[j-nsp] OSPF default problem

Joe Freeman joe at netbyjoe.com
Tue Jan 20 15:29:07 EST 2009


Without a gateway that exists in both the 10.0.1.0/24 and the
10.0.0.0/23networks, nothing on the
10.0.1.0/24 will be able to hit an address on the 10.0.0.0/24 space.

You do realize that 10.0.0.0/23 overlaps with 10.0.1.0/24 so that the
gateway will see 10.0.1.0/24 as part of the larger 0.0/23 supernet locally
attached and will simply arp for any 10.0.1.0/24 address. However, hosts
with 10.0.1.0/24 addresses will see any address on 10.0.0.0/23 as being on a
different subnet and as such will attempt to forward that traffic to their
default gateway. If the default gateway isn't in the 10.0.1.0/24, no traffic
will be sent, and the packet dropped as unreachable.

Joe

On Tue, Jan 20, 2009 at 3:18 PM, Cord MacLeod <cordmacleod at gmail.com> wrote:

> This is the setup roughly.  The gateway is a 3560 switch and has a vlan
> defined for that 10net.  There is also a static route on the internet
> gateway to point everything 10.0.0.0/23 to 10.0.0.2.  10.0.0.2 being
> reachable from 10.0.0.1.
>
>
> On Jan 20, 2009, at 1:55 AM, Felix Schueren wrote:
>
>  Cord MacLeod wrote:
>>
>>> As far as the router id, I went back to basics and looked in my junos
>>> cookbook and didn't skip a beat when I first set this up and it didn't
>>> work.  I just added in all of the steps it suggested, really nothing of
>>> consequence.
>>>
>>> So, 10.0.0.0/24 is the network devices and 10.0.1.0/24 is the machines.
>>> That's why I have a /23 on that interface.  Funny part is that
>>> particular switch with 10.0.0.2 on it locally can hit the internet and
>>> 10.0.0.1.  No other device can nor can I ping 10.0.0.1 with any other
>>> source on the local switch.
>>>
>>>
>> "internet gateway"
>>     |
>>     |
>>   10.0.0.0/23
>>     |
>>     |
>>  "ex4200"
>>     |   \
>>     |    \
>>     |     \
>>  "other1"  "other2"
>>    |         |
>>    10.0.1.0/24
>>    |         |
>> "machines1"  "machines2"
>>
>> is that similiar to your setup? if it is, the "gateway" will most likely
>> not try to reach anything within 10.0.0.0/23 routed, instead just ARPing
>> on it's directly connected interface. From what I saw so far, end
>> machines should be able to send packets to 10.0.0.1, but it appears that
>> 10.0.0.1 can't send any packets back - can you monitor traffic on
>> 10.0.0.1 to verify that?
>>
>> -felix
>>
>>
>> --
>> Felix Schüren
>> Head of NOC
>>
>> ------------------------------------------------------------------
>> Host Europe GmbH - http://www.hosteurope.de
>> Welserstraße 14 - D-51149 Köln - Germany
>> Telefon: (0800) 4 67 83 87 - Telefax: (01805) 66 32 33
>> HRB 28495 Amtsgericht Köln - UST ID DE187370678
>> Geschäftsführer:
>> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
>>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list