×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

problem with superbackbone

Unanswered Question
Sep 20th, 2006
User Badges:
  • Silver, 250 points or more

Hi folks,

this is my topology:


- PE1, R1 are on SITE A

- PE2, R2 are on SITE B

- SITE A: ospf area 0

- SITE B: ospf area 1

- on SITE A, there's R1 on area 0 and area 1 (L1 backdoor to R2 on SITE B)


Today SITE B is reachable through the backdoor, cos from PE1 and R1 we have always LSA type 3, but the metric is different (AD iBGP > AD OSPF).


How could I use the superbackbone as primary link, and R1 backdoor only for backup? route-map on PE1 redistribution? or maybe something else?


Any advice will be appreciated

Regards

Andrea

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mheusinger Wed, 09/20/2006 - 07:15
User Badges:
  • Green, 3000 points or more

Hi,


an OSPF sham link will solve your problem. It mimics an intra-area link with configurable bandwidth. Thus you get LSA1 and not LSA3 and path selection is only a question of metric.


For further reading and a more detailed explanation please consult:

"OSPF Sham-Link Support for MPLS VPN"

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087ce2.html


Hope this helps! Please rate all posts.


Regards, Martin


ariela Wed, 09/20/2006 - 07:22
User Badges:
  • Silver, 250 points or more

uhmm ... now PE1 and R1 send LSA3 on area 0 (SITE A), is it? now the path selection is only a question of metric ... I don't understand ... maybe you say "create a sham-link from PE2 to R1"?


thanks for your support

Regards

Andrea

mheusinger Wed, 09/20/2006 - 07:55
User Badges:
  • Green, 3000 points or more

Hi,


The design could look like this:

PE2 -(area1)- R2 -(area1 backdoor)- R1 -(area1)- PE1 -(area1 sham link)- PE2


and area 0 hanging off R1 to the rest of the network.

This means you would need to convert the R1 - PE1 link to area 1

The other redesign option would be to convert everything to area 0


Regards, Martin



swaroop.potdar Wed, 09/20/2006 - 13:13
User Badges:
  • Blue, 1500 points or more

Hi Andrea,


I assume you are an end customer of an MPLS service provider. So you must be having more flexibility as to what you are doing on your network.


Now you can put the backdoor link in Area 2. Or any area of your choice apart from Area 0 or Area 1. Since Intra Area routes are preferred irrespective of metric over InterArea Routes.


So put you backdoor link ONLY in Area 2 and increase the cost of the backdoor link to that higher than compared to your PE-CE links. This should solve your problem for the good.


So the effect would be you your SITE A receives L3 LSA from PE1 and R2.

Since the metric of the L3 LSA is better from PE1 you will prefer that link compared to your backdoor link.


Do lets us know what was the outcome of your testing.


HTH-Cheers,

Swaroop



swaroop.potdar Wed, 09/20/2006 - 13:51
User Badges:
  • Blue, 1500 points or more

Hi Andrea,


I forgot to mention a point there, you will need to configure a virtual link to support this scenario.


Whole solution is based upon you haveing more flexibility on your network configuration, arther than SP MPLS cloud. And second thing is backdoor is for pure backup scenario, so a virtual link.


HTH-Cheers,

Swaroop




swaroop.potdar Wed, 09/20/2006 - 14:09
User Badges:
  • Blue, 1500 points or more

Hi Andrea,


Please ignore my post, am caught up in couple of things at the same time.


Just went on a tangential thinking mode.


Thast not the right way I specified.


HTH-Cheers,

Swaroop.

swaroop.potdar Wed, 09/20/2006 - 18:17
User Badges:
  • Blue, 1500 points or more

Hi Andrea,

Just back. Now coming back to the question on hand.


To achieve the objective of having primary over MPLS and backup on backdoor

without making any major changes. Use a static route with higher AD or RIP or EIGRP,

on the backdoor link, and redistribute OSPF routes into the dynamic protocol is you

dont use the static. This will solve the problem. As I dont see a real need to put the

backup link into any OSPF area. As this would complicate or you may need to

change quite some things.



Now the summary of your current problem is,


1) Link On R1 to PE1 is in Area 0 and on Both R1 and PE1 you will see the

SITE B routes are Inter Area Routes.


2) Link On R2 to PE2 is in Area 1 and on both R2 and PE2 you will see the

SITE A routes as Inter Area Routes.


3) Now when you Add a Link from R1 to R2 you will see the routes from

R2 as Intra Area.


4) Now these routes would be preferred more over the Inter Area route

received via MPLS VPN, as Intra Area has preference over Inter Area,

irrespective of metric as I specified earlier.


After you implement as stated the effect would be now R1 sees R2 route

only available through OSPF. And when the primary link goes down it

will go via the backup.


Let me know how it worked during your tests!


HTH-Cheers!!

Swaroop

mheusinger Thu, 09/21/2006 - 01:41
User Badges:
  • Green, 3000 points or more

Hi,


just one remark. using RIP or EIGRP with redistribution on the backup link might cause you serious routing loop issues. Also all routes will be OSPF external, which can not be summarized nor are allowed in stub areas, which restricts further designs and network modifications. In addition it might not work as expected.


Assume network N1 behind R1 and

N1-R1-MPLS-R2 for primary link

and N1-R1-RIP-R2 for backup link


Now on R2 initially you have the route through OSPF and through RIP, thus in the routing table you have the OSPF route and it is redistributed into RIP and announced back to R1. This is no real problem unless R1 looses network N1, when the R1 routing table entry will be from RIP and this is redistributed into OSPF and announced to R2 ... voila, a routing loop.

So this scenario only works, if you setup proper filters, which might get rather complex and unflexible depending on the network design (f.e. ip addressing, etc.). And whenever you introduce a new network or new IP addresses you should at least check your filters in place.


Introducing another routing protocol with mutual redistribution and necessary filters in different places is a more major change than converting one link in OSPF from being one area to another area, IMHO.


Regards, Martin

ariela Thu, 09/21/2006 - 13:37
User Badges:
  • Silver, 250 points or more

Hi Martin, hi folks,


thanks for your answers.

Just to understand correctly, in attach my topology.

Normally, PE1 on area1 has routes to area0 networks from backbone, and not from R1 LSA3. R3 instead receives routes from R1, and not PE1 (correct). Question: why? That's a "specific" superbackbone behavior?

Another question, for Martin: I've to do a sham-link between PE1 and PE2?


thanks for your support

Best Regards

Andrea




swaroop.potdar Thu, 09/21/2006 - 21:37
User Badges:
  • Blue, 1500 points or more

Hmmm....I am looking at your original post and this topology attachment. both are different.


Anyways what are the link speeds/media used.

ariela Fri, 09/22/2006 - 00:37
User Badges:
  • Silver, 250 points or more

Hi,


Gb or 100Mb, media type ethernet/fiber


thanks

Andrea

swaroop.potdar Fri, 09/22/2006 - 04:06
User Badges:
  • Blue, 1500 points or more

Hi Looking at your current topology,

the previous answers stand still, again to brief a little.



You current scenario is like this:


1) Any hosts connected below you R1 will go via the backdoor link to R2

as INTRA area routes would be preferred over INTER area routes.


As you will be receiving two types of routes fro same destination R2.

one Via backdoor link and other via PE1. at Site 1.



2) For R4 and R3 its a question of metric whether backdoor or MPLS VPN.


3) For PE1 and PE2 its the question of AD, as PE will have routes learnt

via the VPN, but becasue of the backdoor the PE1 and PE 2 will face

problem with the AD. and the forwarding will point back to directly

connected CE.(R3 or R2) due to route to same destination learnt in OSPF.



4) For R2 as well for destinations on R3 or R4 its a matter of the metric.

but for destination on R1 it will choose the backdoor because of the

reason given in point 1.



===========

Now what you can do is as below.


A) Run static with higher AD on the backdoor, or use other dynamic routing

protocol with simple route-map with tag filtering for <-> redistribution.


===


B) If Still if you want to retain the Area Structure as it is then,

you can still do that,provided you dont have any hosts or

destination of R1m and do two things as below.



B.1) Set the cost of your backdoor link very high.



B.2) What you need to do is go to your PE, and in the router

ospf vrf process use this command.


"distance ospf inter-area 210"



Method B is not recommended for all scenarios and is specified from this topology

perspective, since if you want to retain the area structuring as it is.


Let me know how ur testing goes.


HTH-Cheers!,

Swaroop

ariela Fri, 09/22/2006 - 06:23
User Badges:
  • Silver, 250 points or more

Hi Swaroop,


thanks for your support.

Why not a sham-link?


Regards

Andrea

swaroop.potdar Fri, 09/22/2006 - 06:32
User Badges:
  • Blue, 1500 points or more

Hmmm, I think sham link may work in this case if you have a similar area on both sides. As it will help you override the Inter Area LSA received from one side by converting that to a Intra Area LSA.


So Sham link will work but only thing is you will have to change you area setup, to use it. SO i wanted to try and keep your things as they are and achieving a solution.



HTH-Cheers,

Swaroop

mheusinger Fri, 09/22/2006 - 06:53
User Badges:
  • Green, 3000 points or more

Hi,


You need to redesign your network in any case, because otherwise the stated goal - MPLS primary, R1-R2 backup - can not be achieved. So the question is what to change.


Are there good reasons to have multiple areas (with only 5 routers, if your topology is drawn correctly this time)?

If not, then convert everything to one area (presumably 0) and use a sham link in the MPLS VPN.


If you introduce another routing protocol between R1 and R2 using mutual redistribution including proper filters and getting external networks instead of interarea, it would be possible to achieve the stated goal as well.

IMHO this increases operational complexity a lot and thus would be only the second best option.


Having only OSPF everywhere plus a sham link in the MPLS VPN would be the easiest solution I can see.


But finally it is your network and your decision to take.


Hope this helps! Please rate all posts.


Regards, Martin

ariela Fri, 09/22/2006 - 06:56
User Badges:
  • Silver, 250 points or more

Hi Swaroop,


thanks for your support.

Why not a sham-link?


Regards

Andrea

swaroop.potdar Mon, 09/25/2006 - 06:13
User Badges:
  • Blue, 1500 points or more

Andrea,


Hows it going with the tests, did you test the methods.


If you need any further feedback, respond.


HTH-Cheers,

Swaroop

Actions

This Discussion