cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
629
Views
10
Helpful
3
Replies
yuening liao
Beginner

Sham-Link Question: UP but no effect

Hi guys,

i met a severe problem with my lab. the enviroment consists 4 routers, 2 pe (r2 & r3) and 2 ce (r1 & r4). 2 ce and 2 interfaces of pes belong to area 1 and suprerbackbone is area 0. the mpls vpn is established ,and espacially the sham link is also UP. but the traffic starting from PEs still traverse through the backdoor link between r1 and r4. i checked it out for many times. Would you please kindly advise me where is wrong? Or is there any failure with my topology design?

attachment is my config and some show output

thank you very much!!!

Syrinx

2 ACCEPTED SOLUTIONS

Accepted Solutions
Giuseppe Larosa
Hall of Fame Master

Hello Syrinix,

you are using two OSPF processes  associated to vrf vpn14!

you should use a single OSPF process on each PE node process 2

use the same process-id on both PE nodes and add the area 1 sham-link command under process Ospf 2

delete OSPF process 1234

Hope to help

Giuseppe

View solution in original post

Mohamed Sobair
Rising star

Syrinx,

The OSPF domain-id is set when redistributing ospf into BGP in MPLS - VPN, if the domain-id doesnt match between your CEs running OSPF, then the routes will still be imported as external OSPF routes although you have a sham link configured. The OSPF process between your CE1 to pe2 is different than between CE4 to pe3, thats why your domain-id is different and your routes are prefered over the OSPF backdoor link between your CEs, since OSPF intra area routes prefered over external OSPF routes.

To correct this and prefer the MPLS path, you will need to set the OSPF domain-id on your PEs for VRF vpn14 to the same values towards CE1 and CE4. as bellow:

PE2:

router ospf 2 vrf vpn14

domain-id 1.1.1.1

PE3:

router ospf 3 vrf vpn14

domain-id 1.1.1.1

-You dont need to configure the sham link under different ospf process, configure it under the same vrf which is vrf vpn14.

Regards,

Mohamed

View solution in original post

3 REPLIES 3
Giuseppe Larosa
Hall of Fame Master

Hello Syrinix,

you are using two OSPF processes  associated to vrf vpn14!

you should use a single OSPF process on each PE node process 2

use the same process-id on both PE nodes and add the area 1 sham-link command under process Ospf 2

delete OSPF process 1234

Hope to help

Giuseppe

Mohamed Sobair
Rising star

Syrinx,

The OSPF domain-id is set when redistributing ospf into BGP in MPLS - VPN, if the domain-id doesnt match between your CEs running OSPF, then the routes will still be imported as external OSPF routes although you have a sham link configured. The OSPF process between your CE1 to pe2 is different than between CE4 to pe3, thats why your domain-id is different and your routes are prefered over the OSPF backdoor link between your CEs, since OSPF intra area routes prefered over external OSPF routes.

To correct this and prefer the MPLS path, you will need to set the OSPF domain-id on your PEs for VRF vpn14 to the same values towards CE1 and CE4. as bellow:

PE2:

router ospf 2 vrf vpn14

domain-id 1.1.1.1

PE3:

router ospf 3 vrf vpn14

domain-id 1.1.1.1

-You dont need to configure the sham link under different ospf process, configure it under the same vrf which is vrf vpn14.

Regards,

Mohamed

yuening liao
Beginner

Dear Giuseppe,

Dear Mohamed,

thank you very much for your prompt answer and help!!  it works now!

many thanks once more!!

have a nice day!

Syrinx