SlideShare a Scribd company logo

NSSA external route with Forwarding Address demystified with RFC 3101

M
meddane

R1 learns about the external prefix 3.3.3.0/24 via a Type-5 LSA from R2. However, when the inter-area routes from area 23 are filtered on R2, the forwarding address in the Type-5 LSA becomes unreachable, preventing installation of the external route on R1. Configuring R2 to suppress the forwarding address in translated Type-5 LSAs allows R1 to install the external route by forwarding traffic to R2 instead.

Internet
1 of 9
Download to read offline
NSSA external route demystified with RFC 3101 Basic Configuration of all routers: R1: interface FastEthernet0/0 ip address 12.0.0.1 255.255.255.0 ip ospf 1 area 0 no sh ! router ospf 1 router-id 0.0.0.1 R2: interface FastEthernet0/0 ip address 12.0.0.2 255.255.255.0 ip ospf 1 area 0 no sh ! interface FastEthernet0/1 ip address 23.0.0.2 255.255.255.0 ip ospf 1 area 23 no shu ! router ospf 1 router-id 0.0.0.2 area 23 nssa R3: interface Loopback0 ip address 3.3.3.3 255.255.255.0 ! interface FastEthernet0/0 ip address 23.0.0.3 255.255.255.0 ip ospf 1 area 23 no sh ! router ospf 1 router-id 0.0.0.3 area 23 nssa redistribute connected subnets route-map CONNECTED ! route-map CONNECTED permit 10 match interface Loopback0 Area 23 is configured as NSSA. R3 redistrbutes the prefix 3.3.3.0/24 into OSPF domain.
R2 receives a Type-7 LSA from R3 as shown below: R2#sh ip os data nssa OSPF Router with ID (0.0.0.2) (Process ID 1) Type-7 AS External Link States (Area 23) Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 3 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.3 LS Seq Number: 80000001 Checksum: 0xFC73 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R2# The Forward Address is 23.0.0.3, per RFC 3101 section 2.4 Originating Type-7 LSAs, when an NSSA ASBR originates a Type-7 LSA, the NON-ZERO forwarding address is mandatory and the Forward Address must be set. 2.4 Originating Type-7 LSAs NSSA AS boundary routers may only originate Type-7 LSAs into NSSAs. An NSSA internal AS boundary router must set the P-bit in the LSA header's option field of any Type-7 LSA whose network it wants advertised into the OSPF domain's full transit topology. The LSAs of these networks must have a valid non-zero forwarding address. If the P-bit is clear the LSA is not translated into a Type-5 LSA by NSSA border routers. The P-bit in the Type-7 LSA is set so R2 is allowed to translate this LSA into a Type-7 LSA, let's verify the LSDB of R2, we can see below that the Type-7 LSA is translated into a Type-5 LSA and the Forward Address is copied as shown bythe RFC 3101. Per RFC 3101 section 2.3 Type-7 LSAs Type-5 LSAs that are translations of Type-7 LSAs copy the Type-7 LSAs' non-zero forwarding addresses. R1 should receive the Type-5 LSA's R2 as shown below: R1#sh ip os data ex OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 910 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000001 Checksum: 0x97E3 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R1# Since the Forward Address is non-zero 23.0.0.3 in the Type-5 LSA, R1 look up the best inter- area route toward 23.0.0.3, and it will use this path to reach the external prefix 3.3.3.0/24. As per RFC 3101 section 2.5: 2.5 Calculating Type-7 AS External Routes If the forwarding address is non-zero look up the forwarding address in the routing table. For a Type-5 LSA the matching routing table entry must specify an intra-area or inter-area path through a Type-5 capable area. For a Type-7 LSA the matching routing table entry must specify an intra-area path through the LSA's originating NSSA. Now why the Forward Address must be set in the Type-7 LSA and must copied into the Type-5 LSA when an NSSA ABR performs a translation ? In a regular areas, any internal router can see an ASBR in another area through a Type-4 LSA, to verify, let's remove the area 23 nssa command on R2 and R3: R2(config-if)#router ospf 1 R2(config-router)#no area 23 nssa R3(config-if)#router ospf 1 R3(config-router)#no area 23 nssa Let's verify on R1, the show ip os border command shown that R1 sees the ASBR R3 0.0.0.3 located in area 23 through R2 12.0.0.2, R1 knows than it need to go through an Inter-area route (or a Type-4 LSA) to reach it. R1#sh ip os border-routers OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route I 0.0.0.3 [2] via 12.0.0.2, FastEthernet0/0, ASBR, Area 0, SPF 3 i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR, Area 0, SPF 3
R1# Now let's reconfigure area 23 as NSSA: R2(config-if)#router ospf 1 R2(config-router)#area 23 nssa R3(config-if)#router ospf 1 R3(config-router)#area 23 nssa Let's verify with the show ip os border command: We can see below that the NSSA ASBR R3 0.0.0.3 is no longer present in the routers table, instead it sees only R2 as an ABR and as a pseudo ASBR (because it origintes a Type-5 LSA). R1#sh ip os border-routers OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 4 R1# Since the router R1 does not have the visibility about the ASBR R3 in the NSSA AREA 23, without the Forward Address 23.0.0.3, R1 loses any informations about the NSSA ASBR, the Forward Address 23.0.0.3 helps R1 to have a visibility of the ASBR R3 undirectly because 23.0.0.3 belongs to R3. In a scenario where there are multiple NSSA ABRs, the absence of the Forward Address can cause a suboptimal routing. This is why the RFC 3101 states that the Forward Address is mandatory in order to perform efficient routing as shown in the section 2.3 Type-7 LSAs Per RFC 3101 section 2.3 Type-7 LSAs Non-zero forwarding addresses produce efficient inter-area routing to an NSSA's AS external destinations when it has multiple border routers. Also the non-zero forwarding addresses of Type-7 LSAs ease the process of their translation into Type-5 LSAs, as NSSA border routers are not required to compute them. So since the Forward Address 23.0.0.3 is set in the Type-5 LSA, according to RFC 3101 section 2.5 Calculating Type-7 AS External Routes, R1 look up the best inter-area route to reach 23.0.0.3 in its routing table, let's verify: R1#sh ip route 23.0.0.0 Routing entry for 23.0.0.0/24, 1 known subnets O IA 23.0.0.0 [110/2] via 12.0.0.2, 01:08:34, FastEthernet0/0 R1# R1 has a valid inter-area route toward 23.0.0.0/24 through R2 with a cost 2, and it installs the external route to 3.3.3.0/24 successfully in its routing table: R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2 Last update from 12.0.0.2 on FastEthernet0/0, 00:38:46 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:38:46 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# Now the challenge is: configure R2 to filter all inter-area routes coming from area 23 using the filter-list. First we need to identity all the inter-area routes using a prefix-list and associate the prefix-lis with filter-list: R2(config)#ip prefix-list TEST seq 5 deny 0.0.0.0/0 le 32 R2(config)#router os 1 R2(config-router)# area 23 filter-list prefix TEST out Let's verify the routing table for 3.3.3.0/24. The external route is no longer present in the routing table: R1#sh ip route 3.3.3.0 % Network not in table R1# Let's verify the LSDB of R1, the Type-5 LSA is still there: R1#sh ip os data ex OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States LS age: 1215 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000002 Checksum: 0x95E4 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R1# The external route to 3.3.3.0/24 is not present in the routing table even if the Type-5 LSA is still in the LSDB, why ? Let's verify the entry for 23.0.0.0/24: The inter-area route to 23.0.0.0/24 is no longer present in the routing table because the Type-3 LSA filtering done previously with filter list: R1#sh ip route 23.0.0.0
% Network not in table R1# The reason why the external route is not present in the routing table is that the Forward Address is unreachable, R1 does not have any inter-area route to reach the Forward Address 23.0.0.3, and therefore it does not install the external route to 3.3.3.0/24. Keep in mind that if the forwarding addresses is filtered out of Area 23, R1 located in area 0 cannot reach the prefix 3.3.3.0/24 advertised in the translated Type-5 LSAs. To solve this problem, we should suppress the forwarding address on the ABR so that the forwarding address is set to 0.0.0.0 in the translated Type-5 LSAs. A forwarding address set to 0.0.0.0 indicates that packets for the external destination should be forwarded to the advertising OSPF router, in this case, the translating NSSA ABR R2. The OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature using the area 23 nssa translate type7 suppress-fa command causes the NSSA ABR R2 to translate Type-7 LSA to Type-5 LSAs, but to use the address 0.0.0.0 for the forwarding address instead of that specified in the Type-7 LSA. This feature causes R1 to direct forwarded traffic toward 3.3.3.0/24 to the translating NSSA ABR R2. But as specified in RFC 3101 section 2.3 Type-7 LSAs, the Forward Address produce efficient routing and avoid suboptimal route, so suppressing the Forward Address should be used carefully. Cisco says: Configuring this feature causes the router to be noncompliant with RFC 1587. Also, suboptimal routing might result because there might be better paths to reach the destination’s forwarding address. This feature should not be configured without careful consideration and not until the network topology is understood. Let's suppress the FA: R2(config)#router osp 1 R2(config-router)#area 23 nssa translate type7 suppress-fa Let's verify the Type-5 LSA originated by R2, the Forward Address now is 0.0.0.0: R1#sh ip os data ext OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 2 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000001 Checksum: 0x6F26 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0
R1# The Forward Address 0.0.0.0 means that to reach the the external prefix 3.3.3.0/24, R1 will redirect the traffic to the Type-5 LSA's originator, let's verify the routing table of R1, the external route to 3.3.3.0/24 is installed successfully and the forward metric represents the cost to reach the NSSA ABR'translator R2: R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1 Last update from 12.0.0.2 on FastEthernet0/0, 00:01:55 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:01:55 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# To confirm, let's display the show ip os bor output, the NSSA ABR R2 is reachable with a cost 1, this is the forward metric displayed in the show ip route 3.3.3.0 command: R1#sh ip os bord OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 2 R1# Remove the previously command and use another method to suppress the FA in order to solve the problem. R2(config)#router osp 1 R2(config-router)#no area 23 nssa translate type7 suppress-fa The second method to suppress the Forward Address is to aggregate the Type-7 LSA prefixes on the NSSA ABR R2 using the summary-address command, keep in mind that this command should be executed on the ASBR, and R2 is a pseudo ASBR since it is originating a Type-5 LSA, this causes R2 to generate a Type-5 LSA for the summary prefix with a Forward Address 0.0.0.0. Per RFC 3101 , the sections Type-7 LSAs and Translating Type-7 LSAs into Type-5 LSAs explain that the FA is set to 0.0.0.0 in the translated Type-5 LSA when performing summarization on the NSSA ABR for the Type-7 LSAs. 2.3 Type-7 LSAs Type-5 LSAs that are translations of Type-7 LSAs copy the Type-7 LSAs' non-zero forwarding addresses. Only those Type-5 LSAs that are aggregations of Type-7 LSAs may have 0.0.0.0 as a forwarding address. (See Section 3.2 for details.) 3.2 Translating Type-7 LSAs into Type-5 LSAs The newly generated Type-5 LSA will have a link-state ID equal
to the Type-7 address range's address (in the case of multiple originations of Type-5 LSAs with the same network address but different mask, the link-state ID can also have one or more of the range's "host" bits set). The advertising router field will be the router ID of this area border router. The network mask and the external route tag are set to the range's configured values. The forwarding address is set to 0.0.0.0. The path type and metric are set to the range's path type and metric as defined and computed above. Let's configure the summary-address 3.3.3.0 255.255.255.0 command on R2: R2(config-router)#router osp 1 R2(config-router)#summary-address 3.3.3.0 255.255.255.0 Let's verify the Type-5 LSA originated by R2, the Forward Address is set to 0.0.0.0: R1#sh ip os data ext OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 186 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000003 Checksum: 0x6B28 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 R1# Let's verify the routing table of R1, now the external route is installed successfully, R1 looks the best path to reach the NSSA ABR translator, the traffic should be forwarded to the advertising OSPF router, in this case, the translating NSSA ABR R2. R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1 Last update from 12.0.0.2 on FastEthernet0/0, 00:07:14 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:07:14 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# Using the summary-address 3.3.3.0 255.255.255.0 command on the NSSA ABR has the same effect with the area 23 nssa translate type7 suppress-fa command, it sets the Forward Address to 0.0.0.0.
When we perform a summarization of external prefixes on an NSSA ABR (which is a pseudo ASBR), the NSSA ABR must clear the FA, the FA is not copied from Type-7 LSA into Type-5 LSA. As explained in RFC 3101, it seems logic, since it is the router which performs the summarization, it should tell to other router (R1 in this case), to reach the external route, send the traffic to me.

Recommended

Ospf Last Modified Eng
Ospf Last Modified EngOspf Last Modified Eng
Ospf Last Modified EngAlp isik
 
E routing final exam ccna 2 46
E routing final exam ccna 2 46E routing final exam ccna 2 46
E routing final exam ccna 2 46lslsc
 
Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Dân Chơi
 
Ccna Commands In 10 Minutes
Ccna Commands In 10 MinutesCcna Commands In 10 Minutes
Ccna Commands In 10 MinutesCCNAResources
 
Juniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationJuniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationHamed Moghaddam
 
Ccna 2 chapter 2 v4.0 answers 2011
Ccna 2 chapter 2 v4.0 answers 2011Ccna 2 chapter 2 v4.0 answers 2011
Ccna 2 chapter 2 v4.0 answers 2011Dân Chơi
 
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...NetProtocol Xpert
 
Examen final ccna2
Examen final ccna2Examen final ccna2
Examen final ccna2Juli Yaret
 

Recommended

Ospf Last Modified Eng
Ospf Last Modified EngOspf Last Modified Eng
Ospf Last Modified EngAlp isik
 
E routing final exam ccna 2 46
E routing final exam ccna 2 46E routing final exam ccna 2 46
E routing final exam ccna 2 46lslsc
 
Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Ccna 2 chapter 11 v4.0 answers 2011
Ccna 2 chapter 11 v4.0 answers 2011Dân Chơi
 
Ccna Commands In 10 Minutes
Ccna Commands In 10 MinutesCcna Commands In 10 Minutes
Ccna Commands In 10 MinutesCCNAResources
 
Juniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationJuniper JNCIA – Juniper RIP and OSPF Route Configuration
Juniper JNCIA – Juniper RIP and OSPF Route ConfigurationHamed Moghaddam
 
Ccna 2 chapter 2 v4.0 answers 2011
Ccna 2 chapter 2 v4.0 answers 2011Ccna 2 chapter 2 v4.0 answers 2011
Ccna 2 chapter 2 v4.0 answers 2011Dân Chơi
 
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...NetProtocol Xpert
 
Examen final ccna2
Examen final ccna2Examen final ccna2
Examen final ccna2Juli Yaret
 
CISCO CCIE SPAN RSPAN ERSPAN
CISCO CCIE SPAN RSPAN ERSPANCISCO CCIE SPAN RSPAN ERSPAN
CISCO CCIE SPAN RSPAN ERSPANKhawar Nehal khawar.nehal@atrc.net.pk
 
mpls-05
mpls-05mpls-05
mpls-05kj teoh
 
Ripv2
Ripv2Ripv2
Ripv2Vivek Singh
 
Juniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationJuniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationHamed Moghaddam
 
Mpls layer 3 vp ns
Mpls layer 3 vp nsMpls layer 3 vp ns
Mpls layer 3 vp nsIT Tech
 
Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.igede tirtanata
 
Ccna command
Ccna commandCcna command
Ccna commandSudhir Maherwal
 
Cisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationCisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationHamed Moghaddam
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)Netwax Lab
 
How to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switchHow to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switchIT Tech
 
OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)NetProtocol Xpert
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutionsSiddhi Viradiya
 
Lab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayLab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayManuel Garcia Meza
 
Ccna command
Ccna commandCcna command
Ccna commandSiddhartha Rajbhatt
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationHamed Moghaddam
 
OSPF External Route Summarization
OSPF External Route Summarization OSPF External Route Summarization
OSPF External Route Summarization NetProtocol Xpert
 
Ipv6 Alp
Ipv6 AlpIpv6 Alp
Ipv6 AlpAlp isik
 
OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)NetProtocol Xpert
 
Ccnpswitch
CcnpswitchCcnpswitch
CcnpswitchSiddhartha Rajbhatt
 
OSPF Internal Route Summarization
OSPF Internal Route SummarizationOSPF Internal Route Summarization
OSPF Internal Route SummarizationNetProtocol Xpert
 
Ospf Cisco
Ospf CiscoOspf Cisco
Ospf CiscoAlp isik
 
OSPF Router LSA (Type 1)
OSPF Router LSA (Type 1)OSPF Router LSA (Type 1)
OSPF Router LSA (Type 1)NetProtocol Xpert
 

More Related Content

What's hot

Juniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationJuniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationHamed Moghaddam
 
Mpls layer 3 vp ns
Mpls layer 3 vp nsMpls layer 3 vp ns
Mpls layer 3 vp nsIT Tech
 
Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.igede tirtanata
 
Cisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationCisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationHamed Moghaddam
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)Netwax Lab
 
How to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switchHow to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switchIT Tech
 
OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)NetProtocol Xpert
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutionsSiddhi Viradiya
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationHamed Moghaddam
 
OSPF External Route Summarization
OSPF External Route Summarization OSPF External Route Summarization
OSPF External Route Summarization NetProtocol Xpert
 
OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)NetProtocol Xpert
 
OSPF Internal Route Summarization
OSPF Internal Route SummarizationOSPF Internal Route Summarization
OSPF Internal Route SummarizationNetProtocol Xpert
 

What's hot (20)

CISCO CCIE SPAN RSPAN ERSPAN
CISCO CCIE SPAN RSPAN ERSPANCISCO CCIE SPAN RSPAN ERSPAN
CISCO CCIE SPAN RSPAN ERSPAN
 
mpls-05
mpls-05mpls-05
mpls-05
 
Ripv2
Ripv2Ripv2
Ripv2
 
Juniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route ConfigurationJuniper JNCIA – Juniper OSPF Route Configuration
Juniper JNCIA – Juniper OSPF Route Configuration
 
Mpls layer 3 vp ns
Mpls layer 3 vp nsMpls layer 3 vp ns
Mpls layer 3 vp ns
 
Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.Cisco discovery drs ent module 6 - v.4 in english.
Cisco discovery drs ent module 6 - v.4 in english.
 
Ccna command
Ccna commandCcna command
Ccna command
 
Cisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel ConfigurationCisco CCNA GRE Tunnel Configuration
Cisco CCNA GRE Tunnel Configuration
 
RIP (routing information protocol)
RIP (routing information protocol)RIP (routing information protocol)
RIP (routing information protocol)
 
How to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switchHow to create and delete vlan on cisco catalyst switch
How to create and delete vlan on cisco catalyst switch
 
OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)OSPF Summary LSA (Type 3 LSA)
OSPF Summary LSA (Type 3 LSA)
 
network convergence problem and solutions
network convergence problem and solutionsnetwork convergence problem and solutions
network convergence problem and solutions
 
Lab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayLab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relay
 
Ccna command
Ccna commandCcna command
Ccna command
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static Configuration
 
OSPF External Route Summarization
OSPF External Route Summarization OSPF External Route Summarization
OSPF External Route Summarization
 
Ipv6 Alp
Ipv6 AlpIpv6 Alp
Ipv6 Alp
 
OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)OSPF Network LSA (Type 2 LSA)
OSPF Network LSA (Type 2 LSA)
 
Ccnpswitch
CcnpswitchCcnpswitch
Ccnpswitch
 
OSPF Internal Route Summarization
OSPF Internal Route SummarizationOSPF Internal Route Summarization
OSPF Internal Route Summarization
 

Similar to NSSA external route with Forwarding Address demystified with RFC 3101

Ospf Cisco
Ospf CiscoOspf Cisco
Ospf CiscoAlp isik
 
Networking Basics OSPF
Networking Basics OSPFNetworking Basics OSPF
Networking Basics OSPFHassan Tariq
 
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -Duane Bodle
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFAtakan ATAK
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPFarpit
 
Ospf infografia
Ospf infografiaOspf infografia
Ospf infografiaw78ww
 
Designated & Backup Designated Router
Designated & Backup Designated RouterDesignated & Backup Designated Router
Designated & Backup Designated RouterNetProtocol Xpert
 
Ospfv3 primer
Ospfv3 primerOspfv3 primer
Ospfv3 primerFred Bovy
 
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdf
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdfLab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdf
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdfEnRios1
 
ISIS Routing Protocol for Network Engineers.pptx
ISIS Routing Protocol for Network Engineers.pptxISIS Routing Protocol for Network Engineers.pptx
ISIS Routing Protocol for Network Engineers.pptxMohammadHamedHaidary
 
Chapter7ccna
Chapter7ccnaChapter7ccna
Chapter7ccnarobertoxe
 

Similar to NSSA external route with Forwarding Address demystified with RFC 3101 (20)

Ospf Cisco
Ospf CiscoOspf Cisco
Ospf Cisco
 
OSPF Router LSA (Type 1)
OSPF Router LSA (Type 1)OSPF Router LSA (Type 1)
OSPF Router LSA (Type 1)
 
Ospf
OspfOspf
Ospf
 
Labs ospf
Labs ospfLabs ospf
Labs ospf
 
Networking Basics OSPF
Networking Basics OSPFNetworking Basics OSPF
Networking Basics OSPF
 
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -
OSPF Beyond Stump-the-Chump_Interview_Questions - Part 01 -
 
Allwyn ospf ppt
Allwyn ospf pptAllwyn ospf ppt
Allwyn ospf ppt
 
Dynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPFDynamic Routing Protocol OSPF
Dynamic Routing Protocol OSPF
 
OSPF_multi.pdf
OSPF_multi.pdfOSPF_multi.pdf
OSPF_multi.pdf
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
 
Ospf infografia
Ospf infografiaOspf infografia
Ospf infografia
 
Designated & Backup Designated Router
Designated & Backup Designated RouterDesignated & Backup Designated Router
Designated & Backup Designated Router
 
Ospfv3 primer
Ospfv3 primerOspfv3 primer
Ospfv3 primer
 
Ospf routing protocol
Ospf routing protocolOspf routing protocol
Ospf routing protocol
 
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdf
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdfLab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdf
Lab_5_OSPF_MPLS_sham_link_on_MPLS_VPN_1698700003.pdf
 
ISIS Routing Protocol for Network Engineers.pptx
ISIS Routing Protocol for Network Engineers.pptxISIS Routing Protocol for Network Engineers.pptx
ISIS Routing Protocol for Network Engineers.pptx
 
Multi-Area OSPF on IOS XR
Multi-Area OSPF on IOS XRMulti-Area OSPF on IOS XR
Multi-Area OSPF on IOS XR
 
Ospf area types
Ospf area typesOspf area types
Ospf area types
 
Chapter7ccna
Chapter7ccnaChapter7ccna
Chapter7ccna
 
Chapter7ccna
Chapter7ccnaChapter7ccna
Chapter7ccna
 

Recently uploaded

Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 

Recently uploaded (20)

Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 

NSSA external route with Forwarding Address demystified with RFC 3101

  • 1. NSSA external route demystified with RFC 3101 Basic Configuration of all routers: R1: interface FastEthernet0/0 ip address 12.0.0.1 255.255.255.0 ip ospf 1 area 0 no sh ! router ospf 1 router-id 0.0.0.1 R2: interface FastEthernet0/0 ip address 12.0.0.2 255.255.255.0 ip ospf 1 area 0 no sh ! interface FastEthernet0/1 ip address 23.0.0.2 255.255.255.0 ip ospf 1 area 23 no shu ! router ospf 1 router-id 0.0.0.2 area 23 nssa R3: interface Loopback0 ip address 3.3.3.3 255.255.255.0 ! interface FastEthernet0/0 ip address 23.0.0.3 255.255.255.0 ip ospf 1 area 23 no sh ! router ospf 1 router-id 0.0.0.3 area 23 nssa redistribute connected subnets route-map CONNECTED ! route-map CONNECTED permit 10 match interface Loopback0 Area 23 is configured as NSSA. R3 redistrbutes the prefix 3.3.3.0/24 into OSPF domain.
  • 2. R2 receives a Type-7 LSA from R3 as shown below: R2#sh ip os data nssa OSPF Router with ID (0.0.0.2) (Process ID 1) Type-7 AS External Link States (Area 23) Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 3 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.3 LS Seq Number: 80000001 Checksum: 0xFC73 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R2# The Forward Address is 23.0.0.3, per RFC 3101 section 2.4 Originating Type-7 LSAs, when an NSSA ASBR originates a Type-7 LSA, the NON-ZERO forwarding address is mandatory and the Forward Address must be set. 2.4 Originating Type-7 LSAs NSSA AS boundary routers may only originate Type-7 LSAs into NSSAs. An NSSA internal AS boundary router must set the P-bit in the LSA header's option field of any Type-7 LSA whose network it wants advertised into the OSPF domain's full transit topology. The LSAs of these networks must have a valid non-zero forwarding address. If the P-bit is clear the LSA is not translated into a Type-5 LSA by NSSA border routers. The P-bit in the Type-7 LSA is set so R2 is allowed to translate this LSA into a Type-7 LSA, let's verify the LSDB of R2, we can see below that the Type-7 LSA is translated into a Type-5 LSA and the Forward Address is copied as shown bythe RFC 3101. Per RFC 3101 section 2.3 Type-7 LSAs Type-5 LSAs that are translations of Type-7 LSAs copy the Type-7 LSAs' non-zero forwarding addresses. R1 should receive the Type-5 LSA's R2 as shown below: R1#sh ip os data ex OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0
  • 3. LS age: 910 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000001 Checksum: 0x97E3 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R1# Since the Forward Address is non-zero 23.0.0.3 in the Type-5 LSA, R1 look up the best inter- area route toward 23.0.0.3, and it will use this path to reach the external prefix 3.3.3.0/24. As per RFC 3101 section 2.5: 2.5 Calculating Type-7 AS External Routes If the forwarding address is non-zero look up the forwarding address in the routing table. For a Type-5 LSA the matching routing table entry must specify an intra-area or inter-area path through a Type-5 capable area. For a Type-7 LSA the matching routing table entry must specify an intra-area path through the LSA's originating NSSA. Now why the Forward Address must be set in the Type-7 LSA and must copied into the Type-5 LSA when an NSSA ABR performs a translation ? In a regular areas, any internal router can see an ASBR in another area through a Type-4 LSA, to verify, let's remove the area 23 nssa command on R2 and R3: R2(config-if)#router ospf 1 R2(config-router)#no area 23 nssa R3(config-if)#router ospf 1 R3(config-router)#no area 23 nssa Let's verify on R1, the show ip os border command shown that R1 sees the ASBR R3 0.0.0.3 located in area 23 through R2 12.0.0.2, R1 knows than it need to go through an Inter-area route (or a Type-4 LSA) to reach it. R1#sh ip os border-routers OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route I 0.0.0.3 [2] via 12.0.0.2, FastEthernet0/0, ASBR, Area 0, SPF 3 i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR, Area 0, SPF 3
  • 4. R1# Now let's reconfigure area 23 as NSSA: R2(config-if)#router ospf 1 R2(config-router)#area 23 nssa R3(config-if)#router ospf 1 R3(config-router)#area 23 nssa Let's verify with the show ip os border command: We can see below that the NSSA ASBR R3 0.0.0.3 is no longer present in the routers table, instead it sees only R2 as an ABR and as a pseudo ASBR (because it origintes a Type-5 LSA). R1#sh ip os border-routers OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 4 R1# Since the router R1 does not have the visibility about the ASBR R3 in the NSSA AREA 23, without the Forward Address 23.0.0.3, R1 loses any informations about the NSSA ASBR, the Forward Address 23.0.0.3 helps R1 to have a visibility of the ASBR R3 undirectly because 23.0.0.3 belongs to R3. In a scenario where there are multiple NSSA ABRs, the absence of the Forward Address can cause a suboptimal routing. This is why the RFC 3101 states that the Forward Address is mandatory in order to perform efficient routing as shown in the section 2.3 Type-7 LSAs Per RFC 3101 section 2.3 Type-7 LSAs Non-zero forwarding addresses produce efficient inter-area routing to an NSSA's AS external destinations when it has multiple border routers. Also the non-zero forwarding addresses of Type-7 LSAs ease the process of their translation into Type-5 LSAs, as NSSA border routers are not required to compute them. So since the Forward Address 23.0.0.3 is set in the Type-5 LSA, according to RFC 3101 section 2.5 Calculating Type-7 AS External Routes, R1 look up the best inter-area route to reach 23.0.0.3 in its routing table, let's verify: R1#sh ip route 23.0.0.0 Routing entry for 23.0.0.0/24, 1 known subnets O IA 23.0.0.0 [110/2] via 12.0.0.2, 01:08:34, FastEthernet0/0 R1# R1 has a valid inter-area route toward 23.0.0.0/24 through R2 with a cost 2, and it installs the external route to 3.3.3.0/24 successfully in its routing table: R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24
  • 5. Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2 Last update from 12.0.0.2 on FastEthernet0/0, 00:38:46 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:38:46 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# Now the challenge is: configure R2 to filter all inter-area routes coming from area 23 using the filter-list. First we need to identity all the inter-area routes using a prefix-list and associate the prefix-lis with filter-list: R2(config)#ip prefix-list TEST seq 5 deny 0.0.0.0/0 le 32 R2(config)#router os 1 R2(config-router)# area 23 filter-list prefix TEST out Let's verify the routing table for 3.3.3.0/24. The external route is no longer present in the routing table: R1#sh ip route 3.3.3.0 % Network not in table R1# Let's verify the LSDB of R1, the Type-5 LSA is still there: R1#sh ip os data ex OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States LS age: 1215 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000002 Checksum: 0x95E4 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 23.0.0.3 External Route Tag: 0 R1# The external route to 3.3.3.0/24 is not present in the routing table even if the Type-5 LSA is still in the LSDB, why ? Let's verify the entry for 23.0.0.0/24: The inter-area route to 23.0.0.0/24 is no longer present in the routing table because the Type-3 LSA filtering done previously with filter list: R1#sh ip route 23.0.0.0
  • 6. % Network not in table R1# The reason why the external route is not present in the routing table is that the Forward Address is unreachable, R1 does not have any inter-area route to reach the Forward Address 23.0.0.3, and therefore it does not install the external route to 3.3.3.0/24. Keep in mind that if the forwarding addresses is filtered out of Area 23, R1 located in area 0 cannot reach the prefix 3.3.3.0/24 advertised in the translated Type-5 LSAs. To solve this problem, we should suppress the forwarding address on the ABR so that the forwarding address is set to 0.0.0.0 in the translated Type-5 LSAs. A forwarding address set to 0.0.0.0 indicates that packets for the external destination should be forwarded to the advertising OSPF router, in this case, the translating NSSA ABR R2. The OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature using the area 23 nssa translate type7 suppress-fa command causes the NSSA ABR R2 to translate Type-7 LSA to Type-5 LSAs, but to use the address 0.0.0.0 for the forwarding address instead of that specified in the Type-7 LSA. This feature causes R1 to direct forwarded traffic toward 3.3.3.0/24 to the translating NSSA ABR R2. But as specified in RFC 3101 section 2.3 Type-7 LSAs, the Forward Address produce efficient routing and avoid suboptimal route, so suppressing the Forward Address should be used carefully. Cisco says: Configuring this feature causes the router to be noncompliant with RFC 1587. Also, suboptimal routing might result because there might be better paths to reach the destination’s forwarding address. This feature should not be configured without careful consideration and not until the network topology is understood. Let's suppress the FA: R2(config)#router osp 1 R2(config-router)#area 23 nssa translate type7 suppress-fa Let's verify the Type-5 LSA originated by R2, the Forward Address now is 0.0.0.0: R1#sh ip os data ext OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 2 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000001 Checksum: 0x6F26 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0
  • 7. R1# The Forward Address 0.0.0.0 means that to reach the the external prefix 3.3.3.0/24, R1 will redirect the traffic to the Type-5 LSA's originator, let's verify the routing table of R1, the external route to 3.3.3.0/24 is installed successfully and the forward metric represents the cost to reach the NSSA ABR'translator R2: R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1 Last update from 12.0.0.2 on FastEthernet0/0, 00:01:55 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:01:55 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# To confirm, let's display the show ip os bor output, the NSSA ABR R2 is reachable with a cost 1, this is the forward metric displayed in the show ip route 3.3.3.0 command: R1#sh ip os bord OSPF Router with ID (0.0.0.1) (Process ID 1) Base Topology (MTID 0) Internal Router Routing Table Codes: i - Intra-area route, I - Inter-area route i 0.0.0.2 [1] via 12.0.0.2, FastEthernet0/0, ABR/ASBR, Area 0, SPF 2 R1# Remove the previously command and use another method to suppress the FA in order to solve the problem. R2(config)#router osp 1 R2(config-router)#no area 23 nssa translate type7 suppress-fa The second method to suppress the Forward Address is to aggregate the Type-7 LSA prefixes on the NSSA ABR R2 using the summary-address command, keep in mind that this command should be executed on the ASBR, and R2 is a pseudo ASBR since it is originating a Type-5 LSA, this causes R2 to generate a Type-5 LSA for the summary prefix with a Forward Address 0.0.0.0. Per RFC 3101 , the sections Type-7 LSAs and Translating Type-7 LSAs into Type-5 LSAs explain that the FA is set to 0.0.0.0 in the translated Type-5 LSA when performing summarization on the NSSA ABR for the Type-7 LSAs. 2.3 Type-7 LSAs Type-5 LSAs that are translations of Type-7 LSAs copy the Type-7 LSAs' non-zero forwarding addresses. Only those Type-5 LSAs that are aggregations of Type-7 LSAs may have 0.0.0.0 as a forwarding address. (See Section 3.2 for details.) 3.2 Translating Type-7 LSAs into Type-5 LSAs The newly generated Type-5 LSA will have a link-state ID equal
  • 8. to the Type-7 address range's address (in the case of multiple originations of Type-5 LSAs with the same network address but different mask, the link-state ID can also have one or more of the range's "host" bits set). The advertising router field will be the router ID of this area border router. The network mask and the external route tag are set to the range's configured values. The forwarding address is set to 0.0.0.0. The path type and metric are set to the range's path type and metric as defined and computed above. Let's configure the summary-address 3.3.3.0 255.255.255.0 command on R2: R2(config-router)#router osp 1 R2(config-router)#summary-address 3.3.3.0 255.255.255.0 Let's verify the Type-5 LSA originated by R2, the Forward Address is set to 0.0.0.0: R1#sh ip os data ext OSPF Router with ID (0.0.0.1) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 186 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 3.3.3.0 (External Network Number ) Advertising Router: 0.0.0.2 LS Seq Number: 80000003 Checksum: 0x6B28 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 R1# Let's verify the routing table of R1, now the external route is installed successfully, R1 looks the best path to reach the NSSA ABR translator, the traffic should be forwarded to the advertising OSPF router, in this case, the translating NSSA ABR R2. R1#sh ip route 3.3.3.0 Routing entry for 3.3.3.0/24 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1 Last update from 12.0.0.2 on FastEthernet0/0, 00:07:14 ago Routing Descriptor Blocks: * 12.0.0.2, from 0.0.0.2, 00:07:14 ago, via FastEthernet0/0 Route metric is 20, traffic share count is 1 R1# Using the summary-address 3.3.3.0 255.255.255.0 command on the NSSA ABR has the same effect with the area 23 nssa translate type7 suppress-fa command, it sets the Forward Address to 0.0.0.0.
  • 9. When we perform a summarization of external prefixes on an NSSA ABR (which is a pseudo ASBR), the NSSA ABR must clear the FA, the FA is not copied from Type-7 LSA into Type-5 LSA. As explained in RFC 3101, it seems logic, since it is the router which performs the summarization, it should tell to other router (R1 in this case), to reach the external route, send the traffic to me.