Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3748
Views
4
Helpful
6
Replies

Routing loops in dual-homed MPLS sites - OSPF down bit not being set

zahid.hassan
Level 1
Level 1

‎05-09-2006 12:28 PM

Dear All,

I have several MPLS VPN sites running OSPF between the CE and PE routers. All the CE routers are in area 0 and configured with the same process ID.

On some of the sites, I am having to re-distribute non-OSPF routes.

These non-OSPF routes appear as LSA Type 5 in the OSPF database as expected.

OSPF doesn't seems to support down bit for LSA Type 5, which is part of the option field in the OSPF header.

The redistributed routes get propagated across the OSPF domain causing routing loops.

I am thinking of tagging all non-OSPF redistributed routes to solve this problem.

Does anyone have any suggestion or know any alternate option ?

I would really appreciate any input or advise on this.

Regards,

Zahid

Labels:
0 Helpful
6 Replies 6

ft
Level 1
Level 1

‎05-09-2006 05:05 PM

The routing loops introduced by route redistribution between OSPF domains can be solved with the help of the tag field, using standard BGP-OSPF redistribution rules. A non-OSPF route is redistributed as an external OSPF route by a PE router. By default, the tag field is set to the BGP-AS number. The redistributed route is propagated across the OSPF domain without the down bit but with the tag field set. When the route is redistributed into another OSPF domain, the tag field is propagated. Another PE router receives the external OSPF route and filters the route based on the tag field. The tag field matches the AS number so the route is not redistributed into MP-BGP.

0 Helpful

zahid.hassan
Level 1
Level 1
In response to ft

‎05-10-2006 08:29 AM

Hi,

Many thanks for your reply.

Where would you suggest to apply the tag, on the CE or the PE ?

Also should the tag value be the same as the AS number used on the PE router ?

Regards,

Zahid

0 Helpful

AnandJalawadi
Level 1
Level 1

‎05-09-2006 09:51 PM

HI,

1)PE routers set the down (DN) bit on all OSPF summary LSAs originating from area 0. PE routers are designated as area 0 by default because of the OSPF domain ID. When a PE router receives a summary LSA with the DN bit set, the LSA is not used in the OSPF calculation. This is done to prevent routing loops.

2)PE routers generating external LSAs learned from BGP updates set the vpn-route-tag field to a value derived from the PE router's AS number and an arbitrary tag. When a PE router receives an external LSA with a vpn-route-tag field that matches its own vpn-route-tag field, the LSA is not used in the OSPF calculation. This is done to prevent routing loops

I m sure that your SP will be carrying our both of above processes and CE will act with normal behavior and no modification is required

Hope this helps

Anand

0 Helpful

mheusinger
Level 10
Level 10

‎05-10-2006 04:54 AM

Hello,

there are only three options I see for you:

1) a PE should apply a TAG to LSA type 5 created from a MP-BGP update. The tag is related to the AS number of the PE and everything should be done automatically. A sample LSA should look like this:

-------------------- CE OSPF database --------------

OSPF Router with ID (82.82.82.82) (Process ID 10)

Type-5 AS External Link States

Routing Bit Set on this LSA

LS age: 4

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 10.1.22.0 (External Network Number )

Advertising Router: 10.1.82.1

LS Seq Number: 80000001

Checksum: 0x38C9

Length: 36

Network Mask: /30

Metric Type: 2 (Larger than any link state path)

TOS: 0

Metric: 1

Forward Address: 0.0.0.0

External Route Tag: 3489661028

! External Route tag 3489661028 = 0xD0000064 = 0xD0000000 + 0x64

! 0x64 = 100 = AS number of the MPLS PE!

!

! So: External Route tag = 0xD0000000 + (AS number PE)

Once you use this tag when doing redistribution a PE will not distribute the LSA5.

The strange thing is, this does NOT happen according to your description. Could you please post a "show ip ospf database external" and a "show bgp vpnv4 unicast all X.X.X.X" for an external network causing the routing problems?

2) you could use your own TAG and setup filters to avoid rooting loops.

3) You could try to use SOO (site-of-origin) to avoid routing loops. The config could look like this:

interface Serial0/0/0

description connected to CE

ip vrf forwarding Cust1

ip address 10.1.1.1 255.255.255.252

ip vrf sitemap SOOforCE

route-map SOOforCE permit 10

set extcommunity soo 65000:123

!use a different SOO for every SITE

Also make sure the usage of SOO is supported for OSPF in your hardware/IOS combination.

Regards, Martin

0 Helpful

zahid.hassan
Level 1
Level 1
In response to mheusinger

‎05-10-2006 09:01 AM

Hi Martin,

Many thanks for your reply.

I don't think the tag is getting set on either the CE or the PE for the external route.

If I am to set the tag manually, where would I set

the tag on the CE or the PE ? Also should the vlaue of the tag correspond to the AS number used on the PE ?

This is the output from both the CE and PE:

CE#sh ip ospf database external 192.168.1.0

OSPF Router with ID (10.1.1.2) (Process ID 140)

Type-5 AS External Link States

LS age: 1747

Options: (No TOS-capability, DC)

LS Type: AS External Link

Link State ID: 192.168.1.0 (External Network Number )

Advertising Router: 10.1.1.2

LS Seq Number: 80000739

Checksum: 0xB745

Length: 36

Network Mask: /24

Metric Type: 2 (Larger than any link state path)

TOS: 0

Metric: 20

Forward Address: 10.1.1.5

External Route Tag: 0

PE#sh ip bgp vpnv4 vrf MCI 192.168.1.0

BGP routing table entry for 2029:140:192.168.1.0/24, version 34071

Paths: (3 available, best #1, table MCI)

Advertised to update-groups:

1

Local

192.168.113.10 (via MCI) from 0.0.0.0 (200.169.35.69)

Origin incomplete, metric 20, localpref 100, weight 32768, valid, sourced, best

Extended Community: RT:2029:140 OSPF DOMAIN ID:0x0005:0x0000008C0200

OSPF RT:0.0.0.0:5:1 OSPF ROUTER ID:192.168.113.157:1281

mpls labels in/out 249/nolabel

Local

200.169.35.91 (metric 30) from 192.168.1.6 (192.168.1.6)

Origin incomplete, metric 50, localpref 200, valid, internal

Extended Community: RT:2029:140 OSPF DOMAIN ID:0x0005:0x0000008C0200

OSPF RT:0.0.0.0:5:1 OSPF ROUTER ID:192.168.113.153:1281

Originator: 200.169.35.91, Cluster list: 0.0.0.100

mpls labels in/out 249/170

Local

200.169.35.91 (metric 30) from 192.168.1.5 (192.168.1.5)

Origin incomplete, metric 50, localpref 200, valid, internal

Extended Community: RT:2029:140 OSPF DOMAIN ID:0x0005:0x0000008C0200

OSPF RT:0.0.0.0:5:1 OSPF ROUTER ID:192.168.113.153:1281

Originator: 200.169.35.91, Cluster list: 0.0.0.100

mpls labels in/out 249/170

Regards,

Zahid

0 Helpful

mheusinger
Level 10
Level 10
In response to zahid.hassan

‎05-11-2006 04:40 AM

Hello,

the tag should be set on the PE according the following rule:

------snip-----

Forward Address: 0.0.0.0

External Route Tag: 3489661028

! External Route tag 3489661028 = 0xD0000064 = 0xD0000000 + 0x64

! 0x64 = 100 = AS number of the MPLS PE!

!

==>! So: External Route tag = 0xD0000000 + (AS number PE) <==

Hope this helps! Please rate all posts.

Regards, Martin

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents