Are there any success stories about OSPF balancing between two routers in one broadcast domain?
We have router R1 with 1 interface (10.0.0.1/24), and router R2 with two interfaces (10.0.0.2/24, 10.0.0.3/24), all connected to the same switch. Instead of using bonding on R2, I’d like to use OSPF for balancing, so that R1 has ECMP routes with gateway=10.0.0.2,10.0.0.3 and R2 has routes with gateway=10.0.0.1@ether1,10.0.0.2@ether2.
But when I setup OSPF, I just have “route,ospf,error Discarding packet: locally originated” messages in Log, because R2->ether1 sends OSPF packets to R2->ether2.
I know this is quite an old thread, but I got it to work without the annoying log entries by filtering out incoming ospf packets by src-address. I know this isn’t the most elegant way of doing it, but it seems to work for now.
From what I understand, since the ports on R2 are connected to the same switch, they see each other’s broadcasts. So I set up a filter rule in firewall:
chain=input action=drop protocol=ospf src-address-list=OSPF_Drop log=no log-prefix=“”
and added the two IPs of R2 to the OSPF_Drop address list.
hm, nice idea =) I thought about doing traffic segmentation on the switch (so that packets won’t go between ports where R2 is connected), but this fits even in case of unmanaged switch
but… is it working after that?
p.s. instead of making address-list, probably it’s better use src-address-type=local
If you have a free ethernet interface on R1, I suggest creating a new network 10.0.1.0/24 and then connecting it to R2 and changing 10.0.0.3/24 → 10.0.1.2/24. Then connect those interfaces directly to each other. Now your protocol will load-balance like it’s supposed to, and you also have redundancy in case the switch fails.
If you don’t have an extra interface, then create a VLAN subinterface on R1, and interface2 on R2. Move the IPs onto the sub-interfaces. Dumb switches will happily (in my experience) forward 802.1q-tagged traffic and then R2 will be able to seperate the two streams without OSPF seeing the same network address on two different interfaces and freaking out.
