05-22-2008 03:32 PM
If remote PE is redistributing a static route to VRF, local PE will get this route via BGP. Now suppose this local PE and CE is running OSPF and BGP VPNv4 route is redistributed to OSPF, will this PE set down-bit for type 5 LSAs advertised to CE?
I am bit confused by RFC-4576, it states that "When a type 3, 5, or 7 LSA is sent from a PE to a CE, the DN bit MUST be set", my understanding is that only if the route is originated from OSPF (at remote PE) then PE will set down-bit in LSAs advertised to CE.
05-23-2008 04:12 AM
The idea with the DN bit is to prevent a PE->CE->CE->PE route loop (since e.g. OSPF has a lower cost that BGP). This is independent of the origin of the route which is being advertised PE->CE. Not sure what your problem is, but you can try redist from static to BGP instead of redist static to OSPF to BGP. Or investigate SoO tagging if necessary.
05-23-2008 06:04 AM
Thank you for your email, I have a scenario that PE-A is getting BGP vpn route (say 10.0.0.0/8) from PE-B, PE-B originating this route via static redistribution. PE-A and CE-A is running OSPF, CE-A itself is running VRF-lite, so when PE-A is redistributing 10.0.0.0/8 from BGP to OSPF, it sets Down-bit, when CE-A gets this type-5 LSA, it sees the down-bit and will not install 10.0.0.0/8 route.
05-23-2008 06:31 AM
When the vrf-lite is configured on the CE device in order to remove the ospf loop-avoidance rule so that the prefixes can be installed on the vrf-lite aware CE.
use:
http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_osp1.html#wp1012376
HTH,
05-26-2008 11:07 PM
actually what happens when the PE-CE routing is ospf, in this case PE gets the OSPF routers and forwarding thru MPBG to the another PE. When that PE advertise the routes to teh CE, it sets the down bit so that the same CE cannot give back the route, if it receives the same route and PE checks the downbit and drop the route. Actually it is only for avoiding loop.
regards
shivlu
05-26-2008 11:57 PM
Hi!
The behaviour that you are seeing is correct. The down bit is always set when redistributing the routes from mp-bgp into ospf, irrespective of whether the remote PE redistributed it into mpbgp through ospf or not.
When mpbgp redistributes the route into ospf, thedown bit is set and the route can travel through the ospf domain of the CE but cannot be redistributed back to mpbgp. So this avoids the route to again enter the mpbgp domain through another gateway ( multihomed scenarios) and to create the routing loop. As you can see that this mechanism has nothing to do with the origination of the route, the behavious is appropriate.
You can refer the " mpls-vpn architectures vol II " for more details.
Regards,
Niranjan
05-27-2008 06:05 AM
Niranjan,
IOS also set the tag to the BGP ASN on external routes as a loop avoidance mechanism as described in RFC 4577, section 4.2.5.2. According to the same RFC, this method has to be supported by default by any compliant implementation for backward compatibility purposes.
RFC4576: Using a Link State Advertisement (LSA) Options Bit to Prevent Looping in BGP/MPLS IP Virtual Private Networks (VPNs)
http://www.ietf.org/rfc/rfc4576.txt?number=4576
RFC4577: OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)
http://www.ietf.org/rfc/rfc4577.txt?number=4577
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide