Search This Blog

Saturday, June 30, 2012

OSPF Super Backbone


Here is the following LAB:

As for the roles of the routers:
R1, R2 and R3 are all PE routers
R4 is P router
R5, R6, R7 and R8 are all CE routers

Between the PE and the P router I have configured OSPF as IGP, MPLS using LDP and BGP on AS65001 where R4 is acting as the route reflector for this AS.

Each PE is configured with VRF RED and with OSPF process 100 on this VRF while advertising the directly connected and BGP AS65001.

Config snippet:
router ospf 100 vrf RED
 log-adjacency-changes
 redistribute bgp 65001 subnets
 network 10.1.26.2 0.0.0.0 area 0
 network 10.1.27.2 0.0.0.0 area 0
!
Router bgp 65001
address-family ipv4 vrf RED
  redistribute connected
  redistribute static
  redistribute ospf 100 vrf RED
  no synchronization
  bgp redistribute-internal
 exit-address-family

R5, R6 and R8 are advertising their loopback 1 interface into OSPF, while R7 redistribute Lo1 as connected. R8 is also advertise default route (default-information originate).

Looking at R5 route table:

R5#sh ip route                     
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     192.168.60.0/32 is subnetted, 1 subnets
O IA    192.168.60.1 [110/3] via 10.1.15.1, 00:16:03, FastEthernet0/0
     192.168.80.0/32 is subnetted, 1 subnets
O IA    192.168.80.1 [110/3] via 10.1.15.1, 00:15:48, FastEthernet0/0
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.15.0 is directly connected, FastEthernet0/0
O IA    10.1.27.0 [110/2] via 10.1.15.1, 00:16:06, FastEthernet0/0
O IA    10.1.26.0 [110/2] via 10.1.15.1, 00:16:06, FastEthernet0/0
O IA    10.1.38.0 [110/2] via 10.1.15.1, 00:16:06, FastEthernet0/0
C    192.168.50.0/24 is directly connected, Loopback1

As we can see R5 is learning only the directly connected of R6, R7 and R8 and Lo1 of R6 and R8, all routes as IA which mean Inter-Area or LSA type 3. No default route and no external routes are learned.

Looking on R2, which is the PE for R7, routing table:

R2#sh ip route vrf RED ospf

Routing Table: RED

     192.168.60.0/32 is subnetted, 1 subnets
O       192.168.60.1 [110/2] via 10.1.26.6, 00:19:25, FastEthernet1/1
O E2 192.168.70.0/24 [110/20] via 10.1.27.7, 00:19:15, FastEthernet2/0

We can see the R2 is learning network 192.168.70.0/24 as OSPF E2, looking on R1 routing table:

R1#sh ip route vrf RED

Routing Table: RED
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     192.168.60.0/32 is subnetted, 1 subnets
B       192.168.60.1 [200/2] via 2.2.2.2, 00:18:57
     192.168.80.0/32 is subnetted, 1 subnets
B       192.168.80.1 [200/2] via 3.3.3.3, 00:18:42
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.15.0 is directly connected, FastEthernet1/1
B       10.1.27.0 [200/0] via 2.2.2.2, 00:33:27
B       10.1.26.0 [200/0] via 2.2.2.2, 00:33:27
B       10.1.38.0 [200/0] via 3.3.3.3, 00:34:12
     192.168.50.0/32 is subnetted, 1 subnets
O       192.168.50.1 [110/2] via 10.1.15.5, 00:18:50, FastEthernet1/1

No network 192.168.70.0/24! So it is must be something on the MP-BGP…

I have configured the following on R2:

Router bgp 65001
Address-family ipv4 vrf RED
redistribute ospf 100 vrf RED match external 2

Now looking again on R1 routing table:

R1#sh ip route vrf RED     

Routing Table: RED
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     192.168.60.0/32 is subnetted, 1 subnets
B       192.168.60.1 [200/2] via 2.2.2.2, 00:23:39
     192.168.80.0/32 is subnetted, 1 subnets
B       192.168.80.1 [200/2] via 3.3.3.3, 00:23:24
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.15.0 is directly connected, FastEthernet1/1
B       10.1.27.0 [200/0] via 2.2.2.2, 00:38:09
B       10.1.26.0 [200/0] via 2.2.2.2, 00:38:09
B       10.1.38.0 [200/0] via 3.3.3.3, 00:38:54
     192.168.50.0/32 is subnetted, 1 subnets
O       192.168.50.1 [110/2] via 10.1.15.5, 00:00:03, FastEthernet1/1
B    192.168.70.0/24 [200/20] via 2.2.2.2, 00:00:24

Now R1 is learning network 192.168.70.0/24 as BGP route, and advertise it to R5:

R5#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     192.168.60.0/32 is subnetted, 1 subnets
O IA    192.168.60.1 [110/3] via 10.1.15.1, 00:02:33, FastEthernet0/0
     192.168.80.0/32 is subnetted, 1 subnets
O IA    192.168.80.1 [110/3] via 10.1.15.1, 00:02:33, FastEthernet0/0
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.15.0 is directly connected, FastEthernet0/0
O IA    10.1.27.0 [110/2] via 10.1.15.1, 00:02:33, FastEthernet0/0
O IA    10.1.26.0 [110/2] via 10.1.15.1, 00:02:33, FastEthernet0/0
O IA    10.1.38.0 [110/2] via 10.1.15.1, 00:02:34, FastEthernet0/0
C    192.168.50.0/24 is directly connected, Loopback1
O E2 192.168.70.0/24 [110/20] via 10.1.15.1, 00:02:34, FastEthernet0/0

R5 in turn learns this network as external route.

Now the major problem left is the fact that all CE routers should learn their neighbors loopbacks as Intra-Area (LSA type 1) networks and not Inter-Area (LSA type 3) networks, in order to fix this we will need to connect and “join” all area 0 between all PE routers, for this to be accomplish we will need to use sham-link.

Sham-link will be configured on the PE routers, because their backbone - the MP-BGP, is the root cause of this behavior.In order to configure sham-link we will need to configure a separate /32 address on the remote PE so that OSPF packets can be sent over the VPN backbone to the remote end of the sham-link. The /32 addresses must meet the following criteria:
Belong to a VRF.
Not be advertised by OSPF.
Be advertised by BGP.
You can use the /32 address for other sham-links.
- Associate the sham-link with an existing OSPF area.


So I configured on R1:

interface Loopback1
 ip vrf forwarding RED
 ip address 10.10.10.10 255.255.255.255
!
Router ospf 100 vrf RED
area 0 sham-link 10.10.10.10 30.30.30.30

On R3:

interface Loopback1
 ip vrf forwarding RED
 ip address 30.30.30.30 255.255.255.255
!
Router ospf 100 vrf RED
area 0 sham-link 30.30.30.30 10.10.10.10

R5 routing table before the sham-link:

R5#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     192.168.60.0/32 is subnetted, 1 subnets
O IA    192.168.60.1 [110/3] via 10.1.15.1, 00:00:03, FastEthernet0/0
     192.168.80.0/32 is subnetted, 1 subnets
O IA    192.168.80.1 [110/3] via 10.1.15.1, 00:00:03, FastEthernet0/0
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.15.0 is directly connected, FastEthernet0/0
O IA    10.1.27.0 [110/2] via 10.1.15.1, 01:01:49, FastEthernet0/0
O IA    10.1.26.0 [110/2] via 10.1.15.1, 01:01:49, FastEthernet0/0
O IA    10.1.38.0 [110/2] via 10.1.15.1, 01:01:51, FastEthernet0/0
C    192.168.50.0/24 is directly connected, Loopback1

R5 after sham-link has been configured:
R5#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.1.15.1 to network 0.0.0.0

     192.168.60.0/32 is subnetted, 1 subnets
O IA    192.168.60.1 [110/3] via 10.1.15.1, 00:00:05, FastEthernet0/0
     192.168.80.0/32 is subnetted, 1 subnets
O       192.168.80.1 [110/4] via 10.1.15.1, 00:00:05, FastEthernet0/0
     10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O E2    10.10.10.10/32 [110/1] via 10.1.15.1, 00:00:05, FastEthernet0/0
C       10.1.15.0/24 is directly connected, FastEthernet0/0
O IA    10.1.27.0/24 [110/2] via 10.1.15.1, 00:00:05, FastEthernet0/0
O IA    10.1.26.0/24 [110/2] via 10.1.15.1, 00:00:07, FastEthernet0/0
O       10.1.38.0/24 [110/3] via 10.1.15.1, 00:00:07, FastEthernet0/0
C    192.168.50.0/24 is directly connected, Loopback1
O E2 192.168.70.0/24 [110/20] via 10.1.15.1, 00:00:07, FastEthernet0/0
     30.0.0.0/32 is subnetted, 1 subnets
O E2    30.30.30.30 [110/1] via 10.1.15.1, 00:00:07, FastEthernet0/0
O*E2 0.0.0.0/0 [110/1] via 10.1.15.1, 00:00:07, FastEthernet0/0

We can see the networks 10.1.38.0/24 and 192.168.80.0/24 are marked with O and not with O IA, and we got a default route which points to R1 and leads to R8.

Configure sham-links on R2:

interface Loopback1
 ip vrf forwarding RED
 ip address 20.20.20.20 255.255.255.255
!
Router ospf 100 vrf RED
area 0 sham-link 20.20.20.20 30.30.30.30
area 0 sham-link 20.20.20.20 10.10.10.10

And on R1 and R3 accordingly and we got full mesh OSPF area 0 while the sham-link has helped us to create OSPF super backbone over the MPLS backbone.



No comments:

Post a Comment