Microsoft KB Archive/241540

= OSPF over RRAS Dial-on-Demand and VPN Connections in Windows 2000 =

Article ID: 241540

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server

-



This article was previously published under Q241540



SUMMARY
This article describes how to implement Open Shortest Path First (OSPF) over Routing and Remote Access Service (RRAS) Dial-on-Demand (DOD) connections in Windows 2000. The implementation of this protocol is the same for both direct-dial modem connections and virtual private networking (VPN) connections over the Internet.



MORE INFORMATION
OSPF is a fairly complex protocol and requires prior knowledge of its use and configuration. This article describes a few key points when using OSPF over DOD connections, but does not attempt to explain the OSPF protocol itself.

The information in this article applies to both direct connections and VPN connections. In the following examples, RRAS is used to provide LAN-to-LAN routing:

Example of OSPF Over a Direct-Dial Connection

Lclient          L-RRAS === Modem === R-RRAS           Rclient |     IP      |                        |      IP      | --                         -- Example of OSPF Over a VPN Connection Lclient          L-RRAS ===== VPN ===== R-RRAS           Rclient |     IP      |  |      Internet     |  |      IP      | --   ---    --

NOTE: For the purposes of this article, a DOD connection refers to either a direct-dial connection using a modem or a VPN tunnel connection over the Internet. Because OSPF does not distinguish between connectivity methods, both are used in the same manner.

Before you configure OSPF for LAN-to-LAN routing (as in the two examples above), do the following:  Make sure your DOD connections dial and connect successfully.

This is true for both modem and VPN connections. You can add temporary static routes to the RRAS servers to test routing capabilities, but you should remove them after testing. OSPF does not work if the DOD connections do not connect. Add OSPF:  Start the RRAS Administrator tool. In the IP Routing section, right-click Summary, and then click Add Routing Protocol. Click OSPF by Bay Networks, and then click OK.</ol> </li></ol>

After you install OSPF, the OSPF icon is displayed in the IP Routing section of the RRAS Administrator tool. Right-click OSPF by Bay Networks, and then click Add. Click the DOD interface you are using between the two RRAS servers (you need to do this on both RRAS servers). Add the interfaces that OSPF uses in this section (you must add the DOD interfaces and the LAN side interfaces). In the VPN example above, it is not necessary to add the network interface that connects to the Internet, unless there are other compelling reasons to do so.

When add an interface to OSPF, you can change the OSPF configuration of the interface. Three tabs are available:
 * General Tab: On the General tab, you can change your Area ID, cost, and password. In the area at the bottom of the screen, there are three types you can choose:
 * Broadcast: Network card interfaces use the Broadcast option for broadcast type mediums (Ethernet-based networks).
 * Non-Broadcast-Multiple-Access NBMA: If your network is a frame-relay network that does not support broadcasts, you need to choose the Non-Broadcast-Multiple-Access NBMA option. If you configure NBMA, you also need to configure specific IP addresses for OSPF neighbors on the NBMA Neighbors tab.
 * Point-to-Point: The Point-to-Point option is used for DOD connections because they are point-to-point by nature. Broadcast types are configured with a default cost of 2, whereas point-to-point types are configured with a default cost of 4.
 * NBMA Neighbors Tab: You do not need to configure anything on the NBMA Neighbors tab unless you are using OSPF on a NBMA network.
 * Advanced Tab: On the Advanced tab, you can configure various OSPF parameters for the autonomous system of which the RRAS servers and LANs are a part.

At this point, even though OSPF is installed and you have configured interfaces to bind to OSPF, your DOD connections do not dial or cannot be forced to dial by OSPF. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

235492 RIP and OSPF Do Not Start Dial On Demand Connections

OSPF does not know what a DOD connection is, so it does not detect that the interface exists until it is already connected. After it is connected, OSPF uses it just like it uses another network card.

To force a DOD to dial, you need to either add a default gateway static route pointing to the DOD or specific network routes pointing to the DOD. You must do this on each side for routing purposes. In this scenario, you must manually add the static routes, and the OSPF learned routes are placed in the routing table after the DOD is connected. If you add static routes in this configuration, you should also do the following: <ol> Give static routes a higher metric than those that are learned by OSPF. This process is sometimes a matter of trial and error, but you want the OSPF learned routes to have a better metric than the static routes. Giving the static routes a higher metric also means that when your LAN connection or high capacity WAN connection comes back online, the traffic does not continue to be routed over the VPN, but over the better cost route.</li> Change the preference level of OSPF routes: <ol style="list-style-type: lower-alpha;"> Start the RRAS Administrator tool.</li> In the IP Routing section, right-click General, and then click Properties.</li> On the Preference Levels tab, click Open Shortest Path First (OSPF), and change its preference level from 110 to 1 (the preference level itself is not as important as the fact that OSPF routes should have more preference than static routes).</li></ol> </li></ol>

Keywords: kbenv kbinfo KB241540

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.