Connect to OSPF area 0 over GRE tunnel

We all know that all OSPF areas have to be connected to area 0. But sometimes you encounter
a situation where it is not possible to connect an area to area 0. This can happen because of
poor network design or because two or more networks merge together. There are several options
to deal with this problem. In the CCNP curriculum you learn that a virtual-link is the way
to go on this problem. But there is an other option which is not as popular, but in my opinion
is even more elegant. I’m talking about a GRE tunnel solution.

Let’s take the topology as shown in the picture below.

OSPF_GRE_TOPOLOGY

Router R2 is connected to R1 in area 0. R2 and R3 are connected in area 1 and R3 is connected
to R4 in area 2. Which means that R3 has no connection to area 0.

Below the configurations of routers R1 to R4 before the configuration of the GRE tunnel.

R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
switchport access vlan 10
!
!
interface FastEthernet2/0
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
!
!
interface Vlan10
ip address 10.100.100.254 255.255.255.0
!
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.0.0.0 0.0.0.3 area 0
network 10.100.100.0 0.0.0.255 area 0
!
R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
!
interface FastEthernet1/0
ip address 10.0.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 10.0.0.2 255.255.255.252
duplex auto
speed auto
!
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 1
network 10.0.0.0 0.0.0.3 area 0
network 10.0.1.0 0.0.0.3 area 1
!
R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
!
interface FastEthernet1/0
ip address 10.0.1.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 10.0.3.1 255.255.255.252
duplex auto
speed auto
!
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 1
network 10.0.1.0 0.0.0.3 area 1
network 10.0.3.0 0.0.0.3 area 2
!
R4
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
switchport access vlan 10
!
!
interface FastEthernet2/0
ip address 10.0.3.2 255.255.255.252
duplex auto
speed auto
!
!
interface Vlan10
ip address 10.200.200.254 255.255.255.0
!
!
router ospf 10
router-id 4.4.4.4
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 2
network 10.0.3.0 0.0.0.3 area 2
network 10.200.200.0 0.0.0.255 area 2
!

To make this topology work there needs to be a connection from R3 to area 0. To make this happen
make the following configurations to router R2 and R3.

R2
!
interface Tunnel0
ip address 172.18.2.1 255.255.255.0
tunnel source Loopback0
tunnel destination 3.3.3.3
!
!
router ospf 10
network 172.18.2.0 0.0.0.255 area 0
!
R3
!
interface Tunnel0
ip address 172.18.2.2 255.255.255.0
tunnel source Loopback0
tunnel destination 2.2.2.2
!
!
router ospf 10
network 172.18.2.0 0.0.0.255 area 0
!

If you do a “show ip ospf neighbors” on R2 you can see there is a full neighborship between router
R2 and R3 in area 0.

show ip ospf neighbors R2-R3
And with the “show ip route” command you see the network from “area 2” is now in the table.

show ip route R2-R3
Now ping from PC1 to PC2 and this will succeed.

ping PC2-PC2

More interesting is a traceroute from PC1 to PC2, this will show the traffic is actually going
trough the GRE Tunnel!

traceroute PC1-PC2

Advertisements

Redistribution and Route-Maps (part 2)

In part two of this post I will explain how to make use of route-maps to influence the redistribution process of routing protocols.

First take a look again at the network topology.
Network Layout

As can be seen the redistribution point is between R4 and R5. The actual redistribtion configuration is done on R5.
With the configuration made in part 1 of this post, all routes are known to all routers in the topology. For whatever reason, sometimes you don’t want that all routes are vissible. This is where a route-map comes in handy.
With the use of route-maps I can influence a lot of things, like traffic flow and in this case the redistribution of routes.

Let’s assume the network administrator wants to exclude the ip-address of router R7 (7.7.7.7) from the routing table in the OSPF cloud. To make this happen the next configuration has to be made.

First of all make a standard ACL, in which you permit the 7.7.7.7 traffic
ACL

Then configure the route-map. Give it a name that makes sense to you (document this to make sure future colleagues understand it to!).
route_map

The “deny 10” does what it say’s, deny everything what comes after this line. The “match ip address 1” matches the traffic that hits access-list 1. The “route-map Redis permit 15” is not explicitly necessary, but to make things clear I added it nevertheless.

Now we have to tell the routing protocol to look at the “Redis” route-map. Otherwise the traffic will just flow as before
OSPF_redis
As you can see in the screenshot above, you just make an addition to the redistribution command.

Now take a look at the routing table of let’s say, router R1
Route_table_RM
As you can see there is no entry to the 7.7.7.7 route anymore
To be totally sure, do a ping test to 7.7.7.7
R1_ping_aft_RM

Route maps can be used for a lot of things and influence alsmost everthing. Check the Cisco documentation for more options!

Redistribution and Route-Maps (part 1)

This post will be about redistribution and the use of route-maps to influence the redistribution process.

When companies merge, the network has to merge too. Often the networks don’t use the same routing protocols. Sometimes it’s possible to migrate a netwerk from let’s say OSPF to EIGRP, but when the company’s don’t use Cisco only, it’s is hard to migrate.

To tackle this problem it’s is possible to redistribute the OSPF routes into EIGRP and also the other way around. This means that all the routes from OSPF are known in the EIGRP cloud, and al the EIGRP routes are known in the OSPF cloud. Sometimes it is not necessary for the EIGRP cloud to know al the OSPF routes. That’s when route-maps come in. With a route-map it is possible to make sure certain routes will never get to the routing table.

In the next section a configuration example.

First have a look a the network layout:

Network Layout

Al routers have two intfaces to connect to their neighbours and one loopback interface to identify the router.
Below an example of router R3:

Interfaces R3

After that configure OSPF:

EIGRP_redistribute R3

Make sure you configure these steps on all the OSPF routers.
To make sure the configuration is correct, check if the “show ip ospf neighbours” command shows two neighbours
OSPF_neighbours R3

 

After configuring the correct interfaces, configure EIGRP:

EIGRP R6

The initial configuration is done. Now the redistribution part can be configured. To make redistribution possible there has to be a redistribution point, in other words, there has to be a router which has an interface (or interfaces) in the OSPF aswell as the EIGRP cloud. In this example R5 is the redistribution point.

Below an example of the redistribution between OSPF and EIGRP on R5:

OSPF_redistribute EIGRP_redistribute R3

As shown in the examples the redistribution command has some options. The default values are enough to make the redistribution work.

To make sure the redistribution works, use the command show ip route on for example router R4.

Routes R4 after redistribution

As can be seen in the above example the EIGRP routes are learned as E2 routes. To make sure the connectivity is correct, use the ping command. As can be seen in the next example, the ping command is succesfull from router R1 to router R7.

ping

 

In part 2 I will describe the route-map configuration.