Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
golden
New Contributor
‎07-05-2013 08:48 AM

vrrp with OSPF with an ISP MPLS and Fortinet 110C Active / Active Cluster

using vrrp with two 1544 G2 switches

setup vrrp and it is working fine

example config (have about 15 vlans, but 2 examples should do)

Master 1544G2

interface vlan 11

  description Printers VLAN

  ip address  192.168.97.3  255.255.255.0

  ip helper-address  192.168.125.104

  ip route-cache express

  vrrp 11 ip 192.168.97.1

  vrrp 11 priority 101

  no shutdown

!

interface vlan 12

  description Artisan-Lasers

  ip address  192.168.98.3  255.255.255.0

  ip helper-address  192.168.125.104

  ip route-cache express

  vrrp 12 ip 192.168.98.1

  vrrp 12 priority 101

  no shutdown

------------------

vlan 11

    Group 11

        State: Master

        Actual Priority: 101

        Virtual IP: 192.168.97.1

        Preemption: Enabled

        Tracks: None

vlan 12

    Group 12

        State: Master

        Actual Priority: 101

        Virtual IP: 192.168.98.1

        Preemption: Enabled

        Tracks: None

       

---------------------------

Backup 1544G2

interface vlan 11

  description Printers VLAN

  ip address  192.168.97.2  255.255.255.0

  ip helper-address  192.168.125.104

  ip route-cache express

  vrrp 11 ip 192.168.97.1

  no shutdown

!

interface vlan 12

  description Artisan-Lasers

  ip address  192.168.98.2  255.255.255.0

  ip helper-address  192.168.125.104

  ip route-cache express

  vrrp 12 ip 192.168.98.1

  no shutdown

vlan 11

    Group 11

        State: Master

        Actual Priority: 101

        Virtual IP: 192.168.97.1

        Preemption: Enabled

        Tracks: None

vlan 12

    Group 12

        State: Master

        Actual Priority: 101

        Virtual IP: 192.168.98.1

        Preemption: Enabled

        Tracks: None

       

-----------***********----------

ospf setup with 1544G2 and Fortinet

master vrrp

show ip ospf neighbor

Neighbor ID      Pri State            Dead Time  Address         Interface

192.168.127.2     1  FULL/BDR         00:00:37   192.168.96.2    vlan 10  

192.168.96.254    1  FULL/DR          00:00:32   192.168.96.254  vlan 10  

192.168.127.2     1  FULL/DR          00:00:37   192.168.97.2    vlan 11  

192.168.127.2     1  FULL/DR          00:00:37   192.168.98.2    vlan 12  

192.168.127.2     1  FULL/DR          00:00:37   192.168.99.2    vlan 13  

192.168.127.2     1  FULL/DR          00:00:37   192.168.100.252 vlan 2   

192.168.101.3     1  FULL/DR          00:00:40   192.168.101.3   vlan 14   this is the Windstream neighbor

192.168.127.2     1  FULL/BDR         00:00:37   192.168.101.5   vlan 14  

192.168.127.2     1  FULL/DR          00:00:37   192.168.102.2   vlan 15  

192.168.127.2     1  FULL/DR          00:00:37   192.168.103.2   vlan 16  

192.168.127.2     1  FULL/DR          00:00:37   192.168.104.2   vlan 17  

192.168.127.2     1  FULL/DR          00:00:37   192.168.105.2   vlan 21  

192.168.127.2     1  FULL/DR          00:00:37   192.168.106.2   vlan 22  

192.168.127.2     1  FULL/DR          00:00:37   192.168.107.2   vlan 24  

192.168.127.2     1  FULL/DR          00:00:37   192.168.125.252 vlan 18  

192.168.127.2     1  FULL/DR          00:00:37   192.168.126.5   vlan 19  

192.168.127.2     1  FULL/DR          00:00:37   192.168.127.2   vlan 26  

*******************

Backup 1544G2

show ip ospf neighbor

Neighbor ID      Pri State            Dead Time  Address         Interface

192.168.127.1     1  FULL/ --         00:00:38   192.168.96.3    vlan 10   This is the master 1544G2

192.168.96.254    1  FULL/DR          00:00:36   192.168.96.254  vlan 10  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.97.3    vlan 11  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.98.3    vlan 12  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.99.3    vlan 13  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.100.253 vlan 2   

192.168.101.3     1  FULL/DR          00:00:36   192.168.101.3   vlan 14  

192.168.127.1     1  FULL/ --         00:00:38   192.168.101.4   vlan 14   This is the master 1544G2

192.168.127.1     1  FULL/BDR         00:00:38   192.168.102.3   vlan 15  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.103.3   vlan 16  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.104.3   vlan 17  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.105.3   vlan 21  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.106.3   vlan 22  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.107.3   vlan 24  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.125.253 vlan 18  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.126.4   vlan 19  

192.168.127.1     1  FULL/BDR         00:00:38   192.168.127.1   vlan 26  

**********************************************

Fortinet is Active/Active Cluster

OSPF    External 2    11.9.64.214/32    192.168.96.2    port1    0 00:56:57  Windstream Routes

OSPF    External 2    11.9.64.214/32    192.168.96.3    port1    0 00:56:57

OSPF    External 2    172.16.0.4/30    192.168.96.2    port1    0 00:56:57

OSPF    External 2    172.16.0.4/30    192.168.96.3    port1    0 00:56:57

OSPF    External 2    172.16.1.0/30    192.168.96.2    port1    0 00:56:57

OSPF    External 2    172.16.1.0/30    192.168.96.3    port1    0 00:56:57

OSPF    External 2    172.16.28.0/24    192.168.96.2    port1    0 00:56:57

OSPF    External 2    172.16.28.0/24    192.168.96.3    port1    0 00:56:57

OSPF    External 2    172.16.208.0/24    192.168.96.2    port1    0 00:56:57

OSPF    External 2    172.16.208.0/24    192.168.96.3    port1    0 00:56:57


Routes between the two 1544G2

OSPF        192.168.97.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.97.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.98.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.98.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.99.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.99.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.100.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.100.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.101.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.101.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.102.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.102.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.103.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.103.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.104.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.104.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.105.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.105.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.106.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.106.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.107.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.107.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.125.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.125.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.126.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.126.0/24    192.168.96.3    port1    0 00:56:58

OSPF        192.168.127.0/24    192.168.96.2    port1    0 00:56:58

OSPF        192.168.127.0/24    192.168.96.3    port1    0 00:56:58

Branch Offices MPLS routes

OSPF    External 2    192.168.192.0/19    192.168.96.2    port1    0 00:56:57

OSPF    External 2    192.168.192.0/19    192.168.96.3    port1    0 00:56:57

OSPF    External 2    192.168.210.0/24    192.168.96.2    port1    0 00:56:57

OSPF    External 2    192.168.210.0/24    192.168.96.3    port1    0 00:56:57

Branch Offices MPLS routes

OSPF    External 2    192.168.224.0/19    192.168.96.2    port1    0 00:56:57

OSPF    External 2    192.168.224.0/19    192.168.96.3    port1    0 00:56:57

OSPF    External 2    192.168.224.0/24    192.168.96.2    port1    0 00:56:57

***********************--------------------*******************

show ip route ospf

Codes: C - connected, S - static, R - RIP, O - OSPF, B - BGP

       E1 - OSPF external type 1, E2 - OSPF external type 2

       IA - OSPF inter area

Gateway of last resort is 192.168.96.254 vlan 10

O E2 0.0.0.0/0 [110/10/1] via 192.168.96.254, vlan 10  set by Fortinet firewall

O E2 11.9.64.214/32 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.0.4/30 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.1.0/30 [110/20/1] via 192.168.101.3, vlan 14

O E2 172.16.28.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.208.0/24 [110/1/1] via 192.168.101.3, vlan 14

O    192.168.109.0/24 [110/0/11] via 192.168.96.254, vlan 10

O E2 192.168.192.0/19 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.210.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.224.0/19 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.224.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.225.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.226.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.227.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.228.0/24 [110/1/1] via 192.168.101.3, vlan 14

let me know if I missed anything

Labels (2)
Tags (3)
0 Kudos
Reply
3 Replies
jayh
Honored Contributor
Honored Contributor
‎07-05-2013 01:04 PM

Re: vrrp with OSPF with an ISP MPLS and Fortinet 110C Active / Active Cluster

If it's working, you didn't miss anything.  You might want to consider IBGP to loopbacks on each router for the branch and user subnets and use OSPF strictly for infrastructure tying the routers together if this is going to scale much larger, or at least multiple OSPF areas.  Any flapping to a branch subnet will cause OSPF churn throughout the network in a single-area OSPF scenario such as this.

Accept as Solution Reply
golden
New Contributor
‎07-05-2013 01:16 PM

Re: vrrp with OSPF with an ISP MPLS and Fortinet 110C Active / Active Cluster

I do not have control of the MPLS.  Windstream does and they have issues with support at times with advance routing.

Windstream Heritage at this  location is awesome

O E2 0.0.0.0/0 [110/10/1] via 192.168.96.254, vlan 10

O E2 11.9.64.214/32 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.0.4/30 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.1.0/30 [110/20/1] via 192.168.101.3, vlan 14

O E2 172.16.28.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 172.16.208.0/24 [110/1/1] via 192.168.101.3, vlan 14

O    192.168.109.0/24 [110/0/11] via 192.168.96.254, vlan 10

O E2 192.168.192.0/19 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.210.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.224.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.225.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.226.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.227.0/24 [110/1/1] via 192.168.101.3, vlan 14

O E2 192.168.228.0/24 [110/1/1] via 192.168.101.3, vlan 14

30 miles down the road

this is at one of the branch offices that I cannot get Windstream PACtech to filter.  it works but they have issues.  I had to tell them how to setup the OSPF

O E2 192.168.106.0/24 [110/20] via 192.168.228.1, 05:27:34, FastEthernet0/0.14

     209.252.106.0/30 is subnetted, 4 subnets

O E2    209.252.106.100 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    209.252.106.96 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    209.252.106.116 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    209.252.106.112 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

C    192.168.226.0/24 is directly connected, FastEthernet0/0.22

O E2 192.168.107.0/24 [110/20] via 192.168.228.1, 05:27:34, FastEthernet0/0.14

O    192.168.227.0/24 [110/110] via 192.168.225.254, 4w0d, FastEthernet0/0

O E2 192.168.104.0/24 [110/20] via 192.168.228.1, 05:27:34, FastEthernet0/0.14

C    192.168.224.0/24 is directly connected, FastEthernet0/0.21

     169.130.0.0/30 is subnetted, 2 subnets

O E2    169.130.80.88 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    169.130.80.64 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2 192.168.105.0/24 [110/20] via 192.168.228.1, 05:27:34, FastEthernet0/0.14

O E2 192.168.210.0/24 [110/20] via 192.168.228.1, 1w1d, FastEthernet0/0.14

C    192.168.225.0/24 is directly connected, FastEthernet0/0

     64.0.0.0/8 is variably subnetted, 21 subnets, 2 masks

O E2    64.80.36.52/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    64.80.255.233/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    64.80.255.232/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    64.80.255.230/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    64.80.255.225/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

O E2    64.80.255.253/32 [110/20] via 192.168.228.1, 4w0d, FastEthernet0/0.14

--More-- and lots more

any ideas how to help them help me?

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎11-07-2013 10:22 AM

Re: vrrp with OSPF with an ISP MPLS and Fortinet 110C Active / Active Cluster

:

I went ahead and flagged this post as "Assumed Answered". If any of the responses on this thread assisted you, please mark them as Correct or Helpful as the case may be with the applicable buttons. This will make them visible and help other members of the community find solutions more easily. If you have any additional information on this that others may benefit from, please come back to this post to provide an update. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Levi

0 Kudos
Accept as Solution Reply