Lol I don't think my 25 router setup is large scale On Aug 26, 2016 5:12 PM, "Josh Reynolds" <j...@kyneticwifi.com> wrote:
> Deploying OSPF in a Large Scale Network > https://www.google.com/url?sa=t&source=web&rct=j&url=http:// > andrei.clubcisco.ro/cursuri/4prc/scaling/BRKRST-2310.pdf&ved= > 0ahUKEwiroJ2ujODOAhVsAsAKHRx7Dl4QFggtMAQ&usg=AFQjCNEJn-_ > gYdPmCsRFvbE4AOdnVEQhgg&sig2=2fJL8eTFDdjNdc3TQ6EGGg > > On Aug 26, 2016 5:07 PM, "That One Guy /sarcasm" < > thatoneguyst...@gmail.com> wrote: > >> Ironically I was coming in to ask about ospf and ibgp. I just figured out >> how to use ospf filters, so I have to confess I have a slight chub. But it >> turned out the way ospf was propagating pathways for some static space was >> causing a 100mb link to run at 10. We pulled the trigger on the bgp project >> for our provider circuits so that's happening, but when it does my >> cobblefuckery will end up wreaking havoc with ospf. What is the benefit of >> ospf over ibgp for internal distribution. We run the same routers >> everywhere so if the edge can take whole routes, shouldn't every site? >> >> On Aug 26, 2016 4:23 PM, "Bruce Robertson" <br...@pooh.com> wrote: >> >>> As you grow, you'll find it won't scale well. >>> >>> On 08/26/2016 02:21 PM, George Skorup wrote: >>> >>> I do redist with OSPF. It works fine if you know what you're doing. MT >>> OSPF used to act really stupid until ROS v6.27 or thereabouts. >>> >>> On 8/26/2016 2:16 PM, Faisal Imtiaz wrote: >>> >>> So just for the sake of a technical discussion... >>> >>> In your opinion, what is the merit of such a config (osfp + ibgp) ? >>> >>> It can be argued that such a config, >>> a) Still depends on OSPF functioning. >>> b) Layer an additional dynamic protocol on top of it (ibgp) >>> c) Requires additional Routers (route reflectors). >>> >>> If the merit of such an approach is to manage manage OSFP behavior in a >>> more granular fashion, Why not use the those features as they are >>> available in OSPF / Best Practices... >>> (OSFP best practices, suggest that, don't advertise connected or >>> static routes, setup all interfaces as passive, and control prefix >>> advertisements via the network section of OSPF). >>> >>> OSPF also tends to be the most common denominator (protocol) across >>> different mfg. Bgp being the 2nd. >>> >>> Regards >>> >>> Faisal Imtiaz >>> Snappy Internet & Telecom >>> 7266 SW 48 Street >>> Miami, FL 33155 >>> Tel: 305 663 5518 x 232 >>> >>> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net >>> >>> ------------------------------ >>> >>> *From: *"Jesse DuPont" <jesse.dup...@celeritycorp.net> >>> <jesse.dup...@celeritycorp.net> >>> *To: *af@afmug.com >>> *Sent: *Friday, August 26, 2016 12:03:58 AM >>> *Subject: *Re: [AFMUG] Mikrotik OSPF weirdness >>> >>> Right, PTP and loopback prefixes are distributed with OSPF (and possibly >>> management subnets for radios) and "access" network prefixes >>> (customer-facing) are distributed via iBGP. >>> I have two of my routers configured as BGP route reflectors and all >>> other routers peer with only these two; this solves the full mesh and >>> provides redundancy. >>> >>> *Jesse DuPont* >>> >>> Network Architect >>> email: jesse.dup...@celeritycorp.net >>> Celerity Networks LLC >>> >>> Celerity Broadband LLC >>> Like us! facebook.com/celeritynetworksllc >>> >>> Like us! facebook.com/celeritybroadband >>> On 8/25/16 8:40 PM, David Milholen wrote: >>> >>> He may have meant only have the ptp and loopback addresses listed in >>> networks >>> >>> >>> >>> On 8/25/2016 9:31 PM, Mike Hammett wrote: >>> >>> I've heard this concept a few times now. I'm not sure how only using >>> OSPF for the loopbacks works. >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> ------------------------------ >>> *From: *"Bruce Robertson" <br...@pooh.com> <br...@pooh.com> >>> *To: *af@afmug.com >>> *Sent: *Thursday, August 25, 2016 6:28:43 PM >>> *Subject: *Re: [AFMUG] Mikrotik OSPF weirdness >>> >>> I've said it before, and been argued with... this is one of many reasons >>> why you use iBGP to distribute {customer, dynamic pool, server subnets, >>> anything} routes, and use OSPF *only* to distribute router loopback >>> addresses.� All your weird OSPF problems will go away.� My apologies if >>> I'm misunderstanding the problem, but my point still stands. >>> >>> On 08/25/2016 10:22 AM, Robert Haas wrote: >>> >>> Alright, this problem has raised it head again on my network since I >>> started to renumber some PPPoE pools. >>> >>> Customer gets a new IP address via PPPoE x.x.x.208/32 (from x.x.x.192/27 >>> pool). Customer can�t surf and I can�t ping them from my office: >>> >>> � >>> >>> [office] � [Bernie Router] � [Braggcity Router] � [Ross Router] >>> � [Hayti Router] � [customer] >>> >>> � >>> >>> A traceroute from my office dies @ the Bernie router but I am not >>> getting any type of ICMP response from the Bernie router ie no ICMP Host >>> Unreachable/Dest unreachable etc � just blackholes after my office router. >>> >>> A traceroute from the Customer to the office again dies at the Bernie >>> router with no type of response. >>> >>> � >>> >>> Checking the routing table on the Bernie router shows a valid route >>> pointing to the Braggcity router. It is also in the OSPF LSA�s. >>> >>> -- >>> >>> Another customer gets x.x.x.207/32 and has no issue at all. >>> >>> � >>> >>> -- >>> >>> Force the original customer to a new ip address of x.x.x.205/32 and the >>> service starts working again. >>> >>> � >>> >>> -- >>> >>> � >>> >>> Now � even though there is no valid route to x.x.x.208/32 in the >>> routing table � traffic destined to the x.x.x.208/32 IP is still getting >>> blackholed.. I should be getting a Destination host unreachable from the >>> Bernie router. >>> >>> � >>> >>> This is correct the correct response .206 is not being used and there is >>> no route to it: >>> >>> C:\Users\netadmin>ping x.x.x.206 >>> >>> � >>> >>> Pinging x.x.x.206 with 32 bytes of data: >>> >>> Reply from y.y.y.1: Destination host unreachable. >>> >>> Reply from y.y.y.1: Destination host unreachable. >>> >>> � >>> >>> Ping statistics for x.x.x.206: >>> >>> ��� Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), >>> >>> � >>> >>> C:\Users\netadmin>tracert 74.91.65.206 >>> >>> � >>> >>> Tracing route to host-x.x.x.206.bpsnetworks.com [x.x.x.206] >>> >>> over a maximum of 30 hops: >>> >>> � >>> >>> � 1���� 6 ms���� 6 ms���� 7 ms� z.z.z.z >>> >>> � 2���� 6 ms���� 6 ms���� 6 ms� >>> y.bpsnetworks.com [y.y.y.1] >>> >>> � 3� y.bpsnetworks.com [y.y.y.1] �reports: Destination host >>> unreachable. >>> >>> � >>> >>> Trace complete. >>> >>> � >>> >>> This is what I see to x.x.x.208 even though it is not being used and >>> there is no route to it. >>> >>> C:\Users\netadmin>ping x.x.x.208 >>> >>> � >>> >>> Pinging x.x.x.208 with 32 bytes of data: >>> >>> Request timed out. >>> >>> Request timed out. >>> >>> � >>> >>> Ping statistics for x.x.x.208: >>> >>> ��� Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), >>> >>> � >>> >>> C:\Users\netadmin>tracert x.x.x.208 >>> >>> � >>> >>> Tracing route to host-x.x.x.208.bpsnetworks.com [x.x.x.208] >>> >>> over a maximum of 30 hops: >>> >>> � >>> >>> � 1���� 6 ms���� 6 ms���� 6 ms� z.z.z.z >>> >>> � 2���� *������� *������� >>> *���� Request timed out. >>> >>> � 3���� *������� *���� ^C >>> >>> � >>> >>> -- >>> >>> � >>> >>> I�ve verified there is no firewall that would affect the traffic � I >>> even put an accept rule in the forward chain for both the source and >>> destination of x.x.x.208 and neither increment at all. So the traffic is >>> not even making out of the routing flow and into the firewall.. >>> >>> � >>> >>> Any pointers are where to start troubleshooting next? >>> >>> >>> >>> >>> -- >>> >>> >>> >>> >>> !DSPAM:2,57c0b2eb92841205749441! >>> >>> >>>