If however you configure VRFs on your CE router then it now uses the same checks as the PE routers because it believes it is directly connected to the MPLS network in the way the PE is, even though it isn't.

Thanks.

explanation is  very deeply ,many thanks 

Hello

The superbackone (area 0) refers to the service providers internal ospf MPLS VPN network which is completely transparent to customers that use any IGP (including ospf) as its routing protocol.

However a network without mpls vpns that uses ospf as it routing protocol then area 0 would be referred to the Backbone that interconnect non backbone (ospf 0) areas

Hi Peter Paluch ,

What if Area-1 in your topology is configured as Stub ?

In that case R2 (actual ABR) will generate Default route in Stub Area-1 and since R1 also considers itself as ABR , it will generate default route as well , right ?

Now if there is any packet to R1 or R2 (for which they do not have specific destination , it will get infinite looped between R1 and R2 ?

Thanks,

Gaurav Sukhadia

Hi, if I understood correctly, vrf capability-lite is necessary only when using VRFs and (1) multi-area OSPF or (2) when redistributing routes into OSPF? If there is only area 0 and no LSA Type 3, 5 or 7, vrf capability-lite doesn't matter? Will the default route being originated by a router be omitted by other routers in the area without vrf capability-lite?

VFR-Lite and OSPF do not depend each other although they can be used together.

I'm guessing VRF is new to you?  If so, would you like a brief explanation of the technology?

@Joseph W. Doherty I am familiar with VRFs but I am not sure what exactly do you mean. Feel free to provide any explanation that could advance my knowledge, I would be very grateful. I am trying to understand in which scenarios I don't need to use the command "capability vrf lite" when using OSPF and VRFs.

make new post this better 

MHM

BTW, I agree with @MHM Cisco World , your question probably should have been its own posting.

In any case, VRFs are sort of the equivalent of VLANs for L3.

Quick review, given 3 routers, linearly connected, with loopbacks 1.1.1.1, 2.2.2.2 and 3.3.3.3,  and these loopbacks were known to OSPF, i.e. R1.1.1.1<>R2.2.2.2<>R3.3.3.3, if there was just one area number (doesn't need to be area zero) for all 3 routers, each router knows of all the routes within the OSPF AS.

If we go multi area, having area 1 shared between R1.1.1.1 and R2.2.2.2 and area 3 between R2.2.2.2 and R3.3.3.3, R2.2.2.2 would still know all routes, but R1.1.1.1 and R3.3.3.3 wouldn't know the other area's routes, unless we add an area zero on R2.2.2.2, and if we do, sharing of routes between areas would depends on the kind of area and/or if route summarization is being done on ABRs.  Even in the latter case, usually we can still route between all the areas even without knowledge of external area routes.

Next, on R2.2.2.2 we could run two OSPF processes.  Those processes would still allow R2.2.2.2 to know all routes, but again, R1.1.1.1 and R3.3.3.3 would not, unless we redistributes between those OSPF processes on R2.2.2.2.

In the forgoing, we have the "problem" R2.2.2.2 might have more routing info than we desire.  I.e. We truly want to logically separate R1.1.1.1<>R2.2.2.2 from R2.2.2.2<>R3.3.3.3.  This is where VRFs come in.  We can define two VRFs on R2.2.2.2, and whatever routing information is known in one VRF, by default, is not available to the other VRF.

Two issues that arise with VRF, how do we share multiple VRFs across/between L3 devices (the equivalent of sharing a VLAN across/between switches) and is there a way to selectively "redistribute" routes between VRF.

On a single device, we can identify interfaces or static routes to a VRF, much like assigning a L2 port to a VLAN.

On L3 devices, we can identify SVI to a VRF, and implicitly, we can use a trunk (with VLAN tagging), to share a VRF across/between them.  This is the VRF-Lite approach.

Full blown VRF, uses VLAN like tagging (RDs) of BGP routes to identify what VRF they belong to.  (Unsure any other routing protocols support that too.)

Full blown VRF can use RTs to selectively "filter" BGP routes, on a particular device, so there is a way "leak" routes between VRFs.  (One reason to do this, might be to allow separate VRFs to share an address space.  [Sort of the equivalent of private IPs seeing public IPs, but not the converse.])

Again, I don't know if any other routing protocols support RD/RTs as can BGP.

If any of the above makes any sense, to your questions, VRF-Lite, basically allows you to run totally independent OSPF ASs on the same router, and those independent ASs can be shared across multiple devices, again, conceptionally, much as having multiple VLANs on a single switch and/or sharing multiple VLANS between switches.  VLANs, of course, isolate L2, while VRFs isolate L3.

In the Enterprise, you often don't see much need for VRFs, unless you're very, very security conscience.  Consider you have "sales" and "accounting" and you want to preclude them from directly being able to exchange data, except perhaps through a FW.  With VRF, you can route these two ASs across your network, but each has no way to reach the other, except perhaps, through a FW.

Many VLAN examples might show "sales" and "accounting" VLANs, VLANs might have L2 size and topology considerations which can be better addressed by L3 using VRFs.  Remember, even on any L3 devices with different VRFs, no need to maintain ACLs to block traffic between the VRFs.

@Joseph W. Doherty I appreciate your explanation. Now, is there any scenario where it is not necessary to use the command "capability vrf lite"? What about those I mentioned in my first comment?