Published on Friday, August 29th, 2008 @ 23:50:08

OSPF GRE & Virtual Links

Posted in OSPF | by Carl Burkland

WOW!

108 days until the lab exam - now that payment is due 90 days prior to the exam!  I think this is a great policy, but it is still a little nerve racking.  I guess that gives me 17 days now to make up my mind – no waiting until after Narbik’s bootcamp.

http://blog.internetworkexpert.com/2008/08/29/policy-change-to-payment-for-ccie-labs-great-move

Oh – BTW, I’m taking Ethan’s advice from a long ago post – caffeine elimination starts today, no more email / Internet access while studying, and classical / jazz music only.  I also may find an alternate study location or two…maybe a library or coffee shop.  It may take my mind off the housework that is being neglected.

http://www.cciecandidate.com/?p=44  [Study Habits]

OSPF

A little on my studying over the last couple of days…

Now that I’ve learned through trial and many errors to not leave the broadcast keyword off the frame-relay map ip command my routing protocols have been behaving much better.  :)

I don’t know why, but I had a bit of a mental block with virtual links and GRE tunnels to area 0.  Basically, the area just needs to touch area 0.  Virtual links provide one way and GRE tunnels provide another.  So, authentication applies to both if area auth is specified under the ospf process!  Duh?

I spent the last couple days going over OSPF in detail.  I’m happy to say that everything is starting to come back.  I learn best by breaking things and seeing what unfolds.  While breaking things I did manage to get the following recursive routing error on my OSPF virtual links.  It was because I used the loopback interfaces as the source of the tunnel rather than the directly connected point-to-point frame connection.

 Interface    PID   Area            IP Address/Mask        Cost  State Nbrs F/C
Tu1           1     0              50.50.50.1/30          11111 P2P   1/1
Se0/0.1       1     2              131.1.34.4/24          64    P2P   1/1
Lo0           1     2              4.4.4.4/24              1    LOOP  0/0
Fa1/0         1     4              131.1.45.4/24           1    DR    1/1
Lo1           1     4              40.4.4.4/24             1    LOOP  0/0
R4#
*Mar  1 00:36:55.903: %TUN-5-RECURDOWN: Tunnel1 temporarily disabled due to recursive routing
*Mar  1 00:36:56.903: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down
*Mar  1 00:36:56.919: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Tunnel1 from FULL to DOWN, Neighbor Down: Interface down or detached

Bad!

interface Tunnel1
ip address 50.50.50.1 255.255.255.252
ip ospf 1 area 0
tunnel source 4.4.4.4                 (loopback)
tunnel destination 3.3.3.3

Good! - directly connected interface – otherwise a static route would be necessary which I’ve heard is a no-no

interface Tunnel1
ip address 50.50.50.1 255.255.255.252
ip ospf 1 area 0
tunnel source 131.1.34.4              (frame-relay subint address to neighbor)
tunnel destination 131.1.34.3

I know that Windows gives a lot of people heartburn or worse, but the combination of GNS3, SecureCRT, and Wireshark has really helped my understanding of routing protocols.  I just finished looked through a couple different packet captures after running clear ip ospf process.  Pretty frickin’ cool!

Up next – BGP!

2 Responses to “OSPF GRE & Virtual Links”

  1. Keith Tokash Says:
    August 30th, 2008 at 3:24 pm

    Nice. I cut caffeine out the last month entirely. In the last month you’re already so wired and jittery that you don’t need help staying awake and/or alert, and I found caffeine just made it difficult to sit still. That period may be longer now that you commit 3 months out.

    Regarding the links, you can also use another IGP to gain that connectivity and avoid the recursion error (lower distance). Kind of a stupid idea if you ask me, but to date no proctors have, so they might get nasty and throw it at you.

    Also, you don’t need Windows for those programs. One of my post-CCIE tasks was to ditch Windows on my work box (I keep a virtualized instance of XP for Visio) to escape the madness of Microsoft + helpdesk’s sometimes overzealous security lockdown mechanisms. Two months later and I’m happier with Ubuntu, although it’s no miracle pill - you’re trading current problems for new ones. The new ones just happen to be less onerous for me (others may find the opposite). Of course none of this is worth more than 2 minutes of though until after the big PASS shows up on Cisco’s site.

  2. cciejourney Says:
    August 30th, 2008 at 4:04 pm

    You probably could cancel your current lab date, take Narbik’s class and after still be able to grab that date or another with ease. With the 90 days out for payment there are going to be a lot of open labs dates within 90 days from the current date I would bet. That atleast is going to be my plan since my date would need to be paid for before Narbik’s class as well.

Leave a Reply

« MPLS - The basics explained and demonstrated
BGP woes »