Mailing List Archive

You can't configure a layer 2 vlan to participate in ospf. However, you
can configure a virtual layer 3 interface for that vlan that can
participate using VE and tagging the layer 2 vlan with a
router-interface. The configuration for the ve is pretty much identical
to configuring a physcial interface.

vlan 20 name test-vlan by port
tagged ethe 1/1 ethe 1/4 ethe 1/6 to 1/8
untagged ethe 1/3 ethe 3/3 to 3/15 ethe 3/18 to 3/19
router-interface ve 20


interface ve 20
ip address x.x.x.x 255.255.254.0
ip address x.x.x.x 255.255.255.0
ip pim-sparse
ip helper-address 1 x.x.x.x
ip helper-address 2 x.x.x.x
ip ospf area 0.0.0.0
ip ospf passive

Tuc wrote:
>>> I'm doing Interfaces as part of Vlans,
>>
>>different
>>
>
> So far its worked out pretty well for this.
>
>>>ospf (Which might come out in this new config, haven't decided yet),
>>
>>mainly the same, check default metrics
>>
>
> This is what I'm working on now.... I can't assign an area to
> a VLAN?? It has to be per port? I used to put "ip ospf network
> point-to-multipoint" in Vlan1. I wanted to do the point-to-point, but
> it definitely states it can't be VLAN'd.
>
> Thanks, Tuc/TTSG Internet Services, Inc.
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp


--

*****************
Tim Coble
Network Specialist
University of Pennsylvania, ISC
Network Operations Center
Email: tcoble<AT>isc.upenn.edu
******************

>
> On Tue, Apr 19, 2005 at 10:36:06PM -0400, Tuc wrote:
>
> > > > ospf (Which might come out in this new config, haven't decided yet),
> > >
> > > mainly the same, check default metrics
> > >
> > This is what I'm working on now.... I can't assign an area to
> > a VLAN?? It has to be per port? I used to put "ip ospf network
> > point-to-multipoint" in Vlan1. I wanted to do the point-to-point, but
> > it definitely states it can't be VLAN'd.
>
> On Foundry you have to create a routing interface for a VLAN if you want
> routing in it.
>
> vlan X
> router-interface ve x
>
> interface ve x
> ip ospf area x
> ....
> ....
>
Ok. I guess I can do that.... But in trying to do the 1 for 1
I'm running into some issues....

On the (cisco) router, I'm doing :

router ospf 12345
router-id 1.2.3.225
log-adjacency-changes
redistribute connected subnets route-map static-to-ospf
redistribute static subnets route-map static-to-ospf
network 1.2.3.0 0.0.0.255 area 0
default-information originate route-map ospf-default-primary
!

route-map static-to-ospf permit 10
match ip address MY-backbone

ip access-list standard some-backbone
permit 129.250.0.0

ip access-list standard TTSG-backbone
permit 1.2.3.0 0.0.0.255

route-map ospf-default-primary permit 10
match ip address some-backbone
set metric 10
set metric-type type-2


The issues I'm running into :


1) How do I log adjacency changes?
2) It looks like in Cisco land the network statement has to be the reverse
of normal.... Is this right?
3) It doesn't look like I can use route-map for default-information-originate..
Is there some way around it?


I see OSPF as alot of work just to get the IP's on the other FWS
it is connected to. I have 2 ve's that I want it to go over, and trying to
do "ip route" won't let me set the same metric for the 2 so it'll share them.
I guess I could tell the "A" unit and ve "1" to have 128, and ve "2" to have
"129", and then the opposite on the other side... Its really only 2 IPs
on the other side that I need to get to, so that'd be 4 statements, versus
how much grief for OSPF... Am I just better off doing that?

Thanks, Tuc

On Tue, 19 Apr 2005, Tuc wrote:

> > > I'm doing Interfaces as part of Vlans,
> >
> > different
> >
> So far its worked out pretty well for this.
> >
> > > ospf (Which might come out in this new config, haven't decided yet),
> >
> > mainly the same, check default metrics
> >
> This is what I'm working on now.... I can't assign an area to
> a VLAN?? It has to be per port? I used to put "ip ospf network
> point-to-multipoint" in Vlan1. I wanted to do the point-to-point, but
> it definitely states it can't be VLAN'd.

the vlans are layer2, you need to create a layer3 interface with
'router-interface ve 123' then configure 'int ve 123' with your ip details

Steve