OSPF Sham-link

Answered Question
Sep 10th, 2009
User Badges:

Hi All,


I have the following simple lab topology-

CE1-PE1-P2-PE3-CE2 while there is a backdoor link between CE1 and CE2.I have changed the bandwidth of this link to 1kbps so that it is least preferable.


The relevant configuration on PE1 router is-


interface Loopback 12

ip vrf forwarding CUST1

ip add 1.1.1.1 255.255.255.255

!

router bgp 100

..

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

..

!

router ospf 1 vrf CUST1

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!


The similar configuration on PE3 router too.


The "show ip ospf sham-link" output shows following-

PE1#sh ip ospf sham

Sham Link OSPF_SL0 to address 2.2.2.2 is up

Area 0 source address 1.1.1.1

Run as demand circuit

DoNotAge LSA allowed. Cost of using 2 State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40,

Hello due in 00:00:08


There is no adjacency formed. I also cannot ping 2.2.2.2 from PE1 router.


I am using 2691 with 12.4(25a) IOS.


Please share your thoughts.


Amit.


Correct Answer by Harold Ritter about 7 years 9 months ago

Amit,


> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.


This command doesn't tell you anything about the LDP signaled LSP.


Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
shivlu jain Thu, 09/10/2009 - 05:55
User Badges:
  • Silver, 250 points or more

Hi Amit


If possible could you post all the configs. There might be problem with with state.


regards

shivlu jain

Harold Ritter Thu, 09/10/2009 - 10:11
User Badges:
  • Cisco Employee,

Amit,


Make sure LDP is properly configured between PE1 and PE3 and that it is up and running. This could certainly cause the adjacency not coming up on the sham-link and the pinging not to work.


Regards

amit.bhagat Thu, 09/10/2009 - 18:23
User Badges:

Hi Guys,


LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.


Here's complete config on PE1 router-


mpls label protocol ldp

mpls ldp router-id Loopback 0 force

!

ip vrf CUST1

rd 1:1

route-target both 1:1

!

interface Loopback 0

ip address 10.200.254.1 255.255.255.255

!

interface Loopback 12

ip vrf forwarding CUST1

ip address 1.1.1.1 255.255.255.255

!

interface serial 0/0

ip vrf forwarding CUST1

ip address 192.168.1.1 255.255.255.252

!

interface fastethernet 0/0

description Link_to_P2

ip address 10.1.1.1 255.255.255.252

mpls ip

!

router ospf 100

network 10.1.1.0 0.0.0.3 area 0

network 10.200.254.1 0.0.0.0 area 0

!

router ospf 1 vrf CUST1

network 192.168.1.0 0.0.0.3 area 0

redistribute bgp 100 subnets metric 10

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!

router bgp 100

neighbor 10.200.254.3 remote-as 100

neighbor 10.200.254.3 update-source Loopback 0

!

address-family vpnv4

neighbor 10.200.254.3 activate

neighbor 10.200.254.3 send-community both

exit-address-family

!

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

redistribute ospf 1 vrf CUST1 metric 10 match internal external

exit-address-family

!


Both CE1 and CE2 routers also had prefixes 1.1.1.1/32 and 2.2.2.2/32 in their routing tables advertised by PE1 and PE3 resp.


I can't understand why PE1 or PE3 router could not ping 2.2.2.2 or 1.1.1.1 resp. thru the backdoor link.



Correct Answer
Harold Ritter Fri, 09/11/2009 - 06:51
User Badges:
  • Cisco Employee,

Amit,


> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.


This command doesn't tell you anything about the LDP signaled LSP.


Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.


Regards

amit.bhagat Fri, 09/11/2009 - 16:22
User Badges:

Spot-on Harold. Somehow missed to advertise the Loopback 0 address of P2 which I was using as LDP router-id. I thought I saw 2 labels for the prefixes and took it for granted that LDP neighborship was formed between peers.


Anyway, it is working as it should.


Thanks mate.

amit.bhagat Fri, 09/11/2009 - 17:22
User Badges:

I would just like to add a point that the VPN-label for 2.2.2.2 will never be used unless the router-id is set to 2.2.2.2 on PE3 router.


Thanks again.


Amit.

Harold Ritter Sat, 09/12/2009 - 08:22
User Badges:
  • Cisco Employee,

Amit,


There is no such restriction. You tunnel endpoint end your RID can be different.


Regards

Harold Ritter Sat, 09/12/2009 - 12:52
User Badges:
  • Cisco Employee,

Sorry, I meant your sham-link end point and your RID can be different.


Regards

Actions

This Discussion