Solved: Running ospf on our MPLS instead of BGP

carl_townshend · ‎09-21-2012

Hi all

I have a quick question, at present we have a service provided by BT, Its wires only so we manage the routers, we run BGP on them and peer with the provider.

Basically we only about about 15 sites on MPLS so we want to move away from BGP and use OSPF.

My question is how would we achieve this?

Would the provide have to run OSPF on there PE router and then redistribute from BGP to OSPF for us ? Or would they just run OSPF on our VRF in the cloud.

please explain how we and they would achieve this?

cheers

Peter Paluch · ‎09-21-2012

Hello Carl,

I assume that you are talking about MPLS L3 VPNs. In that case, you are quite correct - if you decide to move away from BGP and run OSPF between your routers and your provider, then the provider will have to run OSPF on his PE routers towards your CE routers, and perform OSPF-to-BGP and BGP-to-OSPF redistribution. The OSPF will be running on each PE-CE connection (the provider will run the OSPF in your particular VRF) but not over the provider's network. Thus, from the provider's perspective, the OSPF will always run "outwards" his PE routers, towards your CEs, never "inwards" into his own network. The BGP will do this job instead.

MPLS VPNs in provider's networks are strongly dependent on BGP. Even without you knowing about the provider's BGP, he still must run it between his PE routers to carry customer routes and associated MPLS labels. To be totally frank, I am not sure your provider is going to be entirely happy with your decision to move away from BGP - providers usually dislike running IGP protocols towards customers. Running BGP is easier for them - the already run it so they just add another neighbor, and they have all the BGP's tools for prefix filtering and manipulation at hand.

If this was a MPLS L2 VPN or VPLS service, your ISP would not interact with your routing protocol at all - you would simply configure the CEs as if they were connected to a large L2 switch, and run OSPF on top. But assuming the setup you have described, this is probably not the case in your scenario.

Do you also have some backdoor links between your sites, i.e. backup interconnections that bypass and avoid the provider's cloud? If yes, you may actually need to ask your provider to configure OSPF sham links so that the path through his cloud is still preferred to these backdoors.

Please feel welcome to ask further!

Best regards,

Peter

View solution in original post

Peter Paluch · ‎09-21-2012

Hello Carl,

I assume that you are talking about MPLS L3 VPNs. In that case, you are quite correct - if you decide to move away from BGP and run OSPF between your routers and your provider, then the provider will have to run OSPF on his PE routers towards your CE routers, and perform OSPF-to-BGP and BGP-to-OSPF redistribution. The OSPF will be running on each PE-CE connection (the provider will run the OSPF in your particular VRF) but not over the provider's network. Thus, from the provider's perspective, the OSPF will always run "outwards" his PE routers, towards your CEs, never "inwards" into his own network. The BGP will do this job instead.

MPLS VPNs in provider's networks are strongly dependent on BGP. Even without you knowing about the provider's BGP, he still must run it between his PE routers to carry customer routes and associated MPLS labels. To be totally frank, I am not sure your provider is going to be entirely happy with your decision to move away from BGP - providers usually dislike running IGP protocols towards customers. Running BGP is easier for them - the already run it so they just add another neighbor, and they have all the BGP's tools for prefix filtering and manipulation at hand.

If this was a MPLS L2 VPN or VPLS service, your ISP would not interact with your routing protocol at all - you would simply configure the CEs as if they were connected to a large L2 switch, and run OSPF on top. But assuming the setup you have described, this is probably not the case in your scenario.

Do you also have some backdoor links between your sites, i.e. backup interconnections that bypass and avoid the provider's cloud? If yes, you may actually need to ask your provider to configure OSPF sham links so that the path through his cloud is still preferred to these backdoors.

Please feel welcome to ask further!

Best regards,

Peter