Is transit to OSPF Area 0 possible without a Virtual-Link?

aimarchitect · ‎07-06-2012

Hi,

I need some help understanding OSPF behaviour in a mini-lab I set up with GNS3. I am seeing a router that is a member of two areas (but not one of them being area 0) use an area (52) different than the area configured for its router-id (19) to reach area 0 when the connection through its own area to area 0 is shut down. Doesn't a Virtual-Link need to be configured for this transit to happen? Or is it just other routers connected to this router that require the Virtual-Link?

I've attached a GNS3 topology and all the configs. I have also included some testing output below.

The scenarion is testing connectivity from area 19 routers lab_aa and lab_A to area 0 router lab_Z when the connection between lab_A and lab_2 is shut down.

I expect that if the link between lab_A and lab_2 is shut down then lab_aa would lose connectivity to area 0 and therefore lab_Z. I am getting this expected result. Here is test data for lab_aa:

L-A-B--aa#sh ip route 100.0.0.1

% Network not in table

L-A-B--aa#sh ip ospf dat sum 100.0.0.1

OSPF Router with ID (19.19.19.1) (Process ID 65525)

Summary Net Link States (Area 19)

LS age: 1036

Options: (No TOS-capability, DC, Upward)

LS Type: Summary Links(Network)

Link State ID: 100.0.0.1 (summary Network Number)

Advertising Router: 100.0.0.100

LS Seq Number: 80000004

Checksum: 0x9277

Length: 28

Network Mask: /32

TOS: 0 Metric: 2

L-A-B--aa#

L-A-B--aa#ping 100.0.0.100

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 100.0.0.100, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

L-A-B--aa#

What I was not expecting was for lab_A to be able to tranist Area 52 to Area 0 without a Virtual-Link configured between it and lab_B. With the link between lab_A and lab_2 shutdown, this test data shows lab_A has connectivity to area 0 router lab_Z.

L-A-B--A#ping 100.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 100.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/66/88 ms

L-A-B--A#trace 100.0.0.1

Type escape sequence to abort.

Tracing the route to 100.0.0.1

1 52.1.0.1 48 msec 16 msec 24 msec

2 52.2.0.2 44 msec 40 msec 44 msec

3 100.1.0.1 68 msec * 64 msec

L-A-B--A#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

19.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

C 19.19.19.19/32 is directly connected, Loopback0

O IA 19.3.0.0/24 [110/3] via 52.1.0.1, 00:15:35, FastEthernet1/0

O IA 19.19.19.2/32 [110/4] via 52.1.0.1, 00:15:35, FastEthernet1/0

O IA 19.2.0.0/24 [110/4] via 52.1.0.1, 00:15:35, FastEthernet1/0

O 19.19.19.1/32 [110/2] via 19.1.0.1, 00:15:35, FastEthernet0/0

C 19.1.0.0/24 is directly connected, FastEthernet0/0

100.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA 100.0.0.100/32 [110/3] via 52.1.0.1, 00:15:36, FastEthernet1/0

O IA 100.1.0.0/24 [110/3] via 52.1.0.1, 00:15:36, FastEthernet1/0

O IA 100.0.0.1/32 [110/4] via 52.1.0.1, 00:15:36, FastEthernet1/0

52.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O 52.52.52.52/32 [110/2] via 52.1.0.1, 01:03:44, FastEthernet1/0

C 52.1.0.0/24 is directly connected, FastEthernet1/0

O 52.2.0.0/24 [110/2] via 52.1.0.1, 01:03:46, FastEthernet1/0

L-A-B--A#

L-A-B--A#sion

Neighbor ID Pri State Dead Time Address Interface

19.19.19.1 1 FULL/BDR 00:00:33 19.1.0.1 FastEthernet0/0

52.52.52.52 1 FULL/DR 00:00:37 52.1.0.1 FastEthernet1/0

L-A-B--A#sioib

Interface PID Area IP Address/Mask Cost State Nbrs F/C

Lo0 65525 19 19.19.19.19/32 1 LOOP 0/0

Fa0/0 65525 19 19.1.0.2/24 1 DR 1/1

Fa2/0 65525 19 19.2.0.2/24 1 DOWN 0/0

Fa1/0 65525 52 52.1.0.2/24 1 BDR 1/1

L-A-B--A#siib

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 19.1.0.2 YES manual up up

FastEthernet1/0 52.1.0.2 YES manual up up

FastEthernet2/0 19.2.0.2 YES manual administratively down down

FastEthernet3/0 unassigned YES unset administratively down down

Loopback0 19.19.19.19 YES manual up up

L-A-B--A#

smehrnia · ‎07-06-2012

Hey Greg,

Looking at the config pdf file, router Lab_A is configured in both Area 19 and Area 52, so this router can use its interface in area 52 to get to the backbone Area 0 with no problem, nothing special happening here. it is an area border router so it's considered a member of both Area's.

now, if i wanna give u an example of where virtual links come in handy... using this scenario, if we cut the link between area 19 and area 0 (Lab_2 & Lab_B). then the only way area 19 routers can get to the backbone area is going through area 52. here you can setup a virtual link between Lab_A and Lab_B > area 52 virtual-link x.x.x.x to give way to all rtrs in area 19.

HTH,

plz Rate helpful posts.

Soroush.

Hope it Helps!

Soroush.

John Blakley · ‎07-07-2012

Greg,

Soroush is 100% correct. Right now, everything is great but taking into consideration if one of the circuits were to go down either from lab_1 to lab_b or lab_2 to lab_b, either of these sites would no longer be able to get to Area 0. You would need a vLink between lab_1 and lab_A router to extend Area 0 to the other area.

HTH,

John

HTH, John *** Please rate all useful posts ***

smehrnia · ‎07-07-2012

Hey john, thx for the comment. but are you sure about the routers u mentioned for virtual-link config? Lab_1 and Lab_A.

Lab_1 is totally in are 52, and virtual-links must be made between 2 ABR's, in this case Lab_A and Lab_B.

HTH,

Soroush.

Hope it Helps!

Soroush.

John Blakley · ‎07-07-2012

Nope. You're correct and I put the wrong router down. The virtual link would be created between lab_a and lab_b through area 1. +5 for catching it...

HTH, John *** Please rate all useful posts ***

aimarchitect · ‎07-08-2012

Soroush and J., Thanks for the responses.

I was under the impression that, even though lab_A has interfaces configured in Area 52 and Area 19, the fact that it has its router-id configured in Area 19 was most important, so it couldn't just become a member of Area 52. The data seems to show otherwise. OK, so there exists a class, "Non-0 Multi Area Router"? This router can reach Area 0 through any area it has an interface configured in, even though none of them are Area 0?

I see that since router lab_A has no interface configured in Area 0, it can not perform the ABR function for other Area 19 routers (lab_aa) to get to Area 0 until a Virtual-Link to 0 is configured (between lab_A and lab_B).

Thanks

smehrnia · ‎07-08-2012

Greg, u might already know these, but let me describe it this way;

1. Technically ABR is a router that has an interface in Area 0, and is able to produce n send LSA type 3. therefor technically speaking, LAB_A is not an ABR at all. although its a multi area router, if you do a show ip ospf database within an Area you'll see all the ABRs that exist in that Area, under Summary Net Link States section.

2. When there is ospf process running on a router, the router will become a member of each Area that it has an interface configured within that area, and it will receive Database info about those Areas. But if none of them is Area 0, this router will not be able to do inter-area routing.

so being a member of multi-area's doesn't necessarily mean that Area 0 must be involved.

3. about the router-id, it is usually the highest ip address on the router or the highest Loopback interface's. a RID of 19 doesnt represent the Area, it is actually the loopback 0 ip add, in this config.

4. when you create a virutal-link, u virtually stretch the router to reach Area 0 and make it an ABR, capable of producing LSA 3.

The main thing about area 0 is that, it acts as the OSPF backbone to connect different Areas or do inter-Area routing.

Hope it Helps,

Soroush.

Hope it Helps!

Soroush.

aimarchitect · ‎07-08-2012

Thanks Soroush, the review was helpful.

Regarding number 3 from your list. The router-id is the loopback, but there is also a network statement for that IP in Area 19. That is why I did not think lab_A could become an Area 52 internal router and get to the core that way. It seems that configuring the router-id in an area with a network statement does restrict the router to that area. This is the insight I think the data is showing me that I had not known before.

smehrnia · ‎07-08-2012

I should reject it Greg, RID doesnt ristrict the router. Router id (RID) is an arbitrary value in the IP address format, just like a name for the routing process, should be unique n it represents the router in the ospf process. you can set it manually (fixed) by ur choice, or leave it to the router itself to choose, in case of automatic RID it may change at certain times.

** what i wrote in the item #3 is the way that the automatic process chooses a RID for ospf.

HTH,

Soroush.

Hope it Helps!

Soroush.

aimarchitect · ‎07-08-2012

Hi Soroush,

I have finally seen the light. I wasn't thinking properly. I was thinking too generally. I was thinking in terms of routers ("lab_A can get to lab_Z"), but it really only makes sense to think in terms of networks. Basic stuff.

Just because "lab_A" (actually 52.1.0.2) can ping the router-id 100.0.0.1 on lab_Z when the link between lab_A and lab_2 is down doesn't help connectivity to Area 0 for anything on lab_A except its network configured in Area 52 (52.1.0.0/24).

Imagine all the routers in this network running BGP and peering to the loopback/router-id addresses. Peering would be lost between lab_A and lab_Z (when the link between A and 2 goes down) even though a simple ping from lab_A to lab_Z works. Great, the virtual-link is needed after all. I feel better now. I guess this is a good reminder for not to using simple pings to verify network functionality.

Thanks again,

Greg