Hello

I know this document. Everthing is configured that way.

Kind regards,

Andreas

Hello,

the

default-information originate

is configured on the Nexus:

router ospf 3080
  vrf Printer
    router-id 3.0.8.16
    default-information originate
    log-adjacency-changes detail
    passive-interface default

rz1-nx3k# sh ip route vrf Printer
IP Route Table for VRF "Printer"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
    *via 172.31.31.94, Vlan1008, [110/1], 5d03h, ospf-3080, type-2

Yes, the 4500X is in the same

vrf (Printer)

and the neigborship is formed. Routes are exchanged but not the 0.0.0.0/0 from the Nexus...

4500X:
router ospf 3080 vrf Printer
 router-id 3.0.8.26
 log-adjacency-changes detail
 nsf
 passive-interface default
 no passive-interface Vlan2315
 no passive-interface Vlan2316
 network 172.30.64.152 0.0.0.3 area 26
 network 172.30.64.156 0.0.0.3 area 26

Hello,

what if you add the

always

keyword ?

default-information originate always

Hi,

with the

always

parameter the 4500x has a default-route in its routing-table, but then I have a kind of black-hole routing, because the Nexus then told all others that itself has the gateway of last resort, which in fact has an other router located in another site. I also can't ping any printer on any other site.

Hi,

   The below output confirms that some routers are receiving and installing the default route via OSPF:

rz1-nx3k# sh ip route vrf Printer | head

IP Route Table for VRF "Printer"

'*' denotes best ucast next-hop

'**' denotes best mcast next-hop

'[x/y]' denotes [preference/metric]

'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0

    *via 172.31.31.94, Vlan1008, [110/1], 5d03h, ospf-3080, type-2

On the 4500x, i see you get both Type5 LSA's for the default route. Do you have Type4 LSA's for the ASBR's of 3.0.8.11 and 3.0.8.12  

show ip ospf border-routers ?

 Do you see the default route in the OSPF RIB,

show ip ospf rib 0.0.0.0?

Regards,

Cristian Matei.

Hi,

the output of the

show ip opsf <ospf-process> border-routers

are:

BS1#show ip ospf 3080 border-routers
Load for five secs: 9%/0%; one minute: 9%; five minutes: 9%
Time source is NTP, 07:37:04.237 UTC Tue Mar 10 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)


                Base Topology (MTID 0)

Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route

i 3.0.8.15 [1] via 172.30.64.157, Vlan2316, ABR/ASBR, Area 26, SPF 4
i 3.0.8.16 [1] via 172.30.64.153, Vlan2315, ABR/ASBR, Area 26, SPF 4

So i guess, yes I see the ASBR'S.

The output of the

show ip ospf 3080 rib 0.0.0.0

is:

BS1#show ip ospf 3080 rib 0.0.0.0
Load for five secs: 10%/0%; one minute: 9%; five minutes: 9%
Time source is NTP, 07:39:06.405 UTC Tue Mar 10 2020

%OSPF: Route not in OSPF Base Topology (MTID 0) local RIB
BS1#

I extend the drawing from above with more details:

:

Hi,

    Based on the provided outputs and diagram:

             - i understand the two Nexus devices receive the default route from OSPF via area 0, and these LSA's will be forwarded into area 26 as well, so i don't see the reason why you're generating a default route on the Nexus as well? This should be removed 100%

            - your 4500X receives the default route Type 5 LSA's from OSPF running routers with their OSPF RID of 3.0.8.11 and 3.0.8.12. As the forwarding address is 0.0.0.0, it needs Typ4 LSA's to validate next-hop and compute forwarding metric. These Type 4 LSA's should be generated by your Nexus devices, for routers with RID of 3.0.8.11 and 3.0.8.12, and this doesn't show up in the database of 4500X. For this reason, because the Type5 LSA's for the default route are not successfully validated, it shows up only in the OSPF database, thus not in the OSPF RIB and RIB.

Regards,

Cristian Matei.

Hi Cristian,

I put the

default-information originate

on the Nexus because my understanding was: if the Nexus has a 0.0.0.0-route in its routing-table it will advertise it to other routers, so the 4500X should get the information from the Nexus.

I removed the

default-information originate

from the Nexus, but I still have the same behavior.

I updated the drawing again with the router-id's:

This is the output of

sh ip ospf 3080 database asbr-summary

:

BS1#sh ip ospf 3080 database asbr-summary
Load for five secs: 14%/1%; one minute: 10%; five minutes: 9%
Time source is NTP, 08:39:27.831 UTC Tue Mar 10 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Summary ASB Link States (Area 26)

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1484
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000024
  Checksum: 0x9E1A
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1522
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000024
  Checksum: 0x2A65
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1498
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000024
  Checksum: 0x3DC
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1544
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000024
  Checksum: 0x8E28
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1511
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000024
  Checksum: 0x8A2C
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1550
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000024
  Checksum: 0xF2EA
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1513
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000024
  Checksum: 0x127B
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1552
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000024
  Checksum: 0x7A3A
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

Hi,

   If you ask me, by the output: so the Type4 LSA's are in the database of 4500X, but the advertising routers (3.0.8.15 and 3.0.8.16), which are in the same area as 4500x, show up as not reachable in the graph of nodes, so the Type4 LSA cannot be used, thus the Type5 LSA (your default route) cannot be used. This means the OSPF adjacency between 4500X and Nexus devices is not up anymore, or you have a OSPF network type mismatch:

Adv Router is not-reachable in topology Base with MTID 0

You sure the OSPF adjacency between 4500X and your two Nexus devices is up and running? 

Regards,

Cristian Matei.

Hi,

the output from the 4500x and Nexus says there is a adjacency(or not?):

BS1#sh ip ospf 3080 neighbor
Load for five secs: 11%/1%; one minute: 9%; five minutes: 9%
Time source is NTP, 09:42:13.662 UTC Tue Mar 10 2020


Neighbor ID     Pri   State           Dead Time   Address         Interface
3.0.8.15          1   FULL/DR         00:00:03    172.30.64.157   Vlan2316
3.0.8.16          1   FULL/DR         00:00:03    172.30.64.153   Vlan2315
BS1#

rz1-nx3k# sh ip ospf neighbors vrf Printer
 OSPF Process ID 3080 VRF Printer
 Total number of neighbors: 4
 Neighbor ID     Pri State            Up Time  Address         Interface
 3.0.8.13          1 FULL/BDR         5d21h    172.31.30.89    Vlan3708
 3.0.8.15          1 FULL/DR          5d21h    172.31.31.94    Vlan1008
 3.0.8.15          1 FULL/BDR         18:42:09 172.30.64.150   Vlan2038
 3.0.8.26          1 FULL/BDR         18:33:34 172.30.64.154   Vlan2315
rz1-nx3k#

rz2-nx3k# sh ip ospf neighbors vrf Printer
 OSPF Process ID 3080 VRF Printer
 Total number of neighbors: 4
 Neighbor ID     Pri State            Up Time  Address         Interface
 3.0.8.12          1 FULL/DR          5d22h    172.31.30.94    Vlan3708
 3.0.8.16          1 FULL/BDR         5d21h    172.31.31.93    Vlan1008
 3.0.8.16          1 FULL/DR          18:41:50 172.30.64.149   Vlan2038
 3.0.8.26          1 FULL/BDR         18:30:53 172.30.64.158   Vlan2316
rz2-nx3k#

What am I missing here?

Kind regards,

Andreas

Hello Paul,

if I configure the

capability vrf-lite

on the 4500x, it get's the default-route(and some more routes).

I also have a 4500x behind 3.0.8.11 and.12 and these do not have the

capability vrf-lite

command configured but get a default route - but are connected to the routers with the static defaut-route.

I thought the

 vrf-lite

stuff is for

 inter-vrf-routing.