[c-nsp] OSPF Campus Design : Excessive SPF Runs

Pavel Skovajsa pavel.skovajsa at gmail.com
Fri Jan 15 04:32:32 EST 2010


Hi Jason,

see below

-pavel skovajsa

On Fri, Jan 15, 2010 at 4:57 AM, Jason LeBlanc <jasonleblanc at gmail.com> wrote:
> Hello,
>
> We currently have Layer 3 Routed Access configured at all of our Metro Campus locations.  There are a few obvious deviations from the best practice design guides.   The current setup is:
>
> Core -->        Datacenter Distribution --> | (fiber connect) | -->     Building Distribution -->       Access
> (backbone)      (ABR)                                                                           (ASBR)                                  (OSPF enabled access switch)
>
> The Cisco best practice is:
>
> Core -->        Distribution -->        Access
> (backbone)      (ABR)                   (OSPF enabled access switch)
>

The best practices are exactly what it says - best practices - in real
practice everybody finds hard to actually achieve that, due to
geopolitical/other reasons. In other words the following implication
is NOT true:  not following best practices -> bad design -> network
melts

> We are running NSSA with no-summary and the range command on the Datacenter Distribution routers.  Each floor has 2 access switches (w/ OSPF running) which each have a link back to the Building Distribution router.  Vlans on each box on each floor are mutually exclusive.
>
> Symptoms:
> Lots of SPF re-calculations, NTP failing from Datacenter Distro -> Building Distro, and users reporting loss of their shared drives.
>
> router-a#sh ip ospf stat
>  Area 0.0.0.0: SPF algorithm executed 7865 times
>  Area 192.8.208.0: SPF algorithm executed 386 times
>  Area 192.70.0.0: SPF algorithm executed 563 times
>  Area 192.100.0.0: SPF algorithm executed 93076 times

Well, that last area 192.100.0.0 seems to be the culprit - what about
troubleshooting it for a while, instead of redesigning whole network?
Use commands like above "show ip ospf stat" and looks for Seq# and LSA
Age to find the flapping LSA. Also stuff like "Debug ip ospf monitor"
and "show ip ospf database database-sum" will help you.


>
>
> Questions:
> Should we be advertising (passively or non-passively) L3 Vlans into OSPF?

Passively. Why would somebody do that in non-passive way and have
miriads of neighbors per each vlan?

> Should we be doing Totally NSSA's instead of NSSA's?

Totally stubby (or totally not-so-stubby if you need ASBR) should be
default design, only configure no-summary if you have specific reason.
Also I don't understand the need for ASBR in your NSSA - but you
probably have a reason for that.

>        If not is there a way to get the DR in NSSA to advertise a single route back as default route?
> Should we be sending each campus distribution router directly to the Core so that its the 3 hops?

As written above, if you have the funding to do this it will certainly
make your network design nicer, but I don't see how doing this would
actually massively decrement your SFP runs....

> Do you suggest tuning the OSPF dead interval to achieve subsecond convergence?

Scale and speed are contradictory goals. Fast reaction to changes in
network topology, tends to end up in a network that never converges
and is unstable.

>
>
> Any help advise is greatly appreciated!
>
> Regards,
>
> //LeBlanc
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list