1760 ospf routing help needed.

[pirateclem]

I am just starting with routing and am trying to learn. I have a 1760 router that I am trying to enable ospf routing but it does not seem to be working. lets say for example:

fastethernet 0/0 150.1.1.1/25
vlan 1 150.1.1.128/25
fastethernet 0/1 no ip.

faeth 0/0 goes out to the world, vlan 1 is the vlan that the 4 port wic card exists within on the inside of the router, faeth 0/1 is port 1 on the wic card that the rest of my network exists off of.

I have tried this:

enable
conf t
router ospf 1
network 10.1.1.0 0.0.0.255 area 0

//have tried several other variations of the above with different network portions and different masks for care about bits.

Problem is router is still not routing. when I type:

sh ip route

only the two interfaces faeth 0/0 and vlan 1 are listed, both with a C for connected.

when I type:

sh ip route ospf

There is nothing listed. Obviously I am in error with the syntax of my routing enabling command or something else is set in the router not allowing this. I have tried:

ip routing

to enable ip routing and the router just locks up needing to be rebooted.

help please!

 

[pirateclem]

doh, the first address for faeth 0/0 should be:

fastethernet 0/0 150.1.1.1 /24

 

[pirateclem]

doh again, the first command list should be:

enable
conf t
router ospf 1
network 150.1.1.0 0.0.0.255 area 0

I have also tried:

network 150.1.0.0 0.0.0.0 area 0

network 150.1.0.0 0.0.255.255 area 0

etc.. nothing seems to work, and after:

sh ip route ospf

I get nothing.

sorry about all of the additions, thats what I get for not using real IP's here I guess.

 

[pirateclem]

I just read another tip here and to add, when I type:

sh run

the router line says:

router ospf 1
log-adjacency-changes
150.1.0.0 0.0.255.255 area 0


so apparantly, ospf is set up. However, why when I do a:

sh ip route ospf

nothing shows up?

and, I cannot access anything on the inside of the router from the outside.

 

[pirateclem]

ok so I was right the first time:

faeth 0/0 150.1.1.1 /25

 

[vipergg]

The only routes you are going to see is connected routes unless you have another router hooked up to one of your links running ospf in the same area . OSPF looks to be set up ok , not a lot to it . Do a show ip ospf interface and see if your interfaces are set ok for ospf , should tell you . Not quite sure what you are expecting to see.

 

[pirateclem]

Well, it is still not working. It is acting like there is a big wall between the inside and outside of the router. I changed ospf:

network 150.1.1.1 0.0.0.0 faeth 0/0
network 150.1.1.129 0.0.0.0 VLAN1 (WIC card)

This is in theory the inside and outside of my router, I am now advertising exact addresses. I still cannot ping the vlan on the inside or get to the servers connected to a port within that vlan. The routers firewall is not on. There are no access lists in place. I did a sh ip ospf interface and it shows both of these devices in the ospf list and both are up/up.

Ok, I give up. Here is the actual list with IP's. Any help appreciated. Following is the ospf interface's and edited sh run.

sh ip ospf interface ---------------------------------

Vlan1 is up, line protocol is up
Internet Address 149.164.35.129/25, Area 0
Process ID 1, Router ID 149.164.35.129, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) dyn035129.ipfw.edu, Interface address 149.164.35.129
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:02
Index 2/2, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
FastEthernet0/0 is up, line protocol is up
Internet Address 149.164.35.11/25, Area 0
Process ID 1, Router ID 149.164.35.129, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) dyn035129.ipfw.edu, Interface address 149.164.35.11
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:09
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)

sh run -----------------------------------------------

no aaa new-model
ip subnet-zero
ip host-routing
!
ip audit notify log
ip audit po max-events 100
ip name-server 149.164.1.1
no ftp-server write-enable
!
interface FastEthernet0/0
description $ETH-WAN$
ip address 149.164.35.11 255.255.255.128
speed auto
full-duplex
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
shutdown
!
interface FastEthernet0/3
no ip address
shutdown
!
interface FastEthernet0/4
no ip address
shutdown
!
interface Vlan1
ip address 149.164.35.129 255.255.255.128
!
router ospf 1
log-adjacency-changes
network 149.164.35.11 0.0.0.0 area 0
network 149.164.35.129 0.0.0.0 area 0
!
ip classless
!
no ip http server
ip http secure-server
ip ospf name-lookup
!
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
!
end

help!

 

[vipergg]

where is vlan 1 applied ? I would think it would have to be applied to one of your interfaces before it can work . Not real familiar with a 1760 but I would think vlan 1 would have to applied to an interface before it is going to work . Did you try just putting the inside address just on the interface that connects to your inside network instead of using a vlan interface ?

 

[Cluebird]

Why do you have VLAN1 configured on a router?

Is your router attached to any other routers?

What kind of WIC are you using?

Are you trying to do inter-VLAN routing with an external switch?

Is your Layer 1 working? Cables attached, clocking set on serial links, etc.?

Do a "show ip protocols" to see if OSPF is running on the box. Also, a "show ip interface brief" to see if the interfaces are up.

 

[pirateclem]

VLAN 1 exists on the inside of the router. The router has a 4 port WIC card installed, at this point all 4 internal ports are within VLAN 1, however only port 1 is in use and thus up/up. VLAN 1 also exists on the switch that carries all connections for the internal network and is trunked(access mode) from faeth 0/1 on the router and the network I am using at this point exists on that switch. Right now I cannot get any data to flow from the outside world to the inside of the router. Logged into the router from anywhere that device faeth0/0 I can ping all internal devices. From any internal device I can ping faeth 0/0. However, any device outside of the router cannot route data through to the internal network. I am not worried about the connection from router faeth0/1 to the rest of the network as at this point I cannot ping VLAN1 from outside the router, only when logged into it. It seems that the router is not routing and my gut feeling is that ospf is not working properly or there is something I have neglected. Unfortunatly, since this is the first router I have ever set up I am not certain which. Any assistance is appreciated. Also, VLAN 1 is default to the 4 port WIC.

sh ip protocols------------------------------------

Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 149.164.35.129
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
149.164.35.11 0.0.0.0 area 0
149.164.35.129 0.0.0.0 area 0
Routing Information Sources:
Gateway Distance Last Update
149.164.35.129 110 16:01:19
Distance: (default is 110)

Interesting, thanks to Cluebird for suggesting looking at a sh ip protocols. It seems the gateway for ospf is pointing at the VLAN1 (internal) IP address. Should I set the gateway to the gateway router for the larger network that this router resides within or to the faeth 0/0 port?

Layer 1 is fine ---------------------

sh ip interface brief--------------------------------

Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 149.164.35.11 YES NVRAM up up

FastEthernet0/1 unassigned YES unset up up

FastEthernet0/2 unassigned YES unset administratively down down

FastEthernet0/3 unassigned YES unset administratively down down

FastEthernet0/4 unassigned YES unset administratively down down

Vlan1 149.164.35.129 YES NVRAM up up


Advice? Apparantly I need to change the gateway. etc..???

 

[vipergg]

Vlan 1 is the router ID for ospf because it has the highest internal address which is how ospf works unless you have specifically configured a loopback interface . Try deleting your vlan 1 interface and put your address directly on the interface f0/1 , you do not need to define a vlan on the router to route out to your switch . Your default gateway for clients on f0/1 will be the router interface F0/1 address .

 

[pirateclem]

Thanks for the help. As far as routing thats what I thought to begin with that the internal address of the router was the gateway for everything in the internal network. However, the 1760 defaults to VLAN1 on all of the 4 internal WIC ports and I ASSumed that I could route to that VLAN IP and the WIC ports would act like a switch. I will dump the VLAN and try addressing faeth0/1. Thanks.

 

[pirateclem]

Ok, I tried to set an IP address on WIC port 1 (faeth 0/1), apparantly my assumption was correct. VLAN 1 on the inside of the router cannot be removed and the WIC port's are layer 2 only, they cannot receive IP addresses (router would not allow it). So, I think I did this right so far by giving an IP address to the internal VLAN 1 which contains WIC ports 1 through 4 and an IP in a seperate subnet to the faeth 0/0 (rest of the world). Still, I cannot route between the internal VLAN and the external faeth0/0. As well it appears that the VLAN should be set as the gateway for all internal clients. What should I look for now???

 

[Cluebird]

What is the configuration of the switch the router is attached to? Is it a Cisco device? Have you set up a trunk interface? Have you set up a management VLAN on the switch? Have you set up a default-gateway on the switch? Are you tagging with dot1q? Also, what is the model of the WIC?

 

[pirateclem]

cluebird:

I am using a 2950 switch internally from faeth0/1. All switch ports are inside of VLAN1 on the switch as well. Access mode is set for router faeth0/1 (VLAN1). As it stands now, if I am logged on to the router (faeth0/0 from outside) I can ping VLAN1, and the two servers off of the 2950 switch. From inside the network on any device I can ping VLAN1, the two servers and router faeth0/0. However, devices inside the router cannot route data outside of the network and no devices outside the router can ping devices inside the network. As well, since I have started OSPF, I cannot telnet to this router and I cannot ping faeth0/0. I do however, have a second 1760 router up on the same switch that this router is plugged into, can log onto that one and then connect to this one no problem. As a little background information, I have a small stack of cisco equipment which I am configuring. There is a large network already existing which this stack exists within. The building I am in has a single router and several layer 2 switches. I am bringing a crossover from my wall port to a 2900 XL catalyst switch, and have connected 1760 routers 1 & 2 to that switch. Router 2 is not configured beyond an external IP for management. Router 1 is the one in question from which internal faeth0/1 is connected via crossover to a 2950 switch from which (2) 2003 servers are connected. All devices internal from router 1 are set to the high /25 subnet IP's, router 1 faeth0/0 is set at an IP low /25 subnet IP range. Now then, to finish your questions:

here is the sh run for the 2950 switch internal from router 2.


ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
!
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
no ip address
!
interface FastEthernet0/12
no ip address
!
interface Vlan1
ip address 149.164.35.132 255.255.255.128
no ip route-cache
!
ip default-gateway 149.164.35.129
ip http server
!
!
line con 0
exec-timeout 0 0
line vty 0 4
password *******
login
line vty 5 15
password *******
login
!
end


---------------------------------------
Here is an example of sh interfaces for one of the ports that has a server off of it on the 2950

FastEthernet0/8 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0011.5c55.4b08 (bia 0011.5c55.4b08)
MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
196139 packets input, 27990442 bytes, 0 no buffer
Received 6361 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 10 multicast, 0 pause input
0 input packets with dribble condition detected
4191858 packets output, 1101929254 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out



I do not know the model of the WIC card in router 1, I can have that information in the morning. It came pre-installed from Cisco. As I stated earlier, since I brought up OSPF I cannot directly log onto router 1, to get this information I had to telnet to router 2, then connect to router 1 then connect to the 2950 switch. I do not understand why I cannot telnet, ssh, https or ping to router 1 but can still connect to it no problem from router 2 which resides on a port beside it on my external switch. I am not tagging with 802.1q since the WIC card and the 2950 switch reside within the same VLAN, the servers off of the switch can ping the VLAN on the inside of the router no problem and vice versa.

 

[pirateclem]

What types of problems would I run into if the subnet mask of the network that this stack resides within is /24 and I am using /25 inside and outside so that I can have different networks in and out of router 1? Would this be easier if I changed router 1 faeth 0/0 to a /24 mask and turned on dhcp for all devices internal to the router?

 

[vipergg]

From what I have read your understanding of the 4 port wic is correct , haven't seen or worked with their small routers and haven't seen one with a small switchmod built in . Maybe this link will help you ,

http://www.cisco.com/en/US/partner/...guration_basics09186a00801a055a.html#wp228931

 

[pirateclem]

Thanks but for some reason I cannot access that page. I am a registered cisco user and even had cisco send me a new password in case I was typing mine wrong. Will not let me access that page though.

 

[vipergg]

Sorry that must have been from my registered CCO account , this one should work though .

http://cisco.com/en/US/products/hw/routers/ps221/prod_configuration_basics09186a00801a055a.html

 

[pirateclem]

Hey thanks, that does look very helpful.