Community discussions

MikroTik App
 
krakradmin
just joined
Topic Author
Posts: 2
Joined: Wed Dec 13, 2017 2:43 pm

OSPF Dual Gateways

Wed Dec 13, 2017 2:51 pm

Hi, I currently have a very simple OSPF network which has been working well. I have 30 AP sites with 3011's currently NATing through a public IP on each of them.

I am adding a second provider and gateway on the other end of the network to balance some of the traffic. I would like each AP site to be able to use Gateway 1 or 2, based on my choosing. However when I add a default gateway route to the new uplink router, it gets distributed and traffic begins to flow from the closest sites automatically.

What is required to "tell" each AP site to use Gateway 1 or 2? I am in the process of trying a few sites using EOIP, and a couple using VPLS to send back to the new gateway which is working. I do not, however like the latency/feel this has given the customers.

If i can ping each gateway router from any site in the network, how can I give these sites an IP from each and tell them which one to use?
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: OSPF Dual Gateways

Wed Dec 13, 2017 5:25 pm

OSPF really is not a policy routing type of protocol.

It picks the link which represents the first hop in the shortest path to a given destination. The only "fancy" thing at its disposal is EQMP - equal cost multi-path, which means to load balance between X links if all of them share the same distance, and that being the best distance to the destination.

That being said, you can do a few things to fudge behavior that you want.

First of all, it sounds like your routers are set to redistribute static routes into OSPF, because other routers are picking up on your routing decisions. You can use route filters to prevent certain routes from being injected into OSPF, but once they're there, they're there - they can only be filtered out at area borders in certain broad ways. (i.e. not on a route-by-route basis ala BGP)

Another item to consider is the difference between external route types in OSPF: type1 and type2. (E1 & E2).
When an ASBR injects a route into OSPF as E2, it will set some metric, say cost=20. This value remains constant on E2 prefixes - so the cost of this link will be the same one hop away or 10 hops away. Routers will use the path cost to reach the ASBR as a tiebreaker when comparing two E2 routes to the same destination, having the same OSPF cost.
E1 routes are like E2, except that they also "accumulate" the internal path cost as well. Suppose the best path from some Router R1 to reach an ASBR is 315, and the ASBR injected some prefix with a cost of 50. R1 will show the cost to reach that destination as 365. Had the ASBR injected it as E2, the cost would just be 50.

One final note is that route types are more important to OSPF than the cost. So if you have a destination with several paths in OSPF:
Intra-Area cost = 10000
Inter-Area cost = 1000
E1 cost = 100
E2 cost = 10

OSPF will choose them in the order I listed, despite the fact that this is the reverse order of cost according to the metrics.

You can use these differences to influence behavior. Remember that default prefixes in OSPF are going to be external routes, but they can be injected as E1 or E2.
If you want to do some basic traffic engineering, you can use E1 default GW prefixes so that your network's internal topology will influence the choice made by each router. If you can tweak your interface costs such that a router will consider GW1 to be "closer" than GW2, while other routers will be closer to GW2 than GW1, this will basically give you the behavior that you want.

It does have limitations, though, because if your topology changes, then all bets are off - at least you need to consider what the network will do in various regimes of certain links being up/down, etc.
 
krakradmin
just joined
Topic Author
Posts: 2
Joined: Wed Dec 13, 2017 2:43 pm

Re: OSPF Dual Gateways

Wed Dec 13, 2017 11:19 pm

Thanks for the quick reply.

I guess I still do not understand, maybe too new to this architecture.

If i have two routers in my network connected to the internet with /25, call them 1.1.1.128/25 and 2.2.2.128/25. they each have a loopback address on them of 1.1.0.1 and 2.2.0.1

I can ping 1.1.0.1 and 2.2.0.1 from anywhere in the network. Why is it that I cannot give a static route at any of these sites with a specific gateway of 1.1.1.128 or 2.2.2.128?

Up to this point we had a single internet connection with 1.1.1.128 proxy arp'd. I could place a public IP on any device and it worked. I would like to try and accomplish the same thing with 2 different sets of public IPS throughout. I may be asking something impossible though :)

Currently we have found a workaround to create EOIP tunnel from the sites back to the new internet connection and bridge them. It works, but performance and latency takes a hit.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: OSPF Dual Gateways

Thu Dec 14, 2017 12:55 am

In Mikrotik, you need to specify a non-default target-scope on routes that will use recursive lookup.

Your recursive default GW (via 1.1.0.1 or whatever address you use) must have target-scope=30.... or whatever scope the route towards 1.1.0.1 has.

Basically route targets will only match on routes whose scope is equal to or lower than the target scope on your new route.

I was thinking that you were originating default GW into OSPF from your ISP-facing routers, and was basically suggesting that 1.1.1.x/128 router announce 0.0.0.0/0 as ext1 with some cost, and do the same on 2.2.2.x/128 router. Then make sure that the links on routers that should use 2.2.2.x will cost less than the links to 1.1.1.x

However, with different public IP addresses, I hope you're doing NAT at the border only, or else you're going to get some strange problems if a client with IP 1.1.1.x on it routes out via ISP2.
 
airbanduk
newbie
Posts: 45
Joined: Mon Jun 12, 2017 2:30 pm

Re: OSPF Dual Gateways

Thu Dec 14, 2017 3:34 pm

If you want to make the decisions on which sites routes out which gateway, you will probably have more luck with static routing and use floating defaults and tracking.

You can set your preferred primary gateway as normal but add the check-gateway=ping to make sure it is up. Then add a second default to the other gateway, but set the distance to 250. That way, as long as the primary is up it routes out there, if the primary goes down, it installs the second route and goes out the secondary gateway,

Who is online

Users browsing this forum: No registered users and 11 guests