- Posts: 103
- Thank you received: 0
OSPF configuration problem
15 years 5 months ago #30742
by Losh
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
OSPF configuration problem was created by Losh
I'm having a problem with configuring OSPF on a couple of routers.
I have a packet tracer activity i am working on: one customer router connected to a remote router via a serial link and also connected to the ISP router via another serial link.
How do i disable OSPF updates to the ISP router but allow the OSPF updates to the remote router.
Below is a link to the packet tracer file i am working on.
user mode password : cisco
privilledge exec password : class
vty password : cisco
www.2shared.com/file/6371286/e60e3895/OS..._authentication.html
I have a packet tracer activity i am working on: one customer router connected to a remote router via a serial link and also connected to the ISP router via another serial link.
How do i disable OSPF updates to the ISP router but allow the OSPF updates to the remote router.
Below is a link to the packet tracer file i am working on.
user mode password : cisco
privilledge exec password : class
vty password : cisco
www.2shared.com/file/6371286/e60e3895/OS..._authentication.html
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
15 years 5 months ago #30755
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: OSPF configuration problem
I checked the file. OSPF updates are already disabled between the CENTRAL router and the ISP. The CENTRAL router did not establish an adjacency with the ISP router, it only did it with the BRANCH router. You can check that by typing:
[code:1]CENTRAL# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.128.97 1 FULL/- 00:00:38 10.1.1.1 Serial0/0/0[/code:1]
As you can see above the only adjacent router is the BRANCH (192.168.128.97).
However, the ISP router is configured with 2 static routes that point to the inside network:
[code:1]ip route 10.1.1.0 255.255.255.252 Serial0/0/1
ip route 192.168.1.0 255.255.255.0 Serial0/0/1[/code:1]
Thats why when you list routes on the ISP, you get:
[code:1]ISP#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/30 is subnetted, 1 subnets
S 10.1.1.0 is directly connected, Serial0/0/1
S 192.168.1.0/24 is directly connected, Serial0/0/1
209.165.200.0/30 is subnetted, 1 subnets
C 209.165.200.224 is directly connected, Serial0/0/1
209.165.201.0/30 is subnetted, 1 subnets
C 209.165.201.0 is directly connected, FastEthernet0/0[/code:1]
Notice here the S flag which indicate that the routes came from a static route. If it came from OSPF, it should have been flaged by O.
[code:1]CENTRAL# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.128.97 1 FULL/- 00:00:38 10.1.1.1 Serial0/0/0[/code:1]
As you can see above the only adjacent router is the BRANCH (192.168.128.97).
However, the ISP router is configured with 2 static routes that point to the inside network:
[code:1]ip route 10.1.1.0 255.255.255.252 Serial0/0/1
ip route 192.168.1.0 255.255.255.0 Serial0/0/1[/code:1]
Thats why when you list routes on the ISP, you get:
[code:1]ISP#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/30 is subnetted, 1 subnets
S 10.1.1.0 is directly connected, Serial0/0/1
S 192.168.1.0/24 is directly connected, Serial0/0/1
209.165.200.0/30 is subnetted, 1 subnets
C 209.165.200.224 is directly connected, Serial0/0/1
209.165.201.0/30 is subnetted, 1 subnets
C 209.165.201.0 is directly connected, FastEthernet0/0[/code:1]
Notice here the S flag which indicate that the routes came from a static route. If it came from OSPF, it should have been flaged by O.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
15 years 5 months ago #30771
by Losh
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
Replied by Losh on topic Re: OSPF configuration problem
Thanx alot, it was really getting into my nerves.
What about if a router has a serial link and a fastethernet link, how then do i disable OSPF updates from being advertised to the fastethernet link. I want to do this for the purpose of minimizing bandwidth usage.
What about if a router has a serial link and a fastethernet link, how then do i disable OSPF updates from being advertised to the fastethernet link. I want to do this for the purpose of minimizing bandwidth usage.
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
15 years 4 months ago #30784
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: OSPF configuration problem
It doesn't matter what or how many interfaces the router has, as long as it's config does NOT include ospf statements (with the same AREA number 0), the router will NOT participate in OSPF for that area.
In your example, the ISP router did not have any OSPF statements in it's config. Thats why it did not participate in OSPF.
In your example, the ISP router did not have any OSPF statements in it's config. Thats why it did not participate in OSPF.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
15 years 4 months ago #30787
by Losh
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
Replied by Losh on topic Re: OSPF configuration problem
Thanx man. So far so good. We're at par up to there.
Please just take a look at this pdf in the link below. Look at task 3 Step 2, the last line.
What does this line mean? ( Disable OSPF updates to the LANs)??
pdf link
www.2shared.com/file/6418940/40c0b7df/OSPF_with_ACLs.html
Please just take a look at this pdf in the link below. Look at task 3 Step 2, the last line.
What does this line mean? ( Disable OSPF updates to the LANs)??
pdf link
www.2shared.com/file/6418940/40c0b7df/OSPF_with_ACLs.html
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
15 years 4 months ago #30792
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: OSPF configuration problem
I understand you better now.
There is a command to disable OSPF on a specific interface, like this:
[code:1]BRANCH# conf t
BRANCH(config)# int fa0/0
BRANCH(config-if)# ip ospf shutdown[/code:1]
However, this command is not supported by packet tracer 5.1 (which I have), check your version. You can find the command in a real router.
There is another way, you could create an extended ACL and block OSPF updates using it, like this:
[code:1]BRANCH(config)# access-list 101 deny ospf any any
BRANCH(config)# access-list 101 permit ip any any[/code:1]
Then you can apply it on the fa0/0 and/or fa0/0 sub-interfaces using the ip access-group command.
There is a command to disable OSPF on a specific interface, like this:
[code:1]BRANCH# conf t
BRANCH(config)# int fa0/0
BRANCH(config-if)# ip ospf shutdown[/code:1]
However, this command is not supported by packet tracer 5.1 (which I have), check your version. You can find the command in a real router.
There is another way, you could create an extended ACL and block OSPF updates using it, like this:
[code:1]BRANCH(config)# access-list 101 deny ospf any any
BRANCH(config)# access-list 101 permit ip any any[/code:1]
Then you can apply it on the fa0/0 and/or fa0/0 sub-interfaces using the ip access-group command.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Time to create page: 0.142 seconds