1 Reply Latest reply: Mar 17, 2019 5:49 AM by Steven Davidson RSS

    OSPF Sham-Links

    vMoussa

      Hi folks, please imagine a CE1 connected to PE1 and a CE2 connected to PE2 and we've to configure a sham link on PE1&PE2

      the point I can't understand is that we will redistribute the sham-links into MP-iBGP on both PEs by

       

      router bgp 100

        address-family ipv4 vrf CE1

           redistributed connected

      so the sham links on both sides will be configured and everything is good, the point that I can't understand it that why sham link mustn't be advertised by OSPF and how we ensure that it will not be looped across our Routing Domains?

       

      I am asking how to ensure that sham link won't be looped cuz I think that when we redistribute it via PE1 into MP-iBGP and it enters the others side CE2 vrf, it may be redistributed again! do you get the point [ If this line you can't understand me just omit it and answer my question above]

       

      I hope I explain my question well and  someone can help

         
        • 1. Re: OSPF Sham-Links
          Steven Davidson

          This is from Chapter 7 of "MPLS Fundamentals":

           

          "iBGP, not OSPF, must always advertise the sham link endpoints. Otherwise, the sham link flaps. First, iBGP learns the sham link endpoints, and the sham link is created. When the sham link is created, OSPF advertises the sham link endpoints, if the network command includes them. The distance of OSPF is 110, versus 200 for iBGP routes. Therefore, the sham link endpoint routes are in the routing table as OSPF routes, because the distance for OSPF routes is lower than the distance for iBGP routes. As soon as the endpoints are no longer learned in the routing table via iBGP, the sham link goes down and the process starts over again. The result is a continual flapping of the sham link.

           

          Even if a sham link exists and the OSPF routes are flooded across it, iBGP still needs to advertise the OSPF routes as vpnv4 routes from PE to PE router. The reason for this is that iBGP still needs to carry the MPLS VPN label for each OSPF route so that the packets can be correctly forwarded across the MPLS VPN backbone.

           

          If a prefix is learned across the sham link, and the path via the sham link is selected as the best, the PE router does not generate an MP-BGP update for the prefix. This means that OSPF routes learned across the sham link are not redistributed into BGP. The PE router on the other side of the sham link has already redistributed the OSPF routes into BGP, so it does not need to be done a second time."