10-07-2012 03:56 PM - edited 03-07-2019 09:19 AM
hello everyone.
please help me understand if i am making a mistake. please refer to the follwoing configs. I am trying to filter out LSA type 5 from entering into area 2. Although area 2 is a stub area, i still see an E 2 route in its table.
So R8 is an ABR. It has a few attached networks that are being advertised into ospf area 0 as summary routes. Those connected networks were declared to be in area 2.
R10 is an ABR and ASBR as it is redistributing a static route into ospf domain.
My understanding is that when an ABR is connected to a stub area it would not receive ecternal routes flooded into ospf domain by ASBR
(in my example R8 is an ABR with some of its conected networks in area 2. It has been declared as a stub area. The ASBR sent routes (in this case a route from 9.9.9.0 route from R10 is being redistributed into OSPF domain) should not enter R8 as E 1 or E2 routes. However I am seeing them in R8.
What may be hapeing here, please advise.:
R8#sho run
Building configuration...
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R8
boot-start-marker
boot-end-marker
no aaa new-model
resource policy
memory-size iomem 5
ip subnet-zero
ip cef
ip address 10.224.0.8 255.255.255.255
interface FastEthernet0/0
ip address 192.168.1.8 255.255.255.0
duplex auto
speed auto
interface FastEthernet1/0
ip address 10.224.100.1 255.255.255.0
duplex auto
speed auto
interface FastEthernet1/0.200
encapsulation dot1Q 200
ip address 10.224.200.1 255.255.255.248
no snmp trap link-status
interface FastEthernet1/0.300
encapsulation dot1Q 300
ip address 10.224.200.9 255.255.255.248
no snmp trap link-status
interface FastEthernet1/0.400
encapsulation dot1Q 400
ip address 10.224.200.17 255.255.255.248
no snmp trap link-status
!
interface FastEthernet1/0.500
encapsulation dot1Q 500
ip address 10.224.200.25 255.255.255.248
no snmp trap link-status
!
router ospf 900
log-adjacency-changes
area 2 stub
area 2 range 10.224.200.0 255.255.255.0
network 10.224.0.8 0.0.0.0 area 0
network 10.224.200.0 0.0.0.7 area 2
network 10.224.200.8 0.0.0.7 area 2
network 10.224.200.16 0.0.0.7 area 2
network 10.224.200.24 0.0.0.7 area 2
network 192.168.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
ip classless
control-plane
----------------------------------------
Building configuration...
Current configuration : 1479 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R10
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
ip address 10.10.10.10 255.255.255.0
!
interface Loopback1
ip address 10.224.0.10 255.255.255.255
!
interface FastEthernet0/0
ip address 4.4.4.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.1.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0.1001
encapsulation dot1Q 1001
ip address 10.223.245.9 255.255.255.252
no snmp trap link-status
!
interface FastEthernet1/0.2001
encapsulation dot1Q 2001
ip address 10.223.245.13 255.255.255.252
no snmp trap link-status
!
interface FastEthernet1/0.3001
encapsulation dot1Q 3001
ip address 10.223.245.18 255.255.255.252
no snmp trap link-status
!
router ospf 900
log-adjacency-changes
area 2 stub
redistribute static subnets
network 4.4.4.0 0.0.0.255 area 0
network 10.223.245.8 0.0.0.3 area 0
network 10.223.245.12 0.0.0.3 area 0
network 10.223.245.16 0.0.0.3 area 0
network 10.224.0.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
ip classless
ip route 9.9.9.0 255.255.255.0 4.4.4.1
control-plane
line aux 0
line vty 0 4
login
------------------------------------------------
R9#sho run
Building configuration...
Current configuration : 708 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R9
boot-start-marker
boot-end-marker
no aaa new-model
resource policy
memory-size iomem 5
ip subnet-zero
ip cef
interface Loopback0
ip address 9.9.9.1 255.255.255.0
!
interface FastEthernet0/0
ip address 4.4.4.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
ip http server
no ip http secure-server
!
ip classless
ip route 0.0.0.0 0.0.0.0 4.4.4.2
control-plane
line con 0
line aux 0
line vty 0 4
login
Building configuration...
Current configuration : 1479 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R10
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
interface Loopback0
ip address 10.10.10.10 255.255.255.0
!
interface Loopback1
ip address 10.224.0.10 255.255.255.255
!
interface FastEthernet0/0
ip address 4.4.4.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.1.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0.1001
encapsulation dot1Q 1001
ip address 10.223.245.9 255.255.255.252
no snmp trap link-status
!
interface FastEthernet1/0.2001
encapsulation dot1Q 2001
ip address 10.223.245.13 255.255.255.252
no snmp trap link-status
!
interface FastEthernet1/0.3001
encapsulation dot1Q 3001
ip address 10.223.245.18 255.255.255.252
no snmp trap link-status
!
router ospf 900
log-adjacency-changes
area 2 stub
redistribute static subnets
network 4.4.4.0 0.0.0.255 area 0
network 10.223.245.8 0.0.0.3 area 0
network 10.223.245.12 0.0.0.3 area 0
network 10.223.245.16 0.0.0.3 area 0
network 10.224.0.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
ip classless
ip route 9.9.9.0 255.255.255.0 4.4.4.1
!
!
!
!
control-plane
line con 0
line aux 0
line vty 0 4
login
10-07-2012 04:13 PM
Hi,
On router 9 and 10 you have OSPF area 2 as stub, but there is no network for area 2 is configured
from r10:
router ospf 900
log-adjacency-changes
area 2 stub
redistribute static subnets
network 4.4.4.0 0.0.0.255 area 0
network 10.223.245.8 0.0.0.3 area 0
network 10.223.245.12 0.0.0.3 area 0
network 10.223.245.16 0.0.0.3 area 0
network 10.224.0.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
all the networks are configured for area 0.
which interface connect area 2 to area 0?
HTH
10-07-2012 05:10 PM
Hi Reza;
There are no networks in area 2 on Router 10. I am not sure why should i put routes into area 2 on router 10. Router 10 is the ASBR.
Infact this is a scenario form my work. There at work, I have a Cisco router with 2 port channeld links connecting to two Juniper MX-80 nodes JNPR 1 and JNPR2, these links from Cisco to Juniper are in area 0. The link from Cisco to JNPR1 via Portchannel 1 has an ospf cost of 90 and and the link from Cico to JNPR 2 has ospf cost 100. The Cisco router's conencted networks are in area 2 and are being advertised to juniper routers as a summary route. The Jnuipner routers are acting as ASPBR and would be pushing a lot of Type 5 routes into the OSPF domain (Cisco router connected to them). I do not have any other node connected to the Junipers which is in Area 2. I do not want to see the extrenal routes un-necessarily coming into my Cisco router. I am decraing area 2 as stub and was thinking that this logic would work.
what must i do?
10-07-2012 05:30 PM
Hi,
According to your description, you only have area 0. In order for a router to be an ABR it needs to have one interface in area 0 and one in another area (in your case 2).
so for example, if r1 connects to r2 and r2 connects to r3 if you put the connection between r1 and r2 in area 2 and the connection between r2 and r3 in area 0, now r2 is an ABR, because it is part of area 0 and 2.
does it make scene?
have a look at the diagrm in this link, router 2.2.2.2 has one interface in area 0 and one in area 1. That is an ABR router.
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00801ec9ed.shtml
HTH
10-07-2012 05:52 PM
Makes sense.
so now i created a lo2 interface on R10 and added it to area 3. Hence making it an ABR. No other configuration element has changed, i still see an E 2 route on R8!
Confused as anything, please share an insight.
regards
10-07-2012 06:05 PM
You need a physical interface in area 2 or 3 etc.. not logical. Loopback is a logical interface, but the physical connections between your routers are still in area 0 and that is the only area your routers know about. Follow the link I provided and configure you routers (3) just like the picture and test again. It will than make sense. Just follow the config for 1.1.1.1, 2.2.2.2 and 3.3.3.3
Mx80--------area 0--------mx80--------area2-----------Cisco
HTH
10-07-2012 06:27 PM
Hi Reza;
I added a new physical interface to area 3 on R10. Now R10 has become an ABR as you instructed. Still i see external routes in R8. Do i have to have a physical interface on R10 in area 2 as well?
regars
10-07-2012 07:06 PM
Can you draw how everything physically is connected together with port assignment and ip address for each interface?
You originally had one are besides area 0 and that was 2. Now you have are 0, 2, and 3?
10-07-2012 08:08 PM
I am sorry for the confusion. Please see the diagram attached.
10-08-2012 02:09 AM
Hello Jalal,
based on the network diagram that you have provided:
R8 is an ABR between area 0 and another area ( 2 or 3).
The OSPF external routes suppression effect is visible only on a router that is internal to a stub area not on one ABR node like R8.
IF you put in area 2 the link between R8 and R7 so that R7 is a router with all links in area 2, then you will see that on R7 node no LSA type 5 are present as expected.
As noted by Reza, it is not enough to associate some interfaces to the area 2 stub on the ABR node.
So R8 can block the OSPF LSA type 5 from entering a stub area downstream, but the fact that R8 is connected to a stub area does not block R8 from receiving external routes in area 0.
This is because each area has its own link state database.
Going to your real world scenario the links between the cisco router and the two juniper routers should be moved from area 0 to a stub area changing configuration on all three devices. Only after this you can see external routes suppression towards the cisco router.
Hope to help
Giuseppe
10-08-2012 10:49 AM
Thanks alot Reza and Guiseppe;
So to summarise my understanding, i gather that i would need to connect another router to R8 and put it into Area 2. And once i have done that i would see the result of stub area supression of LSA type 5 in R7.
With regards to the real world scenario, i must tell you that i have a single cisco router with two port channels on it. Each port channel is connecting it to one Juniper router on the other side. Now the cisco device had an exisiting connections to two other cisco devices with ospf configuration. That configuration would be changed no othr device woul dbe conencting to it except the Junipers.
The two new port channels would be in area 0, however the conencted networks on the cisco device would be in area 2. Hence emulating the same situation as in my diagram above (R8 having conencted networks in area 2 and a link to R10 in area 0). Since i would not have any other node in area 2 conencting to the cisco device, i would not see a default route in the Cisco device. Correct?
regards
10-08-2012 11:05 AM
Hello Jalal,
>> Since i would not have any other node in area 2 conencting to the cisco device, i would not see a default route in the Cisco device. Correct?
No, it is not totally correct, the cisco router in real world setup receives all the OSPF external routes because it is connected in area 0 to the two juniper routers.
If the two port-channels were configured to be in area 2 on all three devices (the cisco router and the two juniper boxes) with the juniper acting as ABR between area 0 and area 2 with area 2 configured as stub area then the cisco router would receive only a default route as O IA 0.0.0./0 from the two juniper boxes.
In real world R8 ----> two juniper boxes
R7 -----> cisco router
Hope to help
Giuseppe
10-08-2012 12:01 PM
Thanks again Giuseppe.
Here is the actual real world scenario.
Area 2 is going to be a stub area (on Cisco). Junipers may have OPSF peerings with other routers in area 0. Junipers have other areas configured on them as well hence making them ABRs. They are ASBRs as well as they are learning bgp routes from external domain.
Since the Cisco device may other routers conencted to it in area 2, so i suppose they wuold see a default route pointing to the Cisco device in them for all external routes.
Please share your thoughts on this.
regards
10-08-2012 12:14 PM
Hello Jalal,
>> Since the Cisco device may other routers conencted to it in area 2, so i suppose they wuold see a default route pointing to the Cisco device in them for all external routes.
I agree devices that are downstream the cisco router in area 2 will not receive all the OSPF external routes that are seen in area 0, but only a default route in the form of an inter area route generated by the cisco router itself.
If this is enough for you no actions are required.
My understanding was that you were concerned with the cisco router receiving all those OSPF external routes if you only worry about what happens in stub area 2 those OSPF external routes are not propagated into area 2
Hope to help
Giusepppe
10-08-2012 12:41 PM
Thanks alot Giusepppe.
I understand it now. One more question, which may not be relevent; would i have to explicitly redistribute non ospf domain routes into ospf on Junipers or would junipers just send them to my cisco device automatically?
regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: