beautypg.com

H3C Technologies H3C SecPath F1000-E User Manual

Page 70

background image

7

In the OSPF VPN extension application, the VPN backbone is considered the backbone area (area 0).

Since OSPF requires that the backbone area must be contiguous, the area 0 of each VPN site must be

connected with the VPN backbone.
That is, if a VPN site contains an OSPF area 0, the PE connected with the CE must be connected with the

area 0 in this VPN site through an area 0 (the virtual link can be used for logical connection).

2.

BGP/OSPF interaction

With OSPF running between PEs and CEs, PEs advertise VPN routes to each other through BGP and to

CEs through OSPF.
With conventional OSPF, two sites are considered to be in different ASs even if they belong to the same

VPN. Therefore, the routes that one site learns are advertised to the other as external routes. This results

in higher OSPF traffic and network management problems that should have been avoided otherwise.
Currently, OSPF supports multiple instances and therefore can address the above problems. Properly

configured, OSPF sites are considered directly connected, and PEs can exchange OSPF routing

information as they are using dedicated lines. This improves the network management and makes OSPF

applications more effective.
As shown in

Figure 5

, PE 1 and PE 2 are connected through the MPLS backbone, while CE 11, CE 21, and

CE 22 belong to VPN 1. Assumes that all the security devices in the figure belong to the same AS, that
is, CE 11, CE 21, and CE 22 belong to the same OSPF domain. The advertisement procedure of VPN 1

routes is as follows:

At first, PE 1 redistributes OSPF routes from CE 11 into BGP.

Then, PE 1 advertises the VPN routes to PE 2 through BGP.

Finally, PE 2 redistributes the BGP VPN routes into OSPF and advertises them to CE 21 and CE 22.

Figure 5 Application of OSPF in VPN


With the standard BGP/OSPF interaction, PE 2 advertises the BGP VPN routes to CE 21 and CE 22

through Type 5 LSAs (ASE LSAs). However, CE 11, CE 21, and CE 22 belong to the same OSPF domain,

and the route advertisement between them should use Type 3 LSAs (inter-provider routes).
To solve the above problems, PE uses an extended BGP/OSPF interaction process called BGP/OSPF
interoperability to advertise routes from one site to another, differentiating the routes from real

AS-External routes. The process requires that extended BGP community attributes carry the information

for identifying the OSPF attributes.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: