Why configure DN bits for OSPF on S series switches

19

When a PE sends Type 3, Type 5, and Type7 LSAs to a CE through Area 0, the highest optional bit of these LSAs must be reset and is called the DN bit. If the PE sends the LSAs not through Area 0, the highest optional bit of these LSAs can be reset or not.
The DN bit is used to prevent routing loops. A PE does not process the received LSA that contains a DN bit. This prevents the peer PE from learning the same LSA from the CE on a CE dual-homing network, avoiding loops.
PEs reset and check the DN bit of Type 3, Type 5, and Type7 LSAs.

Other related questions:
What is the purpose of setting the DN bit in an OSPF LSA
If a Provider Edge (PE) device advertises Type-3, 5, and 7 link-state advertisements (LSAs) to Customer Edge (CE) devices through area 0, the optional high-order bit of these LSAs must be set and called the DN bit. If these LSAs are advertised through an area other than area 0, the DN bit can be set or not set. The DN bit is used to prevent routing loops. A PE ignores any LSA whose DN bit is set. This prevents a routing loop caused when a PE learns from the CE the LSA generated by another PE in CE dual-homing scenarios. PE sets the DN-bit of Type 3, 5, and 7 LSAs and checks the DN-bit of Type 3, 5, and 7 LSAs.

Why configure domain IDs for OSPF on S series switches
OSPF domain IDs apply to VPNs. When the domain ID of the remote PE is the same as that of the local PE, Type 1, Type 2, and Type 3 LSAs generate Type 3 LSAs, and Type 5 and Type 7 LSAs generate Type 5 and Type 7 LSAs (related to the area type). When the domain ID of the remote PE is different from that of the local PE, Type 1, Type 2, and Type 3 LSAs generate Type 5 or Type 7 LSAs, and Type 5 and Type 7 LSAs generate Type 5 and Type 7 LSAs (related to the area type). Before advertising the remote routes to CEs, PEs need to determine the type of OSPF routes (Type 3 or Type 5) to be advertised to CEs according to domain IDs. If local domain IDs are the same as or compatible with remote domain IDs in BGP routes, PEs advertise Type 3 routes. If not, PEs advertise Type 5 routes.

Why configure OSPF route tag on S series switches
For S series switches supporting OSPF, the OSPF router tag is applied to VPNs and prevents loops of Type 5 LSAs in CE dual-homing networking. If the tag of a received Type 5 LSA is the same as the router tag of OSPF on a PE, the PE neglects this LSA when calculating routes. When a CE is connected to two PEs, PE1 generates a Type 5 LSA based on the imported BGP route and sends the LSA to the CE, and the CE forwards the LSA to PE2. The OSPF route takes precedence over the BGP route, so PE2 replaces the BGP route with the OSPF route. As a result, a loop occurs. If the route tag is configured on a PE, when the PE receives an LSA with the same route tag as its own route tag, it neglects this LSA, avoiding loops. By default, the route tag is calculated using the BGP AS number. If BGP is not configured, the route tag is 0. In OSPF public network instances, router tags cannot be used to prevent loops but can be used as a filtering condition in a policy. When setting the router tag of ASE-LSAs and NSSA-LSAs, not the following: The route-tag command is used in the OSPF multi-instance scenario. The default tag command is used in the OSPF public network instance scenario. The import-route tag command can be used in either of the preceding scenarios.

Why configure sham links for OSPF on S series switches
In Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) configuration, OSPF is used as the routing protocol between PEs and CEs so that the sites in a VPN can be connected through the MPLS backbone network. Though the connectivity between OSPF PEs and CEs ensures the connectivity between VPN sites, the intra-area link between VPN sites should also be considered. For two sites that belong to the same site, the path through the intra-area link is always preferred because, according to OSPF specifications, an intra-area path is always preferred to an inter-area path. Therefore, when an intra-area link exists, you can control routes through a policy. If the intra-area link is used for backup only, the default processing flow will be unacceptable. For connections to be re-established between sites through the MPLS VPN backbone area, a logical intra-area link must be established between the ingress and egress Virtual Routing and Forwarding (VRF) interfaces of the related PEs. An OSPF sham link can be established between two sites as an intra-area channel to enable the two sites to communicate with each other through the MPLS backbone area, and the intra-area link is used for backup. If no intra-area link exists between the two sites, no sham link is required.

DNS configuration on S series switch
S series switches (except S1700 switches) support only configuration of the DNS client. There are two DNS resolution modes: static and dynamic. The two modes can be used together. The switch first uses static DNS resolution (by searching the local static domain name resolution table). If static DNS resolution fails, the switch uses dynamic DNS resolution (by sending a DNS resolution request to the DNS server). Dynamic DNS resolution takes a period of time and requires cooperation from the DNS server. You can add common domain names to the static domain name resolution table to improve the efficiency of resolving domain names. To enable static and dynamic DNS resolution on S series switches, perform the following configuration: 1. Configuration of static DNS resolution [Huawei] ip host hostB 10.4.1.1 //Configure a static DNS entry. 2. Configuration of dynamic DNS resolution [Huawei] dns resolve //Enable dynamic DNS resolution. [Huawei] dns server 10.3.1.2 //Set the IP address of the DNS server. [Huawei] dns domain net //Configure the DNS domain name.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top