Hello, i was wondering you're thoughts were on the following:
customer has HQ and DR site. They have 2x other offices. All four sites are connected via an SP MP-BGP MPLS cloud.
Each site has its own OSPF area 0 (this is historical). The way the SP PE rtrs are configured is causing each site to learn each others routes as OSPF Type E2.
I understand this behaviour can be changed by configuring SHAM links (on PE) and setting up a domain-id which is carried in the VPN4 packet and allows each site to learn IA routes or even O routes. I am looking to have this option configured at the PE.
My question is, what is the best design option for this scenarion with regards to OSPF and backbone area 0?
Should place all 4 sites in Area0, (since there are only 4 locations) and have the CE routers as ABRs , ie. each site has own unique Area and also connects to Area 0?
Or should i place HQ and DR in Area 0 and use another area for each of the remote locations?
I am having a mental block just now with regards to the best way of setting this up, so any information would be great.
the OSPF sham-link is needed only if you have also this L2 VPN backup link or it will be the primary link for all traffic because it provide OSPF intra-area routes.
The current settings of your provider can be tuned up to provide O IA routes without the use of sham-link just to note.
OSPF sham-link has to be configured by MPLS L3 VPN SP not on your CE nodes.
In order to divert part of traffic over the backup link you will need PBR policy based routing on CE nodes.
I agree that putting all 4 sites CE links to L3 VPN in area 0 and L2 VPN links in area 0 is the safe move.
put an high OSPFcost on L2 VPN facing interface on CE and ask to provider for OSPF sham-link do not enable OSPF over the L2 VPN until the provider has done its changes
Hope to help
Your suggested scenario should work - the sham link will allow the sites to see their networks as intra-area (O) routes, and if its cost will be significantly lower than the cost of the L2 VPN interconnection, it should be the preferred way of communication between the sites.
Yes, the interfaces towards the L2 VPN should also be in Area 0. Actually, if you decide to have all your sites in Area 0, it would be highly incorrect to place the L2 VPN in a different area because that would essentialy create a partitioned backbone (Area 0 segments on sites interconnected with a different area).