07-16-2012 03:44 PM - edited 03-04-2019 04:59 PM
hello all,
i want to double check MPLS PE - CE connections using OSPF. when we use ospf for this application and mutual redistribute between ospf and MPBGP.
in MPBGP should we redistribute the ospf instance that we created for that specific vrf or it could be any ospf instance available on the router?
example:
1) router ospf 1
network x.x.x.x
2) router ospf 2 vrf VPN
network y.y.y.y
BGP:
address-family ipv4 vrf VPN
redistribute ospf (1 or 2 ?) vrf VPN ....
i have seen both configs in different websites, im confused..!
thanks a lot.
Solved! Go to Solution.
07-16-2012 11:09 PM
Hello Farshid,
I assume you are asking about the configuration of the PE router which is the one that is configured with customer VRFs. In that case, the OSPF configuration would use the second way you have suggested, i.e.
router ospf 2 vrf VPN
router-id N.N.N.N
network ...
For the BGP, the configuration would be:
router bgp AS
address-family ipv4 vrf VPN
redistribute ospf 2 ! Simply reference the OSPF process number without the "VRF" keyword here
The difference between "router ospf 1" and "router ospf 2 vrf VPN" is that the process 1 runs in the global routing table while the process 2 runs inside the VPN VRF and uses only those interfaces which have been assigned to this VRF. Usually, this is what you want to do for MPLS L3VPN customers.
Best regards,
Peter
07-17-2012 12:59 AM
Hello Farshid,
redistribution in address-family ipv4 vrf VPN must reference the OSPF process associated to the SAME vrf VPN not the backbone process in order to work.
As explained by Peter only OSPF process 2 in your example refers to interfaces associated to the same VRF VPN.
This is a needed configuration step because the PE node has to convert OSPF LSA datastructures in BGP extended communities that are associated to the VPNv4 prefixes, in order to have a remote PE node with a VRF belonging to the same VPN to be able to rebuild the OSPF LSAs and to send them to the remote CE.
In this way the SP network can emulate an OSPF routing domain ( if some conditions are met ) and CE nodes are not even aware of the MPLS L3 VPN service in the middle and of the MP BGP signalling plane.
Hope to help
Giuseppe
07-16-2012 11:09 PM
Hello Farshid,
I assume you are asking about the configuration of the PE router which is the one that is configured with customer VRFs. In that case, the OSPF configuration would use the second way you have suggested, i.e.
router ospf 2 vrf VPN
router-id N.N.N.N
network ...
For the BGP, the configuration would be:
router bgp AS
address-family ipv4 vrf VPN
redistribute ospf 2 ! Simply reference the OSPF process number without the "VRF" keyword here
The difference between "router ospf 1" and "router ospf 2 vrf VPN" is that the process 1 runs in the global routing table while the process 2 runs inside the VPN VRF and uses only those interfaces which have been assigned to this VRF. Usually, this is what you want to do for MPLS L3VPN customers.
Best regards,
Peter
07-17-2012 12:59 AM
Hello Farshid,
redistribution in address-family ipv4 vrf VPN must reference the OSPF process associated to the SAME vrf VPN not the backbone process in order to work.
As explained by Peter only OSPF process 2 in your example refers to interfaces associated to the same VRF VPN.
This is a needed configuration step because the PE node has to convert OSPF LSA datastructures in BGP extended communities that are associated to the VPNv4 prefixes, in order to have a remote PE node with a VRF belonging to the same VPN to be able to rebuild the OSPF LSAs and to send them to the remote CE.
In this way the SP network can emulate an OSPF routing domain ( if some conditions are met ) and CE nodes are not even aware of the MPLS L3 VPN service in the middle and of the MP BGP signalling plane.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide