Cisco Systems 1400 series, 1600, 1600R Benefits

OSPF Sham-Link Support for MPLS VPN Feature Overview

Cisco IOS Release 12.2(8)T

PE-1# show ip cef vrf ospf 10.3.1.7

10.3.1.7/32, version 73, epoch 0, cached adjacency to POS3/0/0

0 packets, 0 bytes

tag information set

local tag: VPN-route-head

fast tag rewrite with PO3/0/0, point2point, tags imposed: {42 38}

via 10.3.1.2, 0 dependencies, recursive

next hop 10.1.1.17, POS3/0/0 via 10.3.1.2/32

valid cached adjacency

tag rewrite with PO3/0/0, point2point, tags imposed: {42 38}

If a prefix is learned across the sham-link and the path via the sham-link is selected as the best, the PE router

does not generate an MP-BGP update for the prefix. It is not possible to route traffic from one sham-link over

another sham-link.

In the following example, PE-2 shows how an MP-BGP update for the prefix is not generated. Although

10.3.1.7/32 has been learned via OSPF across the sham-link as shown in bold, no local generation of a route

into BGP is performed. The only entry within the BGP table is the MP-BGP update received from PE-3 (the

egress PE router for the 10.3.1.7/32 prefix).

PE-2# show ip route vrf ospf 10.3.1.7

Routing entry for 10.3.1.7/32

Known via "ospf 100", distance 110, metric 12, type intra area

Redistributing via bgp 215

Last update from 10.3.1.2 00:00:10 ago

Routing Descriptor Blocks:

* 10.3.1.2 (Default-IP-Routing-Table), from 10.3.1.7, 00:00:10 ago

Route metric is 12, traffic share count is 1

PE-2# show ip bgp vpnv4 all 10.3.1.7

BGP routing table entry for 100:251:10.3.1.7/32, version 166

Paths: (1 available, best #1)

Not advertised to any peer

Local

10.3.1.2 (metric 30) from 10.3.1.2 (10.3.1.2)

Origin incomplete, metric 11, localpref 100, valid, internal,

best

Extended Community: RT:1:793 OSPF DOMAIN ID:0.0.0.100 OSPF

RT:1:2:0 OSPF 2

The PE router uses the information received from MP-BGP to set the ongoing label stack of incoming

packets, and to decide to which egress PE router to label switch the packets.

Benefits

Client Site Connection Across the MPLS VPN Backbone

A sham-link overcomes the OSPF default behavior for selecting an intra-area backdoor route between VPN

sites instead of an interarea (PE-to-PE) route. A sham-link ensures that OSPF client sites that share a

backdoor link can communicate over the MPLS VPN backbone and participate in VPN services.

Flexible Routing in an MPLS VPN Configuration

In an MPLS VPN configuration, the OSPF cost configured with a sham-link allows you to decide if OSPF

client site traffic will be routed over a backdoor link or through the VPN backbone.