Re: split horizon from jack daniels on 2010-01-06 (Ccielab archives 01/2010)

From: jack daniels <jckdaniels12_at_gmail.com>
Date: Wed, 6 Jan 2010 13:26:41 +0530

yeah but PE can't configure , have access to all CE

On Wed, Jan 6, 2010 at 1:19 PM, <olukolade_at_gmail.com> wrote:

> Hi,
>
> What you need to do is At the hub site PE, use the 'network 0.0.0.0' under
> bgp to bring the default route being learnt by ospf from the hub CE into
> bgp. At the spoke site PEs, configure ' default-information originate' in
> ospf. This will make the remote PE advervise the exsting default route
which
> would have been learnt via bgp to the spoke CE. This way you get your hub
CE
> default route at the spoke sites.
>
> Cheers,
>
> Kolade
>
> Sent from my BlackBerry. wireless handheld from Glo Mobile.
> ------------------------------
> *From: *jack daniels <jckdaniels12_at_gmail.com>
> *Date: *Wed, 6 Jan 2010 09:44:14 +0530
> *To: *Mirco Orlandi<mirco.orlandi_at_gmail.com>
> *Cc: *swap m<ccie19804_at_gmail.com>; Bryan Bartik<bbartik_at_ipexpert.com>; <
> olukolade_at_gmail.com>; <Charles.Henson_at_regions.com>; Cisco certification<
> ccielab_at_groupstudy.com>; Marko Milivojevic<markom_at_ipexpert.com>; <
> nobody_at_groupstudy.com>
> *Subject: *Re: split horizon
>
> Yeah that works , but for internet default route also required .... so if I
> do defaul-in orignate alsways at HUB >>>>> but OSPF SPOKES won't learn it (
> as OSPF does'nt learn default route via redistribution)....BGP>>>OSPF
> redistribution at remote PE (for SPOKE CE)
>
> On Wed, Jan 6, 2010 at 4:04 AM, Mirco Orlandi
<mirco.orlandi_at_gmail.com>wrote:
>
>> Yes,
>> if spokes are 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and so on..., with a
>> 10.0.0.0/16 to null0 redistributed on hub ce and accepted from all
>> spokes, it works for going and returning traffic with a single blackhole
>> advertise. This is what i mean.
>>
>> ...go back to ios
>> m.
>>
>>
>> On Tue, Jan 5, 2010 at 11:17 PM, swap m <ccie19804_at_gmail.com> wrote:
>>
>>> Bryan,
>>>
>>> it can look something like this.
>>>
>>> on Hub,
>>> 1. add a static 1.1.1.0/23 to null0
>>> 2. redis this into OSPF on hub
>>> 3. this will reach spoke1 via Hub-PE-CE ospf and then MPBGP and then
>>> Spoke1-PE-CE OSPF.... Spoke2 can be specially filtered as it doesnt need
>>> this blackhole route.
>>>
>>> Swap
>>> #19084
>>>
>>> On Wed, Jan 6, 2010 at 1:58 AM, Bryan Bartik <bbartik_at_ipexpert.com>wrote:
>>>
>>>> Mirco,
>>>>
>>>> I have not seen that example before. Can you post an example of the Hub
>>>> CE
>>>> config?
>>>>
>>>> On Tue, Jan 5, 2010 at 2:51 PM, Mirco Orlandi <mirco.orlandi_at_gmail.com
>>>> >wrote:
>>>>
>>>> > Bryan,
>>>> > double link solution work well, without additional prefix advertising.
>>>> >
>>>> > ...but still work with a single link and additional blackhole route
>>>> > advertising at hub ce. Then we can mantain control of spoke2spoke
>>>> traffic
>>>> > with acl on hub ce wan interface.
>>>> >
>>>> > In double link scenario we have two link used in unidirectional way
>>>> for
>>>> > spoke2spoke traffic; in single link scenario, one link used in
>>>> bidirectional
>>>> > way.
>>>> > I think this is more common hub&spoke scenario. Do you agree?
>>>> >
>>>> > Regards,
>>>> > mirco.
>>>> >
>>>> >
>>>> > On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com>
>>>> wrote:
>>>> >
>>>> >> Hub and Spoke VPNs usually require two links between the hub CE and
>>>> PE.
>>>> >> Each
>>>> >> link is in a separate VRF on the PE side. The first VRF imports all
>>>> the
>>>> >> spoke routes and advertise them to the hub CE. The second VRF will
>>>> take
>>>> >> these routes from the CE and advertise them back to the spokes with a
>>>> >> different RT. The spoke sites will then import this second RT (not
>>>> the
>>>> >> first). This pulls all traffic from the spokes to the Hub CE and back
>>>> out.
>>>> >>
>>>> >> Remember the goal is to not only get traffic to the Hub PE, but the
>>>> Hub
>>>> >> CE...which is the tricky part. It has nothing to do with split
>>>> horizon,
>>>> >> but
>>>> >> rather the way a router builds the shortest path tree. A shortest
>>>> path
>>>> >> will
>>>> >> never include the same link in two directions without some funky
>>>> >> engineering.
>>>> >>
>>>> >> If you have only have one link between PE and CE, I believe this is
>>>> not a
>>>> >> true hub and spoke and the problem is you are not importing the spoke
>>>> RTs
>>>> >> and at each of the other spokes, only the hub.
>>>> >>
>>>> >> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>>>> >>
>>>> >> > Ignore pls. Been drinking.
>>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>>> >> >
>>>> >> > -----Original Message-----
>>>> >> > From: olukolade_at_gmail.com
>>>> >> > Date: Tue, 5 Jan 2010 19:23:35
>>>> >> > To: jack daniels<jckdaniels12_at_gmail.com>; <
>>>> Charles.Henson_at_regions.com>
>>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko
>>>> Milivojevic<
>>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>>> >> > Subject: Re: split horizon
>>>> >> >
>>>> >> > Hi jack,
>>>> >> > CE hub won't be doing the advertisement. It will be done by PE1.
>>>> Don't
>>>> >> > forget PE1 is also running ospf and has all the routes in bgp. So
>>>> routes
>>>> >> > from the other PEs will be tagged with RT 2:2 and exported. This
>>>> will be
>>>> >> > imported on the other PEs where the routes from PE2 will be
>>>> imported by
>>>> >> PE3
>>>> >> > and vice versa. These routes are then redistributed into ospf for
>>>> the
>>>> >> > connected CEs. The CEs will not advertise the routes learnt from
>>>> the PE
>>>> >> back
>>>> >> > to them and there will be no need to do this.
>>>> >> >
>>>> >> > Kolade
>>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>>> >> >
>>>> >> > -----Original Message-----
>>>> >> > From: jack daniels <jckdaniels12_at_gmail.com>
>>>> >> > Date: Wed, 6 Jan 2010 00:06:14
>>>> >> > To: <Charles.Henson_at_regions.com>
>>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko
>>>> Milivojevic<
>>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>>> >> > Subject: Re: split horizon
>>>> >> >
>>>> >> > CE (HUB)
>>>> >> > G0/1
>>>> >> > |
>>>> >> > OSPF
>>>> >> > |
>>>> >> > PE1
>>>> >> > |
>>>> >> > MPLS
>>>> CLOUD-----------------------------PE2------OSPF-CE(SPOKE1) (
>>>> >> > 2.2.2.0/24)
>>>> >> >
>>>> >> > |
>>>> >> > |
>>>> >> > |
>>>> >> > PE3
>>>> >> > |
>>>> >> > OSPF
>>>> >> > |
>>>> >> > CE(SPOKE2) (1.1.1.0/24)
>>>> >> >
>>>> >> > IN VRF of customer -
>>>> >> >
>>>> >> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
>>>> >> >
>>>> >> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
>>>> >> >
>>>> >> > PE1 exports routes with RT 2:2 and imports 1:1
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
>>>> >> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is required
>>>> for
>>>> >> CE
>>>> >> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
>>>> >> >
>>>> >> >
>>>> >> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com>
>>>> wrote:
>>>> >> >
>>>> >> > > Hey Jack,
>>>> >> > > How about a little more details? Configs? Shows? Anything?
>>>> Marko
>>>> >> is
>>>> >> > > correct.
>>>> >> > >
>>>> >> > > Charles Henson
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > > |------------>
>>>> >> > > | From: |
>>>> >> > > |------------>
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |jack daniels <jckdaniels12_at_gmail.com>
>>>> >> > >
>>>> >> > |
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |------------>
>>>> >> > > | To: |
>>>> >> > > |------------>
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |Marko Milivojevic <markom_at_ipexpert.com>
>>>> >> > >
>>>> >> > |
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |------------>
>>>> >> > > | Cc: |
>>>> >> > > |------------>
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |Cisco certification <ccielab_at_groupstudy.com>
>>>> >> > >
>>>> >> > |
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |------------>
>>>> >> > > | Date: |
>>>> >> > > |------------>
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |01/05/2010 12:21 PM
>>>> >> > >
>>>> >> |
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |------------>
>>>> >> > > | Subject: |
>>>> >> > > |------------>
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > > |Re: split horizon
>>>> >> > >
>>>> >> |
>>>> >> > >
>>>> >> > >
>>>> >> >
>>>> >>
>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > > I understand that but ,u mean in OSPF
>>>> >> > >
>>>> >> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
>>>> >> > >
>>>> >> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > >
>>>> >> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
>>>> >> > > <markom_at_ipexpert.com>wrote:
>>>> >> > >
>>>> >> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <
>>>> jckdaniels12_at_gmail.com
>>>> >> >
>>>> >> > > > wrote:
>>>> >> > > > > Hi guys,
>>>> >> > > > >
>>>> >> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
>>>> >> > > > >
>>>> >> > > > > CE-PE protocol is OSPF everywhere
>>>> >> > > > >
>>>> >> > > > >
>>>> >> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
>>>> >> > advertiseing
>>>> >> > > > on
>>>> >> > > > > same (SPLIT horizon).
>>>> >> > > > >
>>>> >> > > > > In ospf how can we overcome such issue.
>>>> >> > > >
>>>> >> > > > OSPF is a link state protocol. It doesn't use split horizon (at
>>>> >> least
>>>> >> > > > not within the same area and even in multiarea, the behavior is
>>>> not
>>>> >> > > > called that). You are probably having some other issue...
>>>> >> > > >
>>>> >> > > > --
>>>> >> > > > Marko Milivojevic - CCIE #18427
>>>> >> > > > Senior Technical Instructor - IPexpert
>>>> >> > > >
>>>> >> > > > Mailto: markom_at_ipexpert.com
>>>> >> > > > Telephone: +1.810.326.1444
>>>> >> > > > Fax: +1.810.454.0130
>>>> >> > > > Community: http://www.ipexpert.com/communities
>>>> >> > >
>>>> >> > >
>>>> >> > > Blogs and organic groups at http://www.ccie.net
>>>> >> > >
>>>> >> > >
>>>>
>>>>
>>_______________________________________________________________________
>>>> >> > > Subscription information may be found at:
>>>> >> > > http://www.groupstudy.com/list/CCIELab.html
>>>> >> >
>>>> >> >
>>>> >> > Blogs and organic groups at http://www.ccie.net
>>>> >> >
>>>> >>
>>>> >_______________________________________________________________________
>>>> >> > Subscription information may be found at:
>>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>>> >> >
>>>> >> >
>>>> >> > Blogs and organic groups at http://www.ccie.net
>>>> >> >
>>>> >>
>>>> >_______________________________________________________________________
>>>> >> > Subscription information may be found at:
>>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >>
>>>> >>
>>>> >> --
>>>> >> Bryan Bartik
>>>> >> CCIE #23707 (R&S, SP), CCNP
>>>> >> Sr. Support Engineer - IPexpert, Inc.
>>>> >> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>> >>
>>>> >>
>>>> >> Blogs and organic groups at http://www.ccie.net
>>>> >>
>>>>
>>>>
>>_______________________________________________________________________
>>>> >> Subscription information may be found at:
>>>> >> http://www.groupstudy.com/list/CCIELab.html
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >
>>>>
>>>>
>>>> --
>>>> Bryan Bartik
>>>> CCIE #23707 (R&S, SP), CCNP
>>>> Sr. Support Engineer - IPexpert, Inc.
>>>> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jan 06 2010 - 13:26:41 ART

This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART