Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
0
Helpful
2
Replies

Integration of second OSPF process (area) into MPLS

Go to solution
Filip Knezevic
Level 1
Level 1

‎08-01-2017 07:41 AM - edited ‎03-05-2019 08:56 AM

Hi Cisco fellows and experts,

I would need a quick advice if possible.

We have an ISP MPLS network with six 7600 series routers. We need to add another chassis and do a reorganization of internal network. Customers are mostly connected via static routes.

My director would like to dump static routes (too many of them) and move on to the iBGP or OSPF.

My idea is that it's better to use OSPF for lot of internal business customers, since it's highly scalable. Customers can be put into NSSA areas, sending only default routes to ABRs, thus not knowing the entire routing table. 

Questions:

1. Is it better to use OSPF in that purpose (I mean it's designed for that, right?)?

2. Since we have an OSPF backbone area carrying MPLS labels, we don't won't customers in that same OSPF process, right? 

3. If question 2 is true, should we redistribute the customer OSPF process into the global OSPF process? Is that needed?

Any insight would be highly appreciated. I have a chance to make a good suggestion that can improve our network and learn great stuff in the process :)

Filip

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mario Grozdanovic
Level 1
Level 1

‎08-01-2017 08:08 AM

Hi Filip,

1. OSPF can be used for that purpose. Its vendor diverse so it would not matter what equipment your customer has on their end. You can also use BGP or EIGRP for the customer facing side.

2. All of your customers would need to use another process, correct. You typically would put each customer in its own VRF. 

3.You would not redistribute the customers routes into your backbone OSPF process. Instead, you would redistribute them into your backbone Multi Protocol iBGP (BGP VPN) See the sketch of how the PE router would look like. 

Hope that helps a little :) 

CE Routing with OSPF

Configuration

router ospf 100 vrf VPN_A

domain-id 0.0.0.5

network 0.0.0.0 255.255.255.255 area 1

redistribute bgp 100 subnets

capability vrf-lit (this command is needed to disable the OSPF VRF loop prevention)

 

router bgp 100

address-family ipv4 vrf VPN_A

redistribute ospf 100 vrf VPN_A

View solution in original post

Preview file
959 KB
0 Helpful
2 Replies 2

Go to solution
Mario Grozdanovic
Level 1
Level 1

‎08-01-2017 08:08 AM

Hi Filip,

1. OSPF can be used for that purpose. Its vendor diverse so it would not matter what equipment your customer has on their end. You can also use BGP or EIGRP for the customer facing side.

2. All of your customers would need to use another process, correct. You typically would put each customer in its own VRF. 

3.You would not redistribute the customers routes into your backbone OSPF process. Instead, you would redistribute them into your backbone Multi Protocol iBGP (BGP VPN) See the sketch of how the PE router would look like. 

Hope that helps a little :) 

CE Routing with OSPF

Configuration

router ospf 100 vrf VPN_A

domain-id 0.0.0.5

network 0.0.0.0 255.255.255.255 area 1

redistribute bgp 100 subnets

capability vrf-lit (this command is needed to disable the OSPF VRF loop prevention)

 

router bgp 100

address-family ipv4 vrf VPN_A

redistribute ospf 100 vrf VPN_A

Preview file
959 KB
0 Helpful

Go to solution
Filip Knezevic
Level 1
Level 1
In response to Mario Grozdanovic

‎08-01-2017 10:48 PM

Mario that was awesome, thank you very much. 

I love your drawing skills ;) :D

Only problem is that VRF service is expensive for most of the customers here in Serbia, and they are not utilizing it's wonderful abilities.

I think vrfs are great, but that usually mean customers have to have good firewalls (like centralized internet gateways) at one point of the network, because if they are using only private ips for the WAN links, port forwarding etc can be a pain in the arse if they don't have a good firewall in front the vrf.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card