[j-nsp] RES: Trying to get OSPF to work across IPsec for Redundancy
Leonardo Gama Souza
leonardo.souza at nec.com.br
Thu Apr 28 15:59:07 EDT 2011
> Hello All:
>
> I'm trying to get OSPF up over IPsec. We have two IPsec tunnels, a
> primary and a secondary that our spoke router can use. We want to
have
> the spoke router run OSPF across both and then in case of a failure of
> the primary hub router (where the primary IPsec tunnel terminates)
OSPF
> will direct traffic over the backup tunnel to the backup hub.
>
> So far I have seen OSPF on the spoke router come up just a couple of
> times but only to one or the other peer. It never has come up to both
> peers. Here are my configurations for OSPF and the services
interfaces
> below. Also BGP is up on all routers and all routers are reachable
via
> BGP.
>
> If anyeone can guide me in the right direction to get OSPF working
over
> IPsec that would be most apprectiated!
As far as I know IPSec solely is not able to carry Multicast traffic.
Are you using GRE over IPSec? If not, you may want to try unicast
hellos.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Leonardo Gama Souza (leonardo.souza at nec.com.br).vcf
Type: text/x-vcard
Size: 485 bytes
Desc: Leonardo Gama Souza (leonardo.souza at nec.com.br).vcf
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20110428/e4f242d1/attachment.vcf>
More information about the juniper-nsp
mailing list