This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

redistribute static routes including next hop as next VR in ospf

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

redistribute static routes including next hop as next VR in ospf

Deepak25
L3 Networker

‎08-31-2021 09:10 AM

we have two VR

1. Default :

eth1/1 -  10.1.1.0/24  L3_LAN Zone

eth1/2  - 10.1.2.0/24 L3_DMZ zone

eth1/3 - internet

 

2.New_VR

tunnel interface tunnel.1_global protect tunnel

eth1/4 - Branch

 

Core ------- PA ------------------Branch router

We want to enable ospf in New_VR . As per requirement DMZ subnet of default VR and GP ip pool should redistribute via ospf to Branch router in New_VR

 

we found below solution :

1. There will be static route for DMZ subnet in New_VR.

so to reach DMZ subnet next hop will be "next VR" which is a default VR in our case.

So we can redistribute this static route using redistribution profile.

 

2. Tunnel interface will be connected in New_VR

So we can redistribute tunnel interface which is connected in new_VR

 

Have query on above solution :

1. static routes will be with next hop as "next VR' , will it work ?

2. There is no route for  GP ip pool and no ip-address we mention on tunnel interface of global protect . if select tunnel interface in

redistribution profile , gp ip pool will redistribute ?

3. Does firewall by default redistribute routes of another VR if we configure redistribution profile ? Cause after configuring redistribution profile in New_VR for its tunnel interface and DMZ static route , it should not redistribute subnet of Default VR .Otherwise it will be impact for us.

 

 

 

1 person had this problem.
0 Likes Likes
2 REPLIES 2

Neal.Gomes
L0 Member

‎12-09-2023 05:43 PM

Hello Deepak,

 

I know this is an old post, but did you ever find an answer or solution to this.   I'm having a similar issue where I'm trying to redistribute a few static routes with next hop of "next vr" into BGP, but the subnets in question with next hop of "next vr" are not being redistributed into BGP and therefore the BGP peer neighbor is not receiving these routes.   

 

I'm thinking this might be a limitation due to the actual route existing in a different VR, but was hoping you (or someone else) might have some clarity on this or maybe some sort of workaround. 

 

Any insight on this by anyone would be greatly appreciated.

 

Thank you 

0 Likes Likes

Neal.Gomes
L0 Member
In response to Neal.Gomes

‎12-10-2023 03:05 PM

Nevermind... scratch my last comments... Found a misconfiguration in my config.  I had the route distribution profile used for BGP set to "no-redistribute" instead of "redistribute"...  So yes, you can redistribute static routes with next hop value of next vr incase anyone was wondering still. 

0 Likes Likes
  • 2341 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks