Re: split horizon

Bryan,
double link solution work well, without additional prefix advertising.

...but still work with a single link and additional blackhole route
advertising at hub ce. Then we can mantain control of spoke2spoke traffic
with acl on hub ce wan interface.

In double link scenario we have two link used in unidirectional way for
spoke2spoke traffic; in single link scenario, one link used in bidirectional
way.
I think this is more common hub&spoke scenario. Do you agree?

Regards,
mirco.

On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com> wrote:

> Hub and Spoke VPNs usually require two links between the hub CE and PE.
> Each
> link is in a separate VRF on the PE side. The first VRF imports all the
> spoke routes and advertise them to the hub CE. The second VRF will take
> these routes from the CE and advertise them back to the spokes with a
> different RT. The spoke sites will then import this second RT (not the
> first). This pulls all traffic from the spokes to the Hub CE and back out.
>
> Remember the goal is to not only get traffic to the Hub PE, but the Hub
> CE...which is the tricky part. It has nothing to do with split horizon, but
> rather the way a router builds the shortest path tree. A shortest path will
> never include the same link in two directions without some funky
> engineering.
>
> If you have only have one link between PE and CE, I believe this is not a
> true hub and spoke and the problem is you are not importing the spoke RTs
> and at each of the other spokes, only the hub.
>
> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>
> > Ignore pls. Been drinking.
> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
> >
> > -----Original Message-----
> > From: olukolade_at_gmail.com
> > Date: Tue, 5 Jan 2010 19:23:35
> > To: jack daniels<jckdaniels12_at_gmail.com>; <Charles.Henson_at_regions.com>
> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
> > Subject: Re: split horizon
> >
> > Hi jack,
> > CE hub won't be doing the advertisement. It will be done by PE1. Don't
> > forget PE1 is also running ospf and has all the routes in bgp. So routes
> > from the other PEs will be tagged with RT 2:2 and exported. This will be
> > imported on the other PEs where the routes from PE2 will be imported by
> PE3
> > and vice versa. These routes are then redistributed into ospf for the
> > connected CEs. The CEs will not advertise the routes learnt from the PE
> back
> > to them and there will be no need to do this.
> >
> > Kolade
> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
> >
> > -----Original Message-----
> > From: jack daniels <jckdaniels12_at_gmail.com>
> > Date: Wed, 6 Jan 2010 00:06:14
> > To: <Charles.Henson_at_regions.com>
> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
> > Subject: Re: split horizon
> >
> > CE (HUB)
> > G0/1
> > |
> > OSPF
> > |
> > PE1
> > |
> > MPLS CLOUD-----------------------------PE2------OSPF-CE(SPOKE1) (
> > 2.2.2.0/24)
> >
> > |
> > |
> > |
> > PE3
> > |
> > OSPF
> > |
> > CE(SPOKE2) (1.1.1.0/24)
> >
> > IN VRF of customer -
> >
> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
> >
> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
> >
> > PE1 exports routes with RT 2:2 and imports 1:1
> >
> >
> >
> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is required for CE
> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
> >
> >
> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com> wrote:
> >
> > > Hey Jack,
> > > How about a little more details? Configs? Shows? Anything? Marko
> is
> > > correct.
> > >
> > > Charles Henson
> > >
> > >
> > >
> > >
> > >
> > > |------------>
> > > | From: |
> > > |------------>
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |jack daniels <jckdaniels12_at_gmail.com>
> > >
> > |
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |------------>
> > > | To: |
> > > |------------>
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |Marko Milivojevic <markom_at_ipexpert.com>
> > >
> > |
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |------------>
> > > | Cc: |
> > > |------------>
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |Cisco certification <ccielab_at_groupstudy.com>
> > >
> > |
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |------------>
> > > | Date: |
> > > |------------>
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |01/05/2010 12:21 PM
> > >
> |
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |------------>
> > > | Subject: |
> > > |------------>
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > > |Re: split horizon
> > >
> |
> > >
> > >
> >
> >--------------------------------------------------------------------------------------------------------------------------------------------------|
> > >
> > >
> > >
> > >
> > >
> > > I understand that but ,u mean in OSPF
> > >
> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
> > >
> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
> > >
> > >
> > >
> > >
> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
> > > <markom_at_ipexpert.com>wrote:
> > >
> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <jckdaniels12_at_gmail.com>
> > > > wrote:
> > > > > Hi guys,
> > > > >
> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
> > > > >
> > > > > CE-PE protocol is OSPF everywhere
> > > > >
> > > > >
> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
> > advertiseing
> > > > on
> > > > > same (SPLIT horizon).
> > > > >
> > > > > In ospf how can we overcome such issue.
> > > >
> > > > OSPF is a link state protocol. It doesn't use split horizon (at least
> > > > not within the same area and even in multiarea, the behavior is not
> > > > called that). You are probably having some other issue...
> > > >
> > > > --
> > > > Marko Milivojevic - CCIE #18427
> > > > Senior Technical Instructor - IPexpert
> > > >
> > > > Mailto: markom_at_ipexpert.com
> > > > Telephone: +1.810.326.1444
> > > > Fax: +1.810.454.0130
> > > > Community: http://www.ipexpert.com/communities
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Bryan Bartik
> CCIE #23707 (R&S, SP), CCNP
> Sr. Support Engineer - IPexpert, Inc.
> URL: http://www.IPexpert.com
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue Jan 05 2010 - 22:51:37 ART