Sham link – H3C Technologies H3C SR8800 User Manual
Page 252
241
Figure 70 Application of OSPF in VPN
With the standard BGP/OSPF interaction, PE 2 advertises the BGP VPN routes to CE 21 and CE
22 through Type 5 LSAs (ASE LSAs). However, CE 11, CE 21, and CE 22 belong to the same
OSPF domain, and the route advertisement between them should use Type 3 LSAs (inter-AS
routes).
To solve the problem, the PE uses an extended BGP/OSPF interaction process called BGP/OSPF
interoperability to advertise routes from one site to another, differentiating the routes from real
AS-External routes. The process requires that extended BGP community attributes carry the
information for identifying the OSPF attributes.
Each OSPF domain must have a configurable domain ID. H3C recommends that you configure the
same domain ID or adopt the default ID for all OSPF processes of the same VPN, so the system can
know that all VPN routes with the same domain ID are from the same VPN.
•
Routing loop detection
If OSPF runs between CEs and PEs and a VPN site is connected to multiple PEs, when a PE
advertises the BGP VPN routes learned from MPLS/BGP to the VPN site through LSAs, the LSAs
may be received by another PE, resulting in a routing loop.
To avoid routing loops, when creating Type 3 LSAs, the PE always sets the flag bit DN for BGP
VPN routes learned from MPLS/BGP, regardless of whether the PE and the CEs are connected
through the OSPF backbone. When performing route calculation, the OSPF process of the PE
ignores the Type 3 LSAs whose DN bit is set.
If the PE needs to advertise to a CE the routes from other OSPF domains, it must indicate that it is
the ASBR, and advertise the routes using Type 5 LSAs.
Sham link
Generally, BGP peers carry routing information on the MPLS VPN backbone through the BGP extended
community attributes. The OSPF that runs on the remote PE can use the information to create Type 3
summary LSAs to be transmitted to the CEs. As shown in
, both site 1 and site 2 belong to VPN
1 and OSPF area1. They are connected to different PEs, PE 1 and PE 2. There is an intra-area OSPF link
called backdoor link between them. In this case, the route connecting the two sites through PEs is an
inter-area route. It is not preferred by OSPF because its preference is lower than that of the intra-area
route across the backdoor link.