I have an MPLS VPN design question. Here's the network diagram - http://img53.imageshack.us/img53/1920/mplsvpn.jpg.
My question is: Is there any way for CE-1 router to be able to reach the 10.0.0.0/24 network if for example the links B and D (or A and E) go down at the same time without using static routing? The problem is that OSPF has a loop prevention mechanism (Down Bit and Domain Tag) that doesn't allow the prefixes that were learned from one PE and redistributed into the OSPF domain to be installed in the routing table of another PE in the same OSPF domain although they are present in the OSPF database. What are best practices for such a topology? Thanks.
A good question! Notice that you are trying to run the customer's IGP protocol (the OSPF) between provider's edge routers. However, this is not the way it is usually done. All your PE routers run their own IGP protocol (the provider's IGP) and have a BGP peering with a route reflector. Even if B/D or A/E links go down, these BGP peerings should stay up and it is up to the provider's IGP protocol to resolve the reachability issues between the PE routers. In your particular case, if, say, A/E links go down, the provider's IGP protocol will make sure that the PE-2 can reach the P and networks behind it through the link C (note that the provider's IGP protocol runs over the link C but not in the VRF Cust). Also note that the VRF Cust does not change, only the global routing table changes with respect how to reach the PE-1.
So you do not need to run any static routing in this topology. The BGP sessions will stay up and the individual VRFs will remain stable.
There are ways to disable the special checks in the OSPF to also accept and process the LSAs with the Down bit set, however, it is not really needed here.
If there is anything unclear you are welcome to ask further.