Domain-id is not a loop prevention mechanism -it simply tells the egress PE how to insert the LSA into local VRF LSDB By default Domain-id is set to VRF OSPF Process-id # of the originating PE that redistributed the route into MP-BGP When egress PE redistributes routes form MP-BGP into VRF OSPF process the PE compares the local VRF OSPF Process-id with the Domain-id associated with the MP-BGP route -if the two match the LSA is inserted as Type-3 LSA into local VRF LSDB -if the two do not match the LSA is inserted as Type-5 LSA into local VRF LSDB -the value can be set manually in case you can't use the same ospf process id on each PE serving the particular customer site
Domain-tag and the down-bit are loop prevention mechanisms Down-bit is used on LSA-3 Domain-tag is used on LSA Type-5 and Type-7 (simply because these LSA types do not have down-bit in the LSA header) Down-bit is set to Downward (set to 1) by egress PE when redistributing Type-3 routes from MP-BGP down to VRF OSPF process Domain-tag is set to MP-BGP-AS# by originating PE when redistributing Type-5 routes from OSPF up to MP-BGP process Each PE that has VRF OSPF process checks the Type-3 LSAs coming from CE for down-bit If the Type-3 LSA has a down bit set to Downward the PE doesn't set the Routing-Bit on this LSA and doesn't consider it during the SPF computation (If the routing bit is not set on the LSA the LSA is not added into the routing table -thus is not redistributed into MP-BGP) When type-3 LSA from particular area reaches PE router with a down-bit set -the PE knows that this LSA must have already been redistributed from MPLS into this area by some other PE router -thus redistributing it back to MPLS would cause a routing information loop Each PE that has VRF OSPF process checks the Type-5 LSAs coming from CE and compares whether the domain-tag set equals to the PE MP-BGP-AS# If yes the PE will not set the routing-bit on this LSA thus the LSA will not get into the routing table -this it will not be redistributed to MP-BGP -the value can be set manually in cases where you operate mpls domain that spans multiple autonomous systems and customer site connected to one AS# has a backhaul link to site connected to another AS# -in this case the common domain tag has to be manually set on all PEs providing OSPF routing for this particular customer adam -----Original Message----- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Aaron Sent: Sunday, June 17, 2012 5:34 AM To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ospf with vrf I think I found the answer, although I don't fully understand it all yet. I have heard about this before and recall some of it. This seemed to do the trick...under, router ospf vrf testvrf "capability vrf-lite" I read this. https://supportforums.cisco.com/thread/202402 Apparently it has something to do with loop prevention and "pe checks" of domain id and down bit or something like that to keep pe from adding anything other than type 1 and 2's to rib. Aaron -----Original Message----- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Aaron Sent: Saturday, June 16, 2012 10:16 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] ospf with vrf why does my pe lose the ability to add type 3 (summary) routes, learned from ce, to its rib AFTER I convert its ospf process to vrf ? in other words, when my pe's ospf process does not have vrf config I see the IA routes to other areas, but as soon as I change my ospf process to vrf I lose my IA routes. They are still in the ospf db though, but just not being added to the RIB. Aaron _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
