Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1823
Views
0
Helpful
13
Replies

OSPF - NSSA & Area 0

Go to solution
jc84_
Level 1
Level 1

‎01-13-2011 05:46 AM - edited ‎03-04-2019 11:04 AM

Hi All,

I'm hoping the community can help me out with this one....

I have a WAN connection to a site that is being brought into my network via MPLS.  The Service Provider and my edge router is using BGP.  The BGP routes are being redistributed into OSPF Area 10 (NSSA).  Those routes are in turn being advertised to one of two Core switches via Area 0.

My deliemma is that I need OSPF to advertise this to the other Core switch..  But their is another WAN router connected to another WAN in Area 0 that I do not want to recieve the routes coming from Area 10 (NSSA).

Basically my requirement is to make sure that routes from WAN A (Area 10) are not advertised to the WAN router in Area 0.

I don't see an easy way around this...

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Lei Tian
Cisco Employee
Cisco Employee
In response to jc84_

‎01-13-2011 01:21 PM

Hi Jeff,

Looks like I was miss interpreted your question. So, you want those redistributed routes pass to core switches in area 0, but not the router in area 0? As other people suggested, you can bring in another routing protocol to meet the requirement. Another way is to extend area 10 into the core switches , so that core switch can learn those routes from area 10, and you filter out those routes into area 0.

HTH,

Lei Tian

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎01-13-2011 06:06 AM 

Jeff.Cartier wrote:
Hi All,
I'm hoping the community can help me out with this one....
I have a WAN connection to a site that is being brought into my network via MPLS.  The Service Provider and my edge router is using BGP.  The BGP routes are being redistributed into OSPF Area 10 (NSSA).  Those routes are in turn being advertised to one of two Core switches via Area 0. 
My deliemma is that I need OSPF to advertise this to the other Core switch..  But their is another WAN router connected to another WAN in Area 0 that I do not want to recieve the routes coming from Area 10 (NSSA). 
Basically my requirement is to make sure that routes from WAN A (Area 10) are not advertised to the WAN router in Area 0.
I don't see an easy way around this...

Jeff

You can use a distribute-list on the other WAN router to stop OSPF installing those routes into the routing table. Note that it does not prevent the WAN router receiving the LSAs as all routers within the same area should have the same LSAs and it doesn't stop that WAN router flooding the LSAs to other routers in area 0 so if there were other routers that you did not want to have these routes you would need to apply the distribute-list there as well which can become a bit of an admin overhead -

OSPF route filtering

Another option would be to put the WAN router into a different area and then use the ospf filter-list command to filter routers but without knowing the topology this may not be of any use.

Jon

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Jon Marshall

‎01-13-2011 06:13 AM

Hi Jon,

I've looked into the distribute-list option and because of the reasons you mentioned I believed it wouldn't be a good fit for this scenario as the route would still be advertised to the other routers across the WAN.

To your second comment, I can't switch the area to the WAN router out of Area 0 because other routers across the WAN are also configured with AREA 0.  We use OSPF as our CE routing protocol to our SP. So I'd likely create a whole lot of havoc .

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to jc84_

‎01-13-2011 06:19 AM 

Jeff.Cartier wrote:
Hi Jon,
I've looked into the distribute-list option and because of the reasons you mentioned I believed it wouldn't be a good fit for this scenario as the route would still be advertised to the other routers across the WAN.
To your second comment, I can't switch the area to the WAN router out of Area 0 because other routers across the WAN are also configured with AREA 0.  We use OSPF as our CE routing protocol to our SP. So I'd likely create a whole lot of havoc .


Well this is not a recommended solution but sometimes you need to be creative.

If i understand correctly all you really want is for the routes to be in the routing table on the 2nd core switch. What you could do is run a separate EIGRP process on both core switches and redistribute the OSPF learned routes into EIGRP which would then be sent to the 2nd core switch.

Jon

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Jon Marshall

‎01-13-2011 06:32 AM

.

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Jon Marshall

‎01-13-2011 06:14 AM

Hello Jeff and Jon,

Another option would be to put the WAN router into a different area and 
then use the ospf filter-list command to filter routers but without 
knowing the topology this may not be of any use.

I was actually thinking of exactly the same thing - Jeff stated that he basically wants to prevent some routes from the area 10 to appear in area 0, at least if that was my correct understanding. The problem I see with using the area filter-list command is that it applies only to internal routes from area 10 advertised to area 0 as inter-area routes. The external routes contained in LSA-5 and LSA-7 are not, to my best knowledge, influenced by the area filter-list command.

So using the distribute-list in as suggested by Jon is probably the only way to go for now, although this command has to be applied on all routers on which the filtering is desired.

Best regards,

Peter

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Peter Paluch

‎01-13-2011 06:33 AM

What if I was to run another OSPF process between these routers.

Run  BGP between the SP PE and our CE.  Then distribute BGP into OSPF (PID  #200) and run OSPF (PID #200) along with the two (2) Core switches.

To  my knowledge, and correct me if I'm wrong...OSPF instances don't  redistribute between each other without redistribution commands.  This  would keep these routes from being advertised into the other OSPF  process and down to the other WAN routers.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to jc84_

‎01-13-2011 06:37 AM 

Jeff.Cartier wrote:
What if I was to run another OSPF process between these routers.
Run  BGP between the SP PE and our CE.  Then distribute BGP into OSPF (PID  #200) and run OSPF (PID #200) along with the two (2) Core switches.
To  my knowledge, and correct me if I'm wrong...OSPF instances don't  redistribute between each other without redistribution commands.  This  would keep these routes from being advertised into the other OSPF  process and down to the other WAN routers.

Jeff

Yes this could work. It's pretty much the same principle as the EIGRP suggestion except you run another OSPF process. I simply chose EIGRP because it's generally less intensive on device resources but if you wanted to keep the same routing protocol everywhere then you could indeed use 2 OSPF pids.

You are correct when you say there is no automatic redistribution.

Jon

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Jon Marshall

‎01-13-2011 06:43 AM

I guess I'm just against EIGRP because of the nieghbor adj. changes when editing distribute-lists.

I can't say I'm a fan of running another OSPF process ontop of the current.  The design just strikes me as messy.  I guess it could be kept as a backup plan.

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to jc84_

‎01-13-2011 07:02 AM

Jeff,

As I have been told in these forums just a few days ago, with the recent EIGRP development regarding the NSF, if you change the distribute list in EIGRP, the adjacency will not flap but merely reinitialize. The routing tables will not be modified until the resync is complete, so the routing table updates are, in a sense, atomic - only a single set of modifications to the routing table will take place, after the EIGRP neighbors have re-synchronized their topology databases.

Best regards,

Peter

0 Helpful

Go to solution
Lei Tian
Cisco Employee
Cisco Employee
In response to jc84_

‎01-13-2011 10:01 AM

Hi Jeff,

In addition to all the brilliant ideas other people have brought up. You can try use summary-address on the ABR to filter out type 5 LSA. Since the ABR is converting type 7 LSA to type 5, so it will become the initiator of type 5 LSA. You should be able to filter out the type 5 LSA from area 10 to area 0.

HTH,

Lei Tian

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Lei Tian

‎01-13-2011 11:50 AM

Hi Lei,

We want the route to advertise from AREA 10 (NSSA) into Area 0....but for that route to not advertise out AREA 0 to other Area 0 routers.  Is this possible?

0 Helpful

Go to solution
Lei Tian
Cisco Employee
Cisco Employee
In response to jc84_

‎01-13-2011 01:21 PM

Hi Jeff,

Looks like I was miss interpreted your question. So, you want those redistributed routes pass to core switches in area 0, but not the router in area 0? As other people suggested, you can bring in another routing protocol to meet the requirement. Another way is to extend area 10 into the core switches , so that core switch can learn those routes from area 10, and you filter out those routes into area 0.

HTH,

Lei Tian

0 Helpful

Go to solution
jc84_
Level 1
Level 1
In response to Lei Tian

‎01-13-2011 05:48 PM

Thanks Lei.  I'll give that a try.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card