OSPF in virtual routers

Multiple OSPF instances can be hosted in Virtual Service Router. There are two ways of separating those instances:

• using VRFs, when strong isolation is needed between each routing instance. OSPF per VRF instances are mainly used for connecting to the backbone network.

• using L3VRFs, when light and scalable isolation is needed. When acting as PE, OSPF redistributes VPN routes to CPEs connected to L3VRFs.

OSPF separate instances per VRF

VRF provides hard isolation. Each VRF acts like a separate logical autonomous router. Unless veth interfaces are used to cross the border, each VRF has no shared network with the other VRFs. Also, using VRFs enables to configure overlapping interface names, and can help in simplifying the deployment.

Note

We recommend using L3VRFs when a lot of instances are needed, as VRFs cost a lot of resources.

The following configuration creates two OSPF instances in separate VRFs. The network addressing and the logical interface naming remain the same. OSPF ensures route distribution between the two physical interfaces where adjacencies are done.

vsr running config# vrf customer1
vsr running vrf customer1# routing
vsr running routing# ospf
vsr running ospf# router-id 1.1.1.1
vsr running ospf# redistribute bgp
vsr running ospf# ..
vsr running routing# interface loop1
vsr running interface loop1# ip ospf area 0.0.0.0
vsr running interface loop1# ..
vsr running routing# interface eth0
vsr running interface eth0# ip ospf area 0.0.0.0
vsr running interface eth0# ..
vsr running routing# interface eth1
vsr running interface eth1# ip ospf area 0.0.0.0
vsr running interface eth1# ..
vsr running routing# ..
vsr running vrf customer1# interface
vsr running interface# loopback loop1
vsr running loopback loop1# ipv4 address 1.1.1.1/32
vsr running loopback loop1# ..
vsr running interface# physical eth0
vsr running physical eth0#! port pci-b0s4
vsr running physical eth0# ipv4 address 10.125.0.1/24
vsr running physical eth0# ..
vsr running interface# physical eth1
vsr running physical eth1#! port pci-b0s5
vsr running physical eth1# ipv4 address 10.200.0.1/24
vsr running physical eth1# ..
vsr running interface# ..
vsr running vrf customer1# ..
vsr running config# vrf customer2
vsr running vrf customer2# routing
vsr running routing# ospf
vsr running ospf# router-id 1.1.1.1
vsr running ospf# redistribute bgp
vsr running ospf# ..
vsr running routing# interface loop1
vsr running interface loop1# ip ospf area 0.0.0.0
vsr running interface loop1# ..
vsr running routing# interface eth2
vsr running interface eth2# ip ospf area 0.0.0.0
vsr running interface eth2# ..
vsr running routing# interface eth3
vsr running interface eth3# ip ospf area 0.0.0.0
vsr running interface eth3# ..
vsr running routing# ..
vsr running vrf customer2# interface
vsr running interface# loopback loop1
vsr running loopback loop1# ipv4 address 1.1.1.1/32
vsr running loopback loop1# ..
vsr running interface# physical eth2
vsr running physical eth2#! port pci-b0s6
vsr running physical eth2# ipv4 address 10.125.0.1/24
vsr running physical eth2# ..
vsr running interface# physical eth3
vsr running physical eth3#! port pci-b0s7
vsr running physical eth3# ipv4 address 10.200.0.1/24
vsr running physical eth3# ..
vsr running interface#

The OSPF adjacencies can be dumped by using the following command:

vsr> show ospf vrf customer1 neighbor

 Neighbor ID     Pri State           Dead Time Address         Interface            RXmtL RqstL DBsmL
 10.125.0.3        1 Full/DR           30.833s 10.125.0.3      eth0:10.125.0.1         0     0     0

OSPF separate instances per L3VRF

Using L3VRF OSPF instances helps to reach good scalability (each instance is smaller, uses less memory and CPU than a VRF instance), but the isolation provided is light (each L3VRF instance of a VRF is part of the same OSPF process). The solution guarantees isolation between the configured OSPF instances and allows leaking traffic as well. A typical use case is when Virtual Service Router acts as a PE, where VPN routes are redistributed to CPEs.

The following configuration creates two L3VRF instances named customer1 and customer2.

See also

• L3VRF overview.

vsr running config# vrf main
vsr running vrf main# l3vrf customer1
vsr running l3vrf customer1#! table-id 10
vsr running l3vrf customer1# routing ospf
vsr running ospf# router-id 1.1.1.1
vsr running ospf# redistribute bgp
vsr running ospf# .. ..
vsr running l3vrf customer1# routing interface loop_cust1
vsr running interface loop_cust1# ip ospf area 0.0.0.0
vsr running interface loop_cust1# .. ..
vsr running l3vrf customer1# routing interface eth1
vsr running interface eth1# ip ospf area 0.0.0.0
vsr running interface eth1# .. ..
vsr running l3vrf customer1# interface loopback loop_cust1
vsr running loopback loop_cust1# ipv4 address 1.1.1.1/32
vsr running loopback loop_cust1# .. ..
vsr running l3vrf customer1# interface physical eth1
vsr running physical eth1#! port pci-b0s4
vsr running physical eth1# ipv4 address 10.125.0.1/24
vsr running physical eth1# .. ..
vsr running l3vrf customer1# interface physical eth0
vsr running physical eth0#! port pci-b0s5
vsr running physical eth0# ipv4 address 10.200.0.1/24
vsr running physical eth0# .. ..
vsr running l3vrf customer1# ..
vsr running vrf main# l3vrf customer2
vsr running l3vrf customer2#! table-id 20
vsr running l3vrf customer2# routing ospf
vsr running ospf# router-id 1.1.1.1
vsr running ospf# redistribute bgp
vsr running ospf# .. ..
vsr running l3vrf customer2# routing interface loop_cust2
vsr running interface loop_cust2# ip ospf area 0.0.0.0
vsr running interface loop_cust2# .. ..
vsr running l3vrf customer2# routing interface eth2
vsr running interface eth2# ip ospf area 0.0.0.0
vsr running interface eth2# .. ..
vsr running l3vrf customer2# interface loopback loop_cust2
vsr running loopback loop_cust2# ipv4 address 1.1.1.1/32
vsr running loopback loop_cust2# .. ..
vsr running l3vrf customer2# interface physical eth2
vsr running physical eth2#! port pci-b0s6
vsr running physical eth2# ipv4 address 10.125.0.1/24
vsr running physical eth2# .. ..
vsr running l3vrf customer2# interface physical eth3
vsr running physical eth3#! port pci-b0s7
vsr running physical eth3# ipv4 address 10.200.0.1/24
vsr running physical eth3#

Like for VRF, the OSPF adjacencies can be dumped by using the below command:

vsr> show ospf l3vrf customer1 neighbor
Neighbor ID   Neighbor address   Local address   Interface   L3VRF     Priority State                         Uptime    Dead-time RXmtL RqstL DBsmL
===========   ================   =============   =========   =====     ======== =====                         ======    ========= ===== ===== =====
10.125.0.3    10.125.0.3         10.125.0.1      eth0        customer1        1 full/designated-router        00h00m47s 30.833s       0     0     0

The L3VRFs OSPF instances can be dumped by using the following command:

vsr> show ospf l3vrfs vrf main
Name                       Id     RouterId
customer1                  8      1.1.1.1
customer2                  11     1.1.1.1

Total number of OSPF VRFs: 2