[c-nsp] Is there any way to prevent transit traffic through OSPFABR/ASBR?
Tim Franklin
tim at colt.net
Wed Oct 11 04:55:28 EDT 2006
> Our problem is that we cannot allow transit traffic of any kind to
> pass the WAN lines to remote sites. Only traffic to/from the site
> can be allowed to pass the WAN lines. In the normal case this works
> fine, but we have sometimes experienced site transit traffic being
> caused by certain node-to-node lines going down. Besides that, now
> when some sites upgrade to 4 Mbps they will have the same bandwidth
> as most of the node-to-node lines, which could cause OSPF to choose
> those site lines instead of the node-to-node lines.
>From the way you're talking about this, it sounds like the failure case is
traffic going into a remote site and out again to circumvent a break in the
core, rather than going the "wrong" way around the core, right?
I'd suggest not relying on OSPF default costs - work out where you want your
traffic to go normally, where you want it go when something breaks, and
manually set costs to force that to happen.
>From as much detail as you'd given, assuming a worst-case where the 8 node
sites are in a ring (A-H), a starting point might be to make the node-node
links cost 10 and the remote links cost 100. Then when a node-node link
(A-B) dies, it's still cheaper to go the "wrong" way around the ring -
A-H-G-F-E-D-C-B (70) rather than A-B (10) - than even the cheapest possible
path via a remote site - A-remote-B (200).
Regards,
Tim.
--
____________ Tim Franklin e: tim at colt.net
\C/\O/\L/\T/ Network Development & w: www.colt.net
V V V V Product Engineering t: +44 20 7863 5714
Data | Voice | Managed Services f: +44 20 7863 5876
More information about the cisco-nsp
mailing list