Advertising OSPF Routers from AutoVPN Spoke

DerekH
Here to help

Advertising OSPF Routers from AutoVPN Spoke

I have setup 2 mx250s in vpn concentrator mode in different buildings (not ha/warm spare, they are separate devices). They are connected together by a stretched vlan into our core switch. I've configured ospf on this vlan and I can see that the core switch has 2 neighbors established, one to each of the 2 meraki controllers. I've bought up an mx67 spoke and it has formed autovpn tunnels into the two separate hub concentrators. The odd thing is that only one of the meraki hub concentrators is advertising the spokes routes to the core switch. When I isolate the hub concentrator that is advertising the routes to the core, the 2nd hub concentrator starts advertising the spoke routes to the core. I thought that both of the meraki controllers would be advertising the same routes to the core switch, just with the costs that I setup for the ospf neighbor config on the mx250s. Is this the default behaviour ie only 1 hub will advertise the spoke routes? The hubs are running 14.39.

3 Replies 3
ww
Kind of a big deal
Kind of a big deal

Are the routes also not in the ospf database on the core? 

 

DerekH
Here to help

Thanks for the suggestions. Given my topology it's normal for both Meraki concentrators to advertise the spoke routes? I didn't know if it's a Meraki peculiarity.

 

There are other unequal cost routes still shown in the route table for other prefixes (not from Meraki),just not marked as the current best route.I fell foul of the below, so I need to wait for another change window to test just incase to bring up the second tunnel.

 

https://community.meraki.com/t5/Security-SD-WAN/OSPF-advertises-entire-route-table/m-p/68841

PhilipDAth
Kind of a big deal
Kind of a big deal

I don't know the answer.  Perhaps it is for loop prevention.

 

Are you sure the two routes have the same cost, and the core switch isn't just dumping the more expensive route?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels