Network Working Group K. Ishiguro
Internet Draft IP Infusion Inc.
Expiration Date: February 2003 V. Hallivuori
Tellabs Oy
August 2002
Use of Multiple Instance of OSPF
for the PE/CE protocol in BGP/MPLS VPNs
draft-ishiguro-ppvpn-pe-ce-ospf-00.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.''
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document describes a simple way to use OSPF for Provider Edge
(PE) router and Customer Edge (CE) router communication in BGP/MPLS
VPNs [RFC2547BIS]. [VPN-BGP-OSPF] propose a complicated way to
achieve VPN routes propagation as Type-3 LSA. This document
describes the use of multiple instances of OSPF in conjunction with
standard BGP/OSPF route redistribution mechanisms to maintain
reachability information throughout VPNs. VPN routes are propagated
as Type-5 LSA in this mechanism.
1. Conventions used in this document
Ishiguro Expires February 2003 [Page 1]
�
Internet Draft draft-ishiguro-ppvpn-pe-ce-ospf-00.txt August 2002
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", MAY", AND "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [ii].
2. Overview
[RFC2547BIS] is widely used to provide VPN services to customers. In
[RFC2547BIS] architecture, Customer Edge (CE) router can communicate
with Provide Edge (PE) router using any routing protocol. Use of
OSPF for PE and CE communication is a little bit complicated due to
the nature of OSPF protocol. OSPF has several types of routing
information in the protocol. OSPF Link State Advertisements (LSAs)
are categorized into different types. [RFC2547BIS] use BGP for PE to
PE commutation. So when OSPF routes are exported and exchanged using
BGP, some of OSPF information may be dropped.
[VPN-BGP-OSPF] provides a way to propagate customer OSPF routes as
type 3 LSAs (Inter-are routes) to other CE routers. For propagation,
additional mechanism is proposed for both OSPF and BGP. These
mechanisms are only needed when customers want to propagate OSPF
routes as type 3 LSAs to other CE router. So if customers do not
require the propagation, overall mechanism can be simple.
This document proposes a light weight way to use OSPF for PE and CE
communication. In this mechanism, customer routes are exchanged as
AS-External information in OSPF.
The benefit of this mechanism:
- No protocols changes or additional features are required in OSPF
and BGP.
- Any OSPF area configuration can be used between PE and CE
communication.
- BGP does not carry any additional information over provider
backbone.
- Same mechanism can be used by other IGPs such as IS-IS.
The drawback of this mechanism:
- OSPF routes are exchanged as AS-External information. So the
routes may be overlapped with real AS-External information.
Ishiguro Expires February 2003 [Page 2]
�
Internet Draft draft-ishiguro-ppvpn-pe-ce-ospf-00.txt August 2002
This mechanism does not provide any OSPF LSAs transparency among cus-
tomer VPN sites. Because of the mechanism with minimum effort, VPN
network reachability information ca be exchanged.
3. Requirements
A PE router MUST have a capability of running multiple instances of
OSPF, where each OSPF instance can be associated with a particular
VRF.
Each OSPF instance MAY be bound to a specific VRF (1:1). Multiple
OSPF instances MAY be bound to the same VRF (n:1). A single OSPF
instance SHALL NOT be bound to multiple VRFs (1:n).
A PE router MUST have capability of redistribute OSPF and BGP routes
to/from a particular VRF. Import/export to/from particular VRFs to
BGP is governed via Route Targets.
There is no special requirement for CE router.
4. OSPF/VRF/BGP Redistribute Procedure
PE router and CE router communicate each other by leveraging OSPF to
exchange reachability information. Any OSPF area configuration can
be used between PE and CE. Each VPN domain's OSPF route is distin-
guished by OSPF multiple instance.
Each OSPF instance is bound to specific VRF so that OSPF routes are
installed into proper VRF. The OSPF routes in VRF are exported to
BGP governed via Route Targets configuration.
PE router exchanges VPN reachability information using [RFC2547BIS].
Other PE router has the reachability information in VRF. PE router
redistributes the routes from VRF to OSPF as Type-5 LSA originated
from redistributed route.
Example Setup:
Ishiguro Expires February 2003 [Page 3]
�
Internet Draft draft-ishiguro-ppvpn-pe-ce-ospf-00.txt August 2002
- OSPF instance 100 is bound to VRF foo
- OSPF instance 200 is bound to VRF bar.
- Each OSPF instance's route is installed into each VRF.
- OSPF to BGP redistribute is done via VRF so that OSPF routes
are imported to BGP with Route Targets configuration.
- PE send BGP update to other PE router.
- PE router install the routes to particular VRF by Route
Targets configuration.
- BGP to OSPF redistribute is done via VRF. OSPF has AS-External
LSA of remote site network.
5. Security Considerations
Security issues are not discussed in this memo.
6. Acknowledgements
Thanks to Robert May for comments.
7. Reference
[RFC2547BIS] Rosen, E., et. al., "BGP/MPLS VPNs",
<draft-ietf-ppvpn-rfc2547bis-02.txt>, July 2002.
[VPN-BGP-OSPF] Rosen, E. et al., "OSPF as the PE/CE Protocol in
BGP/MPLS VPNs," <draft-rosen-vpns-ospf-bgp-
mpls-05.txt>, July 2002.
8. Author's Address
Kunihiro Ishiguro
IP Infusion Inc.
111 W. St. John Street, Suite 910
San Jose CA 95113
e-mail: kunihiro@ipinfusion.com
Ville Hallivuori
Tellabs Oy
Sinimaentie 6
Ishiguro Expires February 2003 [Page 4]
�
Internet Draft draft-ishiguro-ppvpn-pe-ce-ospf-00.txt August 2002
FIN-02630 Espoo, Finland
e-mail: ville.hallivuori@tellabs.com
Ishiguro Expires February 2003 [Page 5]
�