Peter, comments inline... JMcL ----- Forwarded by Jenny Mcleod/NSO/CSDA on 08/04/2002 09:14 am -----
"Peter van Oene" Sent by: [EMAIL PROTECTED] 06/04/2002 01:17 am Please respond to "Peter van Oene" To: [EMAIL PROTECTED] cc: Subject: Re: OSPF design [7:40269] New theory! might work :) My assumptions: 1) R1 and R2 are your ABR's, R2's link into the backbone is a dial on demand link only used when R1's link fails. JMcL: Correct /JMcL 2) Due to the above, the primary problem is that when the non-backbone area becomes partitioned, R1 will not be able to deliver to certain nets south of R2 as it does not see R2 as a valid hop toward those nets (since it doesn't see the type1/2 advertisements from that area). In this case, R1 either forwards via default toward the core and loops traffic for those unreachable nets, or matches a null0 route for the summary and discards. JMcL: R1 does not see the type 1/2 advertisements, but it DOES see the type 3 advertisements for the summary from R2 via the area 0 connection. IF there is no null0 route generated by R1 (either because generation is turned off or because the IOS version is such that the default is not to generate one), I would have expected this summary to be used to direct traffic for unreachable nets to R2. According to the support guys, this is not the case as the problem happened even before the null0 route was generated. /JMcL 3) R2 will have this problem only when R1 loses connectivity to the core _and_ the non backbone area becomes partitioned. Hence, fixing this problem is less important that fixing #2. JMcL: Yes, if you mean that nets south of R1 (I like the phrasing - very descriptive) will be "lost" if R1 loses connectivity to the core and the non-backbone area is partitioned. /JMcL Solution: Disable the creation of a null0 route for the aggregate on R1 and instead add a static route for the aggregate on R1 toward R2. JMcL: I suspect this would work, but I am still confused as to why the type 3 advertisement from R2 does not provide reachability if there is no null0 route. As far as I can see, the static shouldn't be necessary (but probably is). As a side note, has anyone actually used the "no discard-route" command? That's the only way I've spotted to turn off the creation of the null0 route, and it's basically undocumented - does it work as expected? /JMcL With this config, if the area becomes partitioned, while R1's ethernet toward the core is live, when R1 pulls traffic based on the summary toward unreachable nets behind R2, this route will push the traffic toward R2. Should R2 not be able to reach those nets, the can be safely considered unreadable and R2's null0 route will discard the traffic thereby eliminating loops. The only downside is that some truly unreachable traffic might transit the R1-R2 link before being eliminated. This will not help the situation where the area is partitioned and R1 loses core connectivity, but this is a much less likely occurrence. Plus, in this case your dialup link might be strained anyway so dropping a bunch of traffic might be helpful :) JMcL: It's a big dialup link :-) But you're right, that situation is much less likely. /JMcL In summary, assume 192.168/16 is the summary R1 ip route 192.168.0.0 255.255.0.0 R2 R2 ip route 192.168.0.0 255.255.0.0 null0 Adding the cable is also helpful, but costs money and requires you to touch a bunch of routers. At 09:04 AM 4/5/2002 -0500, Peter van Oene wrote: >Adding a point to point link between ABR's would enhance the resiliency >between the two and tend to protect against Area partitioning. Depending >on the capabilities of the backbone routers, letting more specifics into >the backbone might be helpful as well as it would deliver more optimal >routing and also help solve this problem. > >Shorter answer is, ya, thats a good idea in my opinion :) > >Pete > > [snipped] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40774&t=40269 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]