OSPF Sham-link

Answered Question
Sep 10th, 2009

Hi All,

I have the following simple lab topology-

CE1-PE1-P2-PE3-CE2 while there is a backdoor link between CE1 and CE2.I have changed the bandwidth of this link to 1kbps so that it is least preferable.

The relevant configuration on PE1 router is-

interface Loopback 12

ip vrf forwarding CUST1

ip add 1.1.1.1 255.255.255.255

!

router bgp 100

..

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

..

!

router ospf 1 vrf CUST1

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!

The similar configuration on PE3 router too.

The "show ip ospf sham-link" output shows following-

PE1#sh ip ospf sham

Sham Link OSPF_SL0 to address 2.2.2.2 is up

Area 0 source address 1.1.1.1

Run as demand circuit

DoNotAge LSA allowed. Cost of using 2 State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40,

Hello due in 00:00:08

There is no adjacency formed. I also cannot ping 2.2.2.2 from PE1 router.

I am using 2691 with 12.4(25a) IOS.

Please share your thoughts.

Amit.

I have this problem too.
0 votes
Correct Answer by Harold Ritter about 7 years 4 months ago

Amit,

> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

This command doesn't tell you anything about the LDP signaled LSP.

Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.

Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
shivlu jain Thu, 09/10/2009 - 05:55

Hi Amit

If possible could you post all the configs. There might be problem with with state.

regards

shivlu jain

Harold Ritter Thu, 09/10/2009 - 10:11

Amit,

Make sure LDP is properly configured between PE1 and PE3 and that it is up and running. This could certainly cause the adjacency not coming up on the sham-link and the pinging not to work.

Regards

amit.bhagat Thu, 09/10/2009 - 18:23

Hi Guys,

LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

Here's complete config on PE1 router-

mpls label protocol ldp

mpls ldp router-id Loopback 0 force

!

ip vrf CUST1

rd 1:1

route-target both 1:1

!

interface Loopback 0

ip address 10.200.254.1 255.255.255.255

!

interface Loopback 12

ip vrf forwarding CUST1

ip address 1.1.1.1 255.255.255.255

!

interface serial 0/0

ip vrf forwarding CUST1

ip address 192.168.1.1 255.255.255.252

!

interface fastethernet 0/0

description Link_to_P2

ip address 10.1.1.1 255.255.255.252

mpls ip

!

router ospf 100

network 10.1.1.0 0.0.0.3 area 0

network 10.200.254.1 0.0.0.0 area 0

!

router ospf 1 vrf CUST1

network 192.168.1.0 0.0.0.3 area 0

redistribute bgp 100 subnets metric 10

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!

router bgp 100

neighbor 10.200.254.3 remote-as 100

neighbor 10.200.254.3 update-source Loopback 0

!

address-family vpnv4

neighbor 10.200.254.3 activate

neighbor 10.200.254.3 send-community both

exit-address-family

!

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

redistribute ospf 1 vrf CUST1 metric 10 match internal external

exit-address-family

!

Both CE1 and CE2 routers also had prefixes 1.1.1.1/32 and 2.2.2.2/32 in their routing tables advertised by PE1 and PE3 resp.

I can't understand why PE1 or PE3 router could not ping 2.2.2.2 or 1.1.1.1 resp. thru the backdoor link.

Correct Answer
Harold Ritter Fri, 09/11/2009 - 06:51

Amit,

> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

This command doesn't tell you anything about the LDP signaled LSP.

Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.

Regards

amit.bhagat Fri, 09/11/2009 - 16:22

Spot-on Harold. Somehow missed to advertise the Loopback 0 address of P2 which I was using as LDP router-id. I thought I saw 2 labels for the prefixes and took it for granted that LDP neighborship was formed between peers.

Anyway, it is working as it should.

Thanks mate.

amit.bhagat Fri, 09/11/2009 - 17:22

I would just like to add a point that the VPN-label for 2.2.2.2 will never be used unless the router-id is set to 2.2.2.2 on PE3 router.

Thanks again.

Amit.

Harold Ritter Sat, 09/12/2009 - 08:22

Amit,

There is no such restriction. You tunnel endpoint end your RID can be different.

Regards

Harold Ritter Sat, 09/12/2009 - 12:52

Sorry, I meant your sham-link end point and your RID can be different.

Regards

Actions

This Discussion