Официален блог на WebEKM EKM очаквайте сайта онлайн скоро.
Download Free Templates http://bigtheme.net/ free full Wordpress, Joomla, Mgento - premium themes.
Sham Link implementation in MPLS L3VPN environment
Sham Link feature is necessary if we want to deploy backdoor link between 2 OSPFs domains belong to the same area but split by MPLS. The issue that we will come across is a result that backdoor link will have priority over the MPLS.
We will be using below network MPLS L3VPN, to practice the Sham Link.
Here is the “empty” lab ready to implementation of Sham Link with MEGA decryption key:
https://mega.nz/#!ejp2VSwB
!22yk15VEs13pAPP-FJNgvB5h_5429VIphHetqGmrJ_M
and rar file decryption key : www.itbundle.net
In the core we have MPLS with OSPF as an underlying protocol, also on both sites we have CUSTOMER-A VRF, for carrying VPNs responsible is bgp (vpnv4) 2345 process. There is full connectivity between 2 VRFs so you may easily ping 6.6.6.6 from 1.1.1.1. Let’s check how RIB table looks on the Customer-A1 router.
As we see, because MPLS with OSPF core is being considered by 2 sites as Superbackbone, updates from both sites are visible as Inter Area (IA).
Now, let’s add another direct link between 2 sites and run OSPF on its ‘ip ospf 2 area 0‘ on each interface and for better visualisation of the issue let’s increase the metric on interfaces ‘ip ospf cost 1000‘
Let’s check now how RIB table looks like
As we see, OSPF started to use direct link. We may put the question ‘WHY?’ The answer is simple. As we see OSPF this time treats this direct link as Intra Area. Intra Area is always prefered over Inter Area even the cost has been increased to 1000.
Now the Sham-Link comes into play. We will create the tunnel between R2 and R5 based on freshly created loopbacks within vrf CUSTOMER-A, then we advertise this tunnel into bgp 2345 process (vpnv4). Of course we have to do that on both sites
The Sham Link we create acording with this schema
area x sham-link <tunnel source> <tunnel destination> cost x (cost optional)
R2
interface lo100
description SHAM-LINK
ip vrf forwarding CUSTOMER-A
ip address 111.111.111.111 255.255.255.255
router bgp 2345
address-family ipv4 vrf CUSTOMER-A
network 111.111.111.111 mask 255.255.255.255
router ospf 2 vrf CUSTOMER-A
area 0 sham-link 111.111.111.111 222.222.222.222 cost 5
R5
interface lo100
description SHAM-LINK
ip vrf forwarding CUSTOMER-A
ip address 222.222.222.222 255.255.255.255
router bgp 2345
address-family ipv4 vrf CUSTOMER-A
network 222.222.222.222 mask 255.255.255.255
router ospf 2 vrf CUSTOMER-A
area 0 sham-link 222.222.222.222 111.111.111.111 cost 5
Now, lest check how the route to 6.6.6.6 is visible by OSPF process from CUSTOMER-A1 router point of view and its RIB table. As we see the tunnel – Sham Link fulfills its duty and traffic from 1.1.1.1 to 6.6.6.6 and reverse is going back through MPLS.
