=10.17.17.0
/ip firewall filter
add action=accept chain=forward
add action=accept chain=input
/routing ospf network
add area=routenet-2 network=10.217.217.0/24
add area=area-mgmt network=10.17.17.0/24

rtr-b2

/routing ospf instance
set [ find default=yes ] disabled=yes redistribute-connected=as-type-2 redistribute-static=as-type-2 router-id=0.0.0.2
add name=mgmt redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 router-id=10.17.17.2
add name=routenet-2 redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 router-id=10.217.217.2
/routing ospf area
add area-id=0.0.0.3 instance=mgmt name=area-mgmt
add area-id=0.0.0.2 instance=routenet-2 name=routenet-2
/ip address
add address=10.217.217.2/24 interface=ether2 network=10.217.217.0
add address=10.17.17.2/24 interface=ether1 network=10.17.17.0
/ip firewall filter
add action=accept chain=forward
add action=accept chain=input
/routing ospf network
add area=routenet-2 network=10.217.217.0/24
add area=area-mgmt network=10.17.17.0/24

rtr-c

/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=0.0.0.10
add name=routenet-2 redistribute-connected=as-type-1 redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 router-id=10.217.217.101
/routing ospf area
add area-id=0.0.0.2 instance=routenet-2 name=routenet-2
/ip address
add address=10.151.14.1/24 interface=ether3 network=10.151.14.0
add address=10.217.217.10/24 interface=ether2 network=10.217.217.0
add address=10.151.15.1/24 interface=ether4 network=10.151.15.0
/ip firewall filter
add action=accept chain=forward
add action=accept chain=input
/routing ospf interface
add interface=ether2 network-type=broadcast
/routing ospf network
add area=routenet-2 network=10.217.217.0/24

mducharme · October 31, 2019, 2:03pm

Set up two VLANs, one from B1 to C1 and another from B2 to C1. Then you can add the two VLAN interfaces as OSPF interfaces and override the cost on one to make it use the other except on failure.

tonny · October 31, 2019, 2:45pm

Thnx for the suggestion. By coincidence, I found another solution that does work too

/routing ospf instance add metric-other-ospf=21

bbs2web · October 31, 2019, 9:51pm

That option should only take effect when redistributing OSPF prefixes between instances. Just set it up properly, both interfaces being part of the same instance (technically the network addresses and netmasks of the interfaces) and then increase administrative cost of the backup interface to 20 on both routers.