Re: split horizon

Hi,

What you need to do is At the hub site PE, use the 'network 0.0.0.0' under bgp to bring the default route being learnt by ospf from the hub CE into bgp. At the spoke site PEs, configure ' default-information originate' in ospf. This will make the remote PE advervise the exsting default route which would have been learnt via bgp to the spoke CE. This way you get your hub CE default route at the spoke sites.

Cheers,
Kolade
Sent from my BlackBerry. wireless handheld from Glo Mobile.

-----Original Message-----
From: jack daniels <jckdaniels12_at_gmail.com>
Date: Wed, 6 Jan 2010 09:44:14
To: Mirco Orlandi<mirco.orlandi_at_gmail.com>
Cc: swap m<ccie19804_at_gmail.com>; Bryan Bartik<bbartik_at_ipexpert.com>; <olukolade_at_gmail.com>; <Charles.Henson_at_regions.com>; Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
Subject: Re: split horizon

Yeah that works , but for internet default route also required .... so if I
do defaul-in orignate alsways at HUB >>>>> but OSPF SPOKES won't learn it (
as OSPF does'nt learn default route via redistribution)....BGP>>>OSPF
redistribution at remote PE (for SPOKE CE)

On Wed, Jan 6, 2010 at 4:04 AM, Mirco Orlandi <mirco.orlandi_at_gmail.com>wrote:

> Yes,
> if spokes are 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and so on..., with a
> 10.0.0.0/16 to null0 redistributed on hub ce and accepted from all spokes,
> it works for going and returning traffic with a single blackhole advertise.
> This is what i mean.
>
> ...go back to ios
> m.
>
>
> On Tue, Jan 5, 2010 at 11:17 PM, swap m <ccie19804_at_gmail.com> wrote:
>
>> Bryan,
>>
>> it can look something like this.
>>
>> on Hub,
>> 1. add a static 1.1.1.0/23 to null0
>> 2. redis this into OSPF on hub
>> 3. this will reach spoke1 via Hub-PE-CE ospf and then MPBGP and then
>> Spoke1-PE-CE OSPF.... Spoke2 can be specially filtered as it doesnt need
>> this blackhole route.
>>
>> Swap
>> #19084
>>
>> On Wed, Jan 6, 2010 at 1:58 AM, Bryan Bartik <bbartik_at_ipexpert.com>wrote:
>>
>>> Mirco,
>>>
>>> I have not seen that example before. Can you post an example of the Hub
>>> CE
>>> config?
>>>
>>> On Tue, Jan 5, 2010 at 2:51 PM, Mirco Orlandi <mirco.orlandi_at_gmail.com
>>> >wrote:
>>>
>>> > Bryan,
>>> > double link solution work well, without additional prefix advertising.
>>> >
>>> > ...but still work with a single link and additional blackhole route
>>> > advertising at hub ce. Then we can mantain control of spoke2spoke
>>> traffic
>>> > with acl on hub ce wan interface.
>>> >
>>> > In double link scenario we have two link used in unidirectional way for
>>> > spoke2spoke traffic; in single link scenario, one link used in
>>> bidirectional
>>> > way.
>>> > I think this is more common hub&spoke scenario. Do you agree?
>>> >
>>> > Regards,
>>> > mirco.
>>> >
>>> >
>>> > On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com>
>>> wrote:
>>> >
>>> >> Hub and Spoke VPNs usually require two links between the hub CE and
>>> PE.
>>> >> Each
>>> >> link is in a separate VRF on the PE side. The first VRF imports all
>>> the
>>> >> spoke routes and advertise them to the hub CE. The second VRF will
>>> take
>>> >> these routes from the CE and advertise them back to the spokes with a
>>> >> different RT. The spoke sites will then import this second RT (not the
>>> >> first). This pulls all traffic from the spokes to the Hub CE and back
>>> out.
>>> >>
>>> >> Remember the goal is to not only get traffic to the Hub PE, but the
>>> Hub
>>> >> CE...which is the tricky part. It has nothing to do with split
>>> horizon,
>>> >> but
>>> >> rather the way a router builds the shortest path tree. A shortest path
>>> >> will
>>> >> never include the same link in two directions without some funky
>>> >> engineering.
>>> >>
>>> >> If you have only have one link between PE and CE, I believe this is
>>> not a
>>> >> true hub and spoke and the problem is you are not importing the spoke
>>> RTs
>>> >> and at each of the other spokes, only the hub.
>>> >>
>>> >> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>>> >>
>>> >> > Ignore pls. Been drinking.
>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>> >> >
>>> >> > -----Original Message-----
>>> >> > From: olukolade_at_gmail.com
>>> >> > Date: Tue, 5 Jan 2010 19:23:35
>>> >> > To: jack daniels<jckdaniels12_at_gmail.com>; <
>>> Charles.Henson_at_regions.com>
>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>> >> > Subject: Re: split horizon
>>> >> >
>>> >> > Hi jack,
>>> >> > CE hub won't be doing the advertisement. It will be done by PE1.
>>> Don't
>>> >> > forget PE1 is also running ospf and has all the routes in bgp. So
>>> routes
>>> >> > from the other PEs will be tagged with RT 2:2 and exported. This
>>> will be
>>> >> > imported on the other PEs where the routes from PE2 will be imported
>>> by
>>> >> PE3
>>> >> > and vice versa. These routes are then redistributed into ospf for
>>> the
>>> >> > connected CEs. The CEs will not advertise the routes learnt from the
>>> PE
>>> >> back
>>> >> > to them and there will be no need to do this.
>>> >> >
>>> >> > Kolade
>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>> >> >
>>> >> > -----Original Message-----
>>> >> > From: jack daniels <jckdaniels12_at_gmail.com>
>>> >> > Date: Wed, 6 Jan 2010 00:06:14
>>> >> > To: <Charles.Henson_at_regions.com>
>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko Milivojevic<
>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>> >> > Subject: Re: split horizon
>>> >> >
>>> >> > CE (HUB)
>>> >> > G0/1
>>> >> > |
>>> >> > OSPF
>>> >> > |
>>> >> > PE1
>>> >> > |
>>> >> > MPLS CLOUD-----------------------------PE2------OSPF-CE(SPOKE1)
>>> (
>>> >> > 2.2.2.0/24)
>>> >> >
>>> >> > |
>>> >> > |
>>> >> > |
>>> >> > PE3
>>> >> > |
>>> >> > OSPF
>>> >> > |
>>> >> > CE(SPOKE2) (1.1.1.0/24)
>>> >> >
>>> >> > IN VRF of customer -
>>> >> >
>>> >> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
>>> >> >
>>> >> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
>>> >> >
>>> >> > PE1 exports routes with RT 2:2 and imports 1:1
>>> >> >
>>> >> >
>>> >> >
>>> >> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
>>> >> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is required
>>> for
>>> >> CE
>>> >> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
>>> >> >
>>> >> >
>>> >> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com>
>>> wrote:
>>> >> >
>>> >> > > Hey Jack,
>>> >> > > How about a little more details? Configs? Shows? Anything?
>>> Marko
>>> >> is
>>> >> > > correct.
>>> >> > >
>>> >> > > Charles Henson
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > |------------>
>>> >> > > | From: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |jack daniels <jckdaniels12_at_gmail.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | To: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Marko Milivojevic <markom_at_ipexpert.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Cc: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Cisco certification <ccielab_at_groupstudy.com>
>>> >> > >
>>> >> > |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Date: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |01/05/2010 12:21 PM
>>> >> > >
>>> >> |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |------------>
>>> >> > > | Subject: |
>>> >> > > |------------>
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > > |Re: split horizon
>>> >> > >
>>> >> |
>>> >> > >
>>> >> > >
>>> >> >
>>> >>
>>> >--------------------------------------------------------------------------------------------------------------------------------------------------|
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > I understand that but ,u mean in OSPF
>>> >> > >
>>> >> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
>>> >> > >
>>> >> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
>>> >> > > <markom_at_ipexpert.com>wrote:
>>> >> > >
>>> >> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <
>>> jckdaniels12_at_gmail.com
>>> >> >
>>> >> > > > wrote:
>>> >> > > > > Hi guys,
>>> >> > > > >
>>> >> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
>>> >> > > > >
>>> >> > > > > CE-PE protocol is OSPF everywhere
>>> >> > > > >
>>> >> > > > >
>>> >> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
>>> >> > advertiseing
>>> >> > > > on
>>> >> > > > > same (SPLIT horizon).
>>> >> > > > >
>>> >> > > > > In ospf how can we overcome such issue.
>>> >> > > >
>>> >> > > > OSPF is a link state protocol. It doesn't use split horizon (at
>>> >> least
>>> >> > > > not within the same area and even in multiarea, the behavior is
>>> not
>>> >> > > > called that). You are probably having some other issue...
>>> >> > > >
>>> >> > > > --
>>> >> > > > Marko Milivojevic - CCIE #18427
>>> >> > > > Senior Technical Instructor - IPexpert
>>> >> > > >
>>> >> > > > Mailto: markom_at_ipexpert.com
>>> >> > > > Telephone: +1.810.326.1444
>>> >> > > > Fax: +1.810.454.0130
>>> >> > > > Community: http://www.ipexpert.com/communities
>>> >> > >
>>> >> > >
>>> >> > > Blogs and organic groups at http://www.ccie.net
>>> >> > >
>>> >> > >
>>> >>
>>> _______________________________________________________________________
>>> >> > > Subscription information may be found at:
>>> >> > > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> > Blogs and organic groups at http://www.ccie.net
>>> >> >
>>> >> >
>>> _______________________________________________________________________
>>> >> > Subscription information may be found at:
>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> > Blogs and organic groups at http://www.ccie.net
>>> >> >
>>> >> >
>>> _______________________________________________________________________
>>> >> > Subscription information may be found at:
>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >>
>>> >>
>>> >> --
>>> >> Bryan Bartik
>>> >> CCIE #23707 (R&S, SP), CCNP
>>> >> Sr. Support Engineer - IPexpert, Inc.
>>> >> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>> >>
>>> >>
>>> >> Blogs and organic groups at http://www.ccie.net
>>> >>
>>> >>
>>> _______________________________________________________________________
>>> >> Subscription information may be found at:
>>> >> http://www.groupstudy.com/list/CCIELab.html
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >
>>>
>>>
>>> --
>>> Bryan Bartik
>>> CCIE #23707 (R&S, SP), CCNP
>>> Sr. Support Engineer - IPexpert, Inc.
>>> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jan 06 2010 - 07:49:11 ART