Solved: Re: OSPF Sham-link

amit.bhagat · ‎09-10-2009

Hi All,

I have the following simple lab topology-

CE1-PE1-P2-PE3-CE2 while there is a backdoor link between CE1 and CE2.I have changed the bandwidth of this link to 1kbps so that it is least preferable.

The relevant configuration on PE1 router is-

interface Loopback 12

ip vrf forwarding CUST1

ip add 1.1.1.1 255.255.255.255

!

router bgp 100

..

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

..

!

router ospf 1 vrf CUST1

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!

The similar configuration on PE3 router too.

The "show ip ospf sham-link" output shows following-

PE1#sh ip ospf sham

Sham Link OSPF_SL0 to address 2.2.2.2 is up

Area 0 source address 1.1.1.1

Run as demand circuit

DoNotAge LSA allowed. Cost of using 2 State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40,

Hello due in 00:00:08

There is no adjacency formed. I also cannot ping 2.2.2.2 from PE1 router.

I am using 2691 with 12.4(25a) IOS.

Please share your thoughts.

Amit.

Harold Ritter · ‎09-11-2009

Amit,

> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

This command doesn't tell you anything about the LDP signaled LSP.

Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

shivlu jain · ‎09-10-2009

Hi Amit

If possible could you post all the configs. There might be problem with with state.

regards

shivlu jain

Harold Ritter · ‎09-10-2009

Amit,

Make sure LDP is properly configured between PE1 and PE3 and that it is up and running. This could certainly cause the adjacency not coming up on the sham-link and the pinging not to work.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

amit.bhagat · ‎09-10-2009

Hi Guys,

LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

Here's complete config on PE1 router-

mpls label protocol ldp

mpls ldp router-id Loopback 0 force

!

ip vrf CUST1

rd 1:1

route-target both 1:1

!

interface Loopback 0

ip address 10.200.254.1 255.255.255.255

!

interface Loopback 12

ip vrf forwarding CUST1

ip address 1.1.1.1 255.255.255.255

!

interface serial 0/0

ip vrf forwarding CUST1

ip address 192.168.1.1 255.255.255.252

!

interface fastethernet 0/0

description Link_to_P2

ip address 10.1.1.1 255.255.255.252

mpls ip

!

router ospf 100

network 10.1.1.0 0.0.0.3 area 0

network 10.200.254.1 0.0.0.0 area 0

!

router ospf 1 vrf CUST1

network 192.168.1.0 0.0.0.3 area 0

redistribute bgp 100 subnets metric 10

area 0 sham-link 1.1.1.1 2.2.2.2 cost 2

!

router bgp 100

neighbor 10.200.254.3 remote-as 100

neighbor 10.200.254.3 update-source Loopback 0

!

address-family vpnv4

neighbor 10.200.254.3 activate

neighbor 10.200.254.3 send-community both

exit-address-family

!

address-family ipv4 vrf CUST1

network 1.1.1.1 mask 255.255.255.255

redistribute ospf 1 vrf CUST1 metric 10 match internal external

exit-address-family

!

Both CE1 and CE2 routers also had prefixes 1.1.1.1/32 and 2.2.2.2/32 in their routing tables advertised by PE1 and PE3 resp.

I can't understand why PE1 or PE3 router could not ping 2.2.2.2 or 1.1.1.1 resp. thru the backdoor link.

Harold Ritter · ‎09-11-2009

Amit,

> LDP was properly configured becoz the "show ip bgp vpnv4 all" command showed proper output including the prefixes 1.1.1.1/32 and 2.2.2.2/32 on both PE routers.

This command doesn't tell you anything about the LDP signaled LSP.

Can you do a "show ip cef vrf CUST1 2.2.2.2" from PE1. You should see a 2 labels for that prefix (1 IGP label and 1 service label) if the two PEs are not directly connected. Make sure that the LSP is not broken along the way as well.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

amit.bhagat · ‎09-11-2009

Spot-on Harold. Somehow missed to advertise the Loopback 0 address of P2 which I was using as LDP router-id. I thought I saw 2 labels for the prefixes and took it for granted that LDP neighborship was formed between peers.

Anyway, it is working as it should.

Thanks mate.

amit.bhagat · ‎09-11-2009

I would just like to add a point that the VPN-label for 2.2.2.2 will never be used unless the router-id is set to 2.2.2.2 on PE3 router.

Thanks again.

Amit.

Harold Ritter · ‎09-12-2009

Amit,

There is no such restriction. You tunnel endpoint end your RID can be different.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold Ritter · ‎09-12-2009

Sorry, I meant your sham-link end point and your RID can be different.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México