Wired Intelligent Edge

I am trying to find some examples of multi-area OSPF VSX deployments, keen on some example configs. 
I am using a VSX cluster at the distribution layer, each with a routed uplink to a unique core in the campus, with M-LAG to the access layer which is layer 2. So the distribution is doing the routing. 
If I want to make the Active-gateway VLANs a different area, I am not sure what area the ISL OSPF peering should be, Either backbone or the OSPF area of the site.  

I tending to think the ISL peering should be Area 0, as the VLANs will appear as a single entry from an ABR from the VSX cluster but not sure and unable to find some examples or verified design. 

Does anybody know of some documentation ?

------------------------------
Andrew Partridge
------------------------------

Andrew,

take a look at the VSX configuration best practices document, it may assist:-

VSX Configuration Best Practice

regards

Steve


------------------------------
Steve Bartlett
------------------------------

Original Message:
Sent: Feb 02, 2022 05:06 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX


I am trying to find some examples of multi-area OSPF VSX deployments, keen on some example configs. 
I am using a VSX cluster at the distribution layer, each with a routed uplink to a unique core in the campus, with M-LAG to the access layer which is layer 2. So the distribution is doing the routing. 
If I want to make the Active-gateway VLANs a different area, I am not sure what area the ISL OSPF peering should be, Either backbone or the OSPF area of the site.  

I tending to think the ISL peering should be Area 0, as the VLANs will appear as a single entry from an ABR from the VSX cluster but not sure and unable to find some examples or verified design. 

Does anybody know of some documentation ?

------------------------------
Andrew Partridge
------------------------------

Do you mean this document 
https://community.arubanetworks.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=276dde35-142a-43b6-b748-ef512a8ee028

I wasn't able to find multi  area OSPF - it does explain the situation I was looking for.

Thanks

------------------------------
Andrew Partridge
------------------------------

Original Message:
Sent: Feb 02, 2022 06:58 AM
From: Steve Bartlett
Subject: Multi-Area OSPF configuration and VSX

Andrew,

take a look at the VSX configuration best practices document, it may assist:-

VSX Configuration Best Practice

regards

Steve


------------------------------
Steve Bartlett

Original Message:
Sent: Feb 02, 2022 05:06 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX


I am trying to find some examples of multi-area OSPF VSX deployments, keen on some example configs. 
I am using a VSX cluster at the distribution layer, each with a routed uplink to a unique core in the campus, with M-LAG to the access layer which is layer 2. So the distribution is doing the routing. 
If I want to make the Active-gateway VLANs a different area, I am not sure what area the ISL OSPF peering should be, Either backbone or the OSPF area of the site.  

I tending to think the ISL peering should be Area 0, as the VLANs will appear as a single entry from an ABR from the VSX cluster but not sure and unable to find some examples or verified design. 

Does anybody know of some documentation ?

------------------------------
Andrew Partridge
------------------------------

The VSX conf best practices does not dive into multi-areas scenarios.
To provide some guidance, you may ned to investigate if in some circumstances, you want the VSX ISL to be transit for traffic between areas.
Is it expected or not. Most of the cases I would say no as you have endpoint SVIs configured on both primary and secondary,
The "only" interface that might be worth considering is the loopback. If upstream routed ports fails on primary let's say, you want this loopback reachable
through secondary from upstream. If transit VLAN and associated SVI between primary and secondary is in separate area, and loopback in area 0, it won't work. So area for loopback and for transit VLAN should be identical/consistent.

------------------------------
Vincent Giles
------------------------------

Original Message:
Sent: Feb 02, 2022 08:47 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX

Do you mean this document 
https://community.arubanetworks.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=276dde35-142a-43b6-b748-ef512a8ee028

I wasn't able to find multi  area OSPF - it does explain the situation I was looking for.

Thanks

------------------------------
Andrew Partridge

Original Message:
Sent: Feb 02, 2022 06:58 AM
From: Steve Bartlett
Subject: Multi-Area OSPF configuration and VSX

Andrew,

take a look at the VSX configuration best practices document, it may assist:-

VSX Configuration Best Practice

regards

Steve


------------------------------
Steve Bartlett

Original Message:
Sent: Feb 02, 2022 05:06 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX


I am trying to find some examples of multi-area OSPF VSX deployments, keen on some example configs. 
I am using a VSX cluster at the distribution layer, each with a routed uplink to a unique core in the campus, with M-LAG to the access layer which is layer 2. So the distribution is doing the routing. 
If I want to make the Active-gateway VLANs a different area, I am not sure what area the ISL OSPF peering should be, Either backbone or the OSPF area of the site.  

I tending to think the ISL peering should be Area 0, as the VLANs will appear as a single entry from an ABR from the VSX cluster but not sure and unable to find some examples or verified design. 

Does anybody know of some documentation ?

------------------------------
Andrew Partridge
------------------------------

Thanks Vincent, 

I have been doing further research into the subject. I am trying to overcome the 50 router limit with an OSPF area, and while this was based on OSPF 20 odd years ago, I'm not sure if to worry about it. 

Here some more of my thoughts.
Option 1 - Area 0 to the Distribution VSX
There are 77 Distribution routers, some of these are in VSX pairs, and all are the Demarcation between Layer-2 and Layer-3. Having the uplinks as Area 0 and adding the local subnets into the separate area does not give you the advantage of reducing area size. All VSX switches will be in Area 0. 
 

• The Area 0 is across the core in 4 VRF's (With a firewall control point between them)
• If I make each VRF an Area, there would be 77 x4 routers in Area 0 - that doesn't sound like a workable design. 
• This also splits the area 1 into area 0. 
• 

Option 2 - Area per VRF
Have the main VRF in area 0 and all distribution layer switch within the same area. Each VRF would be a separate area meaning 77 routers per area.

Keen to see a multi-area large scale OSPF campus network, starting to think BGP is best suited for the modern campus.

------------------------------
Andrew Partridge
------------------------------

Original Message:
Sent: Feb 03, 2022 04:31 AM
From: Vincent Giles
Subject: Multi-Area OSPF configuration and VSX

The VSX conf best practices does not dive into multi-areas scenarios.
To provide some guidance, you may ned to investigate if in some circumstances, you want the VSX ISL to be transit for traffic between areas.
Is it expected or not. Most of the cases I would say no as you have endpoint SVIs configured on both primary and secondary,
The "only" interface that might be worth considering is the loopback. If upstream routed ports fails on primary let's say, you want this loopback reachable
through secondary from upstream. If transit VLAN and associated SVI between primary and secondary is in separate area, and loopback in area 0, it won't work. So area for loopback and for transit VLAN should be identical/consistent.

------------------------------
Vincent Giles

Original Message:
Sent: Feb 02, 2022 08:47 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX

Do you mean this document 
https://community.arubanetworks.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=276dde35-142a-43b6-b748-ef512a8ee028

I wasn't able to find multi  area OSPF - it does explain the situation I was looking for.

Thanks

------------------------------
Andrew Partridge

Original Message:
Sent: Feb 02, 2022 06:58 AM
From: Steve Bartlett
Subject: Multi-Area OSPF configuration and VSX

Andrew,

take a look at the VSX configuration best practices document, it may assist:-

VSX Configuration Best Practice

regards

Steve


------------------------------
Steve Bartlett

Original Message:
Sent: Feb 02, 2022 05:06 AM
From: Andrew Partridge
Subject: Multi-Area OSPF configuration and VSX


I am trying to find some examples of multi-area OSPF VSX deployments, keen on some example configs. 
I am using a VSX cluster at the distribution layer, each with a routed uplink to a unique core in the campus, with M-LAG to the access layer which is layer 2. So the distribution is doing the routing. 
If I want to make the Active-gateway VLANs a different area, I am not sure what area the ISL OSPF peering should be, Either backbone or the OSPF area of the site.  

I tending to think the ISL peering should be Area 0, as the VLANs will appear as a single entry from an ABR from the VSX cluster but not sure and unable to find some examples or verified design. 

Does anybody know of some documentation ?

------------------------------
Andrew Partridge
------------------------------