| Description | This article describes how to configure the OSPF settings in order to configure a deterministic desired path. |
| Scope | FortiGate v6.x and v7.x. |
| Solution |
Let's assume a network administrator has configured the below topology:
The goal is to redistribute the default static route from the ASBR FortiGate towards the rest of the OSPF domain. Between the ASBR and the ABR FortiGate, there are two VLANs configured X, Z and respectively two OSPF adjacencies have been formed over those links.
Ideally, OSPF path manipulation needs to be performed in order to packets to traverse via the desired VLAN (OSPF neighbor) towards the Internet.
An ASBR device though can only advertise a single NSSA external LSA and that is why in the ABR's external NSSA LSA database there will be only one installed.
For the reason mentioned above even if the OSPF costs are being modified to prefer a certain path via a specific OSPF neighbor there will no such improvement and the selection of the preferred link would be random based on which OSPF neighbor firstly formed the adjacency.
In order to observe the forward address which the ABR router will send the packets, you may issue the below command:
get router info OSPF database nssa-external self-originate
However, to overcome the issue, advertise a loopback address from the ASBR towards the ABR router, and then the ABR will install it in its database as a forward address the loopback instead of the VLAN address:
get router info ospf database nssa-external self-originate
When the loopback is installed an administrator could modify the OSPF costs on the respective VLAN interfaces in order to select the optimal desired path. |
