The premiere source of truth powering network automation. Open and extensible, trusted by thousands.
NetBox is now available as a managed cloud solution! Stop worrying about your tooling and get back to building networks.
OSPF conditional default route injection
By stretch | Friday, December 12, 2008 at 1:29 a.m. UTC
On Cisco IOS, the default-information originate command is used to generate a default route within an OSPF process. There are two options when configuring origination of a default route: a persistent route (specified by appending the always keyword) will always be advertised, whereas a conditional route will only be advertised when certain other routes are present in the router's table. Consider the following topology:
R3 attaches the OSPF cloud to the Internet by two independent connections: a 100 Mbps metro Ethernet link to R1, and a backup 1.5 Mbps frame relay circuit to R2. We want R3 to inject a default route to the Internet into the OSPF domain. Simple enough, right?
R3(config)# router ospf 1 R3(config-router)# default-information originate always
As predicted, a default route appears within the OSPF domain:
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:36, FastEthernet0/0
But, here we encounter a design issue: if both of R3's connections to the Internet go down, what point is there in advertising the default? It would only black-hole Internet-bound traffic when other routers in the OSPF domain might have alternate connections out to the Internet. Fortunately, we can configure R3 to advertise a default route only when at least one of its two uplinks is functioning.
First, we create a prefix list or access list to match the subnet of either uplink. The example here uses a prefix list, but an access list would work just as well.
R3(config)# ip prefix-list Uplinks permit seq 5 10.0.1.0/24 R3(config)# ip prefix-list Uplinks permit seq 10 10.0.2.0/24
Next, we create a route map that can be referenced by the OSPF default-originate command. Note that this route map merely acts as a "wrapper" around our prefix list.
R3(config)# route-map Routes_to_Inet R3(config-route-map)# match ip add prefix-list Uplinks
Finally, we reconfigure OSPF to inject a default route only when at least one route matched by our route-map is present:
R3(config)# router ospf 1 R3(config-router)# default-information originate route-map Routes_to_Inet
At this point, R3 should still be advertising a default route, as both Internet uplinks are functioning:
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:12:46, FastEthernet0/0
If we disable one of R3's uplinks, the default route remains, because at least one of our prefixes is still in R3's routing table:
R3(config-router)# int f0/0 R3(config-if)# shutdown
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:13:07, FastEthernet0/0
However, if we disable the remaining uplink, the route-map referenced by our OSPF configuration no longer matches any routes in the table, and the default route is withdrawn:
R3(config-if)# int s1/0 R3(config-if)# shutdown
OSPF_Router# show ip route ospf
Following this same logic, the default route is restored as soon as one of the uplinks is revived:
R3(config-if)# int s1/0 R3(config-if)# no shut
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:03, FastEthernet0/0
Posted in Routing
Comments
December 12, 2008 at 10:49 a.m. UTC
Your blog is very good, I really enjoy it! Keep up the good work and Merry XMAS :).
December 12, 2008 at 2:09 p.m. UTC
Excellent post. Thanks.
December 12, 2008 at 3:00 p.m. UTC
route-maps are great glue for getting all kinds of routing tricks done. Once you get used to using them, they are indispensable.
December 12, 2008 at 5:27 p.m. UTC
I don't understand this configuration. Can you provide your config of these routers?
Fa 0/0 on R3 should have the 10.0.1.1 or 2 but it is not.
OSPF_Router# show ip route ospf O*E2 0.0.0.0/0 [110/1] via 172.16.0.3, 00:00:36, FastEthernet0/0
December 12, 2008 at 6:37 p.m. UTC
Hey Dan,
OSPF_Router is not R3... in that snippet Stretch is showing the default route learned by another router within the OSPF domain. This entry is the route that was advertised by R3 but learned by OSPF_Router.
Steve
December 12, 2008 at 8:20 p.m. UTC
Oh thanks Steve. I didn't realize the hostname "OSPF_router". Now it is all clear.
Great post by Stretch.
December 14, 2008 at 2:58 p.m. UTC
Still, BGP default routes from the ISP, and OSPF conditional route injection (without the 'always' option), will give you a much better result, since the interfaces are less likely to go down (layer 1).
Using IP SLA to track a static default (as an alternative to BGP) will also do.
December 15, 2008 at 7:45 p.m. UTC
how can we achieve the same solution for an ospf totally stub area? if the abr has a tunnel in area 0 and g0/0 in the totally stub area, how can you make the default route advertisement into the totally stub area conditional??
February 13, 2009 at 5:18 p.m. UTC
One question for you, about the route-map. Is there a doc that specifies what can be used in the route-map with ospf default-info originate, besides match ip address prefix-list?
I'm trying to figure out if I could use the route-map with some BGP attributes, for instance:
route-map DEFAULT-CONDITION-RMAP permit 20 match ip address prefix-list PREFIX-TO-MATCH match as-path 33
April 20, 2009 at 8:29 a.m. UTC
Thanks for this, it works great and is exactly what I was looking for in a site with multiple DSL lines to automatically detect a failed link.
September 12, 2011 at 1:23 a.m. UTC
how to configure R3 such that the default route from R1 is more preferable done from R2. Such that the down stream OSPF routers see only the default route from R1 and default route from R2 can only be seen if R1 link goes down
December 12, 2011 at 8:30 a.m. UTC
I just can't understand what is the reason of using route-map trick, when you can simply omit the "always" parameter?
@Jane - you can use bigger metric for default route to R2.
March 6, 2012 at 11:36 p.m. UTC
@Ellion: If you omit the "always" parameter, then 'default-information originate' will only advertise default if the router has a default route. So if R3 were running a dynamic routing protocol (presumably BGP) with R1 and R2 and they were squawking default, then you could do as you suggest. But R1/R2 aren't advertising a default route to R3, then you need something akin to Stretch's configuration.
April 21, 2012 at 1:51 p.m. UTC
why we are unable to use match interface in route-map for originating default route.
November 7, 2012 at 3:25 p.m. UTC
Hey Jeremy, It was hard to find clear information on that subject on the Internet. But after reading your post, it became all simple. Thanks for taking the time to explain it in a clear way.
January 2, 2013 at 1:41 p.m. UTC
Hi Jeremy,
Can we do this for Stub/NSSA areas, when the ABR advertises a default route for the routers in non-zero areas (branches)? I mean, what if the ABR loses its uplink, it will still advertise the default route to the routers in the Stub/NSSA, although they might have other path to reach Area 0.
July 14, 2013 at 1:51 a.m. UTC
Once #default-information originate route-map Routes_to_Inet configured, does it still require at least one static route configured on R3 before it starts to advertising default to the OSPF domain? What LSA type is the default route (Type 5/7)?
August 30, 2013 at 9:05 a.m. UTC
realdreams: nice question, I found the answer at cisco
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a74.shtml
for normal areas, with the default-information originate comand-> "This generates an external Type-2 link with link-state ID 0.0.0.0 and network mask 0.0.0.0, which makes the router an ASBR.
May 23, 2016 at 2:21 a.m. UTC
Hi Jeremy,
If I a have received a default route from BGP or have a static default route into the Internet. Am I allowed to redistribute this default route into OSPF domain by just issuing "redistribute bgp [as#] subnets" or "redistribute static subnets"? Because I cannot make it work if using this commands. Can you provide an explanation why OSPF is not allowing the redistribution of default route from any protocol? Thank you in advanced.