Static and Dynamic Routing
Configure OSPF
- Configure OSPF on R1 (LAN-facing interfaces) and all Core and Distribution switches (all Layer-3 interfaces).
a. Use process ID 1 and Area 0.
b. Manually configure each device’s RID to match the loopback interface IP.
c. On switches, use the network command to match the exact IP address of each interface.
d. On R1, enable OSPF in interface config mode.
e. Make sure OSPF is enabled on all loopback interfaces, too. Loopback interfaces should be passive.
f. Each Distribution switch’s SVIs (except the Management VLAN SVI) should be passive, too.
g. Configure all physical connections between OSPF neighbors to use a network type that doesn’t elect a DR/BDR. (This meanspoint-to-point). NOTE: This doesn’t work on the Layer-3 PortChannel interfaces between CSW1/CSW2. Leave them as the default network type.
For R1, note that even though a sh ip ospf shows that the router-id is the loopback address, the instructions say to manually define it. Configure R1 as defined:
R1#conf t
R1(config)#router ospf 1
R1(config-router)#do sh ip ospf
Routing Process "ospf 1" with ID 10.0.0.76
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 0. 0 normal 0 stub 0 nssa
External flood list length 0
R1(config-router)#router-id 10.0.0.76
R1(config-router)#passive-interface l0
R1(config-router)#int l0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#int range g0/0-1
R1(config-if-range)#ip ospf 1 area 0
R1(config-if-range)#ip ospf network point-to-point
Configure CSW1:
CSW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CSW1(config)#router ospf 1
Configure the router-id with the IP address of its loopback interface:
CSW1(config-router)#router-id 10.0.0.77
Make the loopback interface passive:
CSW1(config-router)#passive-interface l0
For the switches, look at the interfaces that have IP addresses:
CSW1(config-router)#do sh ip int br | exclude un
Interface IP-Address OK? Method Status Protocol
Port-channel1 10.0.0.41 YES manual up up
GigabitEthernet1/0/1 10.0.0.34 YES manual up up
GigabitEthernet1/1/1 10.0.0.45 YES manual up up
GigabitEthernet1/1/2 10.0.0.49 YES manual up up
GigabitEthernet1/1/3 10.0.0.53 YES manual up up
GigabitEthernet1/1/4 10.0.0.57 YES manual up up
Loopback0 10.0.0.77 YES manual up up
Activate OSPF on CSWs interfaces:
CSW1(config-router)#network 10.0.0.41 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.34 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.45 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.49 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.53 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.57 0.0.0.0 area 0
CSW1(config-router)#network 10.0.0.77 0.0.0.0 area 0
Configure the OSPF type as point-to-point on the switches physical interfaces:
CSW1(config-router)#int range g1/0/1,g1/1/1-4
CSW1(config-if-range)#ip ospf network point-to-point
Configure CSW2:
router ospf 1
router-id 10.0.0.78
network 10.0.0.42 0.0.0.0 area 0
network 10.0.0.38 0.0.0.0 area 0
network 10.0.0.61 0.0.0.0 area 0
network 10.0.0.65 0.0.0.0 area 0
network 10.0.0.69 0.0.0.0 area 0
network 10.0.0.73 0.0.0.0 area 0
network 10.0.0.78 0.0.0.0 area 0
interface range g1/0/1,g1/1/1-4
ip ospf network point-to-point
Then the distribution switches:
DSW-A1:
router ospf 1
router-id 10.0.0.79
passive-interface loopback0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 40
network 10.0.0.46 0.0.0.0 area 0
network 10.0.0.62 0.0.0.0 area 0
network 10.0.0.79 0.0.0.0 area 0
network 10.1.0.2 0.0.0.0 area 0
network 10.2.0.2 0.0.0.0 area 0
network 10.0.0.2 0.0.0.0 area 0
network 10.6.0.2 0.0.0.0 area 0
interface range g1/1/1-2
ip ospf network point-to-point
DSW-A2:
router ospf 1
router-id 10.0.0.80
passive-interface loopback0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 40
network 10.0.0.50 0.0.0.0 area 0
network 10.0.0.66 0.0.0.0 area 0
network 10.0.0.80 0.0.0.0 area 0
network 10.1.0.3 0.0.0.0 area 0
network 10.2.0.3 0.0.0.0 area 0
network 10.0.0.3 0.0.0.0 area 0
network 10.6.0.3 0.0.0.0 area 0
interface range g1/1/1-2
ip ospf network point-to-point
Check the OSPF Neighbors:
Neighbor ID Pri State Dead Time Address Interface
10.0.0.79 1 FULL/DR 00:00:33 10.0.0.2 Vlan99
10.0.0.78 0 FULL/ - 00:00:38 10.0.0.65 GigabitEthernet1/1/2
10.0.0.77 0 FULL/ - 00:00:36 10.0.0.49 GigabitEthernet1/1/1
Notice that the interface is VLAN 99.
If we didn’t make the VLAN 10, 20 and 40 SVIs passive, DSW-A1 and A2 would become OSPF neighbors with each other four times – once for each SVI – that isn’t necessary.
Also notice that because we made G1/1/1 and 1/1/2 point-to-point, no DR or BDR are elected for
the connections with CSW1 and CSW2: 10.0.0.77 and 78 here.
Configure DSW-B1:
router ospf 1
router-id 10.0.0.81
passive-interface loopback0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 30
network 10.0.0.54 0.0.0.0 area 0
network 10.0.0.70 0.0.0.0 area 0
network 10.0.0.81 0.0.0.0 area 0
network 10.3.0.2 0.0.0.0 area 0
network 10.4.0.2 0.0.0.0 area 0
network 10.5.0.2 0.0.0.0 area 0
network 10.0.0.18 0.0.0.0 area 0
interface range g1/1/1-2
ip ospf network point-to-point
Configure DSW-B2:
router ospf 1
router-id 10.0.0.82
passive-interface loopback0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 30
network 10.0.0.58 0.0.0.0 area 0
network 10.0.0.74 0.0.0.0 area 0
network 10.0.0.82 0.0.0.0 area 0
network 10.3.0.3 0.0.0.0 area 0
network 10.4.0.3 0.0.0.0 area 0
network 10.5.0.3 0.0.0.0 area 0
network 10.0.0.19 0.0.0.0 area 0
interface range g1/1/1-2
ip ospf network point-to-point
- Configure one static default route for each of R1’s Internet connections. They should be recursive routes. (meaning they should specify a next hop IP address, but not an exit interface. For review, recursive routes specify only the next hop IP. Directly connected routes specify only the exit interface, and fully specified routes specify both.)
Configure a floating static route
a. Make the route via G0/1/0 a floating static route by configuring an AD value 1 greater than the default.
R1 has two Internet interfaces, G0/0/0 and G0/1/0:
R1#show ip int br
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.0.0.33 YES manual up up
GigabitEthernet0/1 10.0.0.37 YES manual up up
GigabitEthernet0/2 unassigned YES unset administratively down down
GigabitEthernet0/0/0 203.0.113.2 YES DHCP up up
GigabitEthernet0/1/0 203.0.113.6 YES DHCP up up
Loopback0 10.0.0.76 YES manual up up
Vlan1 unassigned YES unset administratively down down
They have a /30 prefix length:
R1#show ip int g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up (connected)
Internet address is 203.0.113.2/30
A /30 subnet only has two usable addresses, .1 and .2 in this case, so that means the ISP’s IP address must be 203.0.113.1. This will be the next hop IP address.
Configure the default route, and the floating static route with a higher AD (than the default of 1 for a static route) for the second WAN interface:
R1(config)#ip route 0.0.0.0 0.0.0.0 203.0.113.1
R1(config)#ip route 0.0.0.0 0.0.0.0 203.0.113.5 ?
<1-255> Distance metric for this route
<cr>
R1(config)#ip route 0.0.0.0 0.0.0.0 203.0.113.5 2
Confirm the primary static route is in the route table:
R1(config)#do sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 203.0.113.1 to network 0.0.0.0
xxx
O 10.6.0.0/24 [110/3] via 10.0.0.34, 00:15:14, GigabitEthernet0/0
[110/3] via 10.0.0.38, 00:15:14, GigabitEthernet0/1
203.0.113.0/24 is variably subnetted, 4 subnets, 2 masks
C 203.0.113.0/30 is directly connected, GigabitEthernet0/0/0
L 203.0.113.2/32 is directly connected, GigabitEthernet0/0/0
C 203.0.113.4/30 is directly connected, GigabitEthernet0/1/0
L 203.0.113.6/32 is directly connected, GigabitEthernet0/1/0
S* 0.0.0.0/0 [1/0] via 203.0.113.1
b. R1 should function as an OSPF ASBR, advertising its default route to other routers in the OSPF domain.
R1#conf t
R1(config)#router ospf 1
R1(config-router)#default-information originate
Confirm propagation at any of the later 3 switches:
DSW-B2(config-if-range)#do show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 10.0.0.57 to network 0.0.0.0
XXX
O*E2 0.0.0.0/0 [110/1] via 10.0.0.57, 00:00:34, GigabitEthernet1/1/1
[110/1] via 10.0.0.73, 00:00:34, GigabitEthernet1/1/2
The default route is at the bottom of the routing table. Notice it has two routes installed: one with CSW1 as the next hop, and one with CSW2 as the next hop. If you ping R1’s internet IP from this switch, it should work.
DSW-B2(config-if-range)# do ping 203.0.113.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 203.0.113.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms
Now try to ping the ISPs IP address:
DSW-B2(config-if-range)#do ping 203.0.113.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 203.0.113.1, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
You get 5 U's for unreachable. This is because DSW-B2 is pinging from a private IP address, which the ISP’s router doesn’t accept. To solve that, we need to configure NAT, network address translation in the next section.