Re: ospf design questions

"linguafr" <billf@xxxxxxxxxxxxxxxx> wrote in message
news:c07681a3-43d9-4bbc-b45c-425a1c7ee9d5@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Apr 2, 3:09 pm, linguafr <bi...@xxxxxxxxxxxxxxxx> wrote:
want to segregate corp and prod networks. initially have planned
multiple domains, two area 0s under different processes.

you can do this - but they will share the same routing table, so it doesnt
actually give you much separation.

if you have images with the right features, try using multiple VRFs - this
means you get 2 different routing tables, in 2 logical routers - then you
can run 2 separate copies of OSPF and actually keep them apart.

Note that IOS switches can do this as well as the routers.

prod networks don't need knowledge of corp net as all corp traffic is
natted incoming against prod interfaces. does it make sense to define
the prod area as a stub network? totally stubby?

usually this kind of separation is about isolating potentially unstable
"stuff" from a critical network.

however - the best separation can be an airgap and 2 separate sets of boxes.

not sure about your split - but ours is for testing, and is forever being
rebooted, having new images loaded on it, connecitons repatched and so on.

using the same boxes for production and test is like that old cartoon of
sawing off a branch of a tree you are sitting on.....


also, have a pt - pt between two sites each. both sites have prod and
corp segments and would like to keep prod and corp in distinct
processes across the sites. is this possible? can i place an
interface in more than one process?

you can split the interface if you can use sub-interfaces - if it is serial,
then try frame relay encap with 2 PVCs (you can set up frame relay switching
at 1 end - you dont need any actual switches), or VLANs with Ethernet.

If that isnt suitable, try using GRE to tunnel 1 network thru the other -
ideally the base would be the stable one.

Tried this last night on an ASA5520 running 7.2(2) and I could apply
the same network command to two different router ospf processes but
the link ID only showed up in one.
--
Regards

stephen_hope@xxxxxxxxxxxx - replace xyz with ntl


.

Relevant Pages

  • Re: What did that thread indicate?
    ... > must have multiple subnetworks feeding signals to one another. ... the output of every node in my network is doing signal separation. ... So what you say "must" be done at the network level, ...
    (comp.ai.philosophy)
  • Re: Link causing Cluster node to give up resources
    ... This posting is provided 'AS IS" with no warranties, ... BTW....the PROD network should be a mixed network because in your current ... -this failure happened on PROD and not on heartbeat -we do ...
    (microsoft.public.windows.server.clustering)
  • Re: Having Shortcuts in "My Network Place"
    ... here is the list of command I have after a right clic on "My Network Places ... => Expand ...
    (microsoft.public.windowsxp.basics)
  • Re: Link causing Cluster node to give up resources
    ... Nope, if your Client Access Network fails, that means your IP Address resources will fail, and if restart does not happen, the resources will failover. ... BTW....the PROD network should be a mixed network because in your current config, you have a single point of failure for cluster communications. ... -this failure happened on PROD and not on heartbeat -we do have ...
    (microsoft.public.windows.server.clustering)
  • Re: Having Shortcuts in "My Network Place"
    ... You should then see "Add a network place" under Network Tasks. ... >here is the list of command I have after a right clic on "My Network Places ... >> Alan Edwards, MS MVP W95/98 Systems ...
    (microsoft.public.windowsxp.basics)