In this scenario, we will have to use OSPF sham-link to help. The sham-link does like a virtual link connecting R2 and R3 together as a intraarea link. Therefore, when the sham-link is established, we will see those 2 OSPF routers (R1 and R4) learned route from each other as an intraarea routes.
Creating a Sham-Link:
Before you create a sham-link between PE routers in an MPLS VPN, you must:• Configure a separate /32 address on the remote PE so that OSPF packets can be sent over the VPN backbone to the remote end of the sham-link. The /32 address must meet the following criteria:– Belong to a VRF.– Not be advertised by OSPF.– Be advertised by BGP.You can use the /32 address for other sham-links.• Associate the sham-link with an existing OSPF area
Before enable Sham-link
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
O IA 172.16.1.0 [110/10019] via 192.168.1.2, 00:00:00, FastEthernet0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
O IA 192.168.2.0/24 [110/11] via 192.168.1.2, 00:00:00, FastEthernet0/0
150.1.0.0/32 is subnetted, 2 subnets
O E2 150.1.3.3 [110/1] via 192.168.1.2, 00:00:03, FastEthernet0/0
O E2 150.1.2.2 [110/1] via 192.168.1.2, 00:00:03, FastEthernet0/0
After enable Sham-link
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
O 172.16.1.0 [110/10020] via 192.168.1.2, 00:00:05, FastEthernet0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
O 192.168.2.0/24 [110/21] via 192.168.1.2, 00:00:05, FastEthernet0/0
150.1.0.0/32 is subnetted, 2 subnets
O E2 150.1.3.3 [110/1] via 192.168.1.2, 00:00:57, FastEthernet0/0
O E2 150.1.2.2 [110/1] via 192.168.1.2, 00:00:57, FastEthernet0/0
Configuration
R2 (PE)
interface Loopback0
ip vrf forwarding VPN_A
ip address 150.1.2.2 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding VPN_A
ip address 192.168.1.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.1.1 255.255.255.0
duplex auto
speed auto
mpls ip
!
router ospf 10 vrf VPN_A
log-adjacency-changes
area 0 sham-link 150.1.2.2 150.1.3.3
redistribute bgp 100 subnets
network 192.168.1.0 0.0.0.255 area 0
!
//MPLS domain
router ospf 1
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 23
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
!
address-family ipv4
neighbor 10.1.1.2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-community both
exit-address-family
!
address-family ipv4 vrf VPN_A
redistribute ospf 10 vrf VPN_A
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 activate
no synchronization
network 150.1.2.2 mask 255.255.255.255
exit-address-family
!
R3(PE)
!
interface Loopback0
ip vrf forwarding VPN_A
ip address 150.1.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.1.2 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip vrf forwarding VPN_A
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
router ospf 10 vrf VPN_A
log-adjacency-changes
area 0 sham-link 150.1.3.3 150.1.2.2
redistribute bgp 100 subnets
network 192.168.2.0 0.0.0.255 area 0
!
// MPLS domain
router ospf 1
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 23
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 100
no auto-summary
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community both
exit-address-family
!
address-family ipv4 vrf VPN_A
redistribute ospf 10 vrf VPN_A
neighbor 10.1.1.1 remote-as 100
neighbor 10.1.1.1 activate
no synchronization
network 150.1.3.3 mask 255.255.255.255
exit-address-family
!
**Note**
The intraroute learn by MPLS VPN of OSPF can be achieved by configuring the domain-id in the OSPF process as well. Domain-id can be used if there is no backup link in the same OSPF area.
What makes sham-links better than the domain-id option is it can be configured the cost associated to the link as well. Therefore, in this scenario, we may increase cost of the intraarea backup link to 9999 to make sure the route going through MPLS network as a primary route.
R1
interface FastEthernet0/1
ip address 172.16.1.1 255.255.255.0
ip ospf cost 9999
duplex auto
speed auto
You should configure an OSPF sham link under the following circumstances:
- Two CE routers are linked together by a Layer 3 VPN.
- These CE routers are in the same OSPF area.
- An intraarea link is configured between the two CE routers.
If there is no intraarea link between the CE routers, you do not need to configure an OSPF sham link.
Want To Boost Your ClickBank Traffic And Commissions?
ReplyDeleteBannerizer made it easy for you to promote ClickBank products by banners, simply visit Bannerizer, and grab the banner codes for your picked ClickBank products or use the Universal ClickBank Banner Rotator Tool to promote all of the available ClickBank products.