OSPF over MPLS VPN

Answered Question
Apr 24th, 2009
User Badges:

Hello,


I have a WAN network, where Central Office

is connected to several remotes sites. WAN cloud is MPLS VPN provided by a telco.


I am currently doing static routing to

to reach the remote sites in the Central office.


My question is it possible to run OSPF between the Central office and the remote sites over the MPLS VPN?


Sample configs will be appreciated .


thanks,




Correct Answer by Edison Ortiz about 8 years 1 month ago

If talking to the telco is out of the question, then I suggest implementing GRE tunnels between the locations and run your dynamic routing protocol via the tunnel.


HTH,


__


Edison.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (4 ratings)
Loading.
Giuseppe Larosa Sat, 04/25/2009 - 01:16
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Raul,

if the service is a L2 MPLS VPN configuration is as simple as using leased lines.


if the service provided by telco is a L3 MPLS VPN is a different matter.

L3 MPLS VPN uses a peering model where your router, a CE node in MPLS terminology, has to exchange routing information with the directly connected service provider PE node.

In order to use OSPF as PE-CE protocol you need to cooperate with your provider.

You need to ask them if they are willing to support it, if there are any additional fees.

If the provider is willing to support OSPF as PE-CE protocol the configuration is standard on your side.


Usually the following guidelines apply:


PE-CE links are placed in OSPF area 0.

The Service provider emulates an OSPF area 0 carrying OSPF routes inside multiprotocol BGP special extended communities.

All the complexity is on the provider side.

If everything is well done you will see the routes of your own remote sites as OSPF inter-area routes.


so something like


Remote site X

router ospf 10

network 10.10.y.0 0.0.0.252 area 0

network 10.x.y. 0.0.0.255 area x


central site


router ospf 10

network 10.10.1.0 0.0.0.255 area 0

network 10.100.0.0 0.0.255.255 area 0

network 10.200.0.0 0.0.255.255 area 1


the provider may suggest you eBGP as PE-CE protocol instead of OSPF.

In this case at central router you need to redistribute BGP into OSPF and to advertise over the BGP session to the PE node the central site ip subnets this can be done using network command in BGP process


b) using eBGP as PE-CE


remote site X


router bgp 6500X

neigh 10.10.y.1 remote-as 6000

network 10.x.y.0 mask 255.255.255.0



central site


router ospf 10


network 10.100.0.0 0.0.255.255 area 0

network 10.200.0.0 0.0.255.255 area 1

red bgp 65001 subnets


router bgp 65001

neigh 10.10.10.1 remote-as 6000

network 10.100.1.0 mask 255.255.255.0

...

network 10.100.10.0 mask 255.255.255.0


network 10.200.1.0 mask 255.255.255.0

...

network 10.200.10.0 mask 255.255.255.0


Hope to help

Giuseppe


lamav Sat, 04/25/2009 - 04:06
User Badges:
  • Blue, 1500 points or more
rocampo Sun, 04/26/2009 - 03:21
User Badges:

Hi Giuseppe,


Its an L3 MPLS VPN. I think talking to the telco is out of the question. I need to have something that will be transparent to

the telco.


I am looking right now at iBGP so solve this issue. Will do some tests probably tomorrow. If it works will just redistribute the BGP routes into OSPF.


thanks,





Correct Answer
Edison Ortiz Sun, 04/26/2009 - 12:01
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

If talking to the telco is out of the question, then I suggest implementing GRE tunnels between the locations and run your dynamic routing protocol via the tunnel.


HTH,


__


Edison.

Actions

This Discussion