Scenario-1: External Path Selection with Multiple Regular ASBRs
Basic configuration
R1:
interface FastEthernet0/0
ip address 12.0.0.1 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 13.0.0.1 255.255.255.0
ip ospf 1 area 0
no shut
!
router ospf 1
router-id 0.0.0.1
R2:
interface FastEthernet0/0
ip address 12.0.0.2 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 24.0.0.2 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.2
R3:
interface FastEthernet0/0
ip address 13.0.0.3 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 35.0.0.3 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.3
R4:
interface FastEthernet0/0
ip address 45.0.0.4 255.255.255.0
no shut
!
interface FastEthernet0/1
ip address 24.0.0.4 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.4
redistribute connected subnets route-map CONNECTED
!
route-map CONNECTED permit 10
match interface FastEthernet0/0
R5:
interface FastEthernet0/0
ip address 45.0.0.5 255.255.255.0
no shut
!
interface FastEthernet0/1
ip address 35.0.0.5 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.5
redistribute connected subnets route-map CONNECTED
!
route-map CONNECTED permit 10
match interface FastEthernet0/0
R4 and R5 creates two Type-5 LSAs for the prefix 45.0.0.0/24 with the Forward Address 0.0.0.0, R1 located in area 0 receives these LSAs and since the FA is set to 0.0.0.0, and the default metric for the OE2 route is 20, R1 looks the best inter-area route to reach the ASBR:
R1#sh ip os data external
OSPF Router with ID (0.0.0.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 121
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.4
LS Seq Number: 80000001
Checksum: 0x84EA
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 65
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.5
LS Seq Number: 80000001
Checksum: 0x7EEF
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
R1#
To find the cost toward the ASBRs located in another area (1), R1 needs a Type-4 LSA to reach R4 and R5.
R2 and R3 the ABRs are responsible to tell to R1 how to reach the ASBRs R4 and R5, let’s verify the LSDB of R1 using the show ip os data asbr command, this command displays the Type-4 LSA with detailed informations.
Below R1 receives a Type-4 LSA from R2 with the Advertising Router 0.0.0.2 (RID of R2) and the Link State ID 0.0.0.5 (RID R4), this Type-4 LSA lists the cost 1 to reach R4 from R2’s perspective. And a Type-4 LSA from R3 with the Advertising Router 0.0.0.3 (RID of R3) and the Link State ID 0.0.0.5 (RID of R5), this Type-4 LSA lists the cost to reach R5 from R3’s perspective.
R1#sh ip os data asbr-summary
OSPF Router with ID (0.0.0.1) (Process ID 1)
Summary ASB Link States (Area 0)
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 130
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 0.0.0.4 (AS Boundary Router address)
Advertising Router: 0.0.0.2
LS Seq Number: 80000001
Checksum: 0x51E3
Length: 28
Network Mask: /0
MTID: 0 Metric: 1
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 75
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 0.0.0.5 (AS Boundary Router address)
Advertising Router: 0.0.0.3
LS Seq Number: 80000001
Checksum: 0x41F1
Length: 28
Network Mask: /0
MTID: 0 Metric: 1
R1#
R1 adds the cost to reach the ABRs R2 and R3 to the cost listed in the Type-4 LSA’s R2 and Type-4 LSA’s R3 respectively, the total cost to reach R4 and R5 is identical and equal to 2 , the show ip os bor command displays the cost to reach the ABRs R2 and R3 through intra-area route as mentioned by the letter (i) and the cost to reach the ASBRs R4 and R5 through inter-area route as shown by the letter (I).
R1#sh ip os border-routers
OSPF Router with ID (0.0.0.1) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 0.0.0.3 [1] via 13.0.0.3, FastEthernet0/1, ABR, Area 0, SPF 5
i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR, Area 0, SPF 5
I 0.0.0.5 [2] via 13.0.0.3, FastEthernet0/1, ASBR, Area 0, SPF 5
I 0.0.0.4 [2] via 12.0.0.2, FastEthernet0/0, ASBR, Area 0, SPF 5
R1#
As a result R1 installs a load balancing to reach 45.0.0.0/24:
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 13.0.0.3, 00:04:14, FastEthernet0/1
[110/20] via 12.0.0.2, 00:00:22, FastEthernet0/0
R1#
Configure the link between R1 and R3 in area 1.
R1(config)#int fa0/1
R1(config-if)#no ip os 1 area 0
R1(config-if)#ip os 1 area 1
R3(config)#int fa0/0
R3(config-if)#no ip os 1 area 0
R3(config-if)#ip os 1 area 1
Verify that R1 is still receiving the Type-5 LSA from R4 and R5:
R1#sh ip os data ext | s Adv|Link State|Forward
Type-5 AS External Link States
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.4
Forward Address: 0.0.0.0
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.5
Forward Address: 0.0.0.0
R1#
Verify the cost to reach the ASBRs R4 and R5 using the sho ip os bor command.
We can see that:
R4 (0.0.0.4) is reachable through an inter-area route with a cost 2.
R5 (0.0.0.5) is reachable through an intra-area route with a cost 2.
R1#sh ip os border-routers
OSPF Router with ID (0.0.0.1) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR, Area 0, SPF 10
i 0.0.0.5 [2] via 13.0.0.3, FastEthernet0/1, ASBR, Area 1, SPF 3
I 0.0.0.4 [2] via 12.0.0.2, FastEthernet0/0, ASBR, Area 0, SPF 10
R1#
Per RFC 2328 OSPF Version 2
16.4. Calculating AS external routes
(6) Compare the AS external path described by the LSA with the
existing paths in N’s routing table entry, as follows. If
the new path is preferred, it replaces the present paths in
N’s routing table entry. If the new path is of equal
preference, it is added to N’s routing table entry’s list of
paths.
(a) Intra-area and inter-area paths are always preferred
over AS external paths.
(b) Type 1 external paths are always preferred over type 2
external paths. When all paths are type 2 external
paths, the paths with the smallest advertised type 2
metric are always preferred.
Per RFC 1583 OSPF Version 2
11.1. Routing table lookup
(3) Reduce the set of matching entries to those having the most
preferential path-type (see Section 11). OSPF has a four
level hierarchy of paths. Intra-area paths are the most
preferred, followed in order by inter-area, type 1 external
and type 2 external paths.
Since the inter-area route and the intra-area route entries in the show ip os bor command are pointed to different destination, R1 looks the best cost to reach the ASBRs regardless the type of the route as mentioned in RFC 2328 and RFC 1583 (intra-area route is always preferred than the inter-area route), this rule is valid if the two routes are pointed to the same destination (same ASBR for example).
As a result R1 load balances between R2 and R3 to reach 45.0.0.0/24 and installs the two external routes in the routing table.
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 13.0.0.3, 00:12:08, FastEthernet0/1
[110/20] via 12.0.0.2, 00:13:16, FastEthernet0/0
R1#
To confirm let’s increase the cost toward R3.
R1(config)#int fa0/1
R1(config-if)#ip os cost 10
Let’s verify the route entries in the sh ip os bor command.
Now the inter-area route through R2 has a better metric (2) than the intra-route through R3 (11).
R1#sh ip os border-routers
OSPF Router with ID (0.0.0.1) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR, Area 0, SPF 10
i 0.0.0.5 [11] via 13.0.0.3, FastEthernet0/1, ASBR, Area 1, SPF 4
I 0.0.0.4 [2] via 12.0.0.2, FastEthernet0/0, ASBR, Area 0, SPF 10
R1#
As a result, R1 installs the external route through R2.
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 12.0.0.2, 00:16:25, FastEthernet0/0
R1#
Scenario-2: External Path Selection with Multiple NSSA ASBRs
Basic configuration
R1:
interface FastEthernet0/0
ip address 12.0.0.1 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 13.0.0.1 255.255.255.0
ip ospf 1 area 0
no shut
!
router ospf 1
router-id 0.0.0.1
R2:
interface FastEthernet0/0
ip address 12.0.0.2 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 24.0.0.2 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.2
R3:
interface FastEthernet0/0
ip address 13.0.0.3 255.255.255.0
ip ospf 1 area 0
no shut
!
interface FastEthernet0/1
ip address 35.0.0.3 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.3
R4:
interface FastEthernet0/0
ip address 45.0.0.4 255.255.255.0
no shut
!
interface FastEthernet0/1
ip address 24.0.0.4 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.4
redistribute connected subnets route-map CONNECTED
!
route-map CONNECTED permit 10
match interface FastEthernet0/0
R5:
interface FastEthernet0/0
ip address 45.0.0.5 255.255.255.0
no shut
!
interface FastEthernet0/1
ip address 35.0.0.5 255.255.255.0
ip ospf 1 area 1
no shut
!
router ospf 1
router-id 0.0.0.5
redistribute connected subnets route-map CONNECTED
!
route-map CONNECTED permit 10
match interface FastEthernet0/0
Configure area 1 as NSSA.
On R2, R3, R4 and R5 configure the area 1 nssa command.
Rx(config)#router osp 1
Rx(config-router)#area 1 nssa
Verify that R2 is receiving a Type-7 LSA from R4.
The Advertising Router is 0.0.0.2 (R2).
The Link State ID is 0.0.0.4 (R4).
The Forward Address is 24.0.0.4.
R2#sh ip os data nssa-external
OSPF Router with ID (0.0.0.2) (Process ID 1)
Type-7 AS External Link States (Area 1)
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 105
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.4
LS Seq Number: 80000001
Checksum: 0x3118
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 24.0.0.4
External Route Tag: 0
R2#
Verify that R3 is receiving a Type-7 LSA from R5.
The Advertising Router is 0.0.0.3 (R3).
The Link State ID is 0.0.0.5 (R5).
The Forward Address is 35.0.0.5.
R3#sh ip os data nssa
OSPF Router with ID (0.0.0.3) (Process ID 1)
Type-7 AS External Link States (Area 1)
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 257
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.5
LS Seq Number: 80000001
Checksum: 0xB289
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 35.0.0.5
External Route Tag: 0
R3#
Since the Type-7 LSA is flooded only in the NSSA and cannot traverse the area 1.
The ABRs R2 and R3 translate the Type-7 LSA’s R4 and Type-7’s R5 respectively into a Type-5 LSA, the fields remains unchanged except for the type of LSA and theAdvertising Router field.
So R1 receives two Type-5 LSAs from R2 and R3 with the Advertising Router 0.0.0.2 (RID of R2) and 0.0.0.3 (RID of R3).
The Forward Address is copied from the Type-7 LSA into a Type-5 LSA.
R1#sh ip os data ex
OSPF Router with ID (0.0.0.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 378
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.2
LS Seq Number: 80000001
Checksum: 0xD183
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 24.0.0.4
External Route Tag: 0
Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 369
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 45.0.0.0 (External Network Number )
Advertising Router: 0.0.0.3
LS Seq Number: 80000001
Checksum: 0x53F4
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 35.0.0.5
External Route Tag: 0
R1#
The reason why the Forward Address is copied, because an NSSA ASBR is hidden for area 0 (R1), R4 and R5 is not visible for R1, this is the purpose of a Stub area.
The show ip os bord command executed on R1, shown that the ASBRs R4 and R5 are no longer present, only the NSSA ABRs R2 and R3 are visible.
R1#sh ip os border-routers
OSPF Router with ID (0.0.0.1) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 0.0.0.3 [1] via 13.0.0.3, FastEthernet0/1, ABR/ASBR, Area 0, SPF 17
i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 17
R1#
In order to allow R1 to calculate the best path and avoid a suboptimal routing, the NSSA ABR leave the Forward Address unchanged when translating the Type-7 LSA into Type-5 LSA, the Forward Address is selected by the ASBR through its configured interface participating in OSPF, so when R1 looks the best path to reach the Forward Address, it is similar to look the best path to reach the ASBR.
With the Forward Address, R1 has the visibility of the NSSA ASBRs R4 and R5 through the Forward Addresses 24.0.0.4 and 35.0.0.5 respectively.
Now in order to select the best path to reach the external prefix R1 looks the best inter-area route to reach the Forward Address.
To find the cost let’s verify the routing table’s R1 for the prefixes 24.0.0.0/24 and 35.0.0.0/24.
The metric to reach 24.0.0.0/24 is 2 through R2.
R1#sh ip route 24.0.0.0
Routing entry for 24.0.0.0/24, 1 known subnets
O IA 24.0.0.0 [110/2] via 12.0.0.2, 00:16:29, FastEthernet0/0
R1#
The metric to reach 35.0.0.0/24 is 2 through R3.
R1#sh ip route 35.0.0.0
Routing entry for 35.0.0.0/24, 1 known subnets
O IA 35.0.0.0 [110/2] via 13.0.0.3, 00:15:13, FastEthernet0/1
R1#
Since the Forward Addresses are reachable with the same cost, R1 installs a load balancing through R2 and R3 to reach the external prefix 45.0.0.0/24.
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 13.0.0.3, 00:19:37, FastEthernet0/1
[110/20] via 12.0.0.2, 00:10:48, FastEthernet0/0
R1#
Now let’s configure the cost 2 between R1 and R2.
R1(config)#int fa0/0
R1(config-if)#ip os cost 2
The Forward Address 24.0.0.4 is reachable with a cost 3 through R2.
R1#sh ip route 24.0.0.0
Routing entry for 24.0.0.0/24, 1 known subnets
O IA 24.0.0.0 [110/3] via 12.0.0.2, 00:00:07, FastEthernet0/0
R1#
The Forward Address 35.0.0.5 is still reachable with a cost 2 through R3.
R1#sh ip route 35.0.0.0
Routing entry for 35.0.0.0/24, 1 known subnets
O IA 35.0.0.0 [110/2] via 13.0.0.3, 00:00:47, FastEthernet0/1
R1#
The inter-area route to 34.0.0.0/24 (2) through R3 has a better metric than the inter-area route to 24.0.0.0/24 (3) through R2.
As a result R1 installs an external route through R3 which is the best path.
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 13.0.0.3, 00:22:27, FastEthernet0/1
R1#
Let’s suppress the Forward Address in the Type-7 LSA’s R4. The Forward Address suppression should be configured on R2.
The OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature causes an NSSA ABR to translate Type-7 LSAs to Type-5 LSAs, but use the 0.0.0.0 as theforwarding address instead of that specified in the Type-7 LSA. This feature causes routers that are configured not to advertise forwarding addresses into the backboneto direct forwarded traffic to the translating NSSA ABRs.
R2(config-if)#router osp 1
R2(config-router)#area 1 nssa translate type7 suppress-fa
Let’s verify the Type-5 LSA’s R2. We can see that the Forward Address is suppressed.
R1#sh ip osp data ext | s Adv|Forward
Advertising Router: 0.0.0.2
Forward Address: 0.0.0.0
Advertising Router: 0.0.0.3
Forward Address: 35.0.0.5
R1#
To summarize:
R1 receives a Type-5 from R2 with the Forward Address 0.0.0.0, R1 looks the best path to reach the NSSA ABR/ASBR R2, to verify, use the show ip os borde command:
The cost to reach R2 (0.0.0.2) is 2.
R1#sh ip os border-routers
OSPF Router with ID (0.0.0.1) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 0.0.0.3 [1] via 13.0.0.3, FastEthernet0/1, ABR/ASBR, Area 0, SPF 20
i 0.0.0.2 [2] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 20
R1#
R1 receives a Type-5 from R3 with the Forward Address 35.0.0.5, R1 looks the best inter-area route to reach the prefix 35.0.0.0/24, to verify, use the show ip route35.0.0.0 command:
The cost to reach the prefix 35.0.0.0/24 is 2.
R1#sh ip route 35.0.0.0
Routing entry for 35.0.0.0/24, 1 known subnets
O IA 35.0.0.0 [110/2] via 13.0.0.3, 00:20:19, FastEthernet0/1
R1#
Since the metrics to reach the NSSA ABR/ASBR R2 and the Forward Address 35.0.0.5 are identical, R1 load balances between R2 and R3 to reach 45.0.0.0/24.
R1#sh ip route 45.0.0.0
Routing entry for 45.0.0.0/24, 1 known subnets
O E2 45.0.0.0 [110/20] via 13.0.0.3, 00:20:37, FastEthernet0/1
[110/20] via 12.0.0.2, 00:11:48, FastEthernet0/0
R1#
Demystify and Simplify 