Yes, it is an Internet ASBR, there are others, and its only purpose is to advertise a default route + local DMZ into OSPF. The ASBR would get a default route from BGP. In turn the ISP is advertising a default route via BGP into the outside router. The plan is that if the ISP stops advertising at this point, then the default route advertisement from one of the other ISP connection points will take over. I see it that it really depends on how much equipment is between the real backbone and the ISP connection.
""Howard C. Berkowitz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 6:56 PM +0000 1/26/03, Steve Ringley wrote: >I understand that there are many ways to, umm, do you-know-what to the cat, >but what I am looking for is a higher guiding philosophy or rule to use as a >foundation to guide the rest of the process. My understanding of the >high-level OSPF process is that OSPF wants to route traffic from area a to >area b via area 0. This in turn in part is why having destinations like the >server farm in area 0 is bad in my mind. Completely true. >Given that process, should OSPF >have an area between area 0 and the ASBR point, or does it internally treat >the ASBR as another area thus meaning the ASBR can be directly with area 0. Again, it depends on several factors. Is the ASBR going to the Internet? Is there more than one point of connection to the Internet? How much external information are you going to leak into your IGP? Just closest-exit default? Preferential default depending on provider? If you have multiple connection points, what's the cost of internal bandwidth? IN GENERAL, I put Internet ASBRs in Area 0.0.0.0, but I've also put them elsewhere for policy- and requirement-specific reasons. There really is no general rule for the real world. > >""Howard C. Berkowitz"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >At 8:56 PM +0000 1/25/03, Priscilla Oppenheimer wrote: >>Steve Ringley wrote: >>> >>> That is why I am asking the question - it is unclear! Let me >>> try it this >>> way: >>> >>> If we take the textbook Internet setup, we would have an >>> >>> outside router - BGP >>> firewall >>> inside router - OSPF ASBR to BGP >>> core router - OSPF backbone >>> >>> On the inside router, would I create an ASBR with area 0 >>> defined on the >>> inside to core connection >>> >>> or >>> >>> Would I create an new OSPF area to define the connection >>> between the inside >> > router and the core router? > >Steve, this is rapidly becoming a question not of how the protocol >works, but what you are trying to accomplish -- and a number of >aspects of how you connect to the Internet, get address space, etc. >I agree with Priscilla that there are various ways to do this -- just >taking the textbook (well, not MY textbooks *g*) model isn't enough >when you have multiple connections. > >> >>I think you could do either one. Your core router connects (downwards in >>your picture) to Area 0 (the OSPF backbone), right? >> >>So, does your question boil down to whether the link between the inside >>router and the core router should be in Area 0 or a new Area? I think you >>could do it either way. >> >>> >>> >>> There are several of these types of connections in the larger >>> network, and >>> there is an expectation that if one of these goes down the OSPF >>> and BGP will >>> figure it out and shift traffic to the working connections. >> >>OSPF should figure out which routes to the ASBRs are up. Your inside >routers >>should inject an ASBR Summary LSA into Area 0 to make sure other routers >>know about the routes to the ASBRs. >> >>I don't think BGP is involved at this point. It sounds like you just run >>that to the outside world. >> >>You'll need to consider how traffic gets back in to. >> >>So, this is large-scale design, I'm realizing. You need more help than I >can >>give! :-) Maybe Peter, Howard, Chuck, etc. could pipe in, or maybe do some >>paid consulting work for you!? > > >Some of the questions that would need to be answered even to begin a >coherent design include: > > -- To how many providers do you connect? > -- Do you connect to any provider at more than one point? > -- Does your registered address space come from provider(s), or is it > provider-independent? > -- How good is your address plan with respect to area summarization? > -- What is your monetary cost for access to providers as opposed to > internal bandwidth inside your network? For example, do you have > enough bandwidth that it makes sense to backhaul to a distant >provider > access point, or should you always take the closest exit? > -- Is the closest exit always the best exit? > -- What are the bandwidths and monetary costs of your provider >connections? > -- What are your availability requirements? Cost of downtime, including > a breakout of cost for mission-critical applications? > >> >>Priscilla >> >>> >>> ""Priscilla Oppenheimer"" wrote in >>> message >>> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >>> I'm afraid your question isn't clear. >>> >>> By definition, an ASBR connects two unlike networks, one that >>> is running >>> OSPF and one that isn't. So, the ASBR will connect to the >>> Internet in your >>> example. >>> >>> Steve Ringley wrote: >>> > >>> > I have an OSPF network, and I have my Internet connections. >>> Do >>> > I: >>> > >>> > ASBR where traffic goes from area 0 to the Internet >>> >>> Is that where your Internet connection is? In area 0? Often, it >>> is, and >>> that's where your ASBR will be. >>> >>> > >>> > or >>> > >>> > ASBR where traffic goes to an area x then to the Internet? >>> >>> Goes from where to an Area x and then to the Internet?? This is >>> where your >>> question gets unclear. But if you are considering putting an >>> ASBR between >>> Area x and Area 0, then that doesn't make sense. It's not an >>> ASBR because >>> it's connecting two OSPF networks. If your Internet connection >>> is in Area X, >>> you will have an ASBR that connects the OSPF world to the >>> Internet, sitting >> > on the edge of Area X. >>> >>> Are you asking if the ASBR should be in Area 0? I think the >>> answer is yes, >>> if it can, but sometimes that's simply not possible on large >>> internetworks > >> with multiple egress points. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61977&t=61823 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
