In some cases where Providers deliver MPLS links to customer locations , OSPF may be used as CE-PE routing protocol.
PE router connected to the CE router collects all the routes in a VRF routing table based on the VRF applied to the incoming interface. These routes are then propagated across other PEs using MP-BGP. Further, routes reach the remote CE after being redistributed from BGP into OSPF process running between CE and PE for a specific VRF.
When OSPF routes are propagated over the MPLS VPN backbone, additional information about the prefix in the form of BGP extended communities (route type, domain ID extended communities) is appended to the BGP update. This community information is used by the receiving PE router to decide the type of link-state advertisement (LSA) to be generated when the BGP route is redistributed to the OSPF PE-CE process. In this way, internal OSPF routes that belong to the same VPN and are advertised over the VPN backbone are seen as inter-area routes on the remote sites.
If the two CEs aren’t peering over OSPF the only path to reach from CE1 to CE2 is via MPLS VPN backbone. However if there happens to be a OSPF neighborship between the two CEs then the traffic would directly flow across the directly connected link between the two CEs ignoring the path via MPLS VPN backbone which will act only as a backup in this case.
Reason for such behavior is obvious that the route from direct connection over OSPF link between CE1-CE2 is intra-area route, and route received from MPLS backbone is inter-area route and keeping in mind the OSPF route selection the intra-area route is always preferred over the inter-area route.
We can overcome this behaviour with the use of OSPF Sham Links.
By using OPSF sham-link a virtual link is created between the two PEs allowing them to appear as a point-point link between OSPF.
These links are able to fool/trick routers in the OSPF domain that this is a better path thus preserving the LSAs as type 1 or type 3.
Sham Link can be created using two loopbacks on the respective devices advertised into the BGP address family that corresponds with the customer VRF.
Command Syntax for OSPF Sham Link is as below –
Area area-id sham-link source-address destination-address cost number
We are using OSPF process 2 inside provider backbone and OSPF process 1 is being used between the CE and PE.
When the backdoor link is not enabled between the CE1 and CE2 the path followed from CE1 to CE2 is via MPLS backbone as shown below –
R1#sh ip route 9.9.0.5
Last update from 9.9.12.2 on FastEthernet0/0, 00:00:10 ago
Routing Descriptor Blocks:
* 9.9.12.2, from 9.9.12.2, 00:00:10 ago, via FastEthernet0/0 #Known via R2#
Route metric is 3, traffic share count is 1
R1#traceroute 9.9.0.5 source 9.9.0.1
VRF info: (vrf in name/id, vrf out name/id)
1 9.9.12.2 16 msec 20 msec 20 msec
2 9.9.23.3 [MPLS: Labels 17/16 Exp 0] 96 msec 56 msec 76 msec
3 9.9.45.4 [MPLS: Label 16 Exp 0] 84 msec 80 msec 56 msec
4 9.9.45.5 56 msec 76 msec 116 msec
Now we will enable the OSPF backdoor link between CE1 and CE2.
We see in the routing table the route for R5’s loopback 9.9.0.5 on R1 is received directly from CE2 as intra-area route is preferred over inter-area route.
R1#sh ip route 9.9.0.5
Last update from 9.9.15.5 on FastEthernet1/0, 00:00:01 ago
Routing Descriptor Blocks:
* 9.9.15.5, from 9.9.0.5, 00:00:01 ago, via FastEthernet1/0 #Known VIA R5 now#
Route metric is 2, traffic share count is 1
R1#traceroute 9.9.0.5 source 9.9.0.1
VRF info: (vrf in name/id, vrf out name/id)
1 9.9.15.5 12 msec 56 msec 16 msec
Now to overcome this behaviour we will configure OSPF Sham Link between PE1 and PE2 & then see the behaviour.
Step 1:
Configure one loopback each on PE1 & PE2 and make it member of VRF.
PE1
vrf forwarding shamlink
ip address 2.2.2.2 255.255.255.255
PE2
vrf forwarding shamlink
ip address 4.4.4.4 255.255.255.255
Step 2:
Advertise these lo1 addresses in IPV4 BGP as follows:
network 2.2.2.2 mask 255.255.255.255
address-family ipv4 vrf shamlink
network 4.4.4.4 mask 255.255.255.255
Step3:
Configure sham-link between PE1 and PE2 using lo1 IP addresses:
router ospf 1 vrf shamlink
area 0 sham-link 4.4.4.4 2.2.2.2 cost 1
Note – while configuring you will need to ensure the cost of link between CE1 and CE2 always remain higher than that mentioned over Sham-link so that path through sham-link remains the preferred one.
Verifying that OSPF Sham link is up:
R2#sh ip ospf sham links
fix”>
Area 0 source address 2.2.2.2
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Verifying additional information is sent in the form on BGP Extended Community when OSPF Route travels MPLS Backbone:
R2#sh ip bgp vpnv4 all 9.9.0.1
Paths: (1 available, best #1, table shamlink)
Advertised to update-groups:
1
Refresh Epoch 1
Local
9.9.12.1 from 0.0.0.0 (9.9.0.2)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, best
Extended Community: RT:2:1 OSPF DOMAIN ID:0x0005:0x000000010200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:9.9.12.2:0
mpls labels in/out 25/nolabel
rx pathid: 0, tx pathid: 0x0
Verifying the path taken now after Sham-link is operational:
R1#traceroute 9.9.0.5
Tracing the route to 9.9.0.5
VRF info: (vrf in name/id, vrf out name/id)
1 9.9.12.2 48 msec 28 msec 12 msec
2 9.9.23.3 [MPLS: Labels 17/27 Exp 0] 84 msec 44 msec 68 msec
3 9.9.45.4 [MPLS: Label 27 Exp 0] 68 msec 28 msec 68 msec
4 9.9.45.5 92 msec 48 msec 52 msec
R1#sh ip route 9.9.0.5
Known via “ospf 1”, distance 110, metric 4, type intra area
Last update from 9.9.12.2 on FastEthernet0/0, 00:00:56 ago
Routing Descriptor Blocks:
* 9.9.12.2, from 9.9.0.5, 00:00:56 ago, via FastEthernet0/0 Known via R2#
Route metric is 4, traffic share count is 1
Continue Reading:
OSPF Multi-Area Adjacency : Example Scenario
OSPF: Unable to install external routes
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
