OSPF NSSA and Import Route Control

Timothy ACI
Level 1
Level 1

Hi community,


Does the Import Route Control Subnet work with EPG Subnet in an OSPF NSSA L3Out?


Please refer to my use case in the attached photo. Basically, my ACI Leaf is connected to a router managed by a different partner. I would just default-information originate always to them, and want to prevent them (proactively) from accidentally redistribute a default route into the area.


VIP Alumni
VIP Alumni

It should work. I do not see a reason not to.




Hi Sergiu,


As I mentioned in the diagram, I did configure NSSA between my border leaf and the remote router. There are no other areas on this border leaf (the backbone is on other leaves). While I expected to be added into the RIB with Import Route Control Subnet, it wasn't. I tried checking the mentioned border leaf's LSDB, and I could see both and as Type-7 LSAs, advertised by the remote router (which was correct)


I changed this into a Regular area and checked the LSDB - the mentioned LSAs changed into Type-5 as expected. Only difference though, in this case was added into my RIB.

Timothy ACI
Level 1
Level 1

Just want to bump this topic up, since this seems like very unexpected behaviour to me. I also don't think it's mentioned anything special (about NSSA and Import Route Control) in the L3Out White Paper

