I managed to solve it. The problem was that I advertised loopbacks I
used in sham-link into OSPF and recursive routing occurred.
So, in this situation where you have PE router connected to CE routers
via non-zero area you have to establishe virtual link or GRE with CE
router which is ABR with Area 0.
To make traffic flow via MPLS cloud, you configure sham-link. Does
sham link have to connect only area0 on one side and area0 on another,
or it can connect area 0 with non-zero area, like in my case?
PE1:
!
interface Loopback0
ip address 9.9.5.5 255.255.255.0
!
interface Loopback100
ip vrf forwarding VPN-A
ip address 9.9.100.5 255.255.255.255
!
interface FastEthernet0/0
description SW1 f0/5
ip vrf forwarding VPN-A
ip address 9.9.15.5 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description SW2 f1/0/5
ip address 9.9.45.5 255.255.255.0
duplex auto
speed auto
mpls ip
!
!
router eigrp 9
network 9.9.5.5 0.0.0.0
network 9.9.45.5 0.0.0.0
no auto-summary
!
router ospf 2 vrf VPN-A
router-id 9.9.5.5
log-adjacency-changes
area 0 sham-link 9.9.100.5 9.9.100.4
area 1 virtual-link 9.9.7.7
redistribute bgp 9 subnets
network 9.9.15.5 0.0.0.0 area 11
!
router bgp 9
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 9.9.4.4 remote-as 9
neighbor 9.9.4.4 update-source Loopback0
!
address-family vpnv4
neighbor 9.9.4.4 activate
neighbor 9.9.4.4 send-community both
neighbor 9.9.4.4 next-hop-self
exit-address-family
!
address-family ipv4 vrf VPN-A
redistribute ospf 2 vrf VPN-A match internal external 1 external 2
no synchronization
network 9.9.100.5 mask 255.255.255.255
exit-address-family
!
PE2:
interface Loopback0
ip address 9.9.4.4 255.255.255.0
!
interface Loopback100
ip vrf forwarding VPN-A
ip address 9.9.100.4 255.255.255.255
!
interface FastEthernet0/0
description SW1 F0/4
ip vrf forwarding VPN-A
ip address 9.9.24.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description SW2 F1/0/4
ip address 9.9.45.4 255.255.255.0
duplex auto
speed auto
mpls ip
!
router eigrp 9
network 9.9.4.4 0.0.0.0
network 9.9.45.4 0.0.0.0
no auto-summary
!
router ospf 2 vrf VPN-A
router-id 9.9.4.4
log-adjacency-changes
area 0 sham-link 9.9.100.4 9.9.100.5
redistribute bgp 9 subnets
network 9.9.24.4 0.0.0.0 area 2
!
router bgp 9
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 9.9.5.5 remote-as 9
neighbor 9.9.5.5 update-source Loopback0
!
address-family vpnv4
neighbor 9.9.5.5 activate
neighbor 9.9.5.5 send-community both
neighbor 9.9.5.5 next-hop-self
exit-address-family
!
address-family ipv4 vrf VPN-A
redistribute ospf 2 vrf VPN-A match internal external 1 external 2
no synchronization
network 9.9.100.4 mask 255.255.255.255
exit-address-family
!
CE1:
!
interface Loopback0
ip address 9.9.7.7 255.255.255.0
!
!
interface Vlan11
ip address 9.9.11.7 255.255.255.0
!
interface Vlan15
ip address 9.9.15.7 255.255.255.0
!
router ospf 1
router-id 9.9.7.7
log-adjacency-changes
area 1 virtual-link 9.9.5.5
network 9.9.7.7 0.0.0.0 area 0
network 9.9.11.7 0.0.0.0 area 0
network 9.9.15.7 0.0.0.0 area 1
!
CE2:
!
interface Loopback0
ip address 9.9.6.6 255.255.255.0
!
interface FastEthernet0/0
description SW1 F0/6
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip address 9.9.24.6 255.255.255.0
!
interface FastEthernet0/0.234
encapsulation dot1Q 234
ip address 9.9.234.6 255.255.255.0
!
interface FastEthernet0/1
description SW2 F1/0/6
ip address 9.9.62.6 255.255.255.0
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 9.9.6.6 0.0.0.0 area 2
network 9.9.24.6 0.0.0.0 area 2
network 9.9.234.6 0.0.0.0 area 2
!
On Tue, Mar 23, 2010 at 10:27 PM, Marko Milivojevic <markom_at_ipexpert.com> wrote:
> Configs?
>
> On Tue, Mar 23, 2010 at 21:10, Ivan Hrvatska <ivanzghr_at_gmail.com> wrote:
>> OK. I figured out some of it. At least one PE router has to have
>> connection to area 0, so I configured virtual-link between CE1 and PE,
>> and now PE routers now exchange OSPF routes between sites,
>> Another problem is configuring sham link. I configured two new
>> loopbacks, advertised them into BGP, configured sham link between
>> those loopbacks and I get this:
>>
>> R4#
>> *Mar 23 21:10:25.065: %OSPF-5-ADJCHG: Process 2, Nbr 9.9.5.5 on
>> OSPF_SL1 from LOADING to FULL, Loading Done
>> R4#
>> *Mar 23 21:10:34.693: %OSPF-5-ADJCHG: Process 2, Nbr 9.9.5.5 on
>> OSPF_SL1 from FULL to DOWN, Neighbor Down: Interface down or detached
>> R4#
>> *Mar 23 21:10:45.081: %OSPF-5-ADJCHG: Process 2, Nbr 9.9.5.5 on
>> OSPF_SL1 from LOADING to FULL, Loading Done
>> R4#
>> *Mar 23 21:10:54.693: %OSPF-5-ADJCHG: Process 2, Nbr 9.9.5.5 on
>> OSPF_SL1 from FULL to DOWN, Neighbor Down: Interface down or detached
>>
>>
>> ??? Anybody?
>>
>> On Tue, Mar 23, 2010 at 8:45 PM, Ivan Hrvatska <ivanzghr_at_gmail.com> wrote:
>>> Guys, what about this scenario (I posted as reply on older mail, but
>>> no answer, so here it is again):
>>>
>>> Lo0 Lo0
>>> | |
>>> PE1---------eigrp---------PE2
>>> | |
>>> | |
>>> Ar1 Ar2
>>> | |
>>> CE1 CE2
>>> | |
>>> Ar0 Ar2
>>> | |
>>> | |
>>> RT1---------Ar2----- ----RT2
>>> | |
>>> \--------backdoor---------
>>>
>>>
>>> CE1 - PE running OSPF in vrf VPN-A
>>> CE2 - PE running OSPF in vrf VPN-A
>>>
>>> Loopback interfaces of PE routers are in EIGRP domain and MPLS is
>>> using them as transport addresses (mpls ID).
>>>
>>> Provider has EIGRP in his core network. Not one PE router has
>>> connection to Area 0. How to solve that problem so that VPN sites can
>>> exchange OSPF routes. After that, it is neccesary to make sure that
>>> customer traffic goes through the MPLS clooud, not backdoor link.
>>> My problem is how to solve problem with non-area0 connecting to PE
>>> routers and how tu use sham-link after that. No static routes allowed
>>> :)
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 23 2010 - 22:53:56 ART
This archive was generated by hypermail 2.2.0 : Thu Apr 01 2010 - 07:26:35 ART