OSPF With MPLS IPVPN and Back Door Link

ITGuy118 · ‎07-26-2022

We have Sites 1 and 2 connected to our MPLS Provider and also have a Backup link between Site 1 and 2 using a different provider for vendor redundancy. We are running OSPF between all the Sites and the MPLS all in Area 0.

We want all traffic to route through the MPLS and only use the Backup link in the event that the MPLS is down. I know that this is a common problem when using OSPF with MPLS and Back Door links and the answer has been to use a Sham Link. The issue we are running into is that our MPLS provider does not offer this configuration as they are a rather large provider and keep all services “standard”.

Another solution I found was to use BGP as the CE-PE protocol, but the MPLS is actually used to connect other business units regionally and our Regional team wants to keep the CE-PE protocol standard across all units.

I found a few forums with replies suggesting to use 2 processes and then redistribute or to redistribute everything so that it all comes up as E2 but many times the posters never confirm if this worked for them.

Has anyone gotten this working by not using Sham Links or BGP?

paul driver · ‎07-26-2022

Hello
Why not just keep using ospf and cost out the S2S LES connection to be less preffered then the mpls uplinks?

site 2
Int x/x
descripton Les to Site1
ip ospf cost 10000

site 1
tnt x/x
descripton Les to Site2
ip ospf cost 10000

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

ITGuy118 · ‎07-26-2022

The backup link routes come up as IA and the MPLS routes come up as E2 so the IA routes are preffered.

MHM Cisco World · ‎07-26-2022

Hi friend
MPLS backbone run ospf.
if you use same OSPF process in sites and same area between the site and the MPLS then you will get
the OSPF LSA will not covert to E1/E2 but it will be LSA O/O IA <- "for O I am not so 100% sure that MPLS will forward it"
in case the MPLS with O IA
here you can config the interconnect link between the Site with different area and you will get
two O IA this give you the choose to play with Cost made make the interconnect link prefer than the MPLS.

for this solution for the OSPF process you may need ask MPLS SP to add domain ID if they run different OSPF process is PE.

https://sites.google.com/site/amitsciscozone/mpls/mpls-wiki/ospf-as-pe-ce-routing-protocol-in-mpls-vpn

paul driver · ‎07-26-2022

Hello

@ITGuy118 wrote:

backup link routes come up as IA and the MPLS routes come up as E2

Okay then put the les connection interconects into another area other than area 0 but the local routes for each site have them still advertised in the BB area (area 0)

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

ITGuy118 · ‎07-26-2022

paul.driver · ‎07-26-2022

.

paul driver · ‎07-26-2022

Hello
Yes correct, OSPF by design chooses BB area (area0) over any non BB area as such your traffic path would choose the upstream path before traversing the LES connection (non BB area) path.
If you think about it’s a bit like a sham link, in which when created is assigned to area0

Lasty apologes for the last post I have issue with my CCO account as such I seem to have duplicate CSC profiles which sometimes get mixed up.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

ITGuy118 · ‎07-27-2022

So your suggestion makes sense! I’m just wondering what would happen if Site 2 gets disconnected from the MPLS, then Site 2 and Site 5 would loose connection to Area 0. Wouldn’t this be a problem since the OSPF rules state that everything must pass through Area 0? Would Site2 and5 still be able to access Sites 1, 3 and 4? Through the Area 1 connection?

MHM Cisco World · ‎07-27-2022

please see below comment

paul driver · ‎07-27-2022

Hello
Arh now that a bit different Site 2 to site 5 are in area 0 as such when the mpls uplink fails you then have a discontinuous BB as such site will redirect to towards site5!

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World · ‎07-27-2022

how OPSF prefer the E1/E2 over O IA ?
the BB or non-BB is use as tie breaker in case it receive two O IA.
here one is E1/E2, and that the issue
he must solve the E1/E2 and then go to make Interconnect less prefer than MPLS.

paul driver · ‎07-27-2022

Hello
Now the OP has shared the ospf area between siteb2 -5 then this is a problem, as when the site 2 mpls fail the BB becomes split as such not only will site 2 subnets will be isolated but it will also point towards site 5.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World · ‎07-27-2022

get your point @paul driver
I will correct it and find solution.
what was issue with my first solution is when MPLS is down I face the split area 0 issue and it can solve with virtual-link.
but he mention without VL and also I dont link VL in OSPF.

MHM Cisco World · ‎07-27-2022

using GRE tunnel between two Site,
use the tunnel source as link direct connect to MPLS
use the tunnel destination the prefix learn from MPLS
here each site have two O one through GRE and other through direct interconnect,
by config the direct interconnect cost high than GRE the traffic will pass through MPLS.