Re: [AFMUG] Mikrotik OSPF weirdness

Tue, 30 Aug 2016 19:36:08 -0700 

Very true, no flap - no gap :)



On 8/29/2016 8:40 AM, Dennis Burgess wrote:
I have a network with 140 or so OSPF routers, around 1k routes without issues. Its not the number of routes, nor the qty of routers, its how much breaks talk etc. The network is very reliable and static for the most part, so OSPF don’t chatter too much at all. 

Thanks,

*_Dennis Burgess_**– **Network Engineer/Consutant*
MikroTik Certified Trianer/Consultant <http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5> – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE 

Cambium ePMP Certified, Telrad Certified, Cisco CCNA

WISPA – Wireless Internet Service Providers Assoication – Director
For Wireless Hardware/Routers visit www.linktechs.net <http://www.linktechs.net/> 

RF Mapping: www.towercoverage.com <http://www.towercoverage.com/>

Office: 314-735-0270

dmburg...@linktechs.net <mailto:dmburg...@linktechs.net>

*From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *Paul Stewart
*Sent:* Saturday, August 27, 2016 10:53 AM
*To:* af@afmug.com
*Subject:* Re: [AFMUG] Mikrotik OSPF weirdness

Very common deployment model … typically in larger networks.
Having said that, and as someone else mentioned I believe, folks often feel that OSFP can’t “scale” at all and begin feeling somewhat “forced” into OSPF for LB/P2P and iBGP for routes as soon as they get 10,20,30 routers in their network and perhaps a couple of hundred subnets. This is simply not typical and OSPF can be much larger in scale before performance is impacted significantly 

*From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *Jesse DuPont
*Sent:* August 26, 2016 12:04 AM
*To:* af@afmug.com <mailto:af@afmug.com>
*Subject:* Re: [AFMUG] Mikrotik OSPF weirdness
Right, PTP and loopback prefixes are distributed with OSPF (and possibly management subnets for radios) and "access" network prefixes (customer-facing) are distributed via iBGP. I have two of my routers configured as BGP route reflectors and all other routers peer with only these two; this solves the full mesh and provides redundancy. 

*_Jesse DuPont_*

Network Architect
email: jesse.dup...@celeritycorp.net <mailto:jesse.dup...@celeritycorp.net> 
Celerity Networks LLC

Celerity Broadband LLC
Like us! facebook.com/celeritynetworksllc

Like us! facebook.com/celeritybroadband

On 8/25/16 8:40 PM, David Milholen wrote:

    He may have meant only have the ptp and loopback addresses listed
    in networks

    On 8/25/2016 9:31 PM, Mike Hammett wrote:

        I've heard this concept a few times now. I'm not sure how only
        using OSPF for the loopbacks works.



        -----
        Mike Hammett
        Intelligent Computing Solutions <http://www.ics-il.com/>
        
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
        Midwest Internet Exchange <http://www.midwest-ix.com/>
        
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
        The Brothers WISP <http://www.thebrotherswisp.com/>
        <https://www.facebook.com/thebrotherswisp>


        <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>

        ------------------------------------------------------------------------

        *From: *"Bruce Robertson" <br...@pooh.com> <mailto:br...@pooh.com>
        *To: *af@afmug.com <mailto:af@afmug.com>
        *Sent: *Thursday, August 25, 2016 6:28:43 PM
        *Subject: *Re: [AFMUG] Mikrotik OSPF weirdness

        I've said it before, and been argued with... this is one of
        many reasons why you use iBGP to distribute {customer, dynamic
        pool, server subnets, anything} routes, and use OSPF *only* to
        distribute router loopback addresses.� All your weird OSPF
        problems will go away.� My apologies if I'm misunderstanding
        the problem, but my point still stands.

        On 08/25/2016 10:22 AM, Robert Haas wrote:

            Alright, this problem has raised it head again on my
            network since I started to renumber some PPPoE pools.

            Customer gets a new IP address via PPPoE x.x.x.208/32
            (from x.x.x.192/27 pool). Customer can�t surf and I
            can�t ping them from my office:

            �

            [office] � [Bernie Router] � [Braggcity Router] �
            [Ross Router] � [Hayti Router] � [customer]

            �

            A traceroute from my office dies @ the Bernie router but I
            am not getting any type of ICMP response from the Bernie
            router ie no ICMP Host Unreachable/Dest unreachable etc
            � just blackholes after my office router.

            A traceroute from the Customer to the office again dies at
            the Bernie router with no type of response.

            �

            Checking the routing table on the Bernie router shows a
            valid route pointing to the Braggcity router. It is also
            in the OSPF LSA�s.

            --

            Another customer gets x.x.x.207/32 and has no issue at all.

            �

            --

            Force the original customer to a new ip address of
            x.x.x.205/32 and the service starts working again.

            �

            --

            �

            Now � even though there is no valid route to
            x.x.x.208/32 in the routing table � traffic destined to
            the x.x.x.208/32 IP is still getting blackholed.. I should
            be getting a Destination host unreachable from the Bernie
            router.

            �

            This is correct the correct response .206 is not being
            used and there is no route to it:

            C:\Users\netadmin>ping x.x.x.206

            �

            Pinging x.x.x.206 with 32 bytes of data:

            Reply from y.y.y.1: Destination host unreachable.

            Reply from y.y.y.1: Destination host unreachable.

            �

            Ping statistics for x.x.x.206:

            ��� Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

            �

            C:\Users\netadmin>tracert 74.91.65.206

            �

            Tracing route to host-x.x.x.206.bpsnetworks.com [x.x.x.206]

            over a maximum of 30 hops:

            �

            � 1���� 6 ms���� 6 ms���� 7
            ms� z.z.z.z

            � 2���� 6 ms���� 6 ms���� 6
            ms� y.bpsnetworks.com [y.y.y.1]

            � 3� y.bpsnetworks.com [y.y.y.1] �reports:
            Destination host unreachable.

            �

            Trace complete.

            �

            This is what I see to x.x.x.208 even though it is not
            being used and there is no route to it.

            C:\Users\netadmin>ping x.x.x.208

            �

            Pinging x.x.x.208 with 32 bytes of data:

            Request timed out.

            Request timed out.

            �

            Ping statistics for x.x.x.208:

            ��� Packets: Sent = 2, Received = 0, Lost = 2 (100%
            loss),

            �

            C:\Users\netadmin>tracert x.x.x.208

            �

            Tracing route to host-x.x.x.208.bpsnetworks.com [x.x.x.208]

            over a maximum of 30 hops:

            �

            � 1���� 6 ms���� 6 ms���� 6
            ms� z.z.z.z

            � 2���� *�������
            *������� *���� Request timed out.

            � 3���� *������� *���� ^C

            �

            --

            �

            I�ve verified there is no firewall that would affect the
            traffic � I even put an accept rule in the forward chain
            for both the source and destination of x.x.x.208 and
            neither increment at all. So the traffic is not even
            making out of the routing flow and into the firewall..

            �

            Any pointers are where to start troubleshooting next?

            !DSPAM:2,57bf295962076342819562!
-- 

--

Reply via email to