Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
990
Views
20
Helpful
3
Replies

OSPF ABR LSA-3 Antiloop prevention

Go to solution
Americo Massotti
Level 1
Level 1

‎08-29-2021 04:09 AM

 

Hello everybody.

 

I have a question about ABR LSA-3 flooding antiloop.

I have a topology like this one in the diagrom below.

 

ospf_lsa3.jpg

 

So, I have a backbone area, a non-backbone area and two ABR.

 

When the two ABR create and flood LSA-3 from backbone to non-backbone and viceversa I have a doubt about antiloop prevention.

 

For the Loopback 20.20.20.0/24, both ABR create LSA-3 and flood it in Area 1.

So, each of them receive the LSA-3 20.20.20.0/24 from the other.

However because they are ABR (Have a Interface in Area 0 in “UP” state), receive but not use it because the LSA-3 arrived from a non-backbone Area (1).

For my understanding this is Why the ABR not flood it back to Area 0. It’s right?

 

However for the LSA 10.10.10.0/24 that they receive and create LSA-3 and flood in Area 0: Like above, each of them receive it from the other ABR.

In this case however they receive it from Backbone Area, so can accept and use it safely.

What stop the ABR to flood it back to Area 1?

I perform a Wireshark capture and clearly see that the two ABR working correctly without flood it back.

 

Maybe because they see from the OSPF DB that they have LSA-1 for each of them?

Thanks a lot.

 

Americo

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-29-2021 08:16 AM

Hello Americo,

Great questions, and deep thinking about OSPF! Respect!

There are two very important things about LSA-3 to remember.

First, they are not flooded across ABRs even if it appears that way. Rather, ABRs originate and re-originate those LSA-3. As an example, imagine that you have an OSPF network that contains three areas: Area 1, Area 0, Area 2. For some network X in area 1, the ABR between areas 1 and 0 will originate an LSA-3 and flood it into area 0. The other ABR between areas 0 and 2 will receive the LSA-3, but it won't flood it directly into area 2. Instead, after computing its own internal routing table for OSPF routes, it will originate its own LSA-3 on behalf of the network X, increase the cost accordingly to account for the distance across area 0, and only then flood it into area 2. The LSA-3 flooded into area 2 is not the one that was initially originated by the ABR between areas 1 and 0 - it's a reoriginated LSA-3 created by the ABR between areas 0 and 2. Note that because the ABR re-originates the LSA-3 instead of just flooding it, it can also decide to not to originate it if it has reasons to do so.

And this is the gist of the second fact to notice: An OSPF router won't originate a LSA-3 for a network X back into an area whose link-state dabase led to the discovery of the network X in the first place, or that holds the next hops for the network X. This is mandated by RFC2328 Section 12.4.3:

To determine which routes to advertise into an attached Area
A, each routing table entry is processed as follows.
Remember that each routing table entry describes a set of
equal-cost best paths to a particular destination:

[...]

o   Else, if the area associated with this set of paths is
the Area A itself, do not generate a summary-LSA for the
route.[17]

o   Else, if the next hops associated with this set of paths
belong to Area A itself, do not generate a summary-LSA
for the route.[18] This is the logical equivalent of a
Distance Vector protocol's split horizon logic.

[...]

It is an extract from a larger set of rules on how to generate LSA-3 for routes in the internal OSPF's routing table. The first bullet in the extract above prevents an ABR from injecting an LSA-3 into the same area whose own link-state database (through LSA-1 and LSA-2 in case of the "home" area of network X, or LSA-3 in case of area 0 or other non-backbone areas) led to creating the routing table entry for the network X in the first place. The second bullet prevents an ABR from injecting an LSA-3 into another area that holds the next hop toward the network X.

Needs a little head-wrapping around the stuff : ) Please feel free to ask further!

Best regards,
Peter

 

View solution in original post

3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-29-2021 08:16 AM

Hello Americo,

Great questions, and deep thinking about OSPF! Respect!

There are two very important things about LSA-3 to remember.

First, they are not flooded across ABRs even if it appears that way. Rather, ABRs originate and re-originate those LSA-3. As an example, imagine that you have an OSPF network that contains three areas: Area 1, Area 0, Area 2. For some network X in area 1, the ABR between areas 1 and 0 will originate an LSA-3 and flood it into area 0. The other ABR between areas 0 and 2 will receive the LSA-3, but it won't flood it directly into area 2. Instead, after computing its own internal routing table for OSPF routes, it will originate its own LSA-3 on behalf of the network X, increase the cost accordingly to account for the distance across area 0, and only then flood it into area 2. The LSA-3 flooded into area 2 is not the one that was initially originated by the ABR between areas 1 and 0 - it's a reoriginated LSA-3 created by the ABR between areas 0 and 2. Note that because the ABR re-originates the LSA-3 instead of just flooding it, it can also decide to not to originate it if it has reasons to do so.

And this is the gist of the second fact to notice: An OSPF router won't originate a LSA-3 for a network X back into an area whose link-state dabase led to the discovery of the network X in the first place, or that holds the next hops for the network X. This is mandated by RFC2328 Section 12.4.3:

To determine which routes to advertise into an attached Area
A, each routing table entry is processed as follows.
Remember that each routing table entry describes a set of
equal-cost best paths to a particular destination:

[...]

o   Else, if the area associated with this set of paths is
the Area A itself, do not generate a summary-LSA for the
route.[17]

o   Else, if the next hops associated with this set of paths
belong to Area A itself, do not generate a summary-LSA
for the route.[18] This is the logical equivalent of a
Distance Vector protocol's split horizon logic.

[...]

It is an extract from a larger set of rules on how to generate LSA-3 for routes in the internal OSPF's routing table. The first bullet in the extract above prevents an ABR from injecting an LSA-3 into the same area whose own link-state database (through LSA-1 and LSA-2 in case of the "home" area of network X, or LSA-3 in case of area 0 or other non-backbone areas) led to creating the routing table entry for the network X in the first place. The second bullet prevents an ABR from injecting an LSA-3 into another area that holds the next hop toward the network X.

Needs a little head-wrapping around the stuff : ) Please feel free to ask further!

Best regards,
Peter

 

Go to solution
Americo Massotti
Level 1
Level 1
In response to Peter Paluch

‎08-29-2021 08:46 AM

Helle Peter,

 

Thanks a lot for the awesome explanation.

It’s always a pleasure to read your content.

 

My big mistake was to think about the flooding of the LSA-3

I thank you for the time you have dedicated to me/us.

 

I save it for my study paper

Have you a nice day.

 

Americo

 

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Americo Massotti

‎08-29-2021 01:40 PM

Hi Americo,

Very much welcome. Thank you for your kind words - very sincerely appreciated!

Take good care.

Best regards,
Peter

 
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card