IOS XE 15.5
IOS XR 5.3
The topology for this demo:
In this post we'll be taking a look at sham links for OSPF as a PE-CE routing protocol. RFC 4577 defines this scenario as bridging OSPF area 0 over the MPLS backbone. With the MPLS Super Backbone, the CEs act as an ABR, injecting Type 3 LSAs into the area 0 that connects to the rest of the LAN.
We';; configure XR3 and R8 to form a "Sham Link" peering with each other over the MPLS backbone. The shamlink is a service provider "virtual link" that allows communication over the MPLS backbone enabling OSPF to run over the MPLS core. Effectively, all the CE sites that connect will look like they are part of the same area 0 domain.
R14
R14#sh ip route vrf OSPF ospf | b Gateway
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 1 subnets
O E2 10.101.10.10 [110/2] via 113.0.0.13, 00:15:37, GigabitEthernet1.1110
11.0.0.0/24 is subnetted, 1 subnets
O E2 11.0.0.0 [110/1] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
16.0.0.0/32 is subnetted, 1 subnets
O E2 16.0.0.6 [110/1] via 113.0.0.13, 23:18:23, GigabitEthernet1.1110
83.0.0.0/24 is subnetted, 1 subnets
O E2 83.0.0.0 [110/1] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
106.0.0.0/24 is subnetted, 1 subnets
O E2 106.0.0.0 [110/1] via 113.0.0.13, 00:15:37, GigabitEthernet1.1110
110.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O E2 110.110.110.8/32 [110/2] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
O E2 110.110.110.13/32
[110/2] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
131.0.0.0/24 is subnetted, 1 subnets
O E2 131.0.0.0 [110/1] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
R14#sh ipv6 route vrf OSPF ospf | b App
ld - LISP dyn-eid, a - Application
OI 2001:11::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OI 2038:CC1E::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OI 2106:CC1E::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OI 2131:CC1E::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OE2 FC00:16::6/128 [110/1]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
This is the current state of R14's OSPFv2 and OSPFv3 RIB.
Let's go ahead and configure the sham link. There are a few things that we need to have in place in order to get this scenario to work.
R3
interface Loopback38
vrf forwarding OSPF
ip address 38.0.0.3 255.255.255.255
ipv6 address FC00:38::3/128
!
!
router bgp 50693
address-family ipv4 vrf OSPF
network 38.0.0.3 mask 255.255.255.255
redistribute ospf 110
exit-address-family
!
address-family ipv6 vrf OSPF
redistribute ospf 110 include-connected
network FC00:38::3/128
exit-address-family
!
!
router ospfv3 110
!
exit-address-family
!
address-family ipv6 unicast vrf OSPF
area 0 sham-link FC00:38::3 FC00:38::13
!
router ospf 110 vrf OSPF
area 0 sham-link 38.0.0.3 38.0.0.13
XR3
interface Loopback38
vrf OSPF
ipv4 address 38.0.0.13 255.255.255.255
ipv6 address fc00:38::13/128
!
!
rotuer bgp 50693
vrf OSPF
rd 110:50693
address-family ipv4 unicast
network 38.0.0.13/32
!
address-family ipv6 unicast
network fc00:38::13/128
!
router ospfv3 110
vrf OSPF
redistribute bgp 50693
area 0
sham-link fc00:38::13 fc00:38::3
!
router ospf 110
vrf OSPF
area 0
sham-link 38.0.0.13 38.0.0.3
Let's take a look at the verification.
RP/0/0/CPU0:XR3#sh ospf vrf OSPF sham-links
Thu Jan 12 21:14:49.269 UTC
Sham Links for OSPF 110, VRF OSPF
Sham Link OSPF_SL0 to address 38.0.0.3 is up
Area 0, source address 38.0.0.13
IfIndex = 2
Run as demand circuit
DoNotAge LSA allowed., Cost of using 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03:684
Adjacency State FULL (Hello suppressed)
Number of DBD retrans during last exchange 0
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0(0)/0(0) Next 0(0)/0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
RP/0/0/CPU0:XR3#sh ospfv3 vrf OSPF sham-links
Thu Jan 12 21:15:09.468 UTC
Sham Links for OSPFv3 110, VRF OSPF
Sham Link OSPF_SL0 to address fc00:38::3 is up
Area 0, source address fc00:38::13
IfIndex = 2
Run as demand circuit
DoNotAge LSA allowed., Cost of using 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Number of DBD retrans during last exchange 0
Index 2/2, retransmission queue length 0, number of retransmission 1
First 0(0)/0(0) Next 0(0)/0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
As you can see for both IPv4 and IPv6, the DNA bit is set as the SL runs as a demand circuit, hellos are configured to be sent every 10 seconds but since this is a P2P DC type circuit, hellos are suppressed and only used during the initial SL establishment. Demand Circuit means and the DNA or do not age bit are set which means that "paranoid" update will not happen. Like a Virtual link, a SL can have additional configuration, like authentication, if configured, the VL and SL should both be flapped to make sure the configuration took correctly.
On the CE side, R14 now has some "O" or Intra Area routes showing up.
R14#sh ipv6 route vrf OSPF ospf | b App
ld - LISP dyn-eid, a - Application
OI 2001:11::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
O 2038:CC1E::/64 [110/3]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OI 2106:CC1E::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OI 2131:CC1E::/64 [110/2]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OE2 FC00:16::6/128 [110/1]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OE2 FC00:16::16/128 [110/1]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OE2 FC00:38::3/128 [110/1]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
OE2 FC00:38::13/128 [110/1]
via FE80::20C:29FF:FE29:9C4A, GigabitEthernet1.1110
R14#sh ip route vrf OSPF ospf | b Gateway
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 1 subnets
O IA 10.101.10.10 [110/4] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
11.0.0.0/24 is subnetted, 1 subnets
O IA 11.0.0.0 [110/3] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
16.0.0.0/32 is subnetted, 2 subnets
O E2 16.0.0.6 [110/1] via 113.0.0.13, 1d00h, GigabitEthernet1.1110
O E2 16.0.0.16 [110/1] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
38.0.0.0/32 is subnetted, 2 subnets
O E2 38.0.0.3 [110/1] via 113.0.0.13, 00:41:26, GigabitEthernet1.1110
O E2 38.0.0.13 [110/1] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
83.0.0.0/24 is subnetted, 1 subnets
O 83.0.0.0 [110/3] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
106.0.0.0/24 is subnetted, 1 subnets
O IA 106.0.0.0 [110/3] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
110.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 110.110.110.8/32
[110/4] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
O IA 110.110.110.13/32
[110/4] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
131.0.0.0/24 is subnetted, 1 subnets
O IA 131.0.0.0 [110/3] via 113.0.0.13, 00:40:32, GigabitEthernet1.1110
The routes learned from R8 show up as "O" routes now. Let's go ahead and go and do a ping/trace test.
R14#ping vrf OSPF 110.110.110.8 source lo110
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 110.110.110.8, timeout is 2 seconds:
Packet sent with a source address of 110.110.110.14
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/12 ms
R14#trace vrf OSPF 110.110.110.8 source lo110
Type escape sequence to abort.
Tracing the route to 110.110.110.8
VRF info: (vrf in name/id, vrf out name/id)
1 113.0.0.13 3 msec 2 msec 1 msec
2 10.13.2.2 [MPLS: Labels 20/56 Exp 0] 5 msec 6 msec 4 msec
3 83.0.0.3 [MPLS: Label 56 Exp 0] 5 msec 7 msec 4 msec
4 83.0.0.8 5 msec * 5 msec
This proves that we can reach the endpoint on the remote end.
Thanks for stopping by!
Rob Riker, CCIE #50693
No comments:
Post a Comment