The OSPF DN (Down) bit is a loop prevention flag in the LSA Options field used in MPLS VPNs and SD-WANs, set by Provider Edge (PE) routers on Type 3, 5, and 7 LSAs to signal routes coming from a Customer Edge (CE) router, preventing the PE from re-advertising them back, thus avoiding routing loops when redistributing BGP routes into OSPF. When a PE receives an LSA with the DN bit set, it ignores it for route calculation, stopping the loop.
How it works
- Setting the bit: When a PE router redistributes routes (like BGP routes) into OSPF, it sets the DN bit in the LSA header for Type 3 (Summary), Type 5 (External), and Type 7 (NSSA External) LSAs before sending them to the CE.
- Ignoring the bit: When the PE router receives an LSA from a CE with the DN bit set, it understands this is a route originating from the VPN backbone and should not be used in its own OSPF process.
- Preventing loops: Without the DN bit, a PE could send a route to a CE, the CE would send it back (possibly modified), and the PE would re-learn it, creating a loop. The DN bit breaks this cycle.
Key points
- Location: Found in the OSPF LSA Options field (the most significant bit).
- Purpose: Primarily for loop prevention in OSPF PE-CE interactions, especially in MPLS L3 VPNs and SD-WANs.
- Applies to: Type 3, 5, and 7 LSAs.
- Behavior: The PE sets it on outgoing LSAs to CEs; the PE ignores incoming LSAs with it set.
Comments