I have I have MPLS VPN lab setup, I have one question, I am running ospf between PE-CE to export and import routes between VRF at PE and CE. BGP is getting redistributed at PE OSPF VRF process. and then that routes are learned at CE via OSPF too.
now when I see the CE routing table it shows all the routes imported from PE VRF which BGP leaked in OSPF, but routes apper as O IA so this confuses me cous I expect them to be O E2 atleast as leaking BGP in ospf at PE will make them external AS routes.
OSPF in a context of MPLS VPN is a special case. If both process-id on either side of the MPLS VPN cloud are the same then routes exchange via the core are seen as Inter-area routes. If the process-id are different then the routes are seen as external unless you configure the same "domain-id" under each ospf processes.
Please refer to the following link for additional information:
And to add even EIGRP maintains the metrics transperantly across MP BGP session.
Harry I had another question, if say i have an option A NNI, i wanted to bring up OSPF between across the NNI subinterface to extend sham-links, i enable vrf lite capability (both sides vrf) to bring it up , correct me if iam wrong. Now when i enable vrf lite, the routes of OSPF become O E2(no longer connected to MPLS Super backbone). Is there i can do end-to-end sham links on an Option A NNI ? Can i do by having a send-label or send extcommunity in a BGP session across the NNI ? Basically wanted to know what kind of information is carried across in a sham-link update. Or as usual , am i missing something straight forward ?
Because routes learnt via the MPLS core are at best inter-area (without sham-link) and therefore routes learnt via the backdoor are seen as an intra-area and therefore preferred.
The only way to get the route learnt via the MPLS core to be preferred over the backdoor routes is to configure a sham-link, which has the effect of the route learnt from the core being seen as an intra-area route.
Hope this helps,
Harold Ritter Sr. Technical Leader CCIE 4168 (R&S, SP) email@example.com México móvil: +52 1 55 8312 4915 Cisco México Paseo de la Reforma 222 Piso 19 Cuauhtémoc, Juárez Ciudad de México, 06600 México
just a small addition to Harolds comments. As stated the sham-link will be seen as intra-area link. So you have to make sure that the combined metric of your sham-link (configurable) plus the two PE-CE links is better than your backdoor link metric. Otherwise your traffic will still not go through the MPLS VPN.
This might require to adjust ospf cost on the PE-CE links as well.
With XR 4.2.0 the ASR9000 is releasing a new line of hardware models. This amongst others is the RSP440, the next generation RSP with faster switch fabric along with Typhoon based Linecards, the next generation network processor.
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on...
Internet security is important with the increasing attacks that are happening every day. Many internet and browsing security solutions exist, but some are not very easy to use or maybe the question is how can I enable them?