RE: mpls l3vpn sham link for ospf when back door exists

I just read this... so, yes, intra-area and seems that the sham endpoints
must be /32's injected into bgp and be part of the vrf in question. And,
no, sham link end points should not be part of ospf. I should read the
doccd sooner next time.

http://www.cisco.com/en/US/docs/ios/iproute_ospf/command/reference/iro_osp1.
html#wp1031310

To correct this default OSPF behavior in an MPLS VPN, use the area sham-link
command to configure a sham link between two PEs to connect the sites
through the MPLS VPN backbone. A sham link represents an intra-area
(unnumbered point-to-point) connection between PEs. All other routers in the
area use the sham link to calculate intra-area shortest path first (SPF)
routes to the remote site.

Configure the source and destination addresses of the sham link as a host
route mask (255.255.255.255) on the PE routers that serve as the endpoints
of the sham link. The source and destination IP addresses must belong to the
VPN routing and forwarding instance (VRF) and be advertised by Border
Gateway Protocol (BGP) to remote PE routers. The sham link endpoint
addresses should not be advertised by OSPF.

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Aaron
Sent: Tuesday, March 06, 2012 10:44 AM
To: 'CCIE GROUPSTUDY'; 'Paul Negron'
Subject: mpls l3vpn sham link for ospf when back door exists

I just did a lab with this in it.

Am I correct in my understanding that the sham link is for making the mpls
provider core look like an *intra-area* connection such that both pe's ospf
vrf process is connected together as intra-area on behalf of the CE ospf
area at both pe locations?

It was pretty nice how it worked. Then I see that all I had to do at that
point was a typical ospf interface cost change to make the path via the sham
be more attractive to the ce routers. So, the backdoor connection between
the ce's I had to make it higher ospf cost on those respective interfaces.

Also, the sham was created between the (2) pe's using a loopback interface
which was advertised between the (2) pe's respective ce-facing ipv4 vrf
address family. .I got curious and wanted to know if I could've config'd
that sham using the preexisting phy ints that I connected via pe-ce. It
didn't work. The sham link wouldn't come up. Did it have something to do
with the preexisting phy ints were advertised into local ospf on the ce side
as lsa type 2's (net links) ?

Aaron

Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 06 2012 - 10:49:33 ART