I need some help understanding OSPF behaviour in a mini-lab I set up with GNS3. I am seeing a router that is a member of two areas (but not one of them being area 0) use an area (52) different than the area configured for its router-id (19) to reach area 0 when the connection through its own area to area 0 is shut down. Doesn't a Virtual-Link need to be configured for this transit to happen? Or is it just other routers connected to this router that require the Virtual-Link?
I've attached a GNS3 topology and all the configs. I have also included some testing output below.
The scenarion is testing connectivity from area 19 routers lab_aa and lab_A to area 0 router lab_Z when the connection between lab_A and lab_2 is shut down.
I expect that if the link between lab_A and lab_2 is shut down then lab_aa would lose connectivity to area 0 and therefore lab_Z. I am getting this expected result. Here is test data for lab_aa:
L-A-B--aa#sh ip route 18.104.22.168
% Network not in table
L-A-B--aa#sh ip ospf dat sum 22.214.171.124
OSPF Router with ID (126.96.36.199) (Process ID 65525)
Summary Net Link States (Area 19)
LS age: 1036
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 188.8.131.52 (summary Network Number)
Advertising Router: 184.108.40.206
LS Seq Number: 80000004
Network Mask: /32
TOS: 0 Metric: 2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 220.127.116.11, timeout is 2 seconds:
Success rate is 0 percent (0/5)
What I was not expecting was for lab_A to be able to tranist Area 52 to Area 0 without a Virtual-Link configured between it and lab_B. With the link between lab_A and lab_2 shutdown, this test data shows lab_A has connectivity to area 0 router lab_Z.
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 18.104.22.168, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/66/88 ms
Type escape sequence to abort.
Tracing the route to 22.214.171.124
1 126.96.36.199 48 msec 16 msec 24 msec
2 188.8.131.52 44 msec 40 msec 44 msec
3 184.108.40.206 68 msec * 64 msec
L-A-B--A#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
220.127.116.11/8 is variably subnetted, 6 subnets, 2 masks
C 18.104.22.168/32 is directly connected, Loopback0
O IA 22.214.171.124/24 [110/3] via 126.96.36.199, 00:15:35, FastEthernet1/0
O IA 188.8.131.52/32 [110/4] via 184.108.40.206, 00:15:35, FastEthernet1/0
O IA 220.127.116.11/24 [110/4] via 18.104.22.168, 00:15:35, FastEthernet1/0
O 22.214.171.124/32 [110/2] via 126.96.36.199, 00:15:35, FastEthernet0/0
C 188.8.131.52/24 is directly connected, FastEthernet0/0
184.108.40.206/8 is variably subnetted, 3 subnets, 2 masks
O IA 220.127.116.11/32 [110/3] via 18.104.22.168, 00:15:36, FastEthernet1/0
O IA 22.214.171.124/24 [110/3] via 126.96.36.199, 00:15:36, FastEthernet1/0
O IA 188.8.131.52/32 [110/4] via 184.108.40.206, 00:15:36, FastEthernet1/0
220.127.116.11/8 is variably subnetted, 3 subnets, 2 masks
O 18.104.22.168/32 [110/2] via 22.214.171.124, 01:03:44, FastEthernet1/0
C 126.96.36.199/24 is directly connected, FastEthernet1/0
O 188.8.131.52/24 [110/2] via 184.108.40.206, 01:03:46, FastEthernet1/0
Neighbor ID Pri State Dead Time Address Interface
220.127.116.11 1 FULL/BDR 00:00:33 18.104.22.168 FastEthernet0/0
22.214.171.124 1 FULL/DR 00:00:37 126.96.36.199 FastEthernet1/0
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 65525 19 188.8.131.52/32 1 LOOP 0/0
Fa0/0 65525 19 184.108.40.206/24 1 DR 1/1
Fa2/0 65525 19 220.127.116.11/24 1 DOWN 0/0
Fa1/0 65525 52 18.104.22.168/24 1 BDR 1/1
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 22.214.171.124 YES manual up up
FastEthernet1/0 126.96.36.199 YES manual up up
FastEthernet2/0 188.8.131.52 YES manual administratively down down
FastEthernet3/0 unassigned YES unset administratively down down
Loopback0 184.108.40.206 YES manual up up
Looking at the config pdf file, router Lab_A is configured in both Area 19 and Area 52, so this router can use its interface in area 52 to get to the backbone Area 0 with no problem, nothing special happening here. it is an area border router so it's considered a member of both Area's.
now, if i wanna give u an example of where virtual links come in handy... using this scenario, if we cut the link between area 19 and area 0 (Lab_2 & Lab_B). then the only way area 19 routers can get to the backbone area is going through area 52. here you can setup a virtual link between Lab_A and Lab_B > area 52 virtual-link x.x.x.x to give way to all rtrs in area 19.
plz Rate helpful posts.
Soroush is 100% correct. Right now, everything is great but taking into consideration if one of the circuits were to go down either from lab_1 to lab_b or lab_2 to lab_b, either of these sites would no longer be able to get to Area 0. You would need a vLink between lab_1 and lab_A router to extend Area 0 to the other area.
Hey john, thx for the comment. but are you sure about the routers u mentioned for virtual-link config? Lab_1 and Lab_A.
Lab_1 is totally in are 52, and virtual-links must be made between 2 ABR's, in this case Lab_A and Lab_B.
Nope. You're correct and I put the wrong router down. The virtual link would be created between lab_a and lab_b through area 1. +5 for catching it...
Soroush and J., Thanks for the responses.
I was under the impression that, even though lab_A has interfaces configured in Area 52 and Area 19, the fact that it has its router-id configured in Area 19 was most important, so it couldn't just become a member of Area 52. The data seems to show otherwise. OK, so there exists a class, "Non-0 Multi Area Router"? This router can reach Area 0 through any area it has an interface configured in, even though none of them are Area 0?
I see that since router lab_A has no interface configured in Area 0, it can not perform the ABR function for other Area 19 routers (lab_aa) to get to Area 0 until a Virtual-Link to 0 is configured (between lab_A and lab_B).
Greg, u might already know these, but let me describe it this way;
1. Technically ABR is a router that has an interface in Area 0, and is able to produce n send LSA type 3. therefor technically speaking, LAB_A is not an ABR at all. although its a multi area router, if you do a show ip ospf database within an Area you'll see all the ABRs that exist in that Area, under Summary Net Link States section.
2. When there is ospf process running on a router, the router will become a member of each Area that it has an interface configured within that area, and it will receive Database info about those Areas. But if none of them is Area 0, this router will not be able to do inter-area routing.
so being a member of multi-area's doesn't necessarily mean that Area 0 must be involved.
3. about the router-id, it is usually the highest ip address on the router or the highest Loopback interface's. a RID of 19 doesnt represent the Area, it is actually the loopback 0 ip add, in this config.
4. when you create a virutal-link, u virtually stretch the router to reach Area 0 and make it an ABR, capable of producing LSA 3.
The main thing about area 0 is that, it acts as the OSPF backbone to connect different Areas or do inter-Area routing.
Hope it Helps,
Thanks Soroush, the review was helpful.
Regarding number 3 from your list. The router-id is the loopback, but there is also a network statement for that IP in Area 19. That is why I did not think lab_A could become an Area 52 internal router and get to the core that way. It seems that configuring the router-id in an area with a network statement does restrict the router to that area. This is the insight I think the data is showing me that I had not known before.
I should reject it Greg, RID doesnt ristrict the router. Router id (RID) is an arbitrary value in the IP address format, just like a name for the routing process, should be unique n it represents the router in the ospf process. you can set it manually (fixed) by ur choice, or leave it to the router itself to choose, in case of automatic RID it may change at certain times.
** what i wrote in the item #3 is the way that the automatic process chooses a RID for ospf.
I have finally seen the light. I wasn't thinking properly. I was thinking too generally. I was thinking in terms of routers ("lab_A can get to lab_Z"), but it really only makes sense to think in terms of networks. Basic stuff.
Just because "lab_A" (actually 220.127.116.11) can ping the router-id 18.104.22.168 on lab_Z when the link between lab_A and lab_2 is down doesn't help connectivity to Area 0 for anything on lab_A except its network configured in Area 52 (22.214.171.124/24).
Imagine all the routers in this network running BGP and peering to the loopback/router-id addresses. Peering would be lost between lab_A and lab_Z (when the link between A and 2 goes down) even though a simple ping from lab_A to lab_Z works. Great, the virtual-link is needed after all. I feel better now. I guess this is a good reminder for not to using simple pings to verify network functionality.