[c-nsp] Is there any way to prevent transit traffic through OSPFABR/ASBR?

Tim Franklin tim at colt.net
Wed Oct 11 04:55:28 EDT 2006


> Our problem is that we cannot allow transit traffic of any kind to
> pass the WAN lines to remote sites. Only traffic to/from the site
> can be allowed to pass the WAN lines. In the normal case this works
> fine, but we have sometimes experienced site transit traffic being
> caused by certain node-to-node lines going down. Besides that, now
> when some sites upgrade to 4 Mbps they will have the same bandwidth
> as most of the node-to-node lines, which could cause OSPF to choose
> those site lines instead of the node-to-node lines.

>From the way you're talking about this, it sounds like the failure case is
traffic going into a remote site and out again to circumvent a break in the
core, rather than going the "wrong" way around the core, right?

I'd suggest not relying on OSPF default costs - work out where you want your
traffic to go normally, where you want it go when something breaks, and
manually set costs to force that to happen.

>From as much detail as you'd given, assuming a worst-case where the 8 node
sites are in a ring (A-H), a starting point might be to make the node-node
links cost 10 and the remote links cost 100.  Then when a node-node link
(A-B) dies, it's still cheaper to go the "wrong" way around the ring -
A-H-G-F-E-D-C-B (70) rather than A-B (10) - than even the cheapest possible
path via a remote site - A-remote-B (200).

Regards,
Tim.

-- 
____________   Tim Franklin                 e: tim at colt.net 
\C/\O/\L/\T/   Network Development &        w: www.colt.net 
 V  V  V  V    Product Engineering          t: +44 20 7863 5714 
Data | Voice | Managed Services             f: +44 20 7863 5876  




More information about the cisco-nsp mailing list