OSPF down-bit set for a route originated as static?

Unanswered Question
May 22nd, 2008

If remote PE is redistributing a static route to VRF, local PE will get this route via BGP. Now suppose this local PE and CE is running OSPF and BGP VPNv4 route is redistributed to OSPF, will this PE set down-bit for type 5 LSAs advertised to CE?

I am bit confused by RFC-4576, it states that "When a type 3, 5, or 7 LSA is sent from a PE to a CE, the DN bit MUST be set", my understanding is that only if the route is originated from OSPF (at remote PE) then PE will set down-bit in LSAs advertised to CE.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
wmmajhe Fri, 05/23/2008 - 04:12

The idea with the DN bit is to prevent a PE->CE->CE->PE route loop (since e.g. OSPF has a lower cost that BGP). This is independent of the origin of the route which is being advertised PE->CE. Not sure what your problem is, but you can try redist from static to BGP instead of redist static to OSPF to BGP. Or investigate SoO tagging if necessary.

jiangu Fri, 05/23/2008 - 06:04

Thank you for your email, I have a scenario that PE-A is getting BGP vpn route (say 10.0.0.0/8) from PE-B, PE-B originating this route via static redistribution. PE-A and CE-A is running OSPF, CE-A itself is running VRF-lite, so when PE-A is redistributing 10.0.0.0/8 from BGP to OSPF, it sets Down-bit, when CE-A gets this type-5 LSA, it sees the down-bit and will not install 10.0.0.0/8 route.

shivlu jain Mon, 05/26/2008 - 23:07

actually what happens when the PE-CE routing is ospf, in this case PE gets the OSPF routers and forwarding thru MPBG to the another PE. When that PE advertise the routes to teh CE, it sets the down bit so that the same CE cannot give back the route, if it receives the same route and PE checks the downbit and drop the route. Actually it is only for avoiding loop.

regards

shivlu

n.nandrekar Mon, 05/26/2008 - 23:57

Hi!

The behaviour that you are seeing is correct. The down bit is always set when redistributing the routes from mp-bgp into ospf, irrespective of whether the remote PE redistributed it into mpbgp through ospf or not.

When mpbgp redistributes the route into ospf, thedown bit is set and the route can travel through the ospf domain of the CE but cannot be redistributed back to mpbgp. So this avoids the route to again enter the mpbgp domain through another gateway ( multihomed scenarios) and to create the routing loop. As you can see that this mechanism has nothing to do with the origination of the route, the behavious is appropriate.

You can refer the " mpls-vpn architectures vol II " for more details.

Regards,

Niranjan

Harold Ritter Tue, 05/27/2008 - 06:05

Niranjan,

IOS also set the tag to the BGP ASN on external routes as a loop avoidance mechanism as described in RFC 4577, section 4.2.5.2. According to the same RFC, this method has to be supported by default by any compliant implementation for backward compatibility purposes.

RFC4576: Using a Link State Advertisement (LSA) Options Bit to Prevent Looping in BGP/MPLS IP Virtual Private Networks (VPNs)

http://www.ietf.org/rfc/rfc4576.txt?number=4576

RFC4577: OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)

http://www.ietf.org/rfc/rfc4577.txt?number=4577

Regards,

Actions

This Discussion