[c-nsp] A few very Quick IP SLA questions

Devon True devon at noved.org
Fri Jul 16 13:36:33 EDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/16/2010 11:14 AM, Drew Weaver wrote:
> Also the main reason for implementing this is because we had an instance where a interface didn't go down, but no traffic would pass through it (routing protocols failed, etc) and we have our default routes setup as such:
> 
> ip route 0.0.0.0 0.0.0.0 Vlan4091 x.x.25.97
> ip route 0.0.0.0 0.0.0.0 Vlan4092 x.x.25.101
> 
> So return traffic was still being sent down the 'dead but up/up' interface which caused obvious heartache.
> 
> Would using a track on each of these routes (combined with aforementioned IP SLA probes) be a good way to prevent this from occurring in the future?
> 
> I basically want to ensure that both the interface is up and that traffic can pass from this router to its gateway before the route will be used.
> 
> Sorry this is so long, hopefully it makes at least some sense.
> 
> I thought about using BFD, but it seems like they have removed support for BFD on VLANs in recent code.

We use a method where our edge routers inject a default-route into our
OSPF process. The edge routers inject this routes based on the
connectivity to the Internet-facing interfaces or to other edge routers.

Example:

ip access-list standard ExternalPaths
 permit isp1 0.0.0.3
 permit isp2 0.0.0.3
 permit otherEdge 0.0.0.3
 permit anotherEdge 0.0.0.3

route-map AdvDefault permit 999
 match ip address ExternalPaths
!
router ospf 1
 default-information originate route-map AdvDefault

I do not know if that solution is applicable to your environment.

http://blog.ioshints.info/2007/06/ospf-default-route-design-scenarios.html
http://www.nil.si/ipcorner/OSPFDefaultMysteries/

- --
Devon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxAmKEACgkQWP2WrBTHBS/7bQCeOuwkXZ2QR6zTAH+q0L2FRK2W
3YUAoLUOBUyOYFTMMOObywk+nJokd9Jn
=vXFK
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list