Documente Academic
Documente Profesional
Documente Cultură
Networks
Faraz Shamim
Technical Leader
BRKRST-2337
Core
WAN Aggregation
Internet
Mail
Servers
Mobile Worker
Internet
Servers
Firewall
VPN
Branch
Router
Core
Application
Acceleration
WAN
Remote Office
Distribution
Regional
Router
Application
Acceleration
Access
Building 1
Building 3
Building 2
Building 4
Regional Office
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Core:
Distribution:
Provides high speed connectivity between aggregation layers - gets traffic from one
area of the network to another.
Provides aggregation of traffic flows from multiple Access layers to the Core. Traffic
filtering and packet policies are typically implemented here. The distribution layer should
be the blocking point for Queries (more about this later)
Provide connectivity to user attachment points for servers, end stations, storage
devices, and other IP devices.
Provides connectivity to the internet and/or remote sites/offices.
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
!
interface TenGig0/0/0/1
ip address 192.168.1.1 255.255.255.0
ipv6 enable
ospfv3 1 area 0 ipv6
ospfv3 1 area 1 ipv4
!
router ospfv3 1
address-family ipv4 unicast
router-id 10.1.1.1
exit-address-family
!
address-family ipv6 unicast
router-id 10.1.1.1
exit-address-family
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6
IPv4
IPv4
IPv6
IPv4/IPv6
IPv6
IPv4
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Similar Concepts
Differences
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6
IPv4
IPv4
This is especially advantageous for large IPv4based single-area topologies with lots of access
devices.
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
MPLS
BGP
vrf lite
multi-vrf CE
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
10
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
11
OSPFv3 router
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
12
Protects OSPFv3 virtual interfaces (virtual links and sham links) from attacks by
remote hackers
Allows user to configure maximum hop count which OSPFv3 protocol packets
may travel over these virtual interfaces
OSPFv3 protocol packets which traveled more hops than allowed are dropped
early in processing
OSPFv3 AF IPv6
2001::1/96
2001::2/96
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
13
router ospfv3 1
prefix-suppression
OSPFv3 AF IPv6
2001::1/96
2001::2/96
10.1.1.1/24
10.1.1.2/24
OSPFv3 AF IPv4
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
14
Uses LSA flushing to notify other routers to route around, empty hello sent to
speed up neighbor DOWN event on the peers.
Bring adjacency down
RTR
LSA
MAXAGE
R(config)#router ospfv3 1
R(config-router)# shutdown
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
15
Diverts traffic around the router if alternate paths are available in the network
Set max-metric
(do not use this router)
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
16
15.3(1)S/XE3.8
ABR
Area 0
ABR
Prefix
1
Prefix
2
Prefix
3
LSA
1
Prefix
4
LSA
4
Area 1
router ospfv3 1
address-family ipv4 unicast area 2
filter-list prefix test_ipv4 in
exit-address-family !
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
17
Core
WAN Aggregation
Data Center
Core
Internet
Mail
Servers
Mobile Worker
Internet
Servers
Firewall
VPN
Branch
Router
Application
Acceleration
Core
WAN
Remote Office
Distribution
Regional
Router
Application
Acceleration
Access
Building 1
Building 2
Building 3
Building 4
Regional Office
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
18
Area 12
ABR
Area 10
ABR
ABR
Backbone
A router has a separate LS database for each
area to which it belongs
All routers belonging to the same area should
have identical databases
SPF calculation is performed independently for
each area
LSA flooding is bounded by area
Area 0
ABR
Area 11
ASBR
Internal
RIP/RIPv2
World
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
19
Internal
Area 12
ABR
Area 10
ABR
ABR
Backbone
All routers exchange LSAs to build and
maintain a consistent database
The protocol remains relatively quiet during
steady-state conditions
Area 0
ABR
Area 11
ASBR
Internal
Type4/5
RIP/RIPv2
World
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
20
Area 12
ABR
Area 10
ABR
ABR
Backbone
Area 0
Full SPF
ABR
Area 11
Internal
Partial SPF
RIP/RIPv2
World
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
21
More important from the standpoint of the amount of information flooded in area
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
22
Backbone
ABR2
ABR1
ABRn
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
23
More areas per ABR will put a significant burden on the ABR
Backbone
Area 1
BRKRST-2337
Area 2
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
24
Regional Core
BGP
NMS
WAN
RR
Access
Wan links
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
25
Regional Core
Area 0
WAN
NMS
ABR
Distribution
Area 1
Access
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
26
Summarization Technique
Area 0
Area-Range 11.1.0/17
Area-Range 11.1.128/17
ABR1
Cost to Range 1:
10
Cost to Range 2:
Via ABR1: 80
Via ABR2: 30
10
Area 10
11.1/16
Via ABR1: 30
Via ABR2: 80
ABR2
11.1.129/24
R3
50
11.1.1/24
20
R4
50
20
R5
R6
11.1.2/24
BRKRST-2337
11.1.130/24
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
27
Canada
Brazil
IGP 5
IGP 6
IGP 1
BGP Core
IGP 4
USA
Japan
IGP 2
France
BRKRST-2337
IGP 3
Germany
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
28
eBGP
eBGP
ABR
OSPF
Stub Area
OSPF
Stub Area
POP
POP
POP
OSPF
Stub Area
eBGP
BRKRST-2337
OSPF
Stub Area
eBGP
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
29
You have better things to do in life besides building the access lists!
To reduce type 4 in the network specially when there are too many ASBRs in an area
NSSA will also give the flexibility to filter type 5 at the ABR level
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
30
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
31
Data Center
WAN Aggregation
Data Center
Core
Internet
Mail
Servers
Mobile Worker
Internet
Servers
Firewall
VPN
Branch
Router
Application
Acceleration
Core
WAN
Remote Office
Distribution
Regional
Router
Application
Acceleration
Access
Building 1
Building 2
Building 3
Building 4
Regional Office
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
32
Data Center
The Core can (and may) be used as the data center core.
Consider the following items when determining the right core solution:
10GigE densityWill there be enough 10GigE ports on the core switch pair to support
both the campus distribution as well as the data center aggregation modules?
Administrative domains and policiesSeparate cores help to isolate campus distribution
layers from data center aggregation layers in terms of troubleshooting, administration,
and policies (QoS, ACLs, troubleshooting, and maintenance).
Future anticipationThe impact that can result from implementing a separate data
center core layer at a later date might make it worthwhile to install it at the beginning.
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
33
Network convergence requires all affected routers to process the event and
update the appropriate data structures used for forwarding
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
34
Network Convergence
Techniques/Tools for Fast Convergence
Carrier Delays
Hello/dead timers
Graceful Restart/NSF
MinLSArrival Interval
Incremental SPF
Detect
Detect
Propagate
Propagate
Process
Process
Process
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
35
Additional information
There are reasons for not recommending this and also for us not offering such low values; for
example, depending on the number of interfaces, hello rates can become CPU intensive and lead
to spikes in processing/memory requirements
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
36
Cisco IOS Bidirectional Forwarding Detection (BFD) is a fast Hello at Layer 2.5
OSPF use BFD facilities which send extremely fast keep-alives between routers
BFD and OSPF works together, with OSPF as the upper layer protocol
BFD relies on the OSPF to tell it about neighbors
Notifications occur quickly when changes occur in Layer 2 state
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
37
IP-FRR is a mechanism that reduces traffic disruption to 10s of milliseconds in event of link or node
failure
Per-prefix LFA FRR enabled for all areas unless explicitly specified
Repair paths are computed for all prefixes though not all prefixes may have repair paths
Protecting Node
But.
Primary Next-Hop
Primary Path
Repair Path
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
38
Description
Flag
Default Value
Srlg
SRLG
10
Primary-path
PrimPath
20
Interface-disjoint
IntfDj
30
Lowest metric
CostWon
40
Linecard-disjoint
LC Dj
50
Node-protecting
NodeProt
60
Broadcast-interface-disjoint
BcastDj
70
Load-sharing
Loadshare
256
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
39
Per-prefix LFA FRR enabled for all areas unless explicitly specified
Repair paths are computed for all prefixes though not all prefixes may have
repair paths
router ospf 1
router-id 10.1.1.1
fast-reroute per-prefix enable prefix-priority low
network 10.0.0.0 255.255.255.255 area 0
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
40
router ospf 1
fast-reroute per-prefix enable prefix-priority low
r401(config)#router ospf 1
r401(config-router)#fast-reroute ?
keep-all-paths Keep LFA FRR audit trail
per-prefix
Per-prefix LFA FRR parameters
r401(config-router)#fast-reroute per-prefix ?
enable
Enable LFA Fast Reroute
tie-break LFA FRR repair path selection policy tiebreaks
r401(config-router)#fast-reroute per-prefix enable ?
area
Area to enable LFA FRR in
prefix-priority Priority of prefixes to be protected
Interface Mode
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
41
Next phase of IP Fast Reroute (IP FRR) feature originally released in XE 3.3
A
B
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
42
A
B
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
43
The feature is supported only in global VPN routing and forwarding (VRF) OSPF
instances.
Not all routes may have repair paths (depends on network topology)
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
44
Interface MPLS-Remote-Lfa1
Tunnel type: MPLS-LDP
Tailend router ID: 1.0.0.3
Termination IP address: 1.0.0.3
Outgoing interface: Serial2/0
First hop gateway: 1.0.0.2
Tunnel metric: 20
Protects:
1.0.0.5 Serial3/0, total metric 40
r801
1.0.0.1/32
r805
1.0.0.5/32
S3/0
5.0.0.1/8
MPLS-Remote-Lfa2
S2/0
r802
1.0.0.2/32
MPLS-Remote-Lfa1
Interface MPLS-Remote-Lfa2
Tunnel type: MPLS-LDP
Tailend router ID: 1.0.0.4
Termination IP address: 1.0.0.4
Outgoing interface: Serial3/0
First hop gateway: 1.0.0.5
Tunnel metric: 20
Protects:
1.0.0.2 Serial2/0, total metric 40
BRKRST-2337
r804
1.0.0.4/32
r803
1.0.0.3/32
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
45
2 routers == 1 link
3 routers == 3 links
4 routers == 6 links
5 routers == 10 links
6 routers == 15 links
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
46
BRKRST-2337
New Information
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
47
New Information
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
48
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
49
Data Center
Core
Internet
Mail
Servers
Mobile Worker
Internet
Servers
Firewall
VPN
Branch
Router
Application
Acceleration
Core
WAN
Remote Office
Distribution
Regional
Router
Application
Acceleration
Access
Building 1
Building 2
Building 3
Building 4
Regional Office
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
50
Summarization
ABR-1
Backbone
E
ABR-2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
51
100
ABR-1
10
10
ABR-2
10.1.1.0/24, cost 10
100
Area 1
Backbone Area
100
ABR-1
10
10
ABR-2
10.1.1.0/24, cost 10
100
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
52
Then, either:
100
ABR-1
10
B
10
ABR-2
10.1.1.0/24, cost 10
A
100
Area 1
Backbone Area
100
ABR-1
10
10
ABR-2
10.1.1.0/24, cost 10
100
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
53
Some tuning required for OSPF to work well in hub and spoke scenarios
Enhancements are being made in IETF to make OSPF more robust on hub and
spoke
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
54
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
55
B
Area 0
Link 1
10.1.2.0/24
10.1.3.0/24
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
56
BRKRST-2337
Reachability
Only Through A
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
57
D
B
C
Static Routes Here
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
58
ospf 100
area 1 nssa no-summary
....
ABR
Area 1
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
59
interface s0/0
ip address 10.1.1. 255.255.255.0
ip ospf priority 200
....
interface s0
ip ospf priority 0
C Is DR ....
B
A Is DR
BRKRST-2337
C Is DR A Is DR
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
60
OSPF will still have forwarding issues since the OSPF broadcast and NBMA
assume a full mesh
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
61
You can also configure the serial interface at the hub router as a point-to-multipoint type
interface s0/0
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-multipoint
10.1.1.2/32
10.1.1.3/32
10.1.1.4/32
....
interface s0
ip address 10.1.1.x 255.255.255.0
ip ospf network point-to-multipoint
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
62
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
63
Advantages
Disadvantages
Single Interface
at the Hub Treated as an OSPF Broadcast
or NBMA Network
Single IP Subnet
Manual Configuration
of Each Spoke with the Correct OSPF
Priority
Single Interface
at the Hub Treated as an OSPF Point-toMultipoint Network
ip ospf Network-Type
Point-to-Multipoint
Individual Point-to-Point
Interface at the Hub
for Each Spoke
ip ospf Network-Type
Point-to-Point
Single IP Subnet
No Configuration per Spoke
Smaller database
Lost IP Address Space
Can Take Advantage of End-to-End
Signaling for Down State
More Routes
in the Routing Table
Larger database
Overhead of Sub-Interfaces
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
64
Backbone
Small Number
of Spokes
Summarize Here
ABR
Large Number
of Spokes
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
65
Backbone
Area 1
Area 2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
66
A misconfiguration of DC on one spoke triggers Hub may cause (in case of p2mp interface
on the Hub) negotiation of demand circuits for other spokes (Spoke 1 and 2).
Its hard to reverse to non-DC operation even if DC removed from all Spokes
Keyword introduced to prohibit DC negotiation, and debug for trouble-shooting:
ip ospf demand-circuit ignore
debug ip ospf demand-circuit
Spoke 1
Hub
Spoke 2
DC
BRKRST-2337
Spoke 3
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
67
EVN in the campus is completely compatible with the WAN solutions MPLS-VPN,
MPLS-VPN over mGRE, and DMVPN
EVN scales
Today 32 virtual networks are supported per platform. This may be increased in the
future.
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
68
Configure route-replication
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
69
New VNET prompts available with very rich set of the interface commands.
vrf definition red
vnet tag 100
!
address-family ipv4
exit-address-family
vrf definition blue
vnet tag 101
!
address-family ipv4
exit-address-family
vrf definition green
vnet tag 102
!
address-family ipv4
exit-address-family
interface Ethernet0/0
vnet trunk
ip address 1.1.1.1 255.255.255.0
!
vnet name red
ip ospf cost 100
!
vnet global
ip ospf cost 50
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
!
router ospf 2 vrf red
!
router ospf 3 vrf blue
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
70
VNET Configuration
interface Ethernet0/0.100
encapsulation dot1Q 100
vrf forwarding red
ip address 1.1.1.1 255.255.255.0
ip ospf network point-to-point
interface Ethernet0/0
vnet trunk
ip address 1.1.1.1 255.255.255.0
ip ospf network point-to-point
interface Ethernet0/0.101
encapsulation dot1Q 101
vrf forwarding blue
ip address 1.1.1.1 255.255.255.0
ip ospf network point-to-point
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
71
NSF
Capable
NSF-Aware
NSF
Capable
The fundamental premise of GR/NSF is to route through temporary failures, rather than around them!
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
72
Con
Line Card
Line Card
Pro
Line Card
STANDBY
ACTIVE
STANDBY
ACTIVE
Line Card
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
73
Constrained Shortest Path First (CSPF), Explicit Route Objects (ERO)processing, autotunnel creation and other TE functionalities are synced between Active and Standby
Active will resume without interruption to FRR, path protection, make before break and
preemption
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
74
WAN Aggregation
Data Center
Core
WAN Aggregation
Internet
Mail
Servers
Mobile Worker
Internet
Servers
Firewall
VPN
Branch
Router
Core
Application
Acceleration
WAN
Remote Office
Distribution
Regional
Router
Application
Acceleration
Access
Building 1
Building 2
Building 3
Building 4
Regional Office
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
75
Site 2 expects Type-3 Summary (inter-area) routes but receives External Type-5
domain-id 99
PE-1
MPLS-VPN Backbone
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1, Area: 1
Adv. Router: C-1
CE-1
C-1
domain-id 99
PE-2
Type-3 (Summary-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Adv. Router: PE-2
Type-5 (External-LSA)
Link-State-ID: Net-1
Adv. Router: PE-2
Metric : 20
Area 1
Net-1
CE-2
Site1
Area 2
Site2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
76
What if you want Site1 (area 1) to send a summary route to all other
PE-1 can summarize via BGP and advertise a aggregate block to all other sites
VPN-IPv4 Update
RD:30.1.0.0, Next-hop=PE-1
RT=xxx:xxx
atomic-aggregate
router bgp 1
address-family ipv4 vrf <name>
aggregate-address 30.1.0.0 255.255.0.0 summary-only
BGP
BGP
PE-1
PE-1
OSPF
Area 1
PE-3
PE-2
OSPF
Type-5 (External-LSA)
Link-State-ID: 30.1.0.0
Adv. Router: PE-2
Metric : 20
Area 2
Area 3
30.1.1.0 - 30.1.255.0
CE-1
Site1
CE-1
CE-2
CE-3
CE-2
Site2
CE-3
Site3
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
77
Cant summarize from each individual site; no ABR exists within the sites (area1 or area2)
Summarize all the other site routes on PE-3; Type-5 metric will be selected from best to BGP MED
(multi-exit discriminator)
VPN-IPv4 Update
VPN-IPv4 Update
router ospf 1 vrf <name>
RD:30.1.1.0, Next-hop=PE-1
RT=xxx:xxx
MED: 68
OSPF-Route-Type= 1:2:0
OSPF-Domain:xxx
BGP
RD:30.2.1.0, Next-hop=PE-2
RT=xxx:xxx
MED: 58
OSPF-Route-Type= 2:2:0
OSPF-Domain:xxx
BGP
PE-1
OSPF
BGP
BGP
PE-3
PE-2
OSPF
Area 1
OSPF
OSPF
Area 2
Type-3 (Summary-LSA)
Link-State-ID: C-1
Link-ID: 30.1.1.0
Adv. Router: PE-2
30.1.1.0 - 30.1.255.0
30.2.1.0 - 30.2.255.0
CE-1
Site1
Type-5 (External-LSA)
Link-State-ID: 30.0.0.0
Adv. Router: PE-3
Metric : 58
Area 3
CE-3
CE-2
Site2
Site3
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
78
VPN-IPv4 Update
RD:30.0.0.0, Next-hop=PE-3
RT=xxx:xxx
MED: 58
OSPF-Route-Type= 0:5:0
OSPF-Domain:xxx
PE-1
BGP
PE-3
PE-2
Area 1
OSPF
Type-5 (External-LSA)
Link-State-ID: 30.0.0.0
Adv. Router: PE-3
Metric : 58
Area 2
Area 3
30.1.1.0 - 30.1.255.0
30.2.1.0 - 30.2.255.0
CE-1
Site1
CE-3
CE-2
Site2
Site3
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
79
Type 1 or Type2 LSA converted into summary LSA by the Customer ABR
VPN-IPv4 Update
RD:Net-1, Next-hop=PE-1
RT=xxx:xxx, MED: 6
OSPF-Route-Type= 0:3:0
OSPF-Domain:xxx
MPLS-VPN Backbone
Type-3 (Summary-LSA)
Down Bit Is NOT Set
Link-State-ID: Net-1
Adv. Router: CE-1
Metric: 6
PE-2
PE-1
Area 0
CE-1
Type-1 Router-LSA
Link-ID: Net-1
Adv. Router: x.x.x.x
Area 1
Network = Net-1
OR
Area 0
CE-2
Area 2
Type-3 (Summary-LSA)
Down Bit Is Set
Link-State-ID: Net-1
Adv. Router: PE-2
Metric: 6
Type-3 (Summary-LSA)
Down Bit Is Ignored
Link-State-ID: Net-1
Adv. Router: CE-2
Metric: 6
Type-2 Network-LSA
Link-State-ID: Net-1
Adv. Router: x.x.x.x
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
80
VPN sites may have different Sites configured for different areas
VPN-IPv4 Update
RD:Net-1, Next-hop=PE-1
RT=xxx:xxx, MED: 6
OSPF-Route-Type= 1:2:0
OSPF-Domain:xxx
OSPF-RID= PE-1:0
MPLS-VPN Backbone
PE-2
PE-1
Type-1 (Router-LSA)
Link-State-ID: Net-1
Adv. Router: CE-1
Metric: 6
Area 1
CE-1
Type-3 (Summary-LSA)
Down bit is set
Link-State-ID: Net-1
Adv. Router: PE-2
Metric: 6
Area 2
Network = Net-1
CE-2
Site1
Site2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
81
PEs acts as OSPF ABR routers (Type1 or 2 LSA are always converted into Type 3)
MPLS-VPN Backbone
PE-2
PE-1
Area 1
CE-1
Type-3 (Summary-LSA)
Down bit is set
Link-State-ID: Net-1
Adv. Router: PE-2
Metric: 6
Area 1
Network = Net-1
CE-2
Site1
Site2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
82
PE2 does not generate Type3 LSA once type-1 LSA is received from the site
MPLS-VPN Backbone
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
PE-2
PE-1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
CE-1
C-1
Area 1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1
Adv. Router: C-1
CE-2
Area 1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
83
The sham link is reported in the router LSAs Type 1 originated by the two routers connecting to the
sham link
The MPLS VPN backbone or the backdoor link can be made preferred path by tweaking the metrics
Type-1 (Router-LSA)
Link-State-ID:
C-1
PELink-ID: Net-1
Area: 1, Adv. Router: C-1
MPLS-VPN Backbone
PE-1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
Sham-Link
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1, Adv. Router: C-1
CE-1
CE-1/CE-2 link
Area 1
Type-1 (Router-LSA)
Link-State-ID: C-1
Link-ID: Net-1
Area: 1
Adv. Router: C-1
CE-2
C-1
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
84
Some OSPF sites entirely belong to area 0 and some other sites can belong to non-area 0
Some sites may consist of hierarchical OSPF topology consisting of area 0 as well as non-area 0
Area 0
PE2
VPN
red
Area 1
VP
N
red
CE1
Area 2
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
85
As before, sites may consist of hierarchical OSPF topology consisting of area 0 and non-area 0
OSPF Rule: Summary LSAs from non-zero areas are not injected into backbone area 0
vpnv4
update
MPLS VPN Super Backbone
LSA Type 3
virtual-link
Area 2
PE1
PE2
VPN
red
LSA Type 3
Area 1
VP
N
red
LSA Type 1 or 2
CE1
LSA Type 3
Area 0
LSA type 3
Summary routes is NOT advertised into area 0
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
86
RR
MPLS
VPN
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
87
If LSA count does not decrease below the max value (50) within one minute; we enter ignore-state
In ignore-state all adjacencies are taken down and are not formed for ignored-interval (40)
Ignore-count is reset to 0, when we do not exceed maximum number of received LSAs for a reset-time
(120)
If ignore-count (6) exceeds its configured value, OSPF stays in the ignore state permanently
The only way how to get from the permanent ignore-state is by manually clearing the OSPF process
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
88
Router mode
Available in:
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
89
RR
iBGP
OSPF
MPLS
VPN
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
90
Full mesh and hub and spoke environment needs extra tuning in OSPF
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
91
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
92
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
93
Related sessions
BRKRST-2337
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
94
Thank you