Why the P-bit must be cleared in the Type-7 default route by an NSSA ABR?


When an NSSA ABR originates a Type-7 default route, the P-bit must be cleared in order to tell to other NSSAs ABR : don’t translate this LSA 7 and don’t install it in the routing table. This P-bit is used as routing loop prevention mechanism. “An ABR, it does not accept type-7 LSA without P-bit, in order to avoid routing loops.”

RFC 3101 and RFC 1587 say that a Type-7 default route originated by an NSSA ABR must have P-bit cleared or reset.

RFC 3101 section 2.4 Originating Type-7 LSAs

A Type-7 default LSA for the network 0.0.0.0/0 may be originated into

   the NSSA by any NSSA router.  The Type-7 default LSA originated by an

NSSA border router must have the P-bit clear.  An NSSA ASBR that is

not an NSSA border router may originate a Type-7 default LSA with the

   P-bit set.  A Type-7 default LSA may be installed by NSSA border

   routers if and only if its P-bit is set.

RFC 1587 section 3.4  Originating Type-7 LSAs

A type-7 default route (network 0.0.0.0) may be originated into the

   NSSA by an NSSA area border router or by an NSSA AS boundary router

   which is internal to the NSSA.  The type-7 default route originated

   by the NSSA area border router must have the P-bit reset so that the

   default route originated by the NSSA area border router will not find

   its way out of the NSSA into the rest of the AS system via another

   NSSA area border router.  The type-7 default route originated by an

   NSSA AS boundary router which is not an NSSA area border router may

   have the P-bit set.  Type-7 routes which are originated by the NSSA

   area border router will not get added to other NSSA area border

   router’s routing table.

Now How OSPF forms a loop if the P bit is not cleared by ABR in the Type-7 default route.

In this topology let’s imagine the P-bit is set in the Type-7 default route.

  1. R1 learns an external prefix 1.1.1.0/24 and injects it into OSPF.
  2. ABR-1 and ABR-2 inject a Type-7 default route with P-bit set .
  3.  ABR-1 will translate the Type-7 ‘s ABR-2 and vice versa.
  4. R1 will receive two Type-5 default from ABR-1 and ABR-2 and installs load balancing.
  5. ABR-1 is facing to two choices, either a Type-7 learned via area 1 or Type-5 learned through area 1,  with the default RFC 3101  it prefers the Type-7 and installs a default route through ASBR. The same thing for ABR-2.
  6. the ASBR located in area 1 will use a default routes load balancing  (Type-7) learned from ABR-1 and ABR-2.

Now assume R1 loses the external route to 1.1.1.0/24, the ASBR needs to send a packet to 1.1.1.1.

With RFC 3101 enabled : ABR-1 and ABR-2 receives this packet and will use the default route through ASBR and so on. The loop will occur between ABRs and the ASBR.

With RFC 1587 enabled : ABR-1 and ABR-2 receives this packet and will use the default route through R1 to send the packet to 1.1.1.1, R1 has already a default routes load balancing via ABR-1 and ABR-2  and so on. The loop will occur between R1 and the ASBR.

This is why the P-bit must be cleared when an ABR generates a Type-7 default route.

Categories: OSPF Routing Protocol

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: