cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5319
Views
10
Helpful
41
Replies

default-route not making it into routing table

Hello,

I think I have a strange bahavior. I have a 4500X VSS connected to two Nexus 3064 like this:

OSPF.jpg

The Nexus are getting their 0.0.0.0/0 from Area 0 and are able to forward traffic in and out. But the 4500x does not get a 0.0.0.0/0 route in his routing-table.

A

show ip ospf 3080 database external

on the 4500x shows that a default-route is advertised(I think):

            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Type-5 AS External Link States

  LS age: 890
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.11
  LS Seq Number: 80000123
  Checksum: 0x1088
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 705
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.12
  LS Seq Number: 80000123
  Checksum: 0xA8D
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

"3.0.8.11" and "3.0.8.12" are routers in area 0 (other site).

On the Nexus the 0.0.0.0/0 is part of the routing table:

rz1-nx3k# sh ip route vrf Printer | head
IP Route Table for VRF "Printer"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
    *via 172.31.31.94, Vlan1008, [110/1], 5d03h, ospf-3080, type-2

The ospf-process is configured with

default-information originate.

All routers are ospf-neighbors. But I don'T get a default-route on the 4500X.

 

Any Ideas?

Kind regards,

Andreas

 

 

 

41 Replies 41

Hello,

I was able to update the 4500x to Version 03.08.07.E , the exact same Version as on the other 4500x.

But no luck - still no default-route:

BS1#sh ip route vrf Printer
Load for five secs: 8%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 17:46:47.180 UTC Fri Mar 13 2020


Routing Table: Printer
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.30.0.0/16 is variably subnetted, 5 subnets, 2 masks
O        172.30.64.148/30 [110/41] via 172.30.64.157, 21:42:05, Vlan2316
                          [110/41] via 172.30.64.153, 21:42:05, Vlan2315
C        172.30.64.152/30 is directly connected, Vlan2315
L        172.30.64.154/32 is directly connected, Vlan2315
C        172.30.64.156/30 is directly connected, Vlan2316
L        172.30.64.158/32 is directly connected, Vlan2316
BS1#
BS1#sh ip ospf 3080 rib 0.0.0.0
Load for five secs: 10%/1%; one minute: 9%; five minutes: 8%
Time source is NTP, 17:48:24.827 UTC Fri Mar 13 2020

%OSPF: Route not in OSPF Base Topology (MTID 0) local RIB
BS1#

but:

BS1#sh ip ospf 3080 database external
Load for five secs: 8%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 17:49:42.799 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Type-5 AS External Link States

  LS age: 1263
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001E5
  Checksum: 0x8A4B
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 1081
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001E5
  Checksum: 0x8450
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

BS1#

Hmm? I have no idea (except the Nexus?)...

Kind regards,

Andreas

Hi,

 

    One last thing. Post the following output from both 4500x devices:

 

 

show ip ospf 3080 database asbr-summary

show ip ospf 3080 border-routers

show ip OSPF 3080 database external 0.0.0.0

show ip ospf 3080 rib 0.0.0.0

show ip route vrf Printer ospf

 

Regards,

Cristian Matei.

Hi,

ok here is the output of the two 4500X. The BS1-011 has some more routes due to more neighbors, I had to cut them out due to privacy:

BS1#show ip ospf 3080 database asbr-summary
Load for five secs: 10%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 18:26:27.132 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Summary ASB Link States (Area 26)

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1656
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000098
  Checksum: 0xB58E
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1637
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000098
  Checksum: 0x41D9
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1658
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000098
  Checksum: 0x1A51
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1640
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000098
  Checksum: 0xA59C
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1660
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000098
  Checksum: 0xA1A0
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1642
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000098
  Checksum: 0xA5F
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1663
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000098
  Checksum: 0x29EF
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1644
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 80000098
  Checksum: 0x91AE
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80


BS1#show ip ospf 3080 border-routers
Load for five secs: 8%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 18:26:53.538 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)


                Base Topology (MTID 0)

Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route

i 3.0.8.15 [1] via 172.30.64.157, Vlan2316, ABR, Area 26, SPF 3
i 3.0.8.16 [1] via 172.30.64.153, Vlan2315, ABR, Area 26, SPF 3


BS1#show ip ospf 3080 database external 0.0.0.0
Load for five secs: 8%/1%; one minute: 8%; five minutes: 8%
Time source is NTP, 18:27:14.647 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Type-5 AS External Link States

  LS age: 1692
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001E6
  Checksum: 0x884C
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 1510
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001E6
  Checksum: 0x8251
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0


BS1#show ip ospf 3080 rib 0.0.0.0
Load for five secs: 8%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 18:27:30.298 UTC Fri Mar 13 2020

%OSPF: Route not in OSPF Base Topology (MTID 0) local RIB


BS1#show ip route vrf Printer ospf
Load for five secs: 8%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 18:27:57.612 UTC Fri Mar 13 2020


Routing Table: Printer
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.30.0.0/16 is variably subnetted, 5 subnets, 2 masks
O        172.30.64.148/30 [110/41] via 172.30.64.157, 22:23:16, Vlan2316
                          [110/41] via 172.30.64.153, 22:23:16, Vlan2315
BS1#
BS1-011#show ip ospf 3080 database asbr-summary
Load for five secs: 12%/1%; one minute: 10%; five minutes: 10%
Time source is NTP, 18:34:05.416 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.1) (Process ID 3080)

                Summary ASB Link States (Area 24)

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1478
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001C3
  Checksum: 0x60B9
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1797
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001BB
  Checksum: 0xFBFC
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1479
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001C4
  Checksum: 0xC27D
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1480
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001C2
  Checksum: 0x52C6
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1652
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.15 (AS Boundary Router address)
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001BA
  Checksum: 0x5EC2
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1661
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.15 (AS Boundary Router address)
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001BA
  Checksum: 0xC681
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 380
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.16 (AS Boundary Router address)
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001B9
  Checksum: 0xE711
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 390
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.16 (AS Boundary Router address)
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001B9
  Checksum: 0x50CF
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80


BS1-011#show ip ospf 3080 border-routers
Load for five secs: 10%/1%; one minute: 10%; five minutes: 10%
Time source is NTP, 18:34:25.712 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.1) (Process ID 3080)


                Base Topology (MTID 0)

Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route

i 3.0.8.11 [1] via 172.30.31.81, Vlan2385, ABR/ASBR, Area 24, SPF 14
i 3.0.8.12 [1] via 172.30.31.85, Vlan2386, ABR/ASBR, Area 24, SPF 14


BS1-011#show ip ospf 3080 database external 0.0.0.0
Load for five secs: 12%/1%; one minute: 10%; five minutes: 10%
Time source is NTP, 18:40:03.822 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.1) (Process ID 3080)

                Type-5 AS External Link States

  LS age: 616
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.11
  LS Seq Number: 800001E7
  Checksum: 0x864D
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 433
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.12
  LS Seq Number: 800001E7
  Checksum: 0x8052
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0


BS1-011#show ip ospf 3080 rib 0.0.0.0
Load for five secs: 11%/0%; one minute: 10%; five minutes: 10%
Time source is NTP, 18:34:48.752 UTC Fri Mar 13 2020


            OSPF Router with ID (3.0.8.1) (Process ID 3080)


                Base Topology (MTID 0)

OSPF local RIB
Codes: * - Best, > - Installed in global RIB
LSA: type/LSID/originator

*>  0.0.0.0/0, Ext2, cost 1, tag 0
     SPF Instance 111, age 1w1d, fwd cost 1
     Flags: RIB
      via 172.30.31.85, Vlan2386
       Flags: RIB
       LSA: 5/0.0.0.0/3.0.8.12
      via 172.30.31.81, Vlan2385
       Flags: RIB
       LSA: 5/0.0.0.0/3.0.8.11


BS1-011#show ip route vrf Printer ospf
Load for five secs: 11%/1%; one minute: 11%; five minutes: 10%
Time source is NTP, 18:35:15.168 UTC Fri Mar 13 2020


Routing Table: Printer
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 172.30.31.85 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.30.31.85, 1w1d, Vlan2386
                [110/1] via 172.30.31.81, 1w1d, Vlan2385
      172.30.0.0/16 is variably subnetted, 18 subnets, 2 masks
O        172.30.31.88/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.31.92/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.31.96/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.31.100/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.31.104/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.31.108/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.31.112/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.31.116/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.31.120/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.31.124/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.33.112/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
O        172.30.33.116/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.33.124/30 [110/41] via 172.30.31.81, 1w1d, Vlan2385
O        172.30.35.28/30 [110/41] via 172.30.31.85, 1w1d, Vlan2386
                         [110/41] via 172.30.31.81, 1w1d, Vlan2385
BS1-011#

Kind regards,
Andreas

 

Hi,

 

    I would open a TAC case as i'm certain there is something buggy, as there is no need for

capability vrf-lite

(it works on on 4K, on the other not), and both 4K's see their directly attached ABR's as "not reachable in the graph of nodes" from the Type4 LSA (one validates it though, BS11, the other one not, BS1).

    

Regards,

Cristian Matei.

Hi,

I was curious about what @paul driver wrote about the

capability vrf lite

command, and found this explanation(https://community.cisco.com/t5/routing/where-to-configure-the-quot-capability-vrf-lite-quot-on-ce-or-pe/td-p/2812305) from @Peter Paluch . It sounds like that the command

capabilty vrf lite

is needed by design, if OSPF is used in conjunction with multiple vrf's.

I think my scenario is exactly what Peter described: R1 (VRF) --- Link in Area 1 --- R2 --- Link in Area 0 --- R3

except that in my case all routers are "holding" the same vrf (Printer). But seems it doesn't matter. The 4500X always acts as a ABR if running OSPF in conjunction with vrf.

Why this being the case that the other 4500X(BS1-011) does not need the

capability vrf lite

command? Could it be the circumstance that is directly connected to the router with the (static) configured route to 0.0.0.0/0. ?

Or I'm totally wrong?

Kind regards,

Andreas

Hi,

 

    OSPF always amazes me, and there is always one corner case when something interesting comes up. Are you willing to do one more test? Configure the Nexus devices, directly attached in the same area as BS1, to inject a default route into OSPF (make sure it does, if necessary use the always keyword), and on the BS1:

show ip ospf 3080 database external 0.0.0.0, show ip ospf asbr-sumamry, show ip ospf rib 0.0.0.0, show ip route vrf Printer ospf.

 

Regards,

Cristian Matei.

Hi,

sure! I had to use the "always" parameter to get the

default-route

into the table of the 4500X(BS1). But this causes traffic to the "Printer-Network" be black-holed if sourced from another site. So I configured this only for a few seconds...

Here is the output:

BS1#show ip ospf 3080 database external 0.0.0.0
Load for five secs: 9%/0%; one minute: 8%; five minutes: 8%
Time source is NTP, 16:59:10.629 UTC Sun Mar 15 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Type-5 AS External Link States

  LS age: 1549
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.11
  LS Seq Number: 80000242
  Checksum: 0xCEA9
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 1370
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.12
  LS Seq Number: 80000242
  Checksum: 0xC8AE
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

  LS age: 113
  Options: (No TOS-capability, No DC, Upward)
  LS Type: AS External Link
  Link State ID: 0.0.0.0 (External Network Number )
  Advertising Router: 3.0.8.15
  LS Seq Number: 80000002
  Checksum: 0x3D79
  Length: 36
  Network Mask: /0
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 1
        Forward Address: 0.0.0.0
        External Route Tag: 0

BS1#


BS1#show ip ospf 3080 database asbr-summary
Load for five secs: 11%/1%; one minute: 8%; five minutes: 8%
Time source is NTP, 17:00:39.590 UTC Sun Mar 15 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)

                Summary ASB Link States (Area 26)

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1633
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 800000F4
  Checksum: 0xFCEA
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1613
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.11 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 800000F4
  Checksum: 0x8836
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1635
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 800000F4
  Checksum: 0x61AD
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1617
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.12 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 800000F4
  Checksum: 0xECF8
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1638
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 800000F4
  Checksum: 0xE8FC
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1619
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.13 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 800000F4
  Checksum: 0x51BB
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 40

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1641
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.15
  LS Seq Number: 800000F4
  Checksum: 0x704C
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 120

  Adv Router is not-reachable in topology Base with MTID 0
  LS age: 1622
  Options: (No TOS-capability, No DC, Upward)
  LS Type: Summary Links(AS Boundary Router)
  Link State ID: 3.0.8.14 (AS Boundary Router address)
  Advertising Router: 3.0.8.16
  LS Seq Number: 800000F4
  Checksum: 0xD80B
  Length: 28
  Network Mask: /0
        MTID: 0         Metric: 80

BS1#


BS1#show ip ospf 3080 rib 0.0.0.0
Load for five secs: 9%/1%; one minute: 8%; five minutes: 8%
Time source is NTP, 17:01:38.993 UTC Sun Mar 15 2020


            OSPF Router with ID (3.0.8.26) (Process ID 3080)


                Base Topology (MTID 0)

OSPF local RIB
Codes: * - Best, > - Installed in global RIB
LSA: type/LSID/originator

*>  0.0.0.0/0, Ext2, cost 1, tag 0
     SPF Instance 17, age 00:04:18, fwd cost 1
     Flags: RIB, PartialSPF
      via 172.30.64.157, Vlan2316
       Flags: RIB
       LSA: 5/0.0.0.0/3.0.8.15
BS1#


BS1#show ip route vrf Printer ospf
Load for five secs: 10%/1%; one minute: 8%; five minutes: 8%
Time source is NTP, 17:02:07.161 UTC Sun Mar 15 2020


Routing Table: Printer
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 172.30.64.157 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.30.64.157, 00:04:47, Vlan2316
      172.30.0.0/16 is variably subnetted, 5 subnets, 2 masks
O        172.30.64.148/30 [110/41] via 172.30.64.157, 00:11:26, Vlan2316
                          [110/41] via 172.30.64.153, 00:11:26, Vlan2315
BS1#

 

Kind regards,

Andreas

Hi,

 

     To keep it simple, yes, in your case the

capability vrf-lite

is needed, per this design only on BS1, but i would add it also on BS11, in case the ASBR's which will do the

default-route

injection are gonna change, which may end you up with BS11 not having the default route anymore; so play safe and put it on both sides. Now as for the explanation:

       1. OSPF must accept all received LSA's as long as it's not a malformed packet, by OSPF design

       2. Per OSPF design with all areas attached to area 0 via ABR's, it means that an ABR should never receive a Type5 LSA inbound on a non-area 0 adjacency (like on area 26) from an OSPF RID which is not attached in that area (26), as this would mean either a discontiguous area 0 or an invalid design such as area0------area26-----areax. BS1 and BS11 behave as ABR's, due to the VRF functionality and inherent connection to the super backbone(super area 0). BS11 sees/receives the Type5 LSA as injected by a router directly attached in the area and it validates it (design is ok, cause BS11 says i'm ABR and i have a neighbor in area xx which is also an ASBR, all good). BS1 sees/receives the Type5 LSA as injected by a router NOT directly attached in the area and it does NOT validate it(design is not ok, cause it's like BS1 is an ABR , attached to another ABR the nexus, which is attached to another area where the ASBR's are residing, which is not possible, to have 2 further areas beyond area 0); the same mechanism for validation happens for Type4 LSA's, that's why it was showing up as "Advertised Router is not reachable", as this is OSPF saying there is something wrong in this design, i can't include that RID in the graph of nodes, it's not reachable per OSPF design

        3. One more reason to have "capability vrf lite" is that without it, both BS1 and BS11 will not validate Type5 LSA's injected by routers not attached to their area, which means any redistribution performed on the routers which are attached only to area 0.

   

Regards,

Cristian Matei.

Hi Cristian,

thank's a lot for the detailed explanation. One thing, if I implement this scenario in the default vrf, the

default-route

is always available on all routers, regardless of the location and without the

capability vrf-lite

command.

Kind regards,

Andreas

 

Hi,

 

  Correct, because if the router does not run OSPF in a VRF, it does not think its connected to the Super Area 0, thus does not behave as an ABR, thus it does not perform checks as an ABR.

 

Regards,

Cristian Matei.

Hi,

yes, I just want to verify - for my understanding.

Kind regards,

Andreas

By default using default information originate command too an OSPF will not send a default route to a network .

 

Use the below command to do it. 

 

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
Router(config)#router ospf 100
Router(config-router)#default-information originate metric 10 metric-type 1
Router(config-router)#exit
Please do not hesitate to click the STAR button if you are satisfied with my answer.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: