Why configure OSPF virtual links on S series switches


Question: What are the functions of OSPF virtual links configured on S series switch supporting OSPF?
Answer: OSPF virtual links can connect areas that are not physically connected to the backbone area to the backbone area so that these areas can route traffic normally. This function is mainly used to merge networks. Virtual links also improve network reliability by allowing normal routing after the physical connection to the backbone area is down. On actual networks, virtual links are seldom used. Generally, networks are planned properly and areas are seldom physically disconnected from the backbone areas. It is rare that networks are merged without network re-planning. In addition, virtual links are seldom used to enhance the robustness of backbone areas.

Other related questions:
Why configure OSPF route tag on S series switches
For S series switches supporting OSPF, the OSPF router tag is applied to VPNs and prevents loops of Type 5 LSAs in CE dual-homing networking. If the tag of a received Type 5 LSA is the same as the router tag of OSPF on a PE, the PE neglects this LSA when calculating routes. When a CE is connected to two PEs, PE1 generates a Type 5 LSA based on the imported BGP route and sends the LSA to the CE, and the CE forwards the LSA to PE2. The OSPF route takes precedence over the BGP route, so PE2 replaces the BGP route with the OSPF route. As a result, a loop occurs. If the route tag is configured on a PE, when the PE receives an LSA with the same route tag as its own route tag, it neglects this LSA, avoiding loops. By default, the route tag is calculated using the BGP AS number. If BGP is not configured, the route tag is 0. In OSPF public network instances, router tags cannot be used to prevent loops but can be used as a filtering condition in a policy. When setting the router tag of ASE-LSAs and NSSA-LSAs, not the following: The route-tag command is used in the OSPF multi-instance scenario. The default tag command is used in the OSPF public network instance scenario. The import-route tag command can be used in either of the preceding scenarios.

Why configure domain IDs for OSPF on S series switches
OSPF domain IDs apply to VPNs. When the domain ID of the remote PE is the same as that of the local PE, Type 1, Type 2, and Type 3 LSAs generate Type 3 LSAs, and Type 5 and Type 7 LSAs generate Type 5 and Type 7 LSAs (related to the area type). When the domain ID of the remote PE is different from that of the local PE, Type 1, Type 2, and Type 3 LSAs generate Type 5 or Type 7 LSAs, and Type 5 and Type 7 LSAs generate Type 5 and Type 7 LSAs (related to the area type). Before advertising the remote routes to CEs, PEs need to determine the type of OSPF routes (Type 3 or Type 5) to be advertised to CEs according to domain IDs. If local domain IDs are the same as or compatible with remote domain IDs in BGP routes, PEs advertise Type 3 routes. If not, PEs advertise Type 5 routes.

Why configure DN bits for OSPF on S series switches
When a PE sends Type 3, Type 5, and Type7 LSAs to a CE through Area 0, the highest optional bit of these LSAs must be reset and is called the DN bit. If the PE sends the LSAs not through Area 0, the highest optional bit of these LSAs can be reset or not. The DN bit is used to prevent routing loops. A PE does not process the received LSA that contains a DN bit. This prevents the peer PE from learning the same LSA from the CE on a CE dual-homing network, avoiding loops. PEs reset and check the DN bit of Type 3, Type 5, and Type7 LSAs.

Why configure sham links for OSPF on S series switches
In Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) configuration, OSPF is used as the routing protocol between PEs and CEs so that the sites in a VPN can be connected through the MPLS backbone network. Though the connectivity between OSPF PEs and CEs ensures the connectivity between VPN sites, the intra-area link between VPN sites should also be considered. For two sites that belong to the same site, the path through the intra-area link is always preferred because, according to OSPF specifications, an intra-area path is always preferred to an inter-area path. Therefore, when an intra-area link exists, you can control routes through a policy. If the intra-area link is used for backup only, the default processing flow will be unacceptable. For connections to be re-established between sites through the MPLS VPN backbone area, a logical intra-area link must be established between the ingress and egress Virtual Routing and Forwarding (VRF) interfaces of the related PEs. An OSPF sham link can be established between two sites as an intra-area channel to enable the two sites to communicate with each other through the MPLS backbone area, and the intra-area link is used for backup. If no intra-area link exists between the two sites, no sham link is required.

Precautions of setting the cost of a virtual link on an S series switch
According to RFC, the maximum cost value of a virtual link configured on an S series switch supporting OSPF is 65535. If the cost value is larger than 65535, a virtual link cannot be set up.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top