OSPF conditional default route injection
On Cisco IOS, the default-information originate command is used to generate a default route within an OSPF process. There are two options when configuring origination of a default route: a persistent route (specified by appending the always keyword) will always be advertised, whereas a conditional route will only be advertised when certain other routes are present in the router's table. Consider the following topology:
R3 attaches the OSPF cloud to the Internet by two independent connections: a 100 Mbps metro Ethernet link to R1, and a backup 1.5 Mbps frame relay circuit to R2. We want R3 to inject a default route to the Internet into the OSPF domain. Simple enough, right?
R3(config)# router ospf 1 R3(config-router)# default-information originate always
As predicted, a default route appears within the OSPF domain:
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:36, FastEthernet0/0
But, here we encounter a design issue: if both of R3's connections to the Internet go down, what point is there in advertising the default? It would only black-hole Internet-bound traffic when other routers in the OSPF domain might have alternate connections out to the Internet. Fortunately, we can configure R3 to advertise a default route only when at least one of its two uplinks is functioning.
First, we create a prefix list or access list to match the subnet of either uplink. The example here uses a prefix list, but an access list would work just as well.
R3(config)# ip prefix-list Uplinks permit seq 5 10.0.1.0/24 R3(config)# ip prefix-list Uplinks permit seq 10 10.0.2.0/24
Next, we create a route map that can be referenced by the OSPF default-originate command. Note that this route map merely acts as a "wrapper" around our prefix list.
R3(config)# route-map Routes_to_Inet R3(config-route-map)# match ip add prefix-list Uplinks
Finally, we reconfigure OSPF to inject a default route only when at least one route matched by our route-map is present:
R3(config)# router ospf 1 R3(config-router)# default-information originate route-map Routes_to_Inet
At this point, R3 should still be advertising a default route, as both Internet uplinks are functioning:
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:12:46, FastEthernet0/0
If we disable one of R3's uplinks, the default route remains, because at least one of our prefixes is still in R3's routing table:
R3(config-router)# int f0/0 R3(config-if)# shutdown
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:13:07, FastEthernet0/0
However, if we disable the remaining uplink, the route-map referenced by our OSPF configuration no longer matches any routes in the table, and the default route is withdrawn:
R3(config-if)# int s1/0 R3(config-if)# shutdown
OSPF_Router# show ip route ospf
Following this same logic, the default route is restored as soon as one of the uplinks is revived:
R3(config-if)# int s1/0 R3(config-if)# no shut
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:03, FastEthernet0/0
About the Author
Jeremy Stretch is a freelance networking consultant, instructor, and the maintainer of PacketLife.net. He currently lives in Fairfax, VA on the edge of the Washington, DC metro area. Although primarily an R&S guy, he likes to get into everything, and runs a free Cisco lab out of his basement for fun. You can contact him by email or follow him on Twitter.
Comments
Excellent post. Thanks.
route-maps are great glue for getting all kinds of routing tricks done. Once you get used to using them, they are indispensable.
I don't understand this configuration. Can you provide your config of these routers?
Fa 0/0 on R3 should have the 10.0.1.1 or 2 but it is not.
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:36, FastEthernet0/0
Hey Dan,
OSPF_Router is not R3... in that snippet Stretch is showing the default route learned by another router within the OSPF domain. This entry is the route that was advertised by R3 but learned by OSPF_Router.
Steve
Oh thanks Steve. I didn't realize the hostname "OSPF_router". Now it is all clear.
Great post by Stretch.
Still, BGP default routes from the ISP, and OSPF conditional route injection (without the 'always' option), will give you a much better result, since the interfaces are less likely to go down (layer 1).
Using IP SLA to track a static default (as an alternative to BGP) will also do.
how can we achieve the same solution for an ospf totally stub area? if the abr has a tunnel in area 0 and g0/0 in the totally stub area, how can you make the default route advertisement into the totally stub area conditional??
One question for you, about the route-map. Is there a doc that specifies what can be used in the route-map with ospf default-info originate, besides match ip address prefix-list?
I'm trying to figure out if I could use the route-map with some BGP attributes, for instance:
route-map DEFAULT-CONDITION-RMAP permit 20 match ip address prefix-list PREFIX-TO-MATCH match as-path 33
Thanks for this, it works great and is exactly what I was looking for in a site with multiple DSL lines to automatically detect a failed link.
Your blog is very good, I really enjoy it! Keep up the good work and Merry XMAS :).