Re: split horizon

Mirco,

I have not seen that example before. Can you post an example of the Hub CE
config?

On Tue, Jan 5, 2010 at 2:51 PM, Mirco Orlandi <mirco.orlandi_at_gmail.com>wrote:

> Bryan,
> double link solution work well, without additional prefix advertising.
>
> ...but still work with a single link and additional blackhole route
> advertising at hub ce. Then we can mantain control of spoke2spoke traffic
> with acl on hub ce wan interface.
>
> In double link scenario we have two link used in unidirectional way for
> spoke2spoke traffic; in single link scenario, one link used in bidirectional
> way.
> I think this is more common hub&spoke scenario. Do you agree?
>
> Regards,
> mirco.
>
>
> On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com> wrote:
>
>> Hub and Spoke VPNs usually require two links between the hub CE and PE.
>> Each
>> link is in a separate VRF on the PE side. The first VRF imports all the
>> spoke routes and advertise them to the hub CE. The second VRF will take
>> these routes from the CE and advertise them back to the spokes with a
>> different RT. The spoke sites will then import this second RT (not the
>> first). This pulls all traffic from the spokes to the Hub CE and back out.
>>
>> Remember the goal is to not only get traffic to the Hub PE, but the Hub
>> CE...which is the tricky part. It has nothing to do with split horizon,
>> but
>> rather the way a router builds the shortest path tree. A shortest path
>> will
>> never include the same link in two directions without some funky
>> engineering.
>>
>> If you have only have one link between PE and CE, I believe this is not a
>> true hub and spoke and the problem is you are not importing the spoke RTs
>> and at each of the other spokes, only the hub.
>>
>> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>>
>> > Ignore pls. Been drinking.
>> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>> >
>> > -----Original Message-----
>> > From: olukolade_at_gmail.com
>> > Date: Tue, 5 Jan 2010 19:23:35
>> > To: jack daniels<jckdaniels12_at_gmail.com>; <Charles.Henson_at_regions.com>
>> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>> > Subject: Re: split horizon
>> >
>> > Hi jack,
>> > CE hub won't be doing the advertisement. It will be done by PE1. Don't
>> > forget PE1 is also running ospf and has all the routes in bgp. So routes
>> > from the other PEs will be tagged with RT 2:2 and exported. This will be
>> > imported on the other PEs where the routes from PE2 will be imported by
>> PE3
>> > and vice versa. These routes are then redistributed into ospf for the
>> > connected CEs. The CEs will not advertise the routes learnt from the PE
>> back
>> > to them and there will be no need to do this.
>> >
>> > Kolade
>> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>> >
>> > -----Original Message-----
>> > From: jack daniels <jckdaniels12_at_gmail.com>
>> > Date: Wed, 6 Jan 2010 00:06:14
>> > To: <Charles.Henson_at_regions.com>
>> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>> > Subject: Re: split horizon
>> >
>> > CE (HUB)
>> > G0/1
>> > |
>> > OSPF
>> > |
>> > PE1
>> > |
>> > MPLS CLOUD-----------------------------PE2------OSPF-CE(SPOKE1) (
>> > 2.2.2.0/24)
>> >
>> > |
>> > |
>> > |
>> > PE3
>> > |
>> > OSPF
>> > |
>> > CE(SPOKE2) (1.1.1.0/24)
>> >
>> > IN VRF of customer -
>> >
>> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
>> >
>> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
>> >
>> > PE1 exports routes with RT 2:2 and imports 1:1
>> >
>> >
>> >
>> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
>> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is required for
>> CE
>> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
>> >
>> >
>> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com> wrote:
>> >
>> > > Hey Jack,
>> > > How about a little more details? Configs? Shows? Anything? Marko
>> is
>> > > correct.
>> > >
>> > > Charles Henson
>> > >
>> > >
>> > >
>> > >
>> > >
>> > > |------------>
>> > > | From: |
>> > > |------------>
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |jack daniels <jckdaniels12_at_gmail.com>
>> > >
>> > |
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |------------>
>> > > | To: |
>> > > |------------>
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |Marko Milivojevic <markom_at_ipexpert.com>
>> > >
>> > |
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |------------>
>> > > | Cc: |
>> > > |------------>
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |Cisco certification <ccielab_at_groupstudy.com>
>> > >
>> > |
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |------------>
>> > > | Date: |
>> > > |------------>
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |01/05/2010 12:21 PM
>> > >
>> |
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |------------>
>> > > | Subject: |
>> > > |------------>
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > > |Re: split horizon
>> > >
>> |
>> > >
>> > >
>> >
>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>> > >
>> > >
>> > >
>> > >
>> > >
>> > > I understand that but ,u mean in OSPF
>> > >
>> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
>> > >
>> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
>> > >
>> > >
>> > >
>> > >
>> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
>> > > <markom_at_ipexpert.com>wrote:
>> > >
>> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <jckdaniels12_at_gmail.com
>> >
>> > > > wrote:
>> > > > > Hi guys,
>> > > > >
>> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
>> > > > >
>> > > > > CE-PE protocol is OSPF everywhere
>> > > > >
>> > > > >
>> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
>> > advertiseing
>> > > > on
>> > > > > same (SPLIT horizon).
>> > > > >
>> > > > > In ospf how can we overcome such issue.
>> > > >
>> > > > OSPF is a link state protocol. It doesn't use split horizon (at
>> least
>> > > > not within the same area and even in multiarea, the behavior is not
>> > > > called that). You are probably having some other issue...
>> > > >
>> > > > --
>> > > > Marko Milivojevic - CCIE #18427
>> > > > Senior Technical Instructor - IPexpert
>> > > >
>> > > > Mailto: markom_at_ipexpert.com
>> > > > Telephone: +1.810.326.1444
>> > > > Fax: +1.810.454.0130
>> > > > Community: http://www.ipexpert.com/communities
>> > >
>> > >
>> > > Blogs and organic groups at http://www.ccie.net
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>>
>>
>> --
>> Bryan Bartik
>> CCIE #23707 (R&S, SP), CCNP
>> Sr. Support Engineer - IPexpert, Inc.
>> URL: http://www.IPexpert.com
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>

-- 
Bryan Bartik
CCIE #23707 (R&S, SP), CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
Blogs and organic groups at http://www.ccie.net