- Shutdown R6’s Loopback0 interface and connection to VLAN 146.
- Configure OSPF area 2 so that R3 filters External routes out as they are
sent from area 0 to area 2.
- R6 should still be allowed to redistribute EIGRP into OSPF.
- Note any reachability problems throughout the domain.
command sets:
R3:
router ospf 1
area 2 nssa
R6:
interface Loopback0
shutdown
!
interface FastEthernet0/0.146
shutdown
!
router ospf 1
area 2 nssa
SW1:
router ospf 1
area 2 nssa
SW3:
router ospf 1
NSSA - extends the functionality of the stub area to allow the importing of a subset of external routes into the area. This allows the redistribution to occur within the stub area. while blocking external routes from entering the area through the ABRs.
Type-7 NSSA External LSA this was generated inside the NSSA area.
2 subtype:
N1- same as E1considers the metric that the ASBR reports into the OSPF domain along with the metric neeed to reach the ASBR.
N2 - same as E2 separetes the metric into the flat value that the ASBR reports into the OSPF domain. which is installed in the routing table, and the value needed to reach the ASBR, known as forward metric.
verification:
Rack1SW1#show ip route | include N1|N2
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
O N2 200.0.0.0/24 [110/20] via 155.1.67.6, 00:00:41, Vlan67
O N2 54.1.1.0 [110/20] via 155.1.67.6, 00:00:41, Vlan67
O N2 200.0.1.0/24 [110/20] via 155.1.67.6, 00:00:41, Vlan67
O N2 200.0.2.0/24 [110/20] via 155.1.67.6, 00:00:41, Vlan67
O N2 200.0.3.0/24 [110/20] via 155.1.67.6, 00:00:41, Vlan67
Rack1SW1#show ip route 200.0.0.0
Routing entry for 200.0.0.0/24
Known via "ospf 1", distance 110, metric 20, type NSSA extern 2, forward metric 30
Last update from 155.1.67.6 on Vlan67, 00:01:19 ago
Routing Descriptor Blocks:
* 155.1.67.6, from 150.1.6.6, 00:01:19 ago, via Vlan67
Route metric is 20, traffic share count is 1
ABR converts Type-7 LSA to type-5 LSA, if multiple ABRs exist only one of them will perform the conversion through an election process. OSPF devices outside the NSSA do not know that NSSA exists.
Rack1R3#sho ip ospf database | begin Type-7
Type-7 AS External Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Tag
54.1.1.0 150.1.6.6 319 0x80000001 0x005480 0
200.0.0.0 150.1.6.6 319 0x80000001 0x00F94A 0
200.0.1.0 150.1.6.6 319 0x80000001 0x00EE54 0
200.0.2.0 150.1.6.6 319 0x80000001 0x00E35E 0
200.0.3.0 150.1.6.6 319 0x80000001 0x00D868 0
<output omitted>
Rack1R3#show ip ospf database nssa-external 200.0.0.0
OSPF Router with ID (150.1.3.3) (Process ID 1)
Type-7 AS External Link States (Area 2)
Routing Bit Set on this LSA
LS age: 387
Options: (No TOS-capability, Type 7/5 translation, DC)
LS Type: AS External Link
Link State ID: 200.0.0.0 (External Network Number )
Advertising Router: 150.1.6.6
LS Seq Number: 80000001
Checksum: 0xF94A
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 155.1.67.6
External Route Tag: 0
below is the results of the ABR R3 translations of Type7 to Type5
Rack1R5#show ip ospf database | begin Type-5
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
30.0.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00D80A 0
30.1.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00CC15 0
30.2.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00C020 0
30.3.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00B42B 0
31.0.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00CB16 0
31.1.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00BF21 0
31.2.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00B32C 0
31.3.0.0 150.1.4.4 1 (DNA) 0x80000001 0x00A737 0
51.51.51.51 192.10.1.254 50 (DNA) 0x80000001 0x009C6C 0
54.1.1.0 150.1.3.3 521 0x80000001 0x0010D4 0
200.0.0.0 150.1.3.3 521 0x80000001 0x00B59E 0
200.0.1.0 150.1.3.3 521 0x80000001 0x00AAA8
200.0.2.0 150.1.3.3 521 0x80000001 0x009FB2 0
200.0.3.0 150.1.3.3 521 0x80000001 0x0094BC 0
204.12.1.0 150.1.4.4 8 (DNA) 0x80000001 0x005EC8 0
Rack1R5#show ip ospf database external 200.0.0.0
OSPF Router with ID (150.1.5.5) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 610
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 200.0.0.0 (External Network Number )
Advertising Router: 150.1.3.3
LS Seq Number: 80000001
Checksum: 0xB59E
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 155.1.67.6
External Route Tag: 0
Rack1R5#show ip route 155.1.67.6
Routing entry for 155.1.67.0/24
Known via "ospf 1", distance 110, metric 394, type inter area
Last update from 155.1.0.3 on Serial0/0, 00:11:17 ago
Routing Descriptor Blocks:
* 155.1.0.3, from 150.1.3.3, 00:11:17 ago, via Serial0/0
Route metric is 394, traffic share count is 1
Rack1R5#show ip route 200.0.0.0
Routing entry for 200.0.0.0/24
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 394
Last update from 155.1.0.3 on Serial0/0, 00:10:57 ago
Routing Descriptor Blocks:
* 155.1.0.3, from 150.1.3.3, 00:10:57 ago, via Serial0/0
Route metric is 20, traffic share count is 1
computing the forward metric of 394 = R5 to R3 cost + R3 to SW1 cost + SW1 to R6 cost
Rack1R5#show ip ospf database router 150.1.5.5 self-originate OSPF Router with ID (150.1.5.5) (Process ID 1) Router Link States (Area 0) LS age: 1178 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 150.1.5.5 Advertising Router: 150.1.5.5 LS Seq Number: 80000008 Checksum: 0x694D Length: 108 Area Border Router Number of Links: 7<output omitted> Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 150.1.3.3 (Link Data) Router Interface address: 155.1.0.5 Number of TOS metrics: 0 TOS 0 Metrics: 64
Rack1R3#show ip ospf database router 150.1.3.3 self-originate
OSPF Router with ID (150.1.3.3) (Process ID 1)
<output omitted>
Router Link States (Area 2)
LS age: 1021
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 150.1.3.3
Advertising Router: 150.1.3.3
LS Seq Number: 80000005
Checksum: 0xE749
Length: 36
Area Border Router
AS Boundary Router
Number of Links: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 155.1.37.7
(Link Data) Router Interface address: 155.1.37.3
Number of TOS metrics: 0
TOS 0 Metrics: 300
Rack1SW1#show ip ospf database router 150.1.7.7 self-originate
OSPF Router with ID (150.1.7.7) (Process ID 1)
Router Link States (Area 2)
LS age: 140
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 150.1.7.7
Advertising Router: 150.1.7.7
LS Seq Number: 8000000E
Checksum: 0xE3A2
Length: 84
Number of Links: 5
Link connected to: a Stub Network
(Link ID) Network/subnet number: 150.1.7.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 155.1.37.7
(Link Data) Router Interface address: 155.1.37.7
Number of TOS metrics: 0
TOS 0 Metrics: 300
Link connected to: a Transit Network
(Link ID) Designated Router address: 155.1.79.9
(Link Data) Router Interface address: 155.1.79.7
Number of TOS metrics: 0
TOS 0 Metrics: 30
Link connected to: a Transit Network
(Link ID) Designated Router address: 155.1.67.6
(Link Data) Router Interface address: 155.1.67.7
Number of TOS metrics: 0
TOS 0 Metrics: 30
Link connected to: a Stub Network
(Link ID) Network/subnet number: 155.1.7.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 30
Important notes;
- NSSA blocks other type5 external LSAs from entering the NSSA area on the ABRs.
- a default route is not automatically originated by NSSA ABR. this means it can reach other areas in the OSPF domain but not other external domains.
Rack1R3#show ip route 30.0.0.1
Routing entry for 30.0.0.0/16
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 19494
Last update from 155.1.0.5 on Serial1/0, 00:25:53 ago
Routing Descriptor Blocks:
* 155.1.0.5, from 150.1.4.4, 00:25:53 ago, via Serial1/0
Route metric is 20, traffic share count is 1
Rack1R3#ping 30.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/44/72 ms
Rack1SW1#show ip ospf database | begin Type-5
Rack1SW1#show ip route 30.0.0.1
% Network not in table
Rack1SW1#ping 30.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.0.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Rack1SW1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
155.1.0.0/16 is variably subnetted, 16 subnets, 2 masks
O IA 155.1.146.0/24 [110/20094] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.23.0/24 [110/301] via 155.1.37.3, 00:26:56, FastEthernet0/3
O 155.1.9.0/24 [110/60] via 155.1.79.9, 00:26:56, Vlan79
O IA 155.1.13.0/24 [110/19730] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.0.2/32 [110/301] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.0.3/32 [110/300] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.0.1/32 [110/78323] via 155.1.37.3, 00:26:56, FastEthernet0/3
C 155.1.7.0/24 is directly connected, Vlan7
O IA 155.1.0.4/32 [110/19794] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.5.0/24 [110/19731] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.0.5/32 [110/19730] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.58.0/24 [110/19731] via 155.1.37.3, 00:26:56, FastEthernet0/3
O IA 155.1.45.0/24 [110/19794] via 155.1.37.3, 00:27:02, FastEthernet0/3
C 155.1.37.0/24 is directly connected, FastEthernet0/3
C 155.1.79.0/24 is directly connected, Vlan79
C 155.1.67.0/24 is directly connected, Vlan67
O N2 200.0.0.0/24 [110/20] via 155.1.67.6, 00:27:02, Vlan67
54.0.0.0/24 is subnetted, 1 subnets
O N2 54.1.1.0 [110/20] via 155.1.67.6, 00:27:02, Vlan67
O N2 200.0.1.0/24 [110/20] via 155.1.67.6, 00:27:02, Vlan67
O N2 200.0.2.0/24 [110/20] via 155.1.67.6, 00:27:02, Vlan67
O N2 200.0.3.0/24 [110/20] via 155.1.67.6, 00:27:02, Vlan67
O IA 192.10.1.0/24 [110/601] via 155.1.37.3, 00:27:02, FastEthernet0/3
150.1.0.0/24 is subnetted, 7 subnets
C 150.1.7.0 is directly connected, Loopback0
O IA 150.1.5.0 [110/19731] via 155.1.37.3, 00:27:02, FastEthernet0/3
O IA 150.1.4.0 [110/19795] via 155.1.37.3, 00:27:02, FastEthernet0/3
O IA 150.1.3.0 [110/301] via 155.1.37.3, 00:27:02, FastEthernet0/3
O IA 150.1.2.0 [110/302] via 155.1.37.3, 00:27:02, FastEthernet0/3
O IA 150.1.1.0 [110/78324] via 155.1.37.3, 00:27:03, FastEthernet0/3
O 150.1.9.0 [110/31] via 155.1.79.9, 00:27:03, Vlan79
NSSA Default routing
- configure R3 to advertise a default route into NSSA area 2
- default route must have a default cost of 500.
command sets:
R3
router ospf 1
area 2 nssa default-information-originate
area 2 default-cost 500
verification:
Rack1SW1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 155.1.37.3 to network 0.0.0.0
155.1.0.0/16 is variably subnetted, 16 subnets, 2 masks
O IA 155.1.146.0/24 [110/20094] via 155.1.37.3, 00:02:37, FastEthernet0/3
O IA 155.1.23.0/24 [110/301] via 155.1.37.3, 00:04:45, FastEthernet0/3
O 155.1.9.0/24 [110/60] via 155.1.79.9, 00:04:45, Vlan79
O IA 155.1.13.0/24 [110/19730] via 155.1.37.3, 00:04:45, FastEthernet0/3
O IA 155.1.0.2/32 [110/301] via 155.1.37.3, 00:03:56, FastEthernet0/3
O IA 155.1.0.3/32 [110/300] via 155.1.37.3, 00:03:45, FastEthernet0/3
O IA 155.1.0.1/32 [110/78323] via 155.1.37.3, 00:02:38, FastEthernet0/3
C 155.1.7.0/24 is directly connected, Vlan7
O IA 155.1.0.4/32 [110/19794] via 155.1.37.3, 00:02:38, FastEthernet0/3
O IA 155.1.5.0/24 [110/19731] via 155.1.37.3, 00:02:38, FastEthernet0/3
O IA 155.1.0.5/32 [110/19730] via 155.1.37.3, 00:02:38, FastEthernet0/3
O IA 155.1.58.0/24 [110/19731] via 155.1.37.3, 00:02:38, FastEthernet0/3
O IA 155.1.45.0/24 [110/19794] via 155.1.37.3, 00:02:38, FastEthernet0/3
C 155.1.37.0/24 is directly connected, FastEthernet0/3
C 155.1.79.0/24 is directly connected, Vlan79
C 155.1.67.0/24 is directly connected, Vlan67
O N2 200.0.0.0/24 [110/20] via 155.1.67.6, 00:02:53, Vlan67
54.0.0.0/24 is subnetted, 1 subnets
O N2 54.1.1.0 [110/20] via 155.1.67.6, 00:02:54, Vlan67
O N2 200.0.1.0/24 [110/20] via 155.1.67.6, 00:02:54, Vlan67
O N2 200.0.2.0/24 [110/20] via 155.1.67.6, 00:02:54, Vlan67
O N2 200.0.3.0/24 [110/20] via 155.1.67.6, 00:02:54, Vlan67
O IA 192.10.1.0/24 [110/601] via 155.1.37.3, 00:04:27, FastEthernet0/3
150.1.0.0/24 is subnetted, 7 subnets
C 150.1.7.0 is directly connected, Loopback0
O IA 150.1.5.0 [110/19731] via 155.1.37.3, 00:02:38, FastEthernet0/3
O IA 150.1.4.0 [110/19795] via 155.1.37.3, 00:02:39, FastEthernet0/3
O IA 150.1.3.0 [110/301] via 155.1.37.3, 00:04:47, FastEthernet0/3
O IA 150.1.2.0 [110/302] via 155.1.37.3, 00:04:28, FastEthernet0/3
O IA 150.1.1.0 [110/78324] via 155.1.37.3, 00:02:39, FastEthernet0/3
O 150.1.9.0 [110/31] via 155.1.79.9, 00:04:47, Vlan79
O*N2 0.0.0.0/0 [110/500] via 155.1.37.3, 00:00:08, FastEthernet0/3
Rack1SW1#ping 30.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 58/67/92 ms