Re: split horizon

I think you will need access to the PEs for this, the spoke PEs will not
have a default until you configure network 0.0.0.0 on the hub PE as Kolade
suggested. Will your provider not help you with this?

You could aslo do a GRE tunnel between spoke CE and hub CE, taking the VPN
out the question.

On Wed, Jan 6, 2010 at 1:39 AM, jack daniels <jckdaniels12_at_gmail.com> wrote:

> only thing what i could though of was staic default routes at CE SPOKE to
> PE ...As PE have default route orignated from HUB. Any other option please
> suggest.
>
>
> On Wed, Jan 6, 2010 at 1:26 PM, jack daniels <jckdaniels12_at_gmail.com>wrote:
>
>> yeah but PE can't configure , have access to all CE
>>
>>
>> On Wed, Jan 6, 2010 at 1:19 PM, <olukolade_at_gmail.com> wrote:
>>
>>> Hi,
>>>
>>> What you need to do is At the hub site PE, use the 'network 0.0.0.0'
>>> under bgp to bring the default route being learnt by ospf from the hub CE
>>> into bgp. At the spoke site PEs, configure ' default-information
originate'
>>> in ospf. This will make the remote PE advervise the exsting default route
>>> which would have been learnt via bgp to the spoke CE. This way you get
your
>>> hub CE default route at the spoke sites.
>>>
>>> Cheers,
>>>
>>> Kolade
>>>
>>> Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>> ------------------------------
>>> *From: *jack daniels <jckdaniels12_at_gmail.com>
>>> *Date: *Wed, 6 Jan 2010 09:44:14 +0530
>>> *To: *Mirco Orlandi<mirco.orlandi_at_gmail.com>
>>> *Cc: *swap m<ccie19804_at_gmail.com>; Bryan Bartik<bbartik_at_ipexpert.com>; <
>>> olukolade_at_gmail.com>; <Charles.Henson_at_regions.com>; Cisco certification<
>>> ccielab_at_groupstudy.com>; Marko Milivojevic<markom_at_ipexpert.com>; <
>>> nobody_at_groupstudy.com>
>>> *Subject: *Re: split horizon
>>>
>>> Yeah that works , but for internet default route also required .... so if
>>> I do defaul-in orignate alsways at HUB >>>>> but OSPF SPOKES won't learn
it
>>> ( as OSPF does'nt learn default route via redistribution)....BGP>>>OSPF
>>> redistribution at remote PE (for SPOKE CE)
>>>
>>> On Wed, Jan 6, 2010 at 4:04 AM, Mirco Orlandi
<mirco.orlandi_at_gmail.com>wrote:
>>>
>>>> Yes,
>>>> if spokes are 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and so on..., with
>>>> a 10.0.0.0/16 to null0 redistributed on hub ce and accepted from all
>>>> spokes, it works for going and returning traffic with a single blackhole
>>>> advertise. This is what i mean.
>>>>
>>>> ...go back to ios
>>>> m.
>>>>
>>>>
>>>> On Tue, Jan 5, 2010 at 11:17 PM, swap m <ccie19804_at_gmail.com> wrote:
>>>>
>>>>> Bryan,
>>>>>
>>>>> it can look something like this.
>>>>>
>>>>> on Hub,
>>>>> 1. add a static 1.1.1.0/23 to null0
>>>>> 2. redis this into OSPF on hub
>>>>> 3. this will reach spoke1 via Hub-PE-CE ospf and then MPBGP and then
>>>>> Spoke1-PE-CE OSPF.... Spoke2 can be specially filtered as it doesnt
need
>>>>> this blackhole route.
>>>>>
>>>>> Swap
>>>>> #19084
>>>>>
>>>>> On Wed, Jan 6, 2010 at 1:58 AM, Bryan Bartik
<bbartik_at_ipexpert.com>wrote:
>>>>>
>>>>>> Mirco,
>>>>>>
>>>>>> I have not seen that example before. Can you post an example of the
>>>>>> Hub CE
>>>>>> config?
>>>>>>
>>>>>> On Tue, Jan 5, 2010 at 2:51 PM, Mirco Orlandi <
>>>>>> mirco.orlandi_at_gmail.com>wrote:
>>>>>>
>>>>>> > Bryan,
>>>>>> > double link solution work well, without additional prefix
>>>>>> advertising.
>>>>>> >
>>>>>> > ...but still work with a single link and additional blackhole route
>>>>>> > advertising at hub ce. Then we can mantain control of spoke2spoke
>>>>>> traffic
>>>>>> > with acl on hub ce wan interface.
>>>>>> >
>>>>>> > In double link scenario we have two link used in unidirectional way
>>>>>> for
>>>>>> > spoke2spoke traffic; in single link scenario, one link used in
>>>>>> bidirectional
>>>>>> > way.
>>>>>> > I think this is more common hub&spoke scenario. Do you agree?
>>>>>> >
>>>>>> > Regards,
>>>>>> > mirco.
>>>>>> >
>>>>>> >
>>>>>> > On Tue, Jan 5, 2010 at 9:17 PM, Bryan Bartik <bbartik_at_ipexpert.com>
>>>>>> wrote:
>>>>>> >
>>>>>> >> Hub and Spoke VPNs usually require two links between the hub CE and
>>>>>> PE.
>>>>>> >> Each
>>>>>> >> link is in a separate VRF on the PE side. The first VRF imports all
>>>>>> the
>>>>>> >> spoke routes and advertise them to the hub CE. The second VRF will
>>>>>> take
>>>>>> >> these routes from the CE and advertise them back to the spokes with
>>>>>> a
>>>>>> >> different RT. The spoke sites will then import this second RT (not
>>>>>> the
>>>>>> >> first). This pulls all traffic from the spokes to the Hub CE and
>>>>>> back out.
>>>>>> >>
>>>>>> >> Remember the goal is to not only get traffic to the Hub PE, but the
>>>>>> Hub
>>>>>> >> CE...which is the tricky part. It has nothing to do with split
>>>>>> horizon,
>>>>>> >> but
>>>>>> >> rather the way a router builds the shortest path tree. A shortest
>>>>>> path
>>>>>> >> will
>>>>>> >> never include the same link in two directions without some funky
>>>>>> >> engineering.
>>>>>> >>
>>>>>> >> If you have only have one link between PE and CE, I believe this is
>>>>>> not a
>>>>>> >> true hub and spoke and the problem is you are not importing the
>>>>>> spoke RTs
>>>>>> >> and at each of the other spokes, only the hub.
>>>>>> >>
>>>>>> >> On Tue, Jan 5, 2010 at 1:01 PM, <olukolade_at_gmail.com> wrote:
>>>>>> >>
>>>>>> >> > Ignore pls. Been drinking.
>>>>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>>>>> >> >
>>>>>> >> > -----Original Message-----
>>>>>> >> > From: olukolade_at_gmail.com
>>>>>> >> > Date: Tue, 5 Jan 2010 19:23:35
>>>>>> >> > To: jack daniels<jckdaniels12_at_gmail.com>; <
>>>>>> Charles.Henson_at_regions.com>
>>>>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko
>>>>>> Milivojevic<
>>>>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>>>>> >> > Subject: Re: split horizon
>>>>>> >> >
>>>>>> >> > Hi jack,
>>>>>> >> > CE hub won't be doing the advertisement. It will be done by PE1.
>>>>>> Don't
>>>>>> >> > forget PE1 is also running ospf and has all the routes in bgp. So
>>>>>> routes
>>>>>> >> > from the other PEs will be tagged with RT 2:2 and exported. This
>>>>>> will be
>>>>>> >> > imported on the other PEs where the routes from PE2 will be
>>>>>> imported by
>>>>>> >> PE3
>>>>>> >> > and vice versa. These routes are then redistributed into ospf for
>>>>>> the
>>>>>> >> > connected CEs. The CEs will not advertise the routes learnt from
>>>>>> the PE
>>>>>> >> back
>>>>>> >> > to them and there will be no need to do this.
>>>>>> >> >
>>>>>> >> > Kolade
>>>>>> >> > Sent from my BlackBerry. wireless handheld from Glo Mobile.
>>>>>> >> >
>>>>>> >> > -----Original Message-----
>>>>>> >> > From: jack daniels <jckdaniels12_at_gmail.com>
>>>>>> >> > Date: Wed, 6 Jan 2010 00:06:14
>>>>>> >> > To: <Charles.Henson_at_regions.com>
>>>>>> >> > Cc: Cisco certification<ccielab_at_groupstudy.com>; Marko
>>>>>> Milivojevic<
>>>>>> >> > markom_at_ipexpert.com>; <nobody_at_groupstudy.com>
>>>>>> >> > Subject: Re: split horizon
>>>>>> >> >
>>>>>> >> > CE (HUB)
>>>>>> >> > G0/1
>>>>>> >> > |
>>>>>> >> > OSPF
>>>>>> >> > |
>>>>>> >> > PE1
>>>>>> >> > |
>>>>>> >> > MPLS
>>>>>> CLOUD-----------------------------PE2------OSPF-CE(SPOKE1) (
>>>>>> >> > 2.2.2.0/24)
>>>>>> >> >
>>>>>> >> > |
>>>>>> >> > |
>>>>>> >> > |
>>>>>> >> > PE3
>>>>>> >> > |
>>>>>> >> > OSPF
>>>>>> >> > |
>>>>>> >> > CE(SPOKE2) (1.1.1.0/24)
>>>>>> >> >
>>>>>> >> > IN VRF of customer -
>>>>>> >> >
>>>>>> >> > PE3 advertises 1.1.1.0/24 routes with RT1:1 and imports 2:2
>>>>>> >> >
>>>>>> >> > PE2 advertises 2.2.2.0/24 routes with RT 1:1 and imports 2:2
>>>>>> >> >
>>>>>> >> > PE1 exports routes with RT 2:2 and imports 1:1
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> > NOW 1.1.1.0/24 is learnt on CE HUB Gi0/1 via OSPF .....
>>>>>> >> > Will CE HUB advertise 1.1.1.0/24 on Gi0/1 back as it is
>>>>>> required for
>>>>>> >> CE
>>>>>> >> > SPOKE1 for SPOKE to SPOKE reachabilty via HUB?
>>>>>> >> >
>>>>>> >> >
>>>>>> >> > On Tue, Jan 5, 2010 at 11:57 PM, <Charles.Henson_at_regions.com>
>>>>>> wrote:
>>>>>> >> >
>>>>>> >> > > Hey Jack,
>>>>>> >> > > How about a little more details? Configs? Shows? Anything?
>>>>>> Marko
>>>>>> >> is
>>>>>> >> > > correct.
>>>>>> >> > >
>>>>>> >> > > Charles Henson
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > > |------------>
>>>>>> >> > > | From: |
>>>>>> >> > > |------------>
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |jack daniels <jckdaniels12_at_gmail.com>
>>>>>> >> > >
>>>>>> >> > |
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |------------>
>>>>>> >> > > | To: |
>>>>>> >> > > |------------>
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |Marko Milivojevic <markom_at_ipexpert.com>
>>>>>> >> > >
>>>>>> >> > |
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |------------>
>>>>>> >> > > | Cc: |
>>>>>> >> > > |------------>
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |Cisco certification <ccielab_at_groupstudy.com>
>>>>>> >> > >
>>>>>> >> > |
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |------------>
>>>>>> >> > > | Date: |
>>>>>> >> > > |------------>
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |01/05/2010 12:21 PM
>>>>>> >> > >
>>>>>> >> |
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |------------>
>>>>>> >> > > | Subject: |
>>>>>> >> > > |------------>
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > > |Re: split horizon
>>>>>> >> > >
>>>>>> >> |
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> >
>>>>>> >>
>>>>>>
>----------------------------------------------------------------------------
----------------------------------------------------------------------|
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > > I understand that but ,u mean in OSPF
>>>>>> >> > >
>>>>>> >> > > IF i recive 1.1.1.0/24 on G0/1 of HUB
>>>>>> >> > >
>>>>>> >> > > I'LL advertise 1.1.1.0/24 on Gi0/1 (SAME INTERFACE) of HUB
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > > On Tue, Jan 5, 2010 at 11:44 PM, Marko Milivojevic
>>>>>> >> > > <markom_at_ipexpert.com>wrote:
>>>>>> >> > >
>>>>>> >> > > > On Tue, Jan 5, 2010 at 19:00, jack daniels <
>>>>>> jckdaniels12_at_gmail.com
>>>>>> >> >
>>>>>> >> > > > wrote:
>>>>>> >> > > > > Hi guys,
>>>>>> >> > > > >
>>>>>> >> > > > > I have a scenario where in MPLS VPN - HUB and SPOKE.
>>>>>> >> > > > >
>>>>>> >> > > > > CE-PE protocol is OSPF everywhere
>>>>>> >> > > > >
>>>>>> >> > > > >
>>>>>> >> > > > > HUB is recieving routes from one SPOKE on int G0/1 and not
>>>>>> >> > advertiseing
>>>>>> >> > > > on
>>>>>> >> > > > > same (SPLIT horizon).
>>>>>> >> > > > >
>>>>>> >> > > > > In ospf how can we overcome such issue.
>>>>>> >> > > >
>>>>>> >> > > > OSPF is a link state protocol. It doesn't use split horizon
>>>>>> (at
>>>>>> >> least
>>>>>> >> > > > not within the same area and even in multiarea, the behavior
>>>>>> is not
>>>>>> >> > > > called that). You are probably having some other issue...
>>>>>> >> > > >
>>>>>> >> > > > --
>>>>>> >> > > > Marko Milivojevic - CCIE #18427
>>>>>> >> > > > Senior Technical Instructor - IPexpert
>>>>>> >> > > >
>>>>>> >> > > > Mailto: markom_at_ipexpert.com
>>>>>> >> > > > Telephone: +1.810.326.1444
>>>>>> >> > > > Fax: +1.810.454.0130
>>>>>> >> > > > Community: http://www.ipexpert.com/communities
>>>>>> >> > >
>>>>>> >> > >
>>>>>> >> > > Blogs and organic groups at http://www.ccie.net
>>>>>> >> > >
>>>>>> >> > >
>>>>>>
>>>>>>
>>_______________________________________________________________________
>>>>>> >> > > Subscription information may be found at:
>>>>>> >> > > http://www.groupstudy.com/list/CCIELab.html
>>>>>> >> >
>>>>>> >> >
>>>>>> >> > Blogs and organic groups at http://www.ccie.net
>>>>>> >> >
>>>>>> >>
>>>>>>
>_______________________________________________________________________
>>>>>> >> > Subscription information may be found at:
>>>>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>>>>> >> >
>>>>>> >> >
>>>>>> >> > Blogs and organic groups at http://www.ccie.net
>>>>>> >> >
>>>>>> >>
>>>>>>
>_______________________________________________________________________
>>>>>> >> > Subscription information may be found at:
>>>>>> >> > http://www.groupstudy.com/list/CCIELab.html
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >> >
>>>>>> >>
>>>>>> >>
>>>>>> >> --
>>>>>> >> Bryan Bartik
>>>>>> >> CCIE #23707 (R&S, SP), CCNP
>>>>>> >> Sr. Support Engineer - IPexpert, Inc.
>>>>>> >> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>>>> >>
>>>>>> >>
>>>>>> >> Blogs and organic groups at http://www.ccie.net
>>>>>> >>
>>>>>>
>>>>>>
>>_______________________________________________________________________
>>>>>> >> Subscription information may be found at:
>>>>>> >> http://www.groupstudy.com/list/CCIELab.html
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Bryan Bartik
>>>>>> CCIE #23707 (R&S, SP), CCNP
>>>>>> Sr. Support Engineer - IPexpert, Inc.
>>>>>> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>>>>>>
>>>>>>
>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>
>>>>>>
>>>>>>
Received on Wed Jan 06 2010 - 10:52:56 ART