uhmm ... now PE1 and R1 send LSA3 on area 0 (SITE A), is it? now the path selection is only a question of metric ... I don't understand ... maybe you say "create a sham-link from PE2 to R1"?

thanks for your support

Regards

Andrea

Hi,

The design could look like this:

PE2 -(area1)- R2 -(area1 backdoor)- R1 -(area1)- PE1 -(area1 sham link)- PE2

and area 0 hanging off R1 to the rest of the network.

This means you would need to convert the R1 - PE1 link to area 1

The other redesign option would be to convert everything to area 0

Regards, Martin

Hi Andrea,

I forgot to mention a point there, you will need to configure a virtual link to support this scenario.

Whole solution is based upon you haveing more flexibility on your network configuration, arther than SP MPLS cloud. And second thing is backdoor is for pure backup scenario, so a virtual link.

HTH-Cheers,

Swaroop

Hi Andrea,

Just back. Now coming back to the question on hand.

To achieve the objective of having primary over MPLS and backup on backdoor

without making any major changes. Use a static route with higher AD or RIP or EIGRP,

on the backdoor link, and redistribute OSPF routes into the dynamic protocol is you

dont use the static. This will solve the problem. As I dont see a real need to put the

backup link into any OSPF area. As this would complicate or you may need to

change quite some things.

Now the summary of your current problem is,

1) Link On R1 to PE1 is in Area 0 and on Both R1 and PE1 you will see the

SITE B routes are Inter Area Routes.

2) Link On R2 to PE2 is in Area 1 and on both R2 and PE2 you will see the

SITE A routes as Inter Area Routes.

3) Now when you Add a Link from R1 to R2 you will see the routes from

R2 as Intra Area.

4) Now these routes would be preferred more over the Inter Area route

received via MPLS VPN, as Intra Area has preference over Inter Area,

irrespective of metric as I specified earlier.

After you implement as stated the effect would be now R1 sees R2 route

only available through OSPF. And when the primary link goes down it

will go via the backup.

Let me know how it worked during your tests!

HTH-Cheers!!

Swaroop

Hi,

just one remark. using RIP or EIGRP with redistribution on the backup link might cause you serious routing loop issues. Also all routes will be OSPF external, which can not be summarized nor are allowed in stub areas, which restricts further designs and network modifications. In addition it might not work as expected.

Assume network N1 behind R1 and

N1-R1-MPLS-R2 for primary link

and N1-R1-RIP-R2 for backup link

Now on R2 initially you have the route through OSPF and through RIP, thus in the routing table you have the OSPF route and it is redistributed into RIP and announced back to R1. This is no real problem unless R1 looses network N1, when the R1 routing table entry will be from RIP and this is redistributed into OSPF and announced to R2 ... voila, a routing loop.

So this scenario only works, if you setup proper filters, which might get rather complex and unflexible depending on the network design (f.e. ip addressing, etc.). And whenever you introduce a new network or new IP addresses you should at least check your filters in place.

Introducing another routing protocol with mutual redistribution and necessary filters in different places is a more major change than converting one link in OSPF from being one area to another area, IMHO.

Regards, Martin

Hi Martin, hi folks,

thanks for your answers.

Just to understand correctly, in attach my topology.

Normally, PE1 on area1 has routes to area0 networks from backbone, and not from R1 LSA3. R3 instead receives routes from R1, and not PE1 (correct). Question: why? That's a "specific" superbackbone behavior?

Another question, for Martin: I've to do a sham-link between PE1 and PE2?

thanks for your support

Best Regards

Andrea

Hmmm....I am looking at your original post and this topology attachment. both are different.

Anyways what are the link speeds/media used.

Hi,

Gb or 100Mb, media type ethernet/fiber

thanks

Andrea

Hi Looking at your current topology,

the previous answers stand still, again to brief a little.

You current scenario is like this:

1) Any hosts connected below you R1 will go via the backdoor link to R2

as INTRA area routes would be preferred over INTER area routes.

As you will be receiving two types of routes fro same destination R2.

one Via backdoor link and other via PE1. at Site 1.

2) For R4 and R3 its a question of metric whether backdoor or MPLS VPN.

3) For PE1 and PE2 its the question of AD, as PE will have routes learnt

via the VPN, but becasue of the backdoor the PE1 and PE 2 will face

problem with the AD. and the forwarding will point back to directly

connected CE.(R3 or R2) due to route to same destination learnt in OSPF.

4) For R2 as well for destinations on R3 or R4 its a matter of the metric.

but for destination on R1 it will choose the backdoor because of the

reason given in point 1.

===========

Now what you can do is as below.

A) Run static with higher AD on the backdoor, or use other dynamic routing

protocol with simple route-map with tag filtering for <-> redistribution.

===

B) If Still if you want to retain the Area Structure as it is then,

you can still do that,provided you dont have any hosts or

destination of R1m and do two things as below.

B.1) Set the cost of your backdoor link very high.

B.2) What you need to do is go to your PE, and in the router

ospf vrf process use this command.

"distance ospf inter-area 210"

Method B is not recommended for all scenarios and is specified from this topology

perspective, since if you want to retain the area structuring as it is.

Let me know how ur testing goes.

HTH-Cheers!,

Swaroop

Hi Swaroop,

thanks for your support.

Why not a sham-link?

Regards

Andrea

Hmmm, I think sham link may work in this case if you have a similar area on both sides. As it will help you override the Inter Area LSA received from one side by converting that to a Intra Area LSA.

So Sham link will work but only thing is you will have to change you area setup, to use it. SO i wanted to try and keep your things as they are and achieving a solution.

HTH-Cheers,

Swaroop