Page 1 of 1

OSPF advertising connected networks

Posted: Mon Feb 11, 2019 12:38 pm
by markdutton
I know I am doing something really dumb here, but I am stuck and I need a hand.

I create a backbone area between two routers using an IP tunnel (over IPSEC). For simplicity, the routers each have their local LAN interfaces, their Internet interfaces and their IP tunnel interface. I number the tunnel interface. E.G. 192.168.220.0/30. Router A has 192.168.220.1 and router B has 192.168.120.2.

I create an OSPF network on each router for the 192.168.220.0/30 subnet. Each router now sees the other as a neighbour. I don't want to add the LAN subnets to OSPF as networks as I don't won't devices on these LANS to learn or advertise anything. However, if I do this to test, each router learns its partner's LAN subnet and I can route between them.

So I then set the redistributed connected routes setting on each router OSPF interface to type 1. As soon as I do this the system starts a loop where it discovers the connected subnets, then drops the IP tunnel (presumably because it learns something from the remote router that breaks the route to it), then it comes back and goes away in an endless loop. It happens very quickly and I can't see what is going on. I really only want to learn the connected route on the LAN interface at each end, but I am unsure of how to get this to work.

Hoping someone can help.

Re: OSPF advertising connected networks

Posted: Mon Feb 11, 2019 2:59 pm
by Murmaider
Try advertise them as type 2.

Setup the ospf-in and ospf-out filters.
On the out filters, add the lan ranges you want your router to advertise to the other router.
On the in filter, add the lan ranges you want to accept from the other router.
Then create a default discard rule on both the ospf-in and ospf-out filters.

Re: OSPF advertising connected networks

Posted: Tue Feb 12, 2019 8:08 am
by markdutton
Thanks Murmaider!

That did it. I was trying previously to do a discard on 192.168.220.0/30, but I don't think it ever matched properly. Either that, or it was another connected route that was causing the problem. Putting in the explicit allow for the route I wanted to advertise followed by a discard all did the trick.

Regards

Mark