Sham Link

Unanswered Question
Aug 31st, 2008

Hi,

I tried testing Sham link and its ok.. But I couldn't understand these lines from Cisco website...<<If a prefix is learned across the sham-link and the path via the sham-link is selected as the best, the PE router does not generate an MP-BGP update for the prefix. It is not possible to route traffic from one sham-link over another sham-link.>>> from the foll page..

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ospfshmk.html#wp1035280

Plz explain the statement..

Thx,

Gaurav

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
devang_etcom Mon, 09/01/2008 - 11:51

Gaurav,

Sham-Link is used when you have connectivity between your Customer site via Backbone as well as MPLS VPN network. So in some case customer wants MPLS VPN connectivity as a primary link but here at the both the termination PE redistribution will take place so in customer end those router will appear as a inter-area or external routes depends on configuration and back-door link will be as a intra-area routes. so normally backdoor link will be prefer as a primary path between CE link... now configuring MPLS VPN link as a sham-link you are putting that MPLS VPN link as a Intra-Area routes along with sham-link you are configuring the metric too so here you can influence the primary link election between Backdoor and the sham-link.

regards

Devang patel

Giuseppe Larosa Mon, 09/01/2008 - 12:09

Hello Gaurav,

A sham-link is required between any two VPN sites that belong to the same OSPF area and share an OSPF backdoor link. If no backdoor link exists between the sites, no sham-link is required.

If the best path for a prefix is via a sham-link this means that actually the prefix belongs to another VPN site connected to another PE the one at the other end of the sham-link.

If so when redistributing OSPF into BGP in address-family ipv4 vrf VRF_NAME all prefixes that have been learnt via a sham-link are filtered.

In this way only the other side PE is the legitimate originator of MP-BGP advertisement for the prefix.

All other VPN sites have to point at the right PE otherwise the local PE would compete for the prefix.

Hope to help

Giuseppe

Actions

This Discussion