OSPF NSSA External LSA Type 7 P-bit
Redistribute RIP into OSPF NSSA area
・The area 23 is NSSA. ・R2, an ASBR, redistribute RIP into OSPF with summarizing. ・You should configure that only routers that inside NSSA can access external routes. ・You MUST control it by only ASBR.
Initial Set Up
[R1] interface Loopback1 ip address 10.0.1.1 255.255.255.0 ! interface Loopback2 ip address 10.0.2.1 255.255.255.0 ! interface Loopback3 ip address 10.0.3.1 255.255.255.0 ! interface FastEthernet0/0 ip address 10.0.0.1 255.255.255.0 duplex auto speed auto ! router rip network 10.0.0.0
[R2] interface FastEthernet0/0 ip address 10.0.0.2 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 ip address 192.168.23.2 255.255.255.0 duplex auto speed auto ! router ospf 1 router-id 2.2.2.2 area 23 nssa redistribute rip subnets network 192.168.23.2 0.0.0.0 area 23 ! router rip network 10.0.0.0 redistribute ospf 1 metric 5
[R3] interface FastEthernet0/0 ip address 192.168.23.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 ip address 192.168.34.3 255.255.255.0 duplex auto speed auto ! router ospf 1 router-id 3.3.3.3 area 23 nssa network 192.168.23.3 0.0.0.0 area 23 network 192.168.34.3 0.0.0.0 area 0
[R4] interface FastEthernet0/0 ip address 192.168.34.4 255.255.255.0 duplex auto speed auto ! router ospf 1 router-id 4.4.4.4 network 192.168.34.4 0.0.0.0 area 0
■LSA Type 7 P-bit
R2, an ASBR, advertises LSA Type 7 when redistributing other routing protocol into OSPF.
At that time, the P(Propagate)-bit is set to 1.
R3, an ABR, translates it into LSA type 5 when receiving, and advertises it into area 0.
R2#sh ip ospf database nssa-external
OSPF Router with ID (2.2.2.2) (Process ID 1)
Type-7 AS External Link States (Area 23)
LS age: 516 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 80000004 Checksum: 0x7F7 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
:
:
R3#sh ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-7 AS External Link States (Area 23)
Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 534 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 80000003 Checksum: 0x9F6 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
:
:
R4#sh ip ospf database external
OSPF Router with ID (4.4.4.4) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 676 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 3.3.3.3 LS Seq Number: 80000004 Checksum: 0x7D87 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
:
:
R4#sh ip route ospf
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 4 subnets O E2 10.0.0.0 [110/20] via 192.168.34.3, 00:03:10, FastEthernet0/0 O E2 10.0.1.0 [110/20] via 192.168.34.3, 00:03:10, FastEthernet0/0 O E2 10.0.2.0 [110/20] via 192.168.34.3, 00:03:10, FastEthernet0/0 O E2 10.0.3.0 [110/20] via 192.168.34.3, 00:03:10, FastEthernet0/0 O IA 192.168.23.0/24 [110/2] via 192.168.34.3, 00:05:55, FastEthernet0/0
R4#ping 10.0.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 104/131/164 ms
■Summarize external routes by summary-address command
You summarize external routes using summary-address command.
[R2] router ospf 1 summary-address 10.0.0.0 255.255.252.0
R2#sh ip ospf database nssa-external
OSPF Router with ID (2.2.2.2) (Process ID 1)
Type-7 AS External Link States (Area 23)
LS age: 183 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 8000000E Checksum: 0xE314 Length: 36 Network Mask: /22 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
A prefix 10.0.0.0/22 summarized by ASBR is also set P-bit to 1.
R2#sh ip route ospf
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks O 10.0.0.0/22 is a summary, 00:01:49, Null0
The null 0 summarizing route is installed to ASBR to prevent routing loop.
R3#sh ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-7 AS External Link States (Area 23)
Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 158 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 8000000A Checksum: 0xEB10 Length: 36 Network Mask: /22 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
R3#sh ip route ospf
10.0.0.0/22 is subnetted, 1 subnets O N2 10.0.0.0 [110/20] via 192.168.23.2, 00:02:14, FastEthernet0/0
ABR translates LSA type 7 to LSA type 5.
R4#sh ip route ospf
Gateway of last resort is not set
10.0.0.0/22 is subnetted, 1 subnets O E2 10.0.0.0 [110/20] via 192.168.34.3, 00:03:14, FastEthernet0/0 O IA 192.168.23.0/24 [110/2] via 192.168.34.3, 02:35:31, FastEthernet0/0
■Set P-bit to zero by ASBR
[R2] router ospf 1 summary-address 10.0.0.0 255.255.252.0 nssa-only
The P-bit is set to zero when using summary-address command with option 'nssa-only'.
R2#sh ip ospf database nssa-external
OSPF Router with ID (2.2.2.2) (Process ID 1)
Type-7 AS External Link States (Area 23)
LS age: 21 Options: (No TOS-capability, No Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 8000000B Checksum: 0x62A0 Length: 36 Network Mask: /22 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
R3#sh ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-7 AS External Link States (Area 23)
Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 488 Options: (No TOS-capability, No Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 8000000B Checksum: 0x62A0 Length: 36 Network Mask: /22 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
ABR does NOT translate LSA type 7 to LSA type 5 when receiving P-bit zero.
Therefore, other areas which includes backbone do NOT learn external routes.
R4#sh ip ospf database external
OSPF Router with ID (4.4.4.4) (Process ID 1)
R4#sh ip route ospf
Gateway of last resort is not set
O IA 192.168.23.0/24 [110/2] via 192.168.34.3, 02:07:18, FastEthernet0/0
R2#ping 10.0.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/45/64 ms
R3#ping 10.0.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 56/66/76 ms
You can design the topology that only NSSA can access external routes.
■Set P-bit to zero not using summary-address command
[R2] router ospf 1 no summary-address 10.0.0.0 255.255.252.0 redistribute rip subnets nssa-only
The P-bit is set to zero when using redistribute command with option 'nssa-only'.
R3#sh ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-7 AS External Link States (Area 23)
Routing Bit Set on this LSA in topology Base with MTID 0 LS age: 8 Options: (No TOS-capability, No Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 10.0.0.0 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 8000000F Checksum: 0x6992 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.23.2 External Route Tag: 0
:
:
R4#sh ip route ospf
Gateway of last resort is not set
O IA 192.168.23.0/24 [110/2] via 192.168.34.3, 00:10:20, FastEthernet0/0
ABR does NOT translate LSA type 7 to LSA type 5 when receiving P-bit zero.
【Reference】
■OSPF Not-So-Stubby Area (NSSA) What Is a Type 7 LSA? https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/6208-nssa.html#topic1
■CCO OSPF Command Reference summary-address (OSPF) https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book/ospf-s1.html#wp4241563273
■CCO Protocol-Independent Command Reference redistribute (IP) https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/command/iri-cr-book/iri-cr-a1.html#wp4119362624
