OSPF flooding filters in hub-and-spoke environment

Almost all articles describing DMVPN in combination with OSPF use the “magic” ip ospf database-filter all out command on the hub routers to minimize the OSPF traffic traversing the DMVPN part of the network.

The same trick can be used in any hub-and-spoke network, including Frame Relay-based networks.

What these articles usually fail to tell you is the true impact of this command: it stops all OSPF flooding from hub router. The spoke routers receive no OSPF information whatsoever; to establish connectivity to the network core, you have to use static default routes on the hubspoke routers.

I’ve described the details of OSPF flooding filters and their use in hub-and-spoke networks in the “OSPF flooding filters in hub-and-spoke environment” article in the CT3 wiki.

5 comments:

  1. few restrictions i could quickly think worth mentioning when "ip ospf database-filter all out" is configured on hub and static default is used on spokes -

    1. For DMVPN phase2, this wont work as the spokes need the actual tunnel IP address of the other spokes as next-hop for direct spoke to spoke communication
    2. typically the spokes would already have a default route towards their ISP for internet access.

    Swap
    #19804

    ReplyDelete
  2. "you have to use static default routes on the hub routers" - I think you meant to say "spoke routers" here?

    ReplyDelete
  3. You're absolutely right. It helps if your network uses a nice addressing range so you don't have to use a default route on the spoke routers. Otherwise VRFs should help ;)

    ReplyDelete
  4. Correct. Thanks. Fixed.

    ReplyDelete
  5. An alternative, for example if we are using an IOS that do not support this feature or we are using another vendor, could be to MaxAge all the LSA's from the Hub increasing the transmit delay to 3600 seconds. However, the adjacency will be broken due to "too many retransmissions" , to avoid that we should increase the retransmit interval to a high value in order to maintain the adjacency up.

    So, the configuration in the Hub would be:

    interface
    ip ospf retransmit-interval 6000
    ip ospf transmit-delay 3600

    Best Regards.


    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.