Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PE-CE OSPF / MPBGP

hello all,

i want to double check MPLS PE - CE connections using OSPF. when we use ospf for this application and mutual redistribute between ospf and MPBGP. 

in MPBGP should we redistribute the ospf instance that we created for that specific vrf or it could be any ospf instance available on the router?

example:

1) router ospf 1

    network x.x.x.x

2) router ospf 2 vrf VPN

    network y.y.y.y

BGP:

address-family ipv4 vrf VPN

redistribute ospf (1 or 2 ?) vrf VPN ....

i have seen both configs in different websites, im confused..!

thanks a lot.

Everyone's tags (4)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

PE-CE OSPF / MPBGP

Hello Farshid,

I assume you are asking about the configuration of the PE router which is the one that is configured with customer VRFs. In that case, the OSPF configuration would use the second way you have suggested, i.e.

router ospf 2 vrf VPN

  router-id N.N.N.N

  network ...

For the BGP, the configuration would be:

router bgp AS

  address-family ipv4 vrf VPN

    redistribute ospf 2 ! Simply reference the OSPF process number without the "VRF" keyword here

The difference between "router ospf 1" and "router ospf 2 vrf VPN" is that the process 1 runs in the global routing table while the process 2 runs inside the VPN VRF and uses only those interfaces which have been assigned to this VRF. Usually, this is what you want to do for MPLS L3VPN customers.

Best regards,

Peter

Hall of Fame Super Silver

PE-CE OSPF / MPBGP

Hello Farshid,

redistribution in address-family ipv4 vrf VPN must reference the OSPF process associated to the SAME vrf VPN not the backbone process in order to work.

As explained by Peter only OSPF process 2 in your example refers to interfaces associated to the same VRF VPN.

This is a needed configuration step because the PE node has to convert OSPF LSA datastructures in BGP extended communities that are associated to the VPNv4 prefixes, in order to have a remote PE node with a VRF belonging to the same VPN to be able to rebuild the OSPF LSAs and to send them to the remote CE.

In this way the SP network can emulate an OSPF routing domain ( if some conditions are met ) and CE nodes are not even aware of the MPLS L3 VPN service in the middle and of the MP BGP signalling plane.

Hope to help

Giuseppe

2 REPLIES
Cisco Employee

PE-CE OSPF / MPBGP

Hello Farshid,

I assume you are asking about the configuration of the PE router which is the one that is configured with customer VRFs. In that case, the OSPF configuration would use the second way you have suggested, i.e.

router ospf 2 vrf VPN

  router-id N.N.N.N

  network ...

For the BGP, the configuration would be:

router bgp AS

  address-family ipv4 vrf VPN

    redistribute ospf 2 ! Simply reference the OSPF process number without the "VRF" keyword here

The difference between "router ospf 1" and "router ospf 2 vrf VPN" is that the process 1 runs in the global routing table while the process 2 runs inside the VPN VRF and uses only those interfaces which have been assigned to this VRF. Usually, this is what you want to do for MPLS L3VPN customers.

Best regards,

Peter

Hall of Fame Super Silver

PE-CE OSPF / MPBGP

Hello Farshid,

redistribution in address-family ipv4 vrf VPN must reference the OSPF process associated to the SAME vrf VPN not the backbone process in order to work.

As explained by Peter only OSPF process 2 in your example refers to interfaces associated to the same VRF VPN.

This is a needed configuration step because the PE node has to convert OSPF LSA datastructures in BGP extended communities that are associated to the VPNv4 prefixes, in order to have a remote PE node with a VRF belonging to the same VPN to be able to rebuild the OSPF LSAs and to send them to the remote CE.

In this way the SP network can emulate an OSPF routing domain ( if some conditions are met ) and CE nodes are not even aware of the MPLS L3 VPN service in the middle and of the MP BGP signalling plane.

Hope to help

Giuseppe

876
Views
0
Helpful
2
Replies
CreatePlease login to create content