[c-nsp] Conflicting OSPF router-ids in separate VRFs

Harold Ritter (hritter) hritter at cisco.com
Thu Mar 5 12:06:31 EST 2009 

Justin,

The OSPF RID needs to be globally unique on the box. There is no way
around it.

Regards 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Justin Shore
Sent: Thursday, March 05, 2009 1:27 AM
To: 'Cisco-nsp'
Subject: [c-nsp] Conflicting OSPF router-ids in separate VRFs

I'm trying to get multiple OSPF instances to work in separate VRFs with
all OSPF instances using the same router-id.  We're offering a VPN
tunnel service to access offsite bit-for-bit data copy services in our
Data Center.  The tunnel of choice is a GRE tunnel with IPSec
protection.  The GRE tunnel interface is inside a unique VRF per
customer.  The IP subnet used in each VRF for this product offering is
identical, as is the interface IPs on the tunnel interfaces.  This makes
the config templates as simple as possible since all sites are
essentially identical from our perspective.

I have OSPF configured inside the VRF in question.  This is the first of
the production GRE tunnels we've turned up for this product offering. 
Tunnel2999 is my beta tunnel and Tunnel3013 is the production tunnel:

Neighbor ID     Pri   State           Dead Time   Address
Interface
%OSPF: Router process 3013 is not running, please configure a router-id
192.168.100.1     0   FULL/  -        00:00:38    10.125.124.2
Tunnel2999


The problem I'm running into is that OSPF will not run on the production
tunnel because it's IP conflicts with the IP in my beta tunnel in a
separate VRF.  When I try to configure OSPF in the production VRF with
the interface IP of the tunnel I get an error:

7613-1(config-router)#router-id 10.125.124.1
OSPF: router-id 10.125.124.1 in use by ospf process 2999

router ospf 2999 vrf dc-gre-test
  ignore lsa mospf
  ispf
  log-adjacency-changes
  redistribute bgp 65001 subnets
  passive-interface default
  no passive-interface Tunnel2999
  network 10.125.124.0 0.0.0.3 area 0
  network 10.125.125.0 0.0.0.255 area 0


router ospf 3013 vrf dc-customer-vrf
  ignore lsa mospf
  ispf
  log-adjacency-changes
  redistribute bgp 65001 subnets
  passive-interface default
  no passive-interface Tunnel3013
  network 10.125.124.0 0.0.0.3 area 0
  network 10.125.125.0 0.0.0.255 area 0


Is there some magic trick to making OSPF on a 7600 running SRB1 be truly
  VRF-aware?  OSPF instances in separate VRFs shouldn't IP conflict with
router-ids in other VRFs.  If they did then what's the point of VRF
separation?  Any thoughts before I call TAC?

Thanks
  Justin
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list