cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3669
Views
0
Helpful
23
Replies

OSPF Redistribution Question

Nigel Pyne
Level 1
Level 1

Router A is an ASBR in a NSSA. Redistributing routes from RIP into OSPF which includes a default route.

Router B is the ABR between the NSSA and Area 0. It receives all the redistributed routes as LSA Type 7.

Router C is another ABR between Area 0 and Area 1. It receives all the redistributed routes from Router A as LSA Type 5. . . bar the default route. The Link State Database has no record of an LSA for the default route.

Is this normal operation? I need a categorical answer on this please.

If it is normal operation, is the 'default-information originate' command required on Router B?

Thanks

23 Replies 23

Hello Manish,

I've just verified that and see what you mean. Allright, let's go over it (and let me immediately thank you because during the process of verifying this, I learned something new!)

1> Cisco's example where the ABR does not have the default route but  is still origanating the default info in the NSSA , the output shows "NO  type 7/5 translation" 

In this case, the output is from the command show ip ospf database nssa-external where the router tries to decipher all bits in the Options field of the particular LSA-7. The comment of "No Type 7/5 translation" in effect describes the setting of the P-bit in this particular LSA, and it tells the translator whether this particular LSA-7 is to be translated to LSA-5. If the bit is cleared, the LSA-7 will not be translated. If the bit is set, the LSA will be translated.

Now, according to RFC 3101 Section 2.4:

   A Type-7 default LSA for the network 0.0.0.0/0 may be originated into
   the NSSA by any NSSA router.  The Type-7 default LSA originated by an
   NSSA border router must have the P-bit clear.  An NSSA ASBR that is
   not an NSSA border router may originate a Type-7 default LSA with the
   P-bit set.  A Type-7 default LSA may be installed by NSSA border
   routers if and only if its P-bit is set. 

In other words, if you configure the area X nssa default-information-originate on an ABR, this LSA-7 will always have the P-bit cleared and hence will not be translated into LSA-5 and forwarded through the backbone. However, if you configure the same command on an internal NSSA router, the LSA-7 with the default route will have the P-bit set and thus will be permitted for translation to LSA-5 on an ABR.

An interesting behavior of Cisco routers is that if both an ABR and an internal NSSA router have this command configured, all internal routers will flush their own LSA-7 with the default route, and hence, only the ABR-originated default route will be present in the NSSA area.

The same goes for the second example on the wiki.nil.com.

What I originally had in mind was the line in the show ip ospf  output that says: "Perform type-7/type-5 LSA translation", and that was originally the issue I reacted to. I thought you were talking about that one, instead of the P-bit in LSA-7 headers.

Does all of this make sense? I am not sure if I understand it myself

Best regards,

Peter

Hi Peter,

I was refering to the P bit and your explanation is perfect as always , I should have been more clear on that.

This is very interesting indeed , thanks for sharing that :-

An interesting behavior of Cisco routers is that if both an ABR and an internal NSSA router have this command configured, all internal routers will flush their own LSA-7 with the default route, and hence, only the ABR-originated default route will be present in the NSSA area.


I am really waiting for the person that started this discussion to share some outputs & configurations.

Thanks

Manish

Nigel Pyne
Level 1
Level 1

Thanks for all the responses - interesting stuff.

It turns out that my colleague who is working on this has gone on leave and I'm not going to be able to get the configs, etc. until he returns. If you're willing to wait and follow this thread I promise I'll post the configs once I get them - in about a week's time.

Nigel

Nigel Pyne
Level 1
Level 1

So earlier than expected I've managed to get the following. The OSPF config on RouterB -

router ospf 100

router-id 192.168.250.2

log-adjacency-changes

area 20 authentication message-digest

area 20 nssa

passive-interface default

no passive-interface Vlan196

no passive-interface Vlan197

no passive-interface Vlan199

network 10.250.40.0 0.0.0.255 area 0

network 192.168.254.56 0.0.0.7 area 20

network 192.168.0.0 0.0.255.255 area 0

default-information originate

!

And the output of 'show ip ospf database nssa-external' -

            OSPF Router with ID (192.168.250.2) (Process ID 100)

                Type-7 AS External Link States (Area 20)

  Routing Bit Set on this LSA

  LS age: 1746

  Options: (No TOS-capability, Type 7/5 translation, DC)

  LS Type: AS External Link

  Link State ID: 0.0.0.0 (External Network Number )

  Advertising Router: 192.168.254.17

  LS Seq Number: 8000089E

  Checksum: 0x3051

  Length: 36

  Network Mask: /0

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 10

        Forward Address: 0.0.0.0

        External Route Tag: 0

  Routing Bit Set on this LSA

  LS age: 1746

  Options: (No TOS-capability, Type 7/5 translation, DC)

  LS Type: AS External Link

  Link State ID: 10.207.84.0 (External Network Number )

  Advertising Router: 192.168.254.17

  LS Seq Number: 8000089E

  Checksum: 0x22AA

  Length: 36

  Network Mask: /22

        Metric Type: 1 (Comparable directly to link state metric)

        TOS: 0

        Metric: 20

        Forward Address: 0.0.0.0

        External Route Tag: 0

  Routing Bit Set on this LSA

  LS age: 763

  Options: (No TOS-capability, Type 7/5 translation, DC)

  LS Type: AS External Link

  Link State ID: 192.168.194.0 (External Network Number )

  Advertising Router: 192.168.254.57

  LS Seq Number: 800000D9

  Checksum: 0x4AAB

  Length: 36

  Network Mask: /25

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 20

        Forward Address: 192.168.254.17

        External Route Tag: 0

As you can see Type 7/5 translation should be taking place which implies that RouterA is correctly configured with the 'area 20 nssa default-information-originate' command. I can't verify this absolutely because RouterA belongs to a third party and I can't access this router. However, from what I've read from your posts we can conclude it is configured right.

So why isn't RouterC seeing the default route as a Type 5? It isn't receiving any default route LSA! Is it because RouterB is configured with the 'default-route originate' command? From what I can tell this command is superfluous for RouterB as it should just translate 0.0.0.0 from type 7 to type 5 LSA and flood through area 0?

Nigel

Nigel

The "default-information originate" on router B is superfluous assuming you are receiving a default-route from router A but having it there would not stop C receiving the route, at least not in my lab anyway.

Could you perhaps provide the following info -

1) how is router B connected to router A ie. what connection type serial/ethernet etc.

2) the actual interface on router B that connects to A

2) the configs of both router B and router C

Jon

Hi Jon

RouterB is connected to RouterA via fastethernet.

Could you advise what sections of the config you would like to see. The configs are large and would take some redacting in order to preserve the customer's security.

Nigel

Nigel

I was really looking for interface configs for the connected routers + ospf config and if there are any acls/filters applied then the access-lists for those filters.

I can't emulate your problem at the moment.

Also can ou post the output of "sh ip ospf database external" from router B.

Jon

Nigel,

Can you please verify :-

1> You see route  192.168.194.0/25 installed in Router C ?

2> You do not see default route or 10.207.84.0/22 installed in router C ?

Thanks

Manish

Nigel,

Have not heard anything from you but here's something interesting from RFC3101 Section 3.2  :-

"If the Type-7 LSA has the P-bit clear, or its forwarding
          address is set to 0.0.0.0, or the most specific Type-7 address
          range that subsumes the LSA's network has DoNotAdvertise
          status, then do nothing with this Type-7 LSA and consider the
          next one in the list.  Otherwise term the LSA as translatable
          and proceed with step (2)."

So even if you see type7/5 tranlation on the ABR , it will not translate the LSA
type 7 to type 5 for the above mentioned reason.

Also, in your output of 'show ip ospf database nssa-external' from ABR the forwarding
address is set to 0.0.0.0 which doesn't sound right according to this RFC extract.

Manish

Review Cisco Networking for a $25 gift card