Hi MHM

Router is also on area 0, my concern is about SW2, the interface toward SW1 is on OSPF area 0, working fine.

do it's necessary to create on SW2 a second zone (stub area) for only connected interfaces (vlans) 

EDIT

Router to SW1 there is static route (correct)

config NSSA area x between sw1-sw2

Config vlan in area 0 in sw2

Dont redistrubte direct in SW2 for vlan subnet instead config ospf under each vlan SVI.

Now you isolated your network via NSSA and make router know vlan subnet IP.

MHM

Router is for WAN connections and it' has static route to remote office.

SW2 is catalyst L3 not Nexus, if i do not distribute connected vlan subnet, SW2 will not inject theses ip to area 0

i'm right? Thanks

MHM

Hi MHM

find below the config of SW2

SW2#sh running-config

!
hostname SW2
!

!
ip routing
!
no ip domain lookup
!

vlan 2,21-22
!
vlan 23
name DATA-SW3
!
vlan 24
name DATA-SW4
!
vlan 25
name DATA-SW5
!
vlan 26-27
!
vlan 28
name DATA-SW6
vlan 28
name DATA-SW6
!
vlan 29
name WIFI1
!
vlan 30
name WIFI2
!
vlan 31-33,55,100-103
!
vlan 168
name V168
!
vlan 999
name NATIF
!
!

!
interface Loopback0
ip address 10.4.20.33 255.255.255.255
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet1/0/1
switchport access vlan 27
switchport voice vlan 100
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 27
switchport voice vlan 100
spanning-tree portfast
!
interface GigabitEthernet1/0/3
description "PORT DEDIE AU WIFI"
switchport access vlan 26
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport access vlan 27
switchport voice vlan 100
spanning-tree portfast
!

!
interface TenGigabitEthernet1/1/1
description Link CNSS-SIEGE-CORE1
no switchport
ip address 10.4.80.50 255.255.255.252
ip pim sparse-mode
ip ospf network point-to-point
ip ospf dead-interval minimal hello-multiplier 4
load-interval 30
carrier-delay msec 0
auto qos trust dscp
service-policy input AutoQos-4.0-Trust-Dscp-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
!

interface Vlan2
ip address 10.4.20.1 255.255.255.224
!
interface Vlan21
ip address 10.4.21.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan22
ip address 10.4.22.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan23
ip address 10.4.23.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan24
ip address 10.4.24.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan25
ip address 10.4.25.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan26
ip address 10.4.26.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan27
ip address 10.4.27.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan28
ip address 10.4.28.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan32
ip address 10.4.32.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan33
ip address 10.4.33.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan55
ip address 10.4.55.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan100
ip address 10.4.34.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan101
ip address 10.4.35.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan102
ip address 10.4.36.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan103
ip address 10.4.37.1 255.255.255.128
ip helper-address 172.16.100.5
!
interface Vlan168
ip address 172.16.168.1 255.255.248.0
ip helper-address 172.16.100.5
!
router ospf 1
router-id 10.4.20.33
area 20 stub no-summary
timers throttle spf 10 100 5000
timers throttle lsa 10 100 5000
timers lsa arrival 80
passive-interface default
no passive-interface TenGigabitEthernet1/1/1
network 10.4.20.0 0.0.0.31 area 20
network 10.4.20.32 0.0.0.31 area 20
network 10.4.21.0 0.0.0.127 area 20
network 10.4.22.0 0.0.0.127 area 20
network 10.4.23.0 0.0.0.127 area 20
network 10.4.24.0 0.0.0.127 area 20
network 10.4.25.0 0.0.0.127 area 20
network 10.4.26.0 0.0.0.127 area 20
network 10.4.27.0 0.0.0.127 area 20
network 10.4.28.0 0.0.0.127 area 20
network 10.4.32.0 0.0.0.127 area 20
network 10.4.33.0 0.0.0.127 area 20
network 10.4.34.0 0.0.0.127 area 20
network 10.4.35.0 0.0.0.127 area 20
network 10.4.36.0 0.0.0.127 area 20
network 10.4.37.0 0.0.0.127 area 20
network 10.4.55.0 0.0.0.127 area 20
network 10.4.80.48 0.0.0.3 area 0
network 172.16.168.0 0.0.7.255 area 20
!
SW2#

Hi 

Did you try NSSA between SW1 and SW2 ?

Why you decide to use stub in Core SW? 

MHM

Hi MHM

i didn't try NSSA between SW1 and SW2

maybe my diagram is little false, SW1 and SW2 collasped distrbution switches, so, the ospf backbone area 0 is on the both switches.

SW1 and SW2 has vlans configured with on theirs SVI.

i did and test 2 options

Option 1: on each sw2 used the command redistribute connected subnets, with this option on others switches, the routes are O E2

Option 2: on sw2 used a stud area no-summary, with with option, i have the same result on others switch, but the routes are O IA

my question, what is better, using option 1 or 2

I read your post and select of answer' and my concern is lsa5.

We definitely know static will add as lsa5 so that we effect our design' 

Our design must not include any stun (totally stub).

It can contain NSSA or standard.

Since you correct the info of the two SW must in area 0 (which mandatory for any DC) then you dont use stub and NO NEED OIA instead use E1/E2 with redistrubte connect (easy way).

Good luck freind 

MHM

Hi MHM,

The best way is use redistribute connected subnets instead using a stub area righ?

i tested, the two options are working fine with redistributed connected subnets and using stub area on switch with vlans.

on thing, with using stub area, i can summarize the network on the stub area,

finally, what is the best option?

SW1-SW2-many vlan's

SW1-SW2 is area0 backbone (allow lsa1/2/3/4/5) 

So using area in SW 2 and redistrubte vlan and use summary is the ideal solution. (Summary can use with any area).

The SW1 will see only summary.

Now stub config in SW2 what will advertise if all vlan is redistrubte as E1/E2?

MHM

I will run lab to test router as ASBR and ABR and redistrubte and summary.

The SW2 will be ABR and ASBR in same time I meed to see effect on ospf db.

I will update you later tonight 

MHM

Good idea friend, will waiting your update

Thanks