Hello /r/Networking, You may of remembered me from my plea to advice about 8 months ago. Thank you for all the wonderful advice, This project has been a fantastic exercise in network design and architecture! One of suggestions in my previous post was to route between the buildings instead of spreading VLANS. So I decided to study OSPF. Today I have a few OSPF questions and discussions about default routes.
If this post is not suitable for this sub for any reason, my apologies.
Disclaimer; I am rather new to OSPF. If I got any of the terms wrong please let me know.
I have created a diagram to help demonstrate my design questions
Situation: A small campus with interconnected buildings and some with independent WANS, no Static IPs on the WAN links, Devices are Ubiquiti unless stated otherwise.
Goals:
-
Allow use of any wan link by any building/User subnet.
-
Minimize time to resolve issue during a connection outage if another connection is available.
Additional goal: Minimize use of backbone between buildings
Situation 1 (Fig 1.)
Assume the following.
- Each building has it's own subnet for its users.
- Each subnet has its own VLAN that does not cross the backbone
- Each User subnet has their default gateway to 192.168.X.1, That building's router.
- Each router has an interface attached to the Backbone VLAN, Which is shared between buildings.
- Each Wan connected router (ASBR) is advertising a default route with a default metric of 2.
- Each router is set to perform dynamic nat for all subnet (192.168.0.0/16)
My Understanding
My Understanding is that each building user subnet will default to its router, That route will default to using its connected default route, So wan usage is its building if it has its own WAN. If it does not have a connected WAN (Either lost connection or simply does not have one) It will use the wan of the nearest hop of a wan enabled router.
Things I do not fully understand
- Because all routers are sharing the same subnet and VLAN on the backbone, will the distance metric for all the other routes be the same?
- If one building WAN connection dies. Will all connections die untill they timeout because NAT cannot translate to the old IP.
- If during intermittent issues, is it possible to have hanging TCP sessions due to using different NATed IPs during the time it takes for the issue to sort itself out for a longer period of time?
Additional comments
- If I needed to connect to a building while a backbone link for that building is wrong, It might be a good idea to set up a few IPSEC tunnels to compensate.
Situation 2 (Fig 2.)
Assume the following.
- Each building has it's own subnet for its users.
- Each subnet has its own VLAN that does cross the backbone.
- All VLANS are shared over the backbone.
- There is a router/VM That has an interface on all VLANS, and is the default route for all VLANS.
- All ASBRs are only connected to the backbone VLAN.
- All routers with a WAN (ASBR) Are advertising a default route with a default metric of 2.
My Understanding
- All user devices will traverse the backbone to connect to the "core" router.
- OSPF would be overzealous on this topology. It may be more efficient to encapsulate all WAN links into a VLAN foreach and attach the VLANs to the core router to perform load balancing.
- If any backbone connection is lost. all internet is lost for any devices beyond that backbone's daisy chain.
My Questions
- Is there a best practice for connecting routers across buildings?
- Is connecting multiple OSPF routers to the same VLAN possible, or not recommended for any reason?
- Is there a best practice for configuring OSPF to use the WAN from either the building that subnet is in or the closest building over a single VLAN backbone.
Thank you in advance for any input. I understand that this is the kind of stuff people may put "Sr." Next to their title for :)
No comments:
Post a Comment