We are configuring an OSPF totally NSSA area with two ABR. When one ABR loses connectivity with backbone area (each ABR only has one link to backbone area) , NSSA area internal routers learn only one default route. But I'm noticing when we connect again that ABR to backbone area, it starts to inject default route into NSSA area before reaching OSPF full state in backbone area. Therefore ip flows load balanced to this ABR from inside of NSSA area will fail until this ABR reach OSPF full state.
Is there anyway to workaround this problem, delaying route default injection until ABR gets full state?
Are you injecting the default-route with default-information originate within the NSSA command -or- via the default-information originate command under the OSPF routing process ?
With the latter command, you can configure a route-map that checks for routes in the RIB before injecting the default-route. That's called conditional advertisement.
Thanks for your post.
I'm using a totally NSSA area (area xx nssa no-summary), and default route is injected automatically, without default-information originate command.
Is it possible to configure in this scenary something like you are telling me?
I think there is some confusion here. There is not a totally NSSA. There are a totally stuby area and a NSSA (Not so stuby area). I'm going to assume that you are using a totally stuby area. The reason i say that is the ABR injects a default summary link into the area. If there are more then one ABR in the area it will pick the closest ABR as the defaul gateway to inject into the totally stuby area. Please post your config so we can confirm this but that sounds like what is happing.
Now the method u are using injects a type 3 default route into the nssa,and the method edison suggested would inject a type 7 default route into the nssa..
Its surprising that the routes are getting into the routing table before the neighbor state is full..
Try out with injecting type 7 default route as edison suggested
There are commands like "max-metric router-lsa" and "timers spf" etc to delay the ospf route building,but i dont have much experience with this and dont thing will help much in this scenario..
Lets hear what experts have to say on this..
> There is not a totally NSSA.
I also learned something from that link. Arun explained correctly as Totally NSSA injects a type 3 default-route when using the no-summary.
Need to lab this up :)
Thanks to everybody for your posts.
I wanted to say totally stub NSSA area, not totally NSSA. By this way, I'm trying to inject deafault routes into the NSSA totally stub area using a type 3 summary LSA's, and all seems to work fine. Take in mind my lab topology in which I'm using R1 and R2 as ABR, and R3 as NSSA area internal router with serial links to R1 and R2. Well R3 learns default route from R1 and R2. Now, let's assume initially R1 link to backbone area is down (ABR's only have one link to ABR). In this situation, R1 is a NSSA area internal router and it doesn't inject default route in NSSA area, only R2 do it.
Now R1 link to backbone goes up. Well, now R1 is an ABR and the problem I'm noticing is when R1 is in initial steps of neighbor adajencies in backbone area (init,2way...), it starts to inject default route in NSSA area before to reach full state for DR and BDR to be able to send traffic properly to backbone.
Here you have my routing protocol configs for R1, R2 and R3:
router ospf 1
area 80 nssa no-summary
network 10.211.248.1 0.0.0.0 area 80
network 10.211.248.252 0.0.0.0 area 80
network 184.108.40.206 0.0.0.0 area 0
router ospf 1
area 80 nssa no-summary
network 10.211.248.9 0.0.0.0 area 80
network 10.211.248.253 0.0.0.0 area 80
network 220.127.116.11 0.0.0.0 area 0
router ospf 1
area 80 nssa
redistribute static subnets
redistribute eigrp 11 subnets route-map EIGRPAOSPF
network 10.211.248.2 0.0.0.0 area 80
network 10.211.248.10 0.0.0.0 area 80
network 10.211.248.254 0.0.0.0 area 80
router eigrp 11
redistribute ospf 1 metric 2000 10000 255 1 1500 route-map OSPFAEIGRP
network 10.211.248.4 0.0.0.3
access-list 1 permit 0.0.0.0
access-list 2 deny 0.0.0.0
access-list 2 permit any
route-map OSPFAEIGRP permit 10
match ip address 1
route-map EIGRPAOSPF permit 10
match ip address 2
Lets first agree about the theory behind the default route rules, as it varies depending on multiple factors:
1.In the case of NSSA totally stub area, the NSSA ABR generates a default summary route (type 3 summary LSA).
2.In the case of NSSA, by default the ABR doesn't generate a default summary route it must be manually done following the below 2 rules:
a.If this router is an ASBR, then it won't be able to generate the default route unless it has a default route in its routing table known from another routing protocol (thats why it is injected as Type 7 rather than type 3).
b.If this router is an ABR, then the default route is generated with or without a default route in its routing table.
Now to your case, can you please post some show outputs to clarify your problem, the routers can't exchange LSAs until adjacency is formed.
More over, as for Arun's suggestion for using max-metric (stub router advertisement), i don't believe that this applies to the generated default route, as this feature affects only the transit routes to prevent the router from being a transit router (more precisely being a transit router of last resort by increasing the metric of those routes).
One note to Mohamed post:
"b.If this router is an ABR, then the default route is generated with or without a default route in its routing table.". I'm agree with you, but is needed default-information-originate command.
Take a look to attached file with show ip route commands obtainted from R1 and R3 (I suggest you to take a look only to default routes).
Exactly, sub-point "b" is part of point "2", and in point 2 i stated that it must be manually configured.
I've something in my mind, let me simulate your case and get back to you.