Tuesday, December 23, 2008

IE Vol 1 OSPF Sham Links Complete

This was an interesting lab on two levels. It was the first time I have configured isis and ospf sham links are an interesting subject.

I was really amazed at how easy it is to configure a simple instance of isis. Just configure a net address and throw isis on the interfaces, optionally set the interface type, and it's complete. No issues there.

OSPF sham links, on the other hand, I found to be a a much more complicated subject. Its purpose is to deal with a customer that has non-MPLS links neighboring via OSPF, yet the customer still wants to route this traffic over MPLS.

Once these OSPF routes hit BGP, they are seen as iBGP routes, which as an AD of 200, as opposed to the OSPF AD of 110. This means if the prefix-length and default AD is the same, the OSPF route is going to be entered into the routing table.

To prevent this, an ospf sham link must be created. This is configured by setting up an additional loopback interface on the PE router and adding it to the customer VRF. Next, these loopbacks need to be redistributed into the bgp ipv4 vrf. Once the loopbacks are reachable to each other via the P network, under the ospf vrf process, enter area 0 sham-link source-ip dest-ip. This, somewhat similar to a virtual-link, creates a logical link between the newly created loopback interfaces. Then, the path is seen via ospf rather than bgp and the MPLS route can be preferred over the customer link.

1 comment:

Anonymous said...
This comment has been removed by a blog administrator.