OSPF Network statement

homerwsmith · April 3, 2017, 8:29am

I am sorry…

Running 5 RB1100ahx2 connected in a diamond shaped network, home plate, first, second and third base plus leaf sites off each plate. Packets travel around the diamond , but not across it.

Everything is in area 0.0.0.0.

Each router interface has many subnets on it, and usually those subnets are common to all router
interfaces on the same physical lan connected by ethernet or wireless.

Each router has a network statement stating ONE of the many subnets on the interface in question which then includes that interface
in the ospf process listed as intra area. However all other subnets on the same physical subnet are listed as imported ext 1 routes.

Anyhow things work fine for all subnets which are then advertised to all routers.

So what is the proper way to do the network statements, should I

1.) list just one subnet on the interface to get it included in ospf along with all the other subnets as ‘externals’?

2.) list all subnets on the interface to get the interface included with all subnets listed as intra area.

3.) list a single all encompasing network that may include subnets on other interfaces too?

Homer

idlemind · April 5, 2017, 5:57pm

I’d have to see the configurations but are you redistributing connected routes as E1? I would only allow OSPF neighbors on a specific interfaces, passive, and I would use network statements to tell the router which networks to tell neighbors about.

To check if you are redistributing connected routes look under:

/routing ospf instance print

ZeroByte · April 5, 2017, 8:12pm

You should add a network for each IP range (or aggregate of ranges) which your routers should consider as internal to OSPF.

e.g.:

you have an interface with:
10.0.0.1/24 on it as the “primary” IP and also:
10.0.1.1/27, 10.0.1.33/27, 10.0.1.65/27 …

You should consider adding 10.0.0.0/23 as a single network, or maybe 10.0.0.0/24 and 10.0.1.0/24
Even if all of the subnets of 10.0.1.0/24 are not directly connected to this router, that’s fine.

The reason the other IP ranges are coming in as E1 routes is because you’ve got “redistribute connected as type1” configured in your OSPF process. Those other IP ranges are connected, and not included as networks, therefore they are injected into OSPF as external routes. A network can only be internal to OSPF if it is covered by a network statement, and directly attached to the router.

Your goal should be to have as few redistributed networks as possible, as they are treated differently by OSPF in several ways. In general, I would say that you almost never need to redistribute connected routes. Typical best practice is to make the default OSPF interface be of type “passive” so that OSPF won’t try to form adjacencies on the interface, and then manually add any interfaces (in /routing ospf interfaces) where you want to form adjacencies, and set passive=no on those.