MP-BGP and OSPF 273

Preventing Routing Loops

OSPF does a good job of preventing routing loops by preferring certain types of routes to others. However, with an OSPF super-backbone, these loop prevention mechanisms don’t work anymore. To illustrate, look at Figure 7.15; two sites are redundantly connected through a service provider’s OSPF super-backbone.

F I G U R E 7 . 1 5 Two sites redundantly connected through an OSPF super-backbone

PE3 PE4

Area 1

When routes are received from the two sites by the service provider’s PE routers, their attributes are preserved in the new BGP extended community and carried through the service provider’s OSPF super-backbone. When the routes are redistributed back into OSPF and advertised to each site, they will be LSA Type 3 (O IA). These routes will be propagated through each site and may result in a routing loop when redistributed back into the service provider’s OSPF super-backbone. Figure 7.16 illustrates this situation.

274 Chapter 7 MPLS VPNs and OSPF

F I G U R E 7 . 1 6 A possible routing loop

Area 0

Area 1

The OSPF super-backbone is the MP-IBGP backbone.

Down Bit

A new mechanism called the down bit is used to prevent routing loops between customer routes and the service provider OSPF super-backbone. When a route is redistributed from MP-IBGP into OSPF, the down bit is set in the Options field of the OSPF LSA header. Another PE router, receiving an LSA with the down bit set, does not redistribute the route into MP-IBGP. Simply put, routes redistributed from MP-IBGP get set with a down bit. Another PE router does not redistribute the same route back into MP-IBGP.

In Figure 7.17, each PE router sets the down bit when a route is redistributed from the OSPF super-backbone (MP-IBGP) into OSPF. When

MP-BGP and OSPF 275

another PE router connected to the same OSPF area receives the route, it is not redistributed.

F I G U R E 7 . 1 7 A down bit network example

Area 0

Area 1

OSPF Tag Field

The down bit does not prevent every possible routing loop. When a route crosses from one OSPF domain to another, it may lose its down bit setting. By default, routes redistributed from BGP into OSPF (standard LSA Type 5 external routes) map the BGP AS number to the tag field of the external route. Another PE, seeing its own AS number in the tag field, does not redistribute the route into MP-IBGP, as illustrated in Figure 7.18.

It’s important to note that you only get the tag field for external OSPF routes (Type 5) and not intra-area (O) and inter-area (O IA) routes. To get around this, you could simply configure the PE to only redistribute into

276 Chapter 7 MPLS VPNs and OSPF

MP-IBGP internal OSPF routes. An alternate method of setting the tag field is to have the router between the two OSPF domains set the tag field manually using the redistribute ospf process-id tag # command.

F I G U R E 7 . 1 8 A tag field network example

Super-backbone

MP-IBGP

AS# 65000

Path Selection

Given the complexities of customer connections to a service provider network, path selection becomes a concern. More than likely, you don’t want a customer network being used as a transit for VPN traffic. To ensure proper path selection, Cisco IOS routers use an internal IOS mechanism called the routing bit. When a PE router receives a route with the down bit set, the routing bit is cleared. With the routing bit cleared, a route never shows up in the routing table of the PE, even if it is the best route as determined by OSPF.

Again, the routing bit is an internal IOS mechanism on the router and is not sent to any neighboring OSPF routers in the customer network.

CE-to-PE Protocol Selection

Just because OSPF is discussed in this chapter does not mean that OSPF is the recommended routing protocol for use between CE and PE routers. OSPF has a lot of overhead associated with it due to its operation. As more and more OSPF routing processes are configured on a router, the router has more overhead, and its operation may be slowed.