178
As shown in
, Site 1 is connected to two PEs. When a PE advertises VPN routes learned from
MP-BGP to Site 1 through OSPF, the routes might be received by the other PE. This results in a routing
loop.
OSPF VPN extension uses the following tags to avoid routing loops:
•
DN bit (for Type 3 LSAs)
—When a PE redistributes BGP routes into OSPF and creates Type 3 LSAs,
it sets the DN bit for the LSAs. When receiving the Type 3 LSAs advertised by CE 11, the other PE
ignores the LSAs whose DN bit is set to avoid routing loops.
•
Route tag (for Type 5 or 7 LSAs)
—The two PEs use the same route tag. When a PE redistributes BGP
routes into OSPF and creates Type 5 or 7 LSAs, it adds the route tag to the LSAs. When receiving
the Type 5 or 7 LSAs advertised by CE 11, the other PE compares the route tag in the LSAs against
the local route tag. If they are the same, the PE ignores the LSAs to avoid routing loops.
OSPF sham link
As shown in
, two routes exist between site 1 and site 2 of VPN 1:
•
A route connected through PEs
—Inter-area route or external route.
{
Inter-area route
—The route is an inter-area route if the two PEs have the same domain ID
configured for the OSPF process of VPN 1.
{
External route
—The route is an external route if the two PEs have no or different domain IDs
configured for the OSPF process of VPN 1.
•
A route directly connected through CEs
—Intra-area route, which is called a backdoor link.
The inter-area route priority is lower than the intra-area route priority. To use the inter-area route, you can
establish a sham link between the two PEs to change the inter-area route to an intra-area route. VPN
traffic are forwarded over the sham link through metric adjustment.
Figure 57
Network diagram for sham link
A sham link is considered a virtual point-to-point link within a VPN and is advertised in a Type 1 LSA. It
is identified by the source IP address and destination IP address that are the local PE address and the
remote PE address in the VPN address space. Typically, the source and destination addresses are
loopback interface addresses with a 32-bit mask.
To add a route to the destination IP address of a sham link to a VPN instance, the remote PE must
advertise the source IP address of the sham link as a VPN-IPv4 address through MP-BGP. To avoid routing
loops, a PE does not advertise the sham link's destination address.