[j-nsp] OSPF inside VRF - Cisco Juniper Interoperability

Masood Ahmad Shah masood at nexlinx.net.pk
Tue Aug 26 17:52:27 EDT 2008


If Cisco to Cisco works fine than problem seems in interpreting domain id.
If the OSPF domain ID for the destination PE differs from the originating
PE, MP-BGP redistributes the route into OSPF as an OSPF type 5 external
route. There is another to preserve OSPF routes across the MPLS VPN "OSPF
route type extended community attribute", You can try this too.

Regards,
Masood

-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Junaid
Sent: Wednesday, August 27, 2008 12:44 AM
To: Juniper Puck
Subject: [j-nsp] OSPF inside VRF - Cisco Juniper Interoperability

Hi,

I am caught up in what seems to be a Juniper Cisco interoperability
issue. I am running OSPF with customer inside VRF. Topology is
something like the following:

CE1 ---[Area 0]--- PE1 ---- P1 --- P2 --- PE2 ---[Area 6]--- CE2

The two P routers are acting as route reflectors.

CE1, CE2 and PE1 are Cisco devices while rest are Juniper M-series
routers. The problem I am facing is that CE1 routes received at CE2a
are Inter-area which is what is required (no redistribution into OSPF
is done on CE1 and CE2). However, CE2 routes received by CE1 are Type
5 (E1). The documentation states that inorder to preserve the route
types, domain IDs should be same on both PE routers. I have set domain
ID to be 1.1.1.1:512, this was done on cisco via the command:
"domain-id type 0105 value 010101010200" and on juniper as: "domain-id
1.1.1.1:512" in the OSPF configuration inside the VRF. Also on Juniper
the domain-id was added into the ospf routes when redistributing them
into MBGP.

The problem seems to be with the Cisco PE1 router that can't seem to
interpret the route-type attribute generated by Juniper:

PE1#sh ip bgp vpnv4 all 10.254.20.254
BGP routing table entry for 1:103:10.254.20.254/32, version 550
Paths: (1 available, best #1, table VPN_OSPF)
  Not advertised to any peer
  Local
    <PE2_Loopback_IP> (metric 4) from <P1_Loopback_IP> (<P1_Loopback_IP>)
      Origin IGP, metric 2, localpref 100, valid, internal, best
      Extended Community: RT:1:103 OSPF DOMAIN
ID:0x0105:0x010101010200 0x306:0:393472

10.254.20.254/32 is advertised by CE2 (assigned on one of its loopback
interfaces). Now the domain ID is fine but it seems that Cisco is
unable to interpret the route-type attribute. 393472 translates to
60100 where 6 is the area ID, 01 says that it is type 1 LSA and and
last two bytes are options are not used in this case. Upon receiving
this route via MBPG, PE1 injects a type 5 LSA towards CE1 (confirmed
on CE1 by enabling debugging) where it should inject have injected
type 3:

OSPF: Ack Type 5, LSID 10.254.20.254, Adv rtr 10.254.1.1, age 5, seq
0x80000001


If I replace the Juniper PE2 with a Cisco then on PE1 seems to
interpret the route-type attribute correctly and inject type 3 LSA
towards CE1 and CE1 receive the routes as inter-area:

PE1#sh ip bgp vpnv4 all 10.254.20.254
BGP routing table entry for 1:103:10.254.20.254/32, version 676
Paths: (1 available, best #1, table VPN_OSPF)
  Not advertised to any peer
  Local
    <PE2_Loopback_IP> (metric 2) from <P1_Loopback_IP> (<P1_Loopback_IP>)
      Origin incomplete, metric 11112, localpref 100, valid, internal, best
      Extended Community: RT:1:103 OSPF DOMAIN
ID:0x0005:0x010101010200 OSPF RT:0.0.0.6:2:0 OSPF ROUTER
ID:10.254.2.1:512


Debug output:

OSPF: Ack Type 3, LSID 10.254.20.254, Adv rtr 10.254.1.1, age 1, seq
0x80000001

Any idea what is causing this behavior? Any solution? Will appreciate any
help.

(The problem involves both Juniper and Cisco routers but I am posting
it here as I believe most guys here are have worked on both
platforms.)


Regards,
Junaid
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list