6 Replies Latest reply on Jul 16, 2014 8:24 PM by phil_denton

    OSPF through VLAN interfaces

    tmahan1234 New Member

      I had an issue recently where I was getting some errors on my vlan interfaces.  They would show a status of "blocking".  The technician that I spoke with at Adtran  told me that I should have used the Ethernet interfaces for OSPF rather than VLAN interfaces.   To fix the issue the technician had me use the "bpdufilter" settings on the vlan interface.

       

      My understanding is that Adtran AOS doesn't support using vlan interfaces for ospf.

       

      Am I correct in my understanding?

       

      Should I change the config and swap my Ethernet and Switch interfaces

       

      I have pasted the relevant config below

       

      vlan 10
        name "to Fred Douglas/Stuy"
      !
      vlan 20
        name "to Ken/Lang"
      !
      vlan 60
        name "to LBJ 2"
      !
      interface eth 0/1
        description Ferry Grider LAN
        ip address  192.168.57.1  255.255.255.0
        ip mtu 1500
        no awcp
        no shutdown
      !
      nterface switchport 0/1
        spanning-tree bpdufilter enable
        no shutdown
        switchport access vlan 10
      !
      interface switchport 0/2
        no shutdown
        switchport access vlan 20
      !
      interface switchport 0/3
        spanning-tree bpdufilter enable
        no shutdown
      !
      interface switchport 0/4
        spanning-tree bpdufilter enable
        no shutdown
        switchport access vlan 60
      !!
      interface vlan 10
        ip address  172.16.1.12  255.255.255.248
        no awcp
        no shutdown
      !
      interface vlan 20
        ip address  172.16.2.17  255.255.255.240
        no awcp
        no shutdown
      !
      interface vlan 60
        description to LBJ 2
        ip address  172.16.1.108  255.255.255.248
        ip mtu 1500
        no awcp
        no shutdown
      !
      !
      !
      router ospf
        network 192.168.57.0 0.0.0.255 area 0
        network 172.16.1.8 0.0.0.7 area 0
        network 172.16.2.16 0.0.0.15 area 0
        network 172.16.1.104 0.0.0.7 area 0
        redistribute connected subnets
      !
      !

       

      Thanks in advance for your help

        • Re: OSPF through VLAN interfaces
          jayh Hall_of_Fame

          Peel back the onion to the OSI model. 

           

          Spanning-tree and BPDU are layer 2, and that as well as the underlying physical layer need to be stable before IP routing at layer 3 can work.

           

          So, fix spanning-tree and BPDU first.

           

          If you have a scenario where more than one physical switch port and/or a trunk port carrying a VLAN will be members of the same IP subnet and broadcast domain, then you will need to use a VLAN interface for the IP.  Otherwise you can use a physical interface and not have a VLAN interface at all.

           

          I wouldn't expect to see "blocking" on the VLAN, but on one or more of the physical interfaces.  First examine your network topology on the layer-3 switch that will be running OSPF.  If there is only one physical port for each IP subnet, then create an ethernet interface, put the IP address on it, and you can enable BPDU filtering on that port as a single routed port by itself can't be part of a layer 2 bridge loop. 

           

          If you have a situation where one subnet will be distributed amongst multiple physical ports, either access or trunk, then you'll need to configure a VLAN interface with the IP and OSPF on it.  Before doing so, verify that you have a loop-free topology at layer 2 amongst all of the switches in the network.  I wouldn't filter BPDU in this case if there's a possibility of a loop.

          1 of 1 people found this helpful
            • Re: OSPF through VLAN interfaces
              tmahan1234 New Member

              Hi Jay,

               

              Thanks for your response.

               

              This network design is basically a large loop.  There are about six 3448 routers in the loop each with a similar configuration.  LAN traffic on eth0/1.  Each router has 2 VLAN interfaces, each connected to a wireless bridge which in turn connects to the VLAN interface on the next router.

               

              OSPF handles the routing decisions.  When one of the wireless bridges goes down, ospf kicks in and rerouts the traffic.

               

              When the ring was initially completed, it seemed to work for a short period of time, but we stated seeing vlan interface ports shutting down.  The solution, based on help with Adtran support, was to use the "spanning-tree bpdufilter enable" command on each of the VLAN interfaces on one router in the ring.

               

              This seems to have resolved the issue, but I am now wondering if there was another way that I could have done this....specifically, I am questioning my choice of using the Ethernet port for local traffic and the VLAN interfaces for inter-router communications.

               

              If I had designed the network with the LAN traffic on switch port 1 as a VLAN interface and used the Ethernet ports, would I have had to use the "spanning-tree bpdufilter enable" command at all?

               

              What if I had put all traffic on vlan interfaces rather than Ethernet ports?

               

              In this case, what is the difference between the Ethernet ports and Switch ports configured as VLAN interfaces?

            • Re: OSPF through VLAN interfaces
              levi Employee

              tmahan1234:

               

              I went ahead and flagged this post as "Assumed Answered." If any of the responses on this thread assisted you, please mark them as Correct or Helpful as the case may be with the applicable buttons. This will make them visible and help other members of the community find solutions more easily. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

              Thanks,

               

              Levi

              • Re: OSPF through VLAN interfaces
                phil_denton New Member

                I'm working on an Adtran design right now leveraging Netvanta 1638 (and other 15xx/16xx) switches; however, I seem to be unable to configure physical interfaces with IP addresses.  I have to run OSPF in this environment to support their redundant paths but I'm not quite sure how to implement OSPF without being able to configure point-to-point /32 networks as transit links between devices.  Am I left to configuring OSPF only on the VLAN interfaces or am I just not understanding how to configure IP addresses on physical interfaces on a switch?  In the Cisco world you just issue the command "no switchport" on a multilayer switch and you're off and running but I'm having problems figuring this out on the Netvanta switches.

                 

                Thanks,

                Phil

                  • Re: OSPF through VLAN interfaces
                    Employee

                    phil_denton - On the layer 3 switches, you will need to create VLAN interfaces that will have IP addresses assigned to them. Then you will want to assign those VLANs to the switchports.

                     

                    In the CLI, you would simply enter the commands below from config mode:

                     

                    int vlan <VLAN ID>

                    ip address <IP address> <Subnet Mask>

                    no shutdown

                     

                    int switchport 0/<port ID>

                    switchport access vlan <VLAN ID>

                     

                    Please keep in mind that VLAN interfaces will always be in an up state unless administratively shutdown.

                     

                    Let us know if you have any questions.

                     

                    Thanks,

                    Noor