HPE Community
LAN Routing
1754177 Members
2900 Online
108811 Solutions
New Discussion

Re: VRRP and OSPF?

 
NickTrenary
Occasional Visitor

‎02-25-2014 08:58 AM

‎02-25-2014 08:58 AM

VRRP and OSPF?

We have (2) 5406 Procurve switches that are running VRRP for our inside network.  That piece is working without issue.  We are looking create an OSPF network with two other entities for redundancy.  They are completely separate from our network.  There would be a total of 5 switches (including our (2) 5406 switches) involved in the OSPF ring with multiple vendors. 

 

Our question with this setup is what happens when there is a network outage between the other two entities.  One entity would go through the master VRRP switch and the other entity would then be going through the backup VRRP switch.  How would the traffic get routed back through the backup VRRP switch to the correct location?  Shouldn't the internal traffic get routed back through the master VRRP switch?

 

I'm being light on the details as to not provide information overload.  I've attached a simple diagram of what we are looking to accomplish.

 

Thanks for any insight,

Nick

0 Kudos
1 REPLY 1
Ian Vaughan
Honored Contributor

‎02-27-2014 03:32 PM

‎02-27-2014 03:32 PM

Re: VRRP and OSPF?

Howdy,

I thought it was best to do a bit of an edit to your original diagram. I hope that you dont mind :-)

 

It is a bit confusing on the provision type switches as they don't have the routed ports that you tend to see on other platforms. Therefore you need an IP (say with a /30 mask) on a VLAN interface with just an untagged single physical port in it.

 

All you need are 3 vlans - one for the left hand p2p link, one fof the right-hand p2p link and your existing client VLAN with the VRRP on it.

 

Make sure that your spanning-tree topology is good. You *could* create an additional "outside" VLAN for your switches to talk OSPF to each other but then you'd want another MSTP instance (otherwise you'd get ports blocking) and it would start getting rather complicated. Might be worth thinking about in terms of segregation.

 

Is the OSPF ring going to give you a default route or are you just receiving "local" routes from the other organizations?

Plan for what routes you will get and just follow the best match for the next-hop, or else follow the default  - that's what the packets will do.

With my "paranoid hat" on - Are you screening "outside" traffic from your local VLANs (using ACL's) or are you happy to have these 3rd parties having visibility of your affairs?

 

There's an "Advanced Traffic Management Guide" for the 5400zl switches that should give you a good overview of VRRP and OSPF combined.

 

Let us know how you get on. Good luck!

Ian

 

 

 

 

Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.