Thursday, March 10, 2011

Lab 33 - OSPF Conditional Default Routing with IP SLA

Prerequisites: CCNP level skills.

Note!
In the previous lab 32, the default route is advertised with the 'always' keyword conditionally. It is assumed that the link between R1 and R3 is up. When it is down, the default route is no longer advertised in OSPF by R1.

This lab allows to accomplish similar advertisement but will not rely on up/down activity of the link between R1 and R3 (eg. switch in between) but on the actual reachability between R1 and R3 instead.

Found this sneaky method at:
Source: http://blog.ioshints.info/2008/01/ospf-default-route-based-on-ip-sla.html

Here's what they wrote:

"The solution is a bit more complex when the router originating the default route into OSPF should not have a default route. In this case, you could use a routing trick:
  1. Configure IP SLA and a corresponding track object.
  2. Use reliable static routing to configure a static host route for a bogus IP address (for example, 10.0.0.1/32) pointing to null0 (for example, ip route 10.0.0.1 255.255.255.255 null 0 track 100). Obviously this host route should not be redistributed into any routing protocol.
  3. Conditionally advertise default route into OSPF based on presence of the static host route."

Below is my humble attempt to use this method.

Topology

Pic. 1 - OSPF Topology.
Icons designed by: Andrzej Szoblik - http://www.newo.pl



Task 1
Configure R1 to advertise the default route in OSPF towards R2 (R1 and R3 are assumed to run BGP). R1 should not have a default route installed in its routing table. R1 should not rely on up/down activity to advertise/not advertise the default route but on the real reachability to R3. In case R3 is inaccessible (use ping here) for 10 seconds, R1 should no longer advertise the default route.

Lab Solution

Task 1
Configure R1 to advertise the default route in OSPF towards R2 (R1 and R3 are assumed to run BGP). R1 should not have a default route installed in its routing table. R1 should not rely on up/down activity to advertise/not advertise the default route but on the real reachability to R3. In case R3 is inaccessible (use ping here) for 10 seconds, R1 should no longer advertise the default route.


R1 Configuration:
!
! IP SLA Probe Configuration
ip sla monitor 1
 type echo protocol ipIcmpEcho 10.1.13.3
 timeout 2000
 frequency 10
!
! Enable Probe
ip sla monitor schedule 1 life forever start-time now
!
! Create an object to track the responses from the probe
track 100 rtr 1
!
! Configure a bogus entry in the routing table /32
! referring to the tracking object
ip route 10.0.0.1 255.255.255.255 Null0 track 100
!
! Match on the bogus entry using ACL/Prefix-List
ip access-list standard BOGUS
 permit 10.0.0.1
!
! Configure a route-map matching on the ACL BOGUS
route-map CONDITION permit 10
 match ip address BOGUS
!
! Advertise the default route based on the route-map CONDITION
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 network 10.1.12.1 0.0.0.0 area 0
 network 172.16.101.1 0.0.0.0 area 0
 default-information originate always route-map CONDITION
!

Verification:
Pic. 2 - SLA Statistics.

R3 is reachable as of now so the probe returns success status to the object 100. R2 receives the default route advertised in OSPF by R1.

Pic. 3 - R2's routing Table

I created a problem with reachability (R3 uses ACL that blocks ICMP packets).

R1's SLA probe reports errors receiving reply from R3.

Pic. 4 - SLA Statistics.

R2 loses the default route. Upon bringing ICMP communication back between R1 and R3, R2 receives the default route.