I know its weird to say that I use VTI , but this technic i use to advertise OSPF between Router host when it’s use MPLS from ISP. since ISP gave us only /30 IP per connection so difficult for me to adv OSPF into the cloud.
Here is What I already Play with Virtual Tunnel Interface :
##########Router BH ip source-route ! ! ip cef ! ! ! no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! vpdn enable ! ! ! voice-card 0 ! ! ! ! ! username suryanto privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxx archive log config hidekeys ! ! crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0 ! ! crypto ipsec transform-set T1 esp-3des esp-sha-hmac ! crypto ipsec profile P1 set transform-set T1 ! ! ! ! ! ! ! ! interface Loopback1 ip address 192.168.0.1 255.255.255.255 ! interface Loopback2 ip address 192.168.0.2 255.255.255.255 ! interface Loopback3 ip address 192.168.0.4 255.255.255.255 ! interface Loopback5 ip address 172.123.124.2 255.255.255.0 ! interface Tunnel0 description Tunnel MPLS BH Router ip address 172.12.12.1 255.255.255.0 ip ospf mtu-ignore load-interval 30 tunnel source 172.16.124.6 tunnel destination 172.16.124.14 tunnel mode ipsec ipv4 tunnel protection ipsec profile P1 ! interface FastEthernet0/0 ip address 10.1.249.210 255.255.255.0 duplex auto speed auto ! ! interface Serial0/0/0 description MPLS ip address 172.16.124.6 255.255.255.252 ! ! router ospf 1 router-id 10.100.100.2 log-adjacency-changes redistribute ospf 200 subnets network 172.1.105.0 0.0.0.255 area 0 network 172.12.12.0 0.0.0.255 area 0 network 172.16.124.6 0.0.0.0 area 0 network 172.123.124.0 0.0.0.255 area 0 network 192.168.0.0 0.0.0.255 area 0 neighbor 172.123.123.1 ! ip forward-protocol nd ip route 172.16.124.12 255.255.255.252 172.16.124.5 no ip http server no ip http secure-server ! ! ! ! ! ! ! ! ! ! control-plane ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login local ! scheduler allocate 20000 1000 end ########################################################################################## ### Branch Router Current configuration : 2081 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname MPLS_POC_Branch1 ! boot-start-marker boot system flash c2600-advsecurityk9-mz.124-15.T10.bin boot-end-marker ! ! no aaa new-model memory-size iomem 10 no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef ! ! ! ! ! multilink bundle-name authenticated ! ! ! ! ! archive log config hidekeys ! ! crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0 ! ! crypto ipsec transform-set T1 esp-3des esp-sha-hmac ! crypto ipsec profile P1 set transform-set T1 ! ! ! ! ! ! ! interface Loopback1 ip address 172.123.123.1 255.255.255.255 ! interface Loopback2 ip address 172.123.123.2 255.255.255.255 ! interface Loopback3 ip address 172.123.123.3 255.255.255.255 ! interface Loopback4 ip address 172.123.123.4 255.255.255.255 ! interface Loopback5 ip address 172.123.123.5 255.255.255.255 ! interface Tunnel0 description temporary tunnel ip address 172.12.12.2 255.255.255.0 ip ospf mtu-ignore load-interval 30 tunnel source 172.16.124.14 tunnel destination 172.16.124.6 tunnel mode ipsec ipv4 tunnel protection ipsec profile P1 ! ! interface Serial0/0 description MPLS2 bandwidth 256 ip address 172.16.124.14 255.255.255.252 ! router ospf 1 router-id 10.100.100.1 log-adjacency-changes redistribute static network 172.12.12.0 0.0.0.255 area 0 network 172.123.123.0 0.0.0.7 area 1 ! ip forward-protocol nd ip route 172.16.124.4 255.255.255.252 172.16.124.13 ! ! ip http server no ip http secure-server ! ! ! ! ! control-plane ! ! ! line con 0 exec-timeout 0 0 logging synchronous login local line aux 0 line vty 0 4 exec-timeout 0 0 login local ! ! end
From Backhaul we could see the route table from neighbor
Router-BH#sh ip route ospf 172.123.0.0/16 is variably subnetted, 6 subnets, 2 masks O IA 172.123.123.4/32 [110/1001] via 172.12.12.2, 02:15:26, Tunnel0 O IA 172.123.123.5/32 [110/1001] via 172.12.12.2, 02:15:26, Tunnel0 O IA 172.123.123.1/32 [110/1001] via 172.12.12.2, 02:15:26, Tunnel0 O IA 172.123.123.2/32 [110/1001] via 172.12.12.2, 02:15:26, Tunnel0 O IA 172.123.123.3/32 [110/1001] via 172.12.12.2, 02:15:26, Tunnel0