Monday, 12 January 2026

🚀 OSPF Sham Link vs Virtual Link – Explained (Real-World Notes)


🔹 OSPF backbone (Area 0) continuity is a strict requirement.
Whenever Area 0 becomes logically disconnected, OSPF faces serious routing and LSA propagation issues.
To solve this, OSPF provides Virtual Link and Sham Link, each designed for different environments.
🔗 OSPF Virtual Link
📌 Why Virtual Link is needed
Virtual Link is used when:
A non-backbone area is not directly connected to Area 0
Network redesign is difficult
A temporary logical connection to Area 0 is required
📌 How it works
Virtual Link creates a logical Area 0 connection
It is formed between two ABRs
Uses a transit area to reach Area 0
📌 Key rules
✔ Works only between ABRs
✔ Transit area must not be Stub / NSSA
❌ Not recommended for long-term design
📌 Use case
Fixing incorrect OSPF area design in traditional enterprise networks
🔗 OSPF Sham Link (MPLS L3VPN Specific)
📌 Why Sham Link is needed
In MPLS L3VPN:
Customer sites use OSPF Area 0
MPLS backbone is not part of customer OSPF
Area 0 appears physically broken
📌 How it works
Sham Link creates a logical Area 0 adjacency
Built between PE routers
Runs over MPLS VPN
Keeps backbone logically continuous
📌 Important concept
Sham Link is control-plane (OSPF adjacency)
Actual traffic flows via MPLS data plane
📌 Backdoor link role
Backdoor link is backup only
MPLS path is preferred using lower OSPF cost
📌 Use case
Maintaining OSPF backbone continuity across MPLS networks





No comments:

Post a Comment

🔥 The Hidden Risk of “Wide Open” Internal Policies — And How To Remove Them Safely

In one of my recent projects, I noticed a wide open internal traffic policy in place. Later, I was asked to work on this issue and remove th...