Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

OSPF - Cisco vs Aruba

This thread has been viewed 25 times
  • 1.  OSPF - Cisco vs Aruba

    Posted Jul 06, 2022 05:20 AM

    Hello everyone,

    I'm new in Aruba (come from Cisco).. and I need some help please.

    Scenario:

    Fortigate on one side, Aruba 3810M (WC.16.10) on the other.
    I'd like to configure a transport VLAN between them and enable OSPF.
    Only the 3810 is under my administration.

    So in Cisco world, I'd go this way...

    router ospf 1
    router-id 10.28.15.243
    area 1 authentication message-digest
    redistribute connected subnets
    redistribute static metric 1000 metric-type 1 subnets
    passive-interface default
    no passive-interface Vlan700
    network 10.28.8.0 0.0.7.255 area 1

    interface vlan 700
    description L3-VLAN-700
    ip address 10.28.15.130 255.255.255.248
    ip ospf message-digest-key 1 md5 0 [key]
    ip ospf network point-to-point
    ip ospf cost 10
    no shutdown

    interface GigabitEthernet1/0/1
    description wan-01
    switchport access vlan 700
    switchport mode access


    I'm working in a document here, not the switch itself. The 3810 is in production, so I'm planning on having everything prepared and then just paste the config during migration day.
    I'm struggling with the configuration in the 3810.. this is what I'd like to do.

     


    OSPF configuration for the 3810:
    ip routing enable
    !
    router ospf 0
     area backbone
     enable
     redistribute connected
    exit
    !
    !
    ip router id [ip address lo0]
    !
    !
    vlan 700
     tagged 1/1
     name L3-VLAN-700
     ip address 172.20.30.1 255.255.255.252  à Fortigate .2
     ip ospf area 0
    !
    !
    interface 1/1
     name [name]
     tagged vlan 700
    !
    !
    I don't know if the above config is correct/complete.. also, I don't know if I have to add the OSPF statements in all my SVIs, like this...

    vlan 110
     tagged 1/1
     name SRV-VLAN
     ip address 172.20.3.1 255.255.255.0
     ip ospf 172.20.3.1 area 0
    !
    !
    vlan 200
     tagged 1/1
     name CORP-VLAN
     ip address 172.20.30.1 255.255.248.0
     ip helper-address 172.20.3.175
     ip helper-address 172.20.3.205
     ip ospf area 0

    Would the above be the equivalent to the "network" statement in the OSPF config for Cisco?

    I'd really appreciate any input!

    !!Parnassus, if you read this.. please help me, I've read many of your answers since I moved to HP, you are a genius man!!

    Thank you in advance!



  • 2.  RE: OSPF - Cisco vs Aruba

    EMPLOYEE
    Posted Jul 06, 2022 08:25 AM
    Nice work Damian! You're almost there and with tabbing and ? in the CLI I think you would've got it with little work.

    A resource I think you'll find extremely useful is the CLI Reference Guide for ArubaOS-CX, ArubaOS-Switch and Cisco IOS. Check from page 132 which covers OSPF.

    Also here is the Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS-Switch 16.10. I was unable to find a 16.11 version of this at this stage but I doubt the OSPF section is much different. You'll find things like the default metric configuration in here and authentication (page 216 and 262).

    Here is an example of config to setup your OSPF routing and the point-to-point link excluding the md5 key.
    ip router-id <ip-address>
    ip routing
    !
    router ospf
       area backbone
       redistribute connected
       enable
       exit
    !
    vlan 700
       name "L3-VLAN-700"
       tagged 1/1
       ip address 172.20.30.1 255.255.255.252
       ip ospf 172.20.30.1 area backbone
       ip ospf 172.20.30.1 network-type point-to-point
       exit​



  • 3.  RE: OSPF - Cisco vs Aruba

    Posted Jul 06, 2022 09:35 AM
    Hey Matthew,

    Thanks a lot for the example! and the links, the reference guide is indeed very useful :)

    It seems this ...

    vlan 220
     ip ospf area 0

    Replaces this:

    network 10.1.220.0 0.0.0.255 area 0

    Correct?

    Cheers,
    Damian

    network 10.1.220.0 0.0.0.255 a



  • 4.  RE: OSPF - Cisco vs Aruba

    Posted Jul 06, 2022 09:38 AM
    Sorry, what I meant is that the network statement you'd use in Cisco, changes to "ip ospf are [area]" in every L3 VLAN for Aruba....


  • 5.  RE: OSPF - Cisco vs Aruba

    EMPLOYEE
    Posted Jul 06, 2022 11:44 PM
    Yes that will start the advertisement of those networks. Remember in ArubaOS-Switch the SVI is down if none of it's associated ports have a link state up.

    vlan 220
      ip ospf area backbone
    
    or
    
    vlan 220
      ip ospf area 0
    
    or 
    
    vlan 220
      ip ospf area 0.0.0.0​

    If you don't want OSPF Hello's out the various interfaces then use 'ip ospf passive' on those VLANs.

    Also, redistributing connected would also advertise any network for which the switch holds an SVI (as long as it's UP - see above). This is probably considered lazy and will change the LSA type but if it's just between your Fortigate and the switch either will also likely achieve the routing table you need.


  • 6.  RE: OSPF - Cisco vs Aruba

    Posted Jul 21, 2022 05:55 AM
    Hi Matthew,

    Sorry for the very late reply, and thank you for all the info!
    The migration was a success :)

    Cheers,
    Damian


  • 7.  RE: OSPF - Cisco vs Aruba

    EMPLOYEE
    Posted Jul 21, 2022 08:35 AM
    Great news! I'm glad it went well.