cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
834
Views
0
Helpful
2
Replies

L3VPN with L2VPN as backup

rays
Level 1
Level 1

Hello, i have the following scenario:

Customer A has 6 locations all connected via L3 MPLS SP cloud. The customer recieves OSPF external type 2 routes from each location (well from PE router after MP-BGP VPN header is stripped and routes from 1 location redistributed into OSPF).

I want to provide the customer with a backup solution using an SP L2 VPN solution. If i am correct, when i connect the 6 sites via the L2 VPN, they will start to prefer routes to each other via the L2VPN (as they are recieving OSPF intra area routes from the single VLAN now connecting the sites.

My question is what is the best way to make the L2VPN be used only as backup to the primary L3VPN?

hopefully i have explained my situation clearly!

Thanks

rays

1 Accepted Solution

Accepted Solutions

narainarun
Level 1
Level 1

Hi Rays,

You can make use of OSPF Sham Link feature to achieve what you are looking for but before that you have to make in other site routes as inter-area than external.

First of all, when OSPF is configured as PE-CE protocol in a multi-site network, usually routes of one site is learned as inter-area in other sites. This is the default behavior if the OSPF process-id in PE routers are all same. If the OSPF process ID are different on PE routers, then the routes of one site are learned as external routes in other site. I think in your case since it is learning as external, OSPF process ID should be different. During this cases, there is an option of configuring OSPF Domain ID (configured under OSPF process in PE router). If domain ID's between PE routers match then the routes of one site are learned as inter-area in other sites.

In your scenario, first you have to configure OSPF domain id to be same on PE routers thus making the other site routes are inter-area. Then configure OSPF Sham link between PE routers, which will make the other sites routes as intra-area. Now the routes exchanged over L3 MPLS VPN are learned as intra-area as well your direct connection via L2 VPN also as intra-area. Now you can play with OSPF cost between the sham link i.e. L3 VPN and L2 VPN and make your L3 VPN as primary and L2 VPN as secondary.

Pls refer this document:

Sham Link : http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ospfshmk.html

Domain ID: http://www.cisco.com/en/US/docs/ios/12_3/rewrite/mpls/mpbksham.html

HTH

Arun

View solution in original post

2 Replies 2

narainarun
Level 1
Level 1

Hi Rays,

You can make use of OSPF Sham Link feature to achieve what you are looking for but before that you have to make in other site routes as inter-area than external.

First of all, when OSPF is configured as PE-CE protocol in a multi-site network, usually routes of one site is learned as inter-area in other sites. This is the default behavior if the OSPF process-id in PE routers are all same. If the OSPF process ID are different on PE routers, then the routes of one site are learned as external routes in other site. I think in your case since it is learning as external, OSPF process ID should be different. During this cases, there is an option of configuring OSPF Domain ID (configured under OSPF process in PE router). If domain ID's between PE routers match then the routes of one site are learned as inter-area in other sites.

In your scenario, first you have to configure OSPF domain id to be same on PE routers thus making the other site routes are inter-area. Then configure OSPF Sham link between PE routers, which will make the other sites routes as intra-area. Now the routes exchanged over L3 MPLS VPN are learned as intra-area as well your direct connection via L2 VPN also as intra-area. Now you can play with OSPF cost between the sham link i.e. L3 VPN and L2 VPN and make your L3 VPN as primary and L2 VPN as secondary.

Pls refer this document:

Sham Link : http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ospfshmk.html

Domain ID: http://www.cisco.com/en/US/docs/ios/12_3/rewrite/mpls/mpbksham.html

HTH

Arun

Arun, thanks for the great answer! That looks like exactly what i was looking for.

Once again, thanks for the answer and the links, brilliant.

rays

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco