OSPF Forward Address – Case Studies
This post covers in detail some complex scenarios where OSPF is implemented for routing and the OSPF LSAs that come into play in each of them.
Contents
- Topology.
- OSPF Topology.
- OSPF Forward Address Type 5 LSA.
- OSPF Forward Address Type 7 LSA.
- Case of Study 1 – Cost change.
- Case of Study 2 – Configure the Translator Role.
- Case of Study 3 – Clear Forward Address.
- Case of Study 4 – No OSPF route to Forward Address.
- Case of Study 5 – R7 does not have any IP address configured.
- References.
Topology
This diagram shows the topology we are going to use for this discussion:
Figure 1
OSPF Topology
There are two Interior Gateway Protocols (IGPs) running in our topology: OSPF 1 that runs in the internal network and EIGRP 100 that runs in the external domain. R7 is the point of mutual redistribution between OSPF and EIGRP.
If you think you need to go over the key points of the OSPF database in order to understand its structure, the different LSA Types and their flooding domain, and how nodes and prefixes are described check this post first: OSPF Forward Address – Database Overview.In this post we are going deeper into the configuration of more complex scenarios.
Figure 2
OSPF Forward Address
It is actually in this section where we start to go deeper into the complexity of OSPF behaviour and configuration. We are going to discuss reachibility to the external prefix 172.16.1.8/32 (R8’s loopback) as we modify the OSPF configuration.
OSPF Forward Address Type 5 LSA
R7, the ASBR, redistributes EIGRP prefixes into OSPF and advertise them with Type 5 LSAs as it is shown in Figure 3.
Figure 3
R7 includes its Node ID as Advertising Router and the Forward Address is by default configured with all 0s.
show ip ospf database external 172.16.1.8
OSPF Router with ID (1.1.1.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 20
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 7.7.7.7
LS Seq Number: 80000001
Checksum: 0x348A
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
OSPF Router with ID (1.1.1.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 20
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 7.7.7.7
LS Seq Number: 80000001
Checksum: 0x348A
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
When the Forward Address is 0.0.0.0, we need to solve the Shortest Path Tree (SPT) to the Advertising Router to finally reach the external destination, which in this case is the Node ID of R7 (7.7.7.7 – ASBR, the exit point of the network). Notice that this is not an IP Address but a Router ID that in this particular example has been manually configured under the OSPF process (router-id command).
R1:
R1 queries the OSPF database and finds out the ASBR is also in Area 1 and the metric to reach it is 10. Therefore, R1 has already solved the SPT towards R7.
R1#show ip ospf database router 7.7.7.7
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 1)
Routing Bit Set on this LSA
LS age: 1842
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 7.7.7.7
Advertising Router: 7.7.7.7
LS Seq Number: 80000006
Checksum: 0x886E
Length: 48
AS Boundary Router
Number of Links: 2
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.1.7
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.1.127.2
(Link Data) Router Interface address: 10.1.127.7
Number of TOS metrics: 0
TOS 0 Metrics: 10
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 1)
Routing Bit Set on this LSA
LS age: 1842
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 7.7.7.7
Advertising Router: 7.7.7.7
LS Seq Number: 80000006
Checksum: 0x886E
Length: 48
AS Boundary Router
Number of Links: 2
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.1.7
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.1.127.2
(Link Data) Router Interface address: 10.1.127.7
Number of TOS metrics: 0
TOS 0 Metrics: 10
R6:
R6 receives the same Type 5 LSA injected into Area 2 by R3 (ABR).
In order to build the path to the external prefix 172.16.1.8/32, first of all, R6 queries the OSPF database to find out if the ASBR (R7) is in its area, which is not.
R6#show ip ospf database router 7.7.7.7
OSPF Router with ID (6.6.6.6) (Process ID 1)
Next step, R6 asks if someone in the area has a route to the ASBR with Node ID 7.7.7.7. R6 queries the OSPF database for Type 4 LSAs or Summary ASBR LSAs. The answer is R3 (3.3.3.3) has route to the ASBR and the cost is 11.
R6#show ip ospf database asbr-summary 7.7.7.7
OSPF Router with ID (6.6.6.6) (Process ID 1)
Summary ASB Link States (Area 2)
Routing Bit Set on this LSA
LS age: 1066
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 7.7.7.7 (AS Boundary Router address)
Advertising Router: 3.3.3.3
LS Seq Number: 80000005
Checksum: 0x44C0
Length: 28
Network Mask: /0
TOS: 0 Metric: 11
OSPF Router with ID (6.6.6.6) (Process ID 1)
Summary ASB Link States (Area 2)
Routing Bit Set on this LSA
LS age: 1066
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 7.7.7.7 (AS Boundary Router address)
Advertising Router: 3.3.3.3
LS Seq Number: 80000005
Checksum: 0x44C0
Length: 28
Network Mask: /0
TOS: 0 Metric: 11
Finally, R6 needs to find out its cost to reach R3 in its area, which is 20.
R6#show ip ospf database router
OSPF Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 2)
[…]
LS age: 1218
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 5.5.5.5
Advertising Router: 5.5.5.5
LS Seq Number: 80000004
Checksum: 0xF8D5
Length: 84
Number of Links: 5
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 10.1.35.5
Number of TOS metrics: 0
TOS 0 Metrics: 10
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.35.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10 LS age: 1243
OSPF Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 2)
[…]
LS age: 1218
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 5.5.5.5
Advertising Router: 5.5.5.5
LS Seq Number: 80000004
Checksum: 0xF8D5
Length: 84
Number of Links: 5
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 10.1.35.5
Number of TOS metrics: 0
TOS 0 Metrics: 10
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.35.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10 LS age: 1243
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 6.6.6.6
Advertising Router: 6.6.6.6
LS Seq Number: 80000003
Checksum: 0x96D2
Length: 60
Number of Links: 3
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 5.5.5.5
(Link Data) Router Interface address: 10.1.56.6
Number of TOS metrics: 0
TOS 0 Metrics: 10
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.56.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10
Therefore, the final cost to the external prefix 172.16.1.8/32 is 20 because this is the default E2 cost. However the real metric to reach the ASBR (R7) is: 10 (R6 to R5) + 10 (R5 to R3) + 11 (metric reported by R3/ABR) = 31.
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 31
Last update from 10.1.56.5 on FastEthernet0/0, 00:50:33 ago
Routing Descriptor Blocks:
* 10.1.56.5, from 7.7.7.7, 00:50:33 ago, via FastEthernet0/0
Route metric is 20, traffic share count is 1
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 31
Last update from 10.1.56.5 on FastEthernet0/0, 00:50:33 ago
Routing Descriptor Blocks:
* 10.1.56.5, from 7.7.7.7, 00:50:33 ago, via FastEthernet0/0
Route metric is 20, traffic share count is 1
If we modify the route to be E1, then the metric to the final prefix 172.16.1.8/32 would be 51.
R7(config)#router ospf 1
R7(config-router)# redistribute eigrp 100 subnets metric-type 1
R7(config-router)# redistribute eigrp 100 subnets metric-type 1
R6#show ip route 172.16.1.8
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 51, type extern 1
Last update from 10.1.56.5 on FastEthernet0/0, 00:00:09 ago
Routing Descriptor Blocks:
* 10.1.56.5, from 7.7.7.7, 00:00:09 ago, via FastEthernet0/0
Route metric is 51, traffic share count is 1
OSPF Forward Address Type 7 LSA
In this configuration, Area 1 is now a Not-So-Stubby Area (NSSA). Redistribution into an NSSA area creates a special type of LSA known as Type 7, which can only exist in an NSSA area. A NSSA ASBR generates this LSA and a NSSA ABR translates it into a Type 5 LSA, which gets propagated into the OSPF domain. Figure 4 demonstrates this principle. Also remember that Type 5 LSAs from other external domains are not allowed into a NSSA.
Figure 4
R7(config)#router ospf 1
R7(config-router)#area 1 nssa
R7(config-router)#area 1 nssa
R1(config)#router ospf 1
R1(config-router)#area 1 nssa
R2(config)#router ospf 1
R2(config-router)#area 1 nssa
There are two ABRs in Area 1, R1 and R2, which are eligible to do the translation from Type 7 LSA to Type 5 LSA. However, only one can have this role and if it is not manually configured the election is based in the highest Node ID: 2.2.2.2 is higher than 1.1.1.1 so R2 is the Translator.
R1 and R2 are the only ones who see the NSSA Type 7 LSA about the external prefix 172.16.1.8/32. This is advertised by 7.7.7.7 (R7) into Area 1, Type 7 to 5 Translation is allowed and the Forward Address is now 172.16.1.7 (R7’s Loopback).
show ip ospf database nssa-external 172.16.1.8
OSPF Router with ID (7.7.7.7) (Process ID 1)
Type-7 AS External Link States (Area 1)
LS age: 1532
Options: (No TOS-capability, Type 7/5 translation, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 7.7.7.7
LS Seq Number: 80000001
Checksum: 0x3BB4
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
OSPF Router with ID (7.7.7.7) (Process ID 1)
Type-7 AS External Link States (Area 1)
LS age: 1532
Options: (No TOS-capability, Type 7/5 translation, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 7.7.7.7
LS Seq Number: 80000001
Checksum: 0x3BB4
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
The Forward Address is now different from the Forward Address of Type 5 LSA which was 0.0.0.0. This means now we need to solve the SPT to 172.16.1.7 to reach the external prefix 172.16.1.8/32. We do not need to route to the Advertising Router anymore as we did before. Notice that 172.16.1.7, the Forward Address, is a real IP address configured on R7 (R7’s loopback).
The other routers that are not part of Area 1 see a Type 5 LSA translated by R2 instead of a Type 7 LSA.
R3#show ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)
OSPF Router with ID (3.3.3.3) (Process ID 1)
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 40
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0x64A8
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
R3 needs to solve its SPT to 172.16.1.7 and the reported metric from R2 to reach the external prefix is 20. However, this does not necessarily mean that the data plane needs to go through R2 because is who does the advertisement or the translation from Type 7 to Type 5 LSA. As you can see in the output below R3 does Equal Cost Multi Path (ECMP) through R1 and R2.
Figure 5
R3#show ip route 172.16.1.7
Routing entry for 172.16.1.7/32
Known via “ospf 1”, distance 110, metric 12, type inter area
Last update from 10.1.23.2 on FastEthernet1/0, 00:38:00 ago
Routing Descriptor Blocks:
10.1.23.2, from 2.2.2.2, 00:38:00 ago, via FastEthernet1/0
Route metric is 12, traffic share count is 1
* 10.1.13.1, from 1.1.1.1, 00:38:00 ago, via FastEthernet0/0
Route metric is 12, traffic share count is 1
Routing entry for 172.16.1.7/32
Known via “ospf 1”, distance 110, metric 12, type inter area
Last update from 10.1.23.2 on FastEthernet1/0, 00:38:00 ago
Routing Descriptor Blocks:
10.1.23.2, from 2.2.2.2, 00:38:00 ago, via FastEthernet1/0
Route metric is 12, traffic share count is 1
* 10.1.13.1, from 1.1.1.1, 00:38:00 ago, via FastEthernet0/0
Route metric is 12, traffic share count is 1
R3#trace 172.16.1.7
Type escape sequence to abort.
Tracing the route to 172.16.1.7
1 10.1.23.2 16 msec
10.1.13.1 12 msec
10.1.23.2 8 msec
2 10.1.127.7 36 msec 20 msec 16 msec
Case of Study 1 – Cost change:
We can increment the OSPF cost towards R2 and choose R1 to forward traffic even having R2 the Translator role.
Figure 6
We configure a cost of 100 towards R2 from R3.
R3(config)#interface Fa1/0
R3(config-if)#ip ospf cost 100
R3(config-if)#ip ospf cost 100
Now the cost to reach R2 is higher than R1’s cost. R3 chooses R1 to send traffic out of the OSPF domain.
R3#show ip ospf border-routers
OSPF Process 1 internal Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 1.1.1.1 [1] via 10.1.13.1, FastEthernet0/0, ABR/ASBR, Area 0, SPF 12
i 2.2.2.2 [3] via 10.1.13.1, FastEthernet0/0, ABR/ASBR, Area 0, SPF 12
OSPF Process 1 internal Routing Table
Codes: i – Intra-area route, I – Inter-area route
i 1.1.1.1 [1] via 10.1.13.1, FastEthernet0/0, ABR/ASBR, Area 0, SPF 12
i 2.2.2.2 [3] via 10.1.13.1, FastEthernet0/0, ABR/ASBR, Area 0, SPF 12
R3#show ip route 172.16.1.7
Routing entry for 172.16.1.7/32
Known via “ospf 1”, distance 110, metric 12, type inter area
Last update from 10.1.13.1 on FastEthernet0/0, 00:00:43 ago
Routing Descriptor Blocks:
* 10.1.13.1, from 1.1.1.1, 00:00:43 ago, via FastEthernet0/0
Route metric is 12, traffic share count is 1
R3#traceroute 172.16.1.8
Type escape sequence to abort.
Tracing the route to 172.16.1.8
1 10.1.13.1 12 msec 12 msec 8 msec
2 10.1.127.7 32 msec 24 msec 40 msec
3 10.1.78.8 44 msec 40 msec 40 msec
However, R3 still receives the Type 5 LSA from R2 because the Translator role has not been modified.
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 299
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x66A7
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 299
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x66A7
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
Case of Study 2 – Configure the Translator Role:
It is possible to configure R1 to be the Translator from Type 7 to Type 5 LSA into Area 0. We can configure a higher router ID to win the election process or we can force it through a configuration command.
R1(config)#router ospf 1
R1(config-router)#area 1 nssa translate type7 always
R1(config-router)#area 1 nssa translate type7 always
Figure 7
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 20
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 1.1.1.1
LS Seq Number: 80000001
Checksum: 0x848D
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 20
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 1.1.1.1
LS Seq Number: 80000001
Checksum: 0x848D
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
Now the Translator is R1 but this actually does not change the traffic path.
R3#traceroute 172.16.1.8
Type escape sequence to abort.
Tracing the route to 172.16.1.8
1 10.1.23.2 16 msec
10.1.13.1 20 msec
10.1.23.2 12 msec
2 10.1.127.7 32 msec 24 msec 32 msec
3 10.1.78.8 52 msec 44 msec 48 msec
Type escape sequence to abort.
Tracing the route to 172.16.1.8
1 10.1.23.2 16 msec
10.1.13.1 20 msec
10.1.23.2 12 msec
2 10.1.127.7 32 msec 24 msec 32 msec
3 10.1.78.8 52 msec 44 msec 48 msec
Case of Study 3 – Clear Forward Address:
It is possible to remove the Forward Address.
R2(config)#router ospf 1
R2(config-router)#area 1 nssa translate type7 always suppress-fa
R2(config-router)#area 1 nssa translate type7 always suppress-fa
Figure 8
Now R3 does not see R7’s loopback as a Forward Address, instead 0.0.0.0 is shown.
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 22
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0xC809
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 22
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0xC809
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
This actually means that R3 needs to follow the SPT to the Advertising Router, 2.2.2.2 (same scenario as Type 5 LSA). Therefore, all the traffic is now collected by R2 and ECMP is not possible to happen.
R3#show ip route 172.16.1.8
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 1
Last update from 10.1.23.2 on FastEthernet1/0, 00:05:47 ago
Routing Descriptor Blocks:
* 10.1.23.2, from 2.2.2.2, 00:05:47 ago, via FastEthernet1/0
Route metric is 20, traffic share count is 1
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 1
Last update from 10.1.23.2 on FastEthernet1/0, 00:05:47 ago
Routing Descriptor Blocks:
* 10.1.23.2, from 2.2.2.2, 00:05:47 ago, via FastEthernet1/0
Route metric is 20, traffic share count is 1
R3#traceroute 172.16.1.8
Type escape sequence to abort.
Tracing the route to 172.16.1.8
1 10.1.23.2 24 msec 24 msec 20 msec
2 10.1.127.7 32 msec 44 msec 40 msec
3 10.1.78.8 76 msec 36 msec 76 msec
We are traffic engineering the routing for external prefixes.
Case of Study 4 – No OSPF route to Forward Address:
In case we learn the Forward Address , R7’s loopback in our topology ,through BGP or other IGP different from OSPF we loose reachibility to external prefixes.
Imagine that R7 and R3 are now EBGP neighbours and advertise their loopbacks under the BGP process.
R7(config-router)#do show run | sec bgp
router bgp 7
no synchronization
bgp log-neighbor-changes
network 172.16.1.7 mask 255.255.255.255
neighbor 172.16.1.3 remote-as 3
neighbor 172.16.1.3 ebgp-multihop 10
neighbor 172.16.1.3 update-source Loopback7
no auto-summary
router bgp 7
no synchronization
bgp log-neighbor-changes
network 172.16.1.7 mask 255.255.255.255
neighbor 172.16.1.3 remote-as 3
neighbor 172.16.1.3 ebgp-multihop 10
neighbor 172.16.1.3 update-source Loopback7
no auto-summary
R3(config-router)#do show run | sec bgp
router bgp 3
no synchronization
bgp log-neighbor-changes
network 172.16.1.3 mask 255.255.255.255
neighbor 172.16.1.7 remote-as 7
neighbor 172.16.1.7 ebgp-multihop 10
neighbor 172.16.1.7 update-source Loopback3
no auto-summary
R3 learns R7’s loopback via BGP because it has a lower Administrative Distance (AD).
R3#show ip route 172.16.1.7
Routing entry for 172.16.1.7/32
Known via “bgp 3”, distance 20, metric 0
Tag 7, type external
Last update from 172.16.1.7 00:01:04 ago
Routing Descriptor Blocks:
* 172.16.1.7, from 172.16.1.7, 00:01:04 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 7
Routing entry for 172.16.1.7/32
Known via “bgp 3”, distance 20, metric 0
Tag 7, type external
Last update from 172.16.1.7 00:01:04 ago
Routing Descriptor Blocks:
* 172.16.1.7, from 172.16.1.7, 00:01:04 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 7
Since we are not routing to the Forward Address, 172.16.1.7, via OSPF now we cannot use the Type 5 LSA and we loose reachibility to the external prefixes.
R3#show ip route 172.16.1.8
% Subnet not in table
% Subnet not in table
The Routing Bit is not set because OSPF cannot guarantee a free loop path.
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
LS age: 1067
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000003
Checksum: 0x62A9
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
LS age: 1067
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000003
Checksum: 0x62A9
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 172.16.1.7
External Route Tag: 0
A possible solution is removing the Forward Address when R2 does the translation from Type 5 to Type 7 LSA and route towards the Advertising Router (2.2.2.2).
Figure 9
R2(config)#router ospf 1
R2(config-router)#area 1 nssa translate type7 always suppress-fa
R2(config-router)#area 1 nssa translate type7 always suppress-fa
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 17
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000004
Checksum: 0xC40B
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
R3#show ip route 172.16.1.7
Routing entry for 172.16.1.7/32
Known via “bgp 3“, distance 20, metric 0
Tag 7, type external
Last update from 172.16.1.7 00:00:09 ago
Routing Descriptor Blocks:
* 172.16.1.7, from 172.16.1.7, 00:00:09 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 7
Because we are not routing to 172.16.1.7 anymore, it does not affect that R3 still learns it via BGP.
R3#show ip route 172.16.1.8
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 1
Last update from 10.1.23.2 on FastEthernet1/0, 00:00:28 ago
Routing Descriptor Blocks:
* 10.1.23.2, from 2.2.2.2, 00:00:28 ago, via FastEthernet1/0
Route metric is 20, traffic share count is 1
Routing entry for 172.16.1.8/32
Known via “ospf 1”, distance 110, metric 20, type extern 2, forward metric 1
Last update from 10.1.23.2 on FastEthernet1/0, 00:00:28 ago
Routing Descriptor Blocks:
* 10.1.23.2, from 2.2.2.2, 00:00:28 ago, via FastEthernet1/0
Route metric is 20, traffic share count is 1
R3#traceroute 172.16.1.8
Type escape sequence to abort.
Tracing the route to 172.16.1.8
1 10.1.23.2 8 msec 20 msec 20 msec
2 10.1.127.7 20 msec 44 msec 20 msec
3 10.1.78.8 44 msec 44 msec 20 msec
Remember that removing the Forward Address (0.0.0.0) in R2 translation means that R2 is collecting all the traffic towards external EIGRP prefixes.
Case of Study 5 – R7 does not have any IP address configured:
R7 needs an IP address to be included under the OSPF process in order to configure the Forward Address. If there is none then it will be configured as all 0s and the P-bit which allows an ABR in the NSSA to translate from Type 7 to Type 5 LSA will not be set. This means only routers within the NSSA will be able to reach external prefixes.
R7(config)#interface Fa0/1
R7(config-if)#ip ospf prefix-suppression
R7(config)#interface Lo7
R7(config-if)#ip ospf prefix-suppression
R7(config-if)#ip ospf prefix-suppression
R7(config)#interface Lo7
R7(config-if)#ip ospf prefix-suppression
R1#show ip ospf database nssa-external 172.16.1.8
OSPF Router with ID (1.1.1.1) (Process ID 1)
Type-7 AS External Link States (Area 1)
LS age: 1806
Options: (No TOS-capability, No Type 7/5 translation, DC)
LS Type: AS External Link
Link State ID: 172.16.1.8 (External Network Number )
Advertising Router: 7.7.7.7
LS Seq Number: 80000005
Checksum: 0x33B8
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
R1#ping 172.16.1.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms
R3 does not get External LSAs from R2 because translation is not allowed and cannot ping external prefixes.
R3#show ip ospf database external 172.16.1.8
OSPF Router with ID (3.3.3.3) (Process ID 1)
OSPF Router with ID (3.3.3.3) (Process ID 1)
R3#ping 172.16.1.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.8, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5), round-trip min/avg/max = 20/21/24 ms
References
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13682-10.html
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7112-26.html