Re: split horizon

Yeah that works , but for internet default route also required .... so if I
do defaul-in orignate alsways at HUB >>>>> but OSPF SPOKES won't learn it (
as OSPF does'nt learn default route via redistribution)....BGP>>>OSPF
redistribution at remote PE (for SPOKE CE)

On Wed, Jan 6, 2010 at 4:04 AM, Mirco Orlandi <mirco.orlandi_at_gmail.com>wrote:

> Yes,
> if spokes are 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and so on..., with a
> 10.0.0.0/16 to null0 redistributed on hub ce and accepted from all spokes,
> it works for going and returning traffic with a single blackhole advertise.
> This is what i mean.
>
> ...go back to ios
> m.
>
>
> On Tue, Jan 5, 2010 at 11:17 PM, swap m <ccie19804_at_gmail.com> wrote:
>
>> Bryan,
>>
>> it can look something like this.
>>
>> on Hub,
>> 1. add a static 1.1.1.0/23 to null0
>> 2. redis this into OSPF on hub
>> 3. this will reach spoke1 via Hub-PE-CE ospf and then MPBGP and then
>> Spoke1-PE-CE OSPF.... Spoke2 can be specially filtered as it doesnt need
>> this blackhole route.
>>
>> Swap
>> #19084
>>
>> On Wed, Jan 6, 2010 at 1:58 AM, Bryan Bartik <bbartik_at_ipexpert.com>wrote:
>>
>>> Mirco,
>>>
>>> I have not seen that example before. Can you post an example of the Hub
>>> CE
>>> config?
>>>
>>> On Tue, Jan 5, 2010 at 2:51 PM, Mirco Orlandi <mirco.orlandi_at_gmail.com
>>> >wrote:
>>>
>>> > Bryan,
>>> > double link solution work well, without additional prefix advertising.
>>> >
>>> > ...but still work with a single link and additional blackhole route
>>> > advertising at hub ce. Then we can mantain control of spoke2spoke
>>> traffic
>>> > with acl on hub ce wan interface.
>>> >
>>> > In double link scenario we have two link used in unidirectional way for
>>> > spoke2spoke traffic; in single link scenario, one link used in
>>> bidirectional
>>> > way.
>>> > I think this is more common hub&spoke scenario. Do you agree?
>>> >
>>> > Regards,
>>> > mirco.
>>> >
>>> >
>>> > On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com>
>>> wrote:
>>> >
>>> >> Hub and Spoke VPNs usually require two links between the hub CE and
>>> PE.
>>> >> Each
>>> >> link is in a separate VRF on the PE side. The first VRF imports all
>>> the
>>> >> spoke routes and advertise them to the hub CE. The second VRF will
>>> take
>>> >> these routes from the CE and advertise them back to the spokes with a
>>> >> different RT. The spoke sites will then import this second RT (not the
>>> >> first). This pulls all traffic from the spokes to the Hub CE and back
>>> out.
>>> >>
>>> >> Remember the goal is to not only get traffic to the Hub PE, but the
>>> Hub
>>> >> CE...which is the tricky part. It has nothing to do with split
>>> horizon,
>>> >> but
>>> >> rather the way a router builds the shortest path tree. A shortest path
>>> >> will
>>> >> never include the same link in two directions without some funky
>>> >> engineering.
>>> >>
>>> >> If you have only have one link between PE and CE, I believe this is
>>> not a
>>> >> true hub and spoke and the problem is you are not importing the spoke
>>> RTs
>>> >> and at each of the other spokes, only the hub.
>>> >>
>>> >> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>>> >>
>>> >> > Ignore pls. Been drinking.
>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>> >> >
>>> >> > -----Original Message-----
>>> >> > From: olukolade_at_gmail.com
>>> >> > Date: Tue, 5 Jan 2010 19:23:35
>>> >> > To: jack daniels<jckdaniels12_at_gmail.com>; <
>>> Charles.Henson_at_regions.com>
>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>> >> > Subject: Re: split horizon
>>> >> >
>>> >> > Hi jack,
>>> >> > CE hub won't be doing the advertisement. It will be done by PE1.
>>> Don't
>>> >> > forget PE1 is also running ospf and has all the routes in bgp. So
>>> routes
>>> >> > from the other PEs will be tagged with RT 2:2 and exported. This
>>> will be
>>> >> > imported on the other PEs where the routes from PE2 will be imported
>>> by
>>> >> PE3
>>> >> > and vice versa. These routes are then redistributed into ospf for
>>> the
>>> >> > connected CEs. The CEs will not advertise the routes learnt from the
>>> PE
>>> >> back
>>> >> > to them and there will be no need to do this.
>>> >> >
>>> >> > Kolade
>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>> >> >
>>> >> > -----Original Message-----
>>> >> > From: jack daniels <jckdaniels12_at_gmail.com>
>>> >> > Date: Wed, 6 Jan 2010 00:06:14
>>> >> > To: <Charles.Henson_at_regions.com>
>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>> >> > Subject: Re: split horizon
>>> >> >
>>> >> > CE (HUB)
>>> >> > G0/1
>>> >> > |
>>> >> > OSPF
>>> >> > |
>>> >> > PE1
>>> >> > |
>>> >> > MPLS CLOUD-----------------------------PE2------OSPF-CE(SPOKE1)
>>> (
>>> >> > 2.2.2.0/24)
>>> >> >
>>> >> > |
>>> >> > |
>>> >> > |
>>> >> > PE3
>>> >> > |
>>> >> > OSPF
>>> >> > |
>>> >> > CE(SPOKE2) (1.1.1.0/24)
>>> >> >
>>> >> > IN VRF of customer -
>>> >> >
>>> >> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
>>> >> >
>>> >> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
>>> >> >
>>> >> > PE1 exports routes with RT 2:2 and imports 1:1
>>> >> >
>>> >> >
>>> >> >
>>> >> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
>>> >> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is required
>>> for
>>> >> CE
>>> >> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
>>> >> >
>>> >> >
>>> >> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com>
>>> wrote:
>>> >> >
>>> >> > > Hey Jack,
>>> >> > > How about a little more details? Configs? Shows? Anything?
>>> Marko
>>> >> is
>>> >> > > correct.
>>> >> > >
>>> >> > > Charles Henson
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > |------------>
>>> >> > > | From: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |jack daniels <jckdaniels12_at_gmail.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | To: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Marko Milivojevic <markom_at_ipexpert.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Cc: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Cisco certification <ccielab_at_groupstudy.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Date: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |01/05/2010 12:21 PM
>>> >> > >
>>> >> |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Subject: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Re: split horizon
>>> >> > >
>>> >> |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > I understand that but ,u mean in OSPF
>>> >> > >
>>> >> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
>>> >> > >
>>> >> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
>>> >> > > <markom_at_ipexpert.com>wrote:
>>> >> > >
>>> >> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <
>>> jckdaniels12_at_gmail.com
>>> >> >
>>> >> > > > wrote:
>>> >> > > > > Hi guys,
>>> >> > > > >
>>> >> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
>>> >> > > > >
>>> >> > > > > CE-PE protocol is OSPF everywhere
>>> >> > > > >
>>> >> > > > >
>>> >> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
>>> >> > advertiseing
>>> >> > > > on
>>> >> > > > > same (SPLIT horizon).
>>> >> > > > >
>>> >> > > > > In ospf how can we overcome such issue.
>>> >> > > >
>>> >> > > > OSPF is a link state protocol. It doesn't use split horizon (at
>>> >> least
>>> >> > > > not within the same area and even in multiarea, the behavior is
>>> not
>>> >> > > > called that). You are probably having some other issue...
>>> >> > > >
>>> >> > > > --
>>> >> > > > Marko Milivojevic - CCIE #18427
>>> >> > > > Senior Technical Instructor - IPexpert
>>> >> > > >
>>> >> > > > Mailto: markom_at_ipexpert.com
>>> >> > > > Telephone: +1.810.326.1444
>>> >> > > > Fax: +1.810.454.0130
>>> >> > > > Community: http://www.ipexpert.com/communities
>>> >> > >
>>> >> > >
>>> >> > > Blogs and organic groups at http://www.ccie.net
>>> >> > >
>>> >> > >
>>> >>
>>> _______________________________________________________________________
>>> >> > > Subscription information may be found at:
>>> >> > > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> > Blogs and organic groups at http://www.ccie.net
>>> >> >
>>> >> >
>>> _______________________________________________________________________
>>> >> > Subscription information may be found at:
>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> > Blogs and organic groups at http://www.ccie.net
>>> >> >
>>> >> >
>>> _______________________________________________________________________
>>> >> > Subscription information may be found at:
>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >>
>>> >>
>>> >> --
>>> >> Bryan Bartik
>>> >> CCIE #23707 (R&S, SP), CCNP
>>> >> Sr. Support Engineer - IPexpert, Inc.
>>> >> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>> >>
>>> >>
>>> >> Blogs and organic groups at http://www.ccie.net
>>> >>
>>> >>
>>> _______________________________________________________________________
>>> >> Subscription information may be found at:
>>> >> http://www.groupstudy.com/list/CCIELab.html
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >
>>>
>>>
>>> --
>>> Bryan Bartik
>>> CCIE #23707 (R&S, SP), CCNP
>>> Sr. Support Engineer - IPexpert, Inc.
>>> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jan 06 2010 - 09:44:14 ART