cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3589
Views
6
Helpful
5
Replies

OSPF - NSSA Forwarding Address 0.0.0.0 Value

jas2061461
Level 1
Level 1

So I have been racking my brain with OSPF for the past couple months and have had a minor setback in dealing with the Forwarding Address value in the LSA Type-5s and Type-7s. 

Certain conditions must be met on the router that is generating the LSA Type-5 for the forwarding address to be 0.0.0.0 or some non-zero value.  For instance, the next-hop interface not being apart of the OSPF domain will mandate a 0.0.0.0 forwarding address.  I have experimented with this and other circumstances for the past hour or so.  My issue pertains to the Forwarding Address of a Type-7 LSA.

In all cases that I have experimented with, the ASBR in the NSSA is generating a Type-7 LSA w/ a forwarding address of a non-zero value.  I have made sure that the router follows the criteria for it to produce a 0.0.0.0 value.  However, there is always a non-zero value in the forwarding address parameter.  My book, Troubleshooting IP Routing Protocols, (page 313) states if the next-hop interface is either OSPF passive, turned of on the outgoing interface, the interface is not point-to-point or p-2-m or the interface belongs to the network command, the type-5 LSA will produce a 0.0.0.0 value. When it described LSA type-7s on page 322, it says there additional rules apply, if the type-5's are true:

-"Use one of the loopback addresses"...

-..."use the address of the first interface in that area"

In short here is my question: is it dictated that an Type-7 LSA has a non-zero value (at least until it has been translated to a Type-5)?  It appears that that is what the book is trying to state, but it is not simply and explicitly stated.  Thank you for your time.

5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

The RFC might be more clear then the book:

from RFC 1587, Section 4.1

All type-7 routes that have been added to the routing table should be
   examined.  If the type-7 LSA (associated with the route being
   examined) has the P-bit set and a non-zero forwarding address, the
   following steps should be taken.

      The translation procedure must first check for a configured type-7
      address range.  Recall that an type-7 address range consists of an
      [address,mask] pair and a status indication of either Advertise or
      DoNotAdvertise.  At most a single type-5 LSA is made for each
      range.  If the route being examined falls within the type-7
      address range, (the [address,mask] pair of the route equal to or a
      more specific instance of the [address,mask] pair of the type-7
      address range), one of following three actions may take place.

https://tools.ietf.org/html/rfc1587#section-4.1

HTH

This taught me some extra stuff about the Type-7 to Type-5 translation; however, I am still lost w/ the forwarding address within the NSSA.  For instance, a router within the NSSA area which is not an ASBR or ABR appears to only see the Type-7 address w/ a non-zero value.  Is this true?  I ran through the RFC and did not find an explicit notation of this, yet I can't prove either way via lab configuration. 

Might this be true? - the Forwarding Address is used to indicate where to forward traffic, whether directly toward the ASBR or indirectly towards an ABR - like in the case if the Type-7 is translated to a Type-5 and the forwarding address is non-zero.  Therefore, the use of the Forwarding Address within the local NSSA is irrelevent, since it is neither passing through an additional ABR or transiting an area? 

**Wanted to add that I read through just about every subsection which pertained to NSSAs but did not find anything. 

Hello Jas,

For instance, a router within the NSSA area which is not an ASBR or ABR  appears to only see the Type-7 address w/ a non-zero value.  Is this  true?

The RFCs say that if an ASBR within an NSSA area originates an LSA-7 that is supposed to be propagated to the backbone as LSA-5 (i.e. translated), it must set the forwarding address to a non-zero value. If the LSA-7 is local to the NSSA area only and is not supposed to be propagated as LSA-5, the forwarding address may be zero.

For most cases, the LSA-7 will indeed have their forwarding address set to a non-zero value. Cisco NSSA implementation does not seem to have a user-accessible knob that would allow a NSSA ASBR to originate LSA-7 with the P-bit (the Propagate bit saying this particular LSA-7 is to be translated to LSA-5) cleared, and hence allow the forwarding address to be set to zero. The only situation when an ASBR clears the P-bit and therefore may leave forwarding address at zero is when the ASBR redistributes a network both as LSA-5 and LSA-7. This is a rather specific scenario that occurs when the ABR between the NSSA area and the backbone also performs a redistribution and injects the redistributed networks both into the backbone as LSA-5, and into the NSSA area as LSA-7. These LSA-7 may have their forwarding address set to zero.

So, while there is an option of LSA-7 having its forwarding address set to zero, it is an uncommon occurence.

Therefore, the use of the Forwarding Address within the local NSSA is irrelevent, since it is neither passing through an additional ABR or transiting an area?

Basically yes. For an internal router inside an NSSA area, if the LSA-7 has no forwarding address then the traffic is directed to the originator of the LSA-7, and if has a forwarding address then this address is either one of the originator's own IP addresses, or it is an address that is behind that router, so again, the traffic needs to reach the originating router. In other words, using the forwarding address or not makes no difference inside an NSSA area, as the traffic would be still directed towards the router that originated the LSA-7.

The real purpose of the forwarding address is to help choose the optimal path towards the external redistributed network when the traffic comes from or from behind the backbone and is about to traverse the NSSA area. As you know, only a single ABR translates the LSA-7 to LSA-5. This ABR is chosen by its Router ID. If there was no forwarding address in the LSA-7 that gets copied into the translated LSA-5, all traffic for the external network would enter the NSSA area through this single ABR only, even though the path towards the NSSA ASBR may not be optimal through that ABR. However, because the internal networks inside an NSSA area are known as inter-area OIA routes to the backbone through all ABRs the NSSA area has, and because the forwarding address falls into one of these OIA routes, the backbone can make much better decisions as to which ABR should be used to enter the NSSA area for this external destination. In fact, the ABR that performs 7-to-5 translation merely works as a route server - it injects routes but it is not the next hop towards them - rather, the forwarding address indicates the proper "next hop".

Please feel welcome to ask further!

Best regards,

Peter

hello,peter,

i am a chinese ,my english is very bad. so, sorry.

my question is,

why , single ABR translates the LSA-7 to LSA-5 ?

all of the nssa ABR translates and the forwarding address =0.0.0.0,will get better?

prashant1990
Level 1
Level 1

No it is not dictated that forwarding address will always be a non zero value. It will be non zero only when redistributing from an external protocol into the NSSA. But if the internal NSSA router redistributes its loopback interface for example the forwarding address of the type 7 LSA created by the internal NSSA router will be all zero. Also the P bit will not be set, so no type 7 to type 5 translation will occur.

https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/200066-Understand-Selection-of-Forwarding-Addre.html

 

read this article it might help you understand. And make a small change, make a loopback on the internal router in the NSSA and redistribute it into the NSSA. You will see a zero forwarding address on the ASBR

Review Cisco Networking for a $25 gift card