R1
==
conf t
int ser 0/0
ip add 192.168.12.1 255.255.255.0
no shut
exit
int loo0
ip add 1.1.1.1 255.255.255.255
no shut
exit
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
network 1.1.1.1 0.0.0.0 area 0
exit
===================================================================
R2
==
conf t
int ser 0/0
ip add 192.168.12.2 255.255.255.0
no shut
exit
int ser 0/1
ip add 192.168.23.2 255.255.255.0
no shut
exit
int loo0
ip add 2.2.2.2 255.255.255.255
no shut
exit
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 1
network 2.2.2.2 0.0.0.0 area 1
exit
=====================================================================
R3
==
conf t
int ser 0/0
ip add 192.168.23.3 255.255.255.0
no shut
exit
int ser 0/1
ip add 192.168.34.3 255.255.255.0
no shut
exit
int loo0
ip add 3.3.3.3 255.255.255.255
no shut
exit
router ospf 1
network 192.168.23.0 0.0.0.255 area 1
network 192.168.34.0 0.0.0.255 area 2
network 3.3.3.3 0.0.0.0 area 1
exit
=====================================================================
R4
==
conf t
int ser 0/0
ip add 192.168.34.4 255.255.255.0
no shut
exit
int loo0
ip add 4.4.4.4 255.255.255.255
no shut
exit
router ospf 1
network 192.168.34.0 0.0.0.255 area 2
network 4.4.4.4 0.0.0.0 area 2
exit
==
conf t
int ser 0/0
ip add 192.168.12.1 255.255.255.0
no shut
exit
int loo0
ip add 1.1.1.1 255.255.255.255
no shut
exit
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
network 1.1.1.1 0.0.0.0 area 0
exit
===================================================================
R2
==
conf t
int ser 0/0
ip add 192.168.12.2 255.255.255.0
no shut
exit
int ser 0/1
ip add 192.168.23.2 255.255.255.0
no shut
exit
int loo0
ip add 2.2.2.2 255.255.255.255
no shut
exit
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 1
network 2.2.2.2 0.0.0.0 area 1
exit
=====================================================================
R3
==
conf t
int ser 0/0
ip add 192.168.23.3 255.255.255.0
no shut
exit
int ser 0/1
ip add 192.168.34.3 255.255.255.0
no shut
exit
int loo0
ip add 3.3.3.3 255.255.255.255
no shut
exit
router ospf 1
network 192.168.23.0 0.0.0.255 area 1
network 192.168.34.0 0.0.0.255 area 2
network 3.3.3.3 0.0.0.0 area 1
exit
=====================================================================
R4
==
conf t
int ser 0/0
ip add 192.168.34.4 255.255.255.0
no shut
exit
int loo0
ip add 4.4.4.4 255.255.255.255
no shut
exit
router ospf 1
network 192.168.34.0 0.0.0.255 area 2
network 4.4.4.4 0.0.0.0 area 2
exit
========================================================================
Lets verify that at R1 we cannot see the loopback of R4 due to the fact
that area 2 is not connected to the backbone
R1#sh ip route | be Gateway
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 192.168.12.2, 00:10:50, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/129] via 192.168.12.2, 00:10:13, Serial0/0
O IA 192.168.23.0/24 [110/128] via 192.168.12.2, 00:10:13, Serial0/0
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 192.168.12.2, 00:10:50, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/129] via 192.168.12.2, 00:10:13, Serial0/0
O IA 192.168.23.0/24 [110/128] via 192.168.12.2, 00:10:13, Serial0/0
R1#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Lets check R4
R4#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:36 192.168.34.3 Serial0/0
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:36 192.168.34.3 Serial0/0
R4 has seen R3 as a neighbor but on checking its routing table it is seen
that it does not exchange route with R3
R4#sh ip route | be Gateway
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
C 192.168.34.0/24 is directly connected, Serial0/0
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
C 192.168.34.0/24 is directly connected, Serial0/0
Solution is to form a virtual link or gre tunnel lets start with a virtual-link
** Transit area is area 1
** We can use R2 and R3 the ABRs to glue area 2 to the backbone
R2(config)#router ospf 1
R2(config-router)#ar
R2(config-router)#area 1 vir
R2(config-router)#area 1 virtual-link 3.3.3.3
R2(config-router)#ar
R2(config-router)#area 1 vir
R2(config-router)#area 1 virtual-link 3.3.3.3
R3(config)#router ospf 1
R3(config-router)#area 1 vir
R3(config-router)#area 1 virtual-link 2.2.2.2
R3(config-router)#area 1 vir
R3(config-router)#area 1 virtual-link 2.2.2.2
Lets verify the virtual-link
R3#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - - 192.168.23.2 OSPF_VL1
2.2.2.2 0 FULL/ - 00:00:35 192.168.23.2 Serial0/0
4.4.4.4 0 FULL/ - 00:00:39 192.168.34.4 Serial0/1
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - - 192.168.23.2 OSPF_VL1
2.2.2.2 0 FULL/ - 00:00:35 192.168.23.2 Serial0/0
4.4.4.4 0 FULL/ - 00:00:39 192.168.34.4 Serial0/1
R4#sh ip route | be Gateway
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/192] via 192.168.34.3, 00:06:42, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/193] via 192.168.34.3, 00:06:42, Serial0/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:06:51, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:06:51, Serial0/0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:06:51, Serial0/0
C 192.168.34.0/24 is directly connected, Serial0/0
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/192] via 192.168.34.3, 00:06:42, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/193] via 192.168.34.3, 00:06:42, Serial0/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:06:51, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:06:51, Serial0/0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:06:51, Serial0/0
C 192.168.34.0/24 is directly connected, Serial0/0
Now R1 will be able to ping R4
R1#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/52/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/52/60 ms
============================================================
Tunnel solution
The virtual-links configs have been removed.
R2
==
conf t
int tunnel 0
ip address 10.0.23.2 255.255.255.0
tunnel mode gre ip
tunnel source loopback 0
tunnel destination 3.3.3.3
ip ospf 1 area 0
=======
R3
==
conf t
int tunnel 0
ip address 10.0.23.4 255.255.255.0
tunnel mode gre ip
tunnel source loopback 0
tunnel destination 2.2.2.2
ip ospf 1 area 0
==============================
==
conf t
int tunnel 0
ip address 10.0.23.2 255.255.255.0
tunnel mode gre ip
tunnel source loopback 0
tunnel destination 3.3.3.3
ip ospf 1 area 0
=======
R3
==
conf t
int tunnel 0
ip address 10.0.23.4 255.255.255.0
tunnel mode gre ip
tunnel source loopback 0
tunnel destination 2.2.2.2
ip ospf 1 area 0
==============================
Lets verify
R3 is now a neighbor to R2 through the tunnel as well
R3#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - 00:00:39 10.0.23.2 Tunnel0
2.2.2.2 0 FULL/ - 00:00:32 192.168.23.2 Serial0/0
4.4.4.4 0 FULL/ - 00:00:35 192.168.34.4 Serial0/1
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - 00:00:39 10.0.23.2 Tunnel0
2.2.2.2 0 FULL/ - 00:00:32 192.168.23.2 Serial0/0
4.4.4.4 0 FULL/ - 00:00:35 192.168.34.4 Serial0/1
With this R4 is now a neighbor to R3
R4#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:38 192.168.34.3 Serial0/0
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:38 192.168.34.3 Serial0/0
R4#sh ip route | be Gateway
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/11239] via 192.168.34.3, 00:11:21, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/11240] via 192.168.34.3, 00:11:21, Serial0/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:11:21, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:11:21, Serial0/0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
O IA 10.0.23.0 [110/11175] via 192.168.34.3, 00:11:21, Serial0/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:11:21, Serial0/0
C 192.168.34.0/24 is directly connected, Serial0/0
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/11239] via 192.168.34.3, 00:11:21, Serial0/0
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/11240] via 192.168.34.3, 00:11:21, Serial0/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:11:21, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:11:21, Serial0/0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
O IA 10.0.23.0 [110/11175] via 192.168.34.3, 00:11:21, Serial0/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:11:21, Serial0/0
C 192.168.34.0/24 is directly connected, Serial0/0
R4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/49/84 ms
==========================
Lets try to create a recursive routing on the tunnel by adding this command on R3
R3(config)# ip route 2.2.2.2 255.255.255.255 tunnel 0
GRE Tunnel Recursive Routing
Ever seen this error message %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing? The most common reason for this error is that the router is trying to route to the tunnel destination address using the tunnel interface itself. To build the tunnel you need to reach the tunnel destination outside the tunnel. This recursive lookup will cause the tunnel to flap!!! When the tunnel comes up the tunnel destination get preferred through the tunnel this brings the tunnel down. Then the tunnel destination is preferred outside the tunnel via serial 0/0 then the ospf adj of R3 and R2 through the tunnel comes up. Then the static route then route the tunnel destination through the tunnel again causing the tunnel to go down again. This will go on and on until it got fixed!!!*Mar 1 05:14:41.298: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
*Mar 1 05:14:42.242: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel0 from LOADING to FULL, Loading Done
R3(config)#
*Mar 1 05:14:50.298: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing
*Mar 1 05:14:51.298: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
*Mar 1 05:14:51.306: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel0 from FULL to DOWN, Neighbor Down: Interface down or detached
R3(config)#
*Mar 1 05:15:51.298: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
*Mar 1 05:15:51.778: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel0 from LOADING to FULL, Loading Done
R3(config)#
*Mar 1 05:16:00.298: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing
*Mar 1 05:16:01.298: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
*Mar 1 05:16:01.306: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel0 from FULL to DOWN, Neighbor Down: Interface down or detached
Well explained!! Keep posting I enjoyed it.
ReplyDelete