Cart
The last LSA type that we will examine in this Quick Look series is the Type 7, or NSSA External LSA, used to carry information by external networks inside not so stubby areas.
Network Configuration
We will examine NSSA-External (Type 7) LSA using very simple network shown on the diagram below.
R1 is area router in NSSA area 145 and it redistributes its Loopback1 interface into OSPF domain. Let’s take a look at the relevant configurations on all the routers.
R1:
interface Loopback1 ip address 11.11.11.11 255.255.255.255 ! interface FastEthernet0/0 ip address 145.145.145.1 255.255.255.0 ! route-map CON-to-OSPF permit 10 match interface Loopback1 ! router ospf 1 router-id 1.1.1.1 area 145 nssa redistribute connected subnets route-map CON-to-OSPF network 145.145.145.1 0.0.0.0 area 145 !
R2:
interface Serial0/1/0 ip address 24.24.24.2 255.255.255.0 ! interface Serial0/2/0 ip address 25.25.25.2 255.255.255.0 ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 !
R4:
interface FastEthernet0/0 ip address 145.145.145.4 255.255.255.0 ! interface Serial0/0/0 ip address 24.24.24.4 255.255.255.0 ! interface Serial0/1/0 ip address 45.45.45.4 255.255.255.0 ! router ospf 1 area 145 nssa network 4.4.4.4 0.0.0.0 area 0 network 24.24.24.4 0.0.0.0 area 0 network 45.45.45.4 0.0.0.0 area 0 network 145.145.145.4 0.0.0.0 area 145 !
R5:
interface FastEthernet0/0 ip address 145.145.145.5 255.255.255.0 ! interface Serial0/0/0 ip address 45.45.45.5 255.255.255.0 ! interface Serial0/2/0 ip address 25.25.25.5 255.255.255.0 ! router ospf 1 area 145 nssa network 5.5.5.5 0.0.0.0 area 0 network 25.25.25.5 0.0.0.0 area 0 network 45.45.45.5 0.0.0.0 area 0 network 145.145.145.5 0.0.0.0 area 145 !
This is one very simple OSPF network. First of all, let’s make sure R2 can reach 11.11.11.11/32.
R2:
R2#show ip route 11.11.11.11 Routing entry for 11.11.11.11/32 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 65 Last update from 24.24.24.4 on Serial0/1/0, 1d01h ago Routing Descriptor Blocks: * 25.25.25.5, from 5.5.5.5, 1d01h ago, via Serial0/2/0 Route metric is 20, traffic share count is 1 24.24.24.4, from 5.5.5.5, 1d01h ago, via Serial0/1/0 Route metric is 20, traffic share count is 1 R2#ping 11.11.11.11 source Loopback0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds: Packet sent with a source address of 2.2.2.2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/8 ms
As expected, this works. Now, let’s dive into the database and see what we can find there.
Exploring the Database
NSSA External (Type 7) LSA will not travel outside NSSA area in which it originates. Therefore, we will need to examine it on either R1, R4 or R5. The command to see Type 7 LSAs in the database is “show ip ospf database nssa-esternal”, as shown below.
R4:
R4#show ip ospf database ?
adv-router Advertising Router link states
asbr-summary ASBR summary link states
database-summary Summary of database
external External link states
network Network link states
nssa-external NSSA External link states
opaque-area Opaque Area link states
opaque-as Opaque AS link states
opaque-link Opaque Link-Local link states
router Router link states
self-originate Self-originated link states
summary Network summary link states
| Output modifiers
<cr>
Let’s now examine this information on R4 and see what we’ll find in there.
R4:
R4#show ip ospf database nssa-external OSPF Router with ID (4.4.4.4) (Process ID 1) Type-7 AS External Link States (Area 145) LS age: 117 Options: (No TOS-capability, Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 1.1.1.1 LS Seq Number: 80000037 Checksum: 0x5327 Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 145.145.145.1 External Route Tag: 0
Loads and loads of fun stuff to see. First off, we notice yellow highlighted lines. Those represent external network this LSA describes. Again, network and mask information are separated. This information is followed by magenta highlight, which is the router that originates the LSA. We can see this is the Router ID of our R1. External metric is shown in cyan lines. This is external metric of type 2. Last, but not the least, we have forward address, highlighted green. I love leaving interesting bits for the end and this is not an exception.
Forwarding Address
We can see here that forward address for this LSA, originated by R1, is set to the address of its FastEthernet0/0 interface, which would seem to be logical. Just to confirm it’s actually R1 injecting this information, let’s examine the same LSA on R1 itself.
R1:
R1#show ip ospf database nssa-external self-originate OSPF Router with ID (1.1.1.1) (Process ID 1) Type-7 AS External Link States (Area 145) LS age: 532 Options: (No TOS-capability, Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 1.1.1.1 LS Seq Number: 80000037 Checksum: 0x5327 Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 145.145.145.1 External Route Tag: 0
It’s there, alright, so it was R1 who put it into the LSA. In this scenario, it would seem logical that forward address is this. After all, it’s the shortest path to the external network from the rest of our OSPF domain. Let’s make things a little bit more fun.
R1:
interface FastEthernet0/1 ip address 100.100.100.1 255.255.255.0 no shutdown ! router ospf 1 network 100.100.100.1 0.0.0.0 area 145 !
We added another interface to our OSPF domain. This one has no neighbors, it’s just up/up and advertised into OSPF using network statement. Let’s look at our NSSA external LSA again.
R1:
R1#show ip ospf database nssa-external 11.11.11.11 OSPF Router with ID (1.1.1.1) (Process ID 1) Type-7 AS External Link States (Area 145) LS age: 58 Options: (No TOS-capability, Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 1.1.1.1 LS Seq Number: 80000038 Checksum: 0xF60A Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 100.100.100.1 External Route Tag: 0
Take a look at that forward address. It has been reset to the newly created FastEthernet0/1 interface. You will have to agree that this forward address suddenly makes much less sense tan the previous one. For particular network that is true, however, for some other topology, this forward address may be more suitable. Since routers will always generate only one LSA and advertise it identical to all neighbors due to identical databases requirement, R1 is left with the choice which IP address to use as forward address. Algorithm used to select forward address is very similar to the one used for Router ID selection:
- Highest address of Loopback interface advertised into OSPF is chosen.
- If no Loopbacks are present nor advertised into OSPF, highest address of OSPF interface is chosen.
Let’s put this to test. We’ll advertise Loopback0 of R1 into OSPF and verify if forward address has changed.
R1:
router ospf 1 network 1.1.1.1 0.0.0.0 area 145 !
R1#show ip ospf database nssa-external adv-router 1.1.1.1 OSPF Router with ID (1.1.1.1) (Process ID 1) Type-7 AS External Link States (Area 145) LS age: 4 Options: (No TOS-capability, Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 1.1.1.1 LS Seq Number: 80000039 Checksum: 0xFA2F Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 1.1.1.1 External Route Tag: 0
Indeed, it changed. Does this change anything? Well, it may down the road, especially when this LSA gets “re-advertised” outside NSSA area.
Type 7 to Type 5 Conversion
External LSA originated by ASBR in an NSSA area will not leave NSSA area. If reachability to that network is desired these LSAs need to be converted from Type 7 to External (Type 5). This is performed by NSSA ABR router. Let’s take a look at 11.11.11.11 on R2.
R2:
R2#show ip ospf database external 11.11.11.11 OSPF Router with ID (2.2.2.2) (Process ID 1) Type-5 AS External Link States LS age: 1047 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 5.5.5.5 LS Seq Number: 8000003B Checksum: 0x130F Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 1.1.1.1 External Route Tag: 0
There are couple of things to see above. First of all, this External LSA is originated by R5 and not by R1. So, original NSSA External LSA is “lost” and absolutely new one is created. If we look into the database a bit more, we will also see that there is no Type 4 LSA generated.
R2:
R2#show ip ospf database asbr-summary
OSPF Router with ID (2.2.2.2) (Process ID 1)
Another thing we need to note is the forward address, which “survived the conversion”. It is set to the exact same value set by R1. There are all sorts of problems that can happen with forward address, but we’ll leave that for another blog.
There is yet another thing to be seen here. It may be a little bit more difficult to spot, as it’s not actually seen. See above that this LSA was originated by R5. What happened to the LSA originated by R4? Let’s take a look.
R4:
R4#show ip ospf database external self-originate
OSPF Router with ID (4.4.4.4) (Process ID 1)
It’s not even on R4! Despair not, this is expected behavior. Type 7 to Type 5 conversion is performed by only one ABR, even when multiple ones are present. The ABR that performs the conversion will be the one with the highest Router ID. In our case, it’s R5. This in itself is enough reason to keep forward address in translated LSA. If forward address is non-zero, routers will calculate their path to the forward address and not to the ABR performing the conversion.
This concludes this series of articles. I hope you enjoyed them.
Happy studies!
–
Marko Milivojevic – CCIE #18427
Senior Technical Instructor – IPexpert
Join our Online Study List
Tags: CCIE Routing & Switching, CCIE Service Provider, LSA, OSPF
for the Router-ID selection, isn’t chosen for the highest address?
i’ve tried it on dynamips, and it chose the highest ip add.
CMIIW
Dani,
Router-ID will the value used as highest IP address of any of the configured Loopback interfaces. If there are no Loopback interfaces, highest IP address will be chosen.
i obviously made a silly mistake in the text above for not clarifying how “similar” the process is… ;-) It is similar only in a sense that Loopback will be preferred over Physical or other Logical interfaces, but the lowest value in this case will be chosen.
–
Marko Milivojevic – CCIE #18427
Senior Technical Instructor – IPexpert
Join our Online Study List
thanks for the response, Marko.
but i’ve tried this scenario on dynamips.
still the highest ip address will be chosen as the FA for this LSA.
CMIIW again.. :)
I just re-tested and it’s the lowest one. I guess that you must be missing on some detail. Can you post the exact configuration of the router (all the interfaces, including Loopbacks), OSPF section and relevant “show ip ospf database” output?
–
Marko Milivojevic – CCIE #18427
Senior Technical Instructor – IPexpert
Join our Online Study List
i have used the exact config as this post.
but now, i’ve changed the int fa0/1 on R1 to 150.150.150.1/24.
and the FA chose the new address,not the 145.145.145.1/24
but, when i change it back to 100.100.100.1/24, the FA also change to that address.
here is the exact config :
R1:
R2
R4
R5
output on R2 :
R2(config-if)#do sh ip os data ext OSPF Router with ID (25.25.25.2) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 242 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 145.145.145.4 LS Seq Number: 8000000D Checksum: 0x5199 Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 150.150.150.1 External Route Tag: 0on R1 :
R1(config-if)#do sh ip os data nssa OSPF Router with ID (1.1.1.1) (Process ID 1) Type-7 AS External Link States (Area 145) LS age: 282 Options: (No TOS-capability, Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 11.11.11.11 (External Network Number ) Advertising Router: 1.1.1.1 LS Seq Number: 8000000E Checksum: 0x5A3A Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 150.150.150.1 External Route Tag: 0I must say, this is very interesting! What exact IOS are you using?
By the way, I haven’t seen the exact FA selection process documented anywhere. The algorithm I mentioned was my deduction after process of trial and error. I guess it must have changes at some point, or we are missing something here.
–
Marko Milivojevic – CCIE #18427
Senior Technical Instructor – IPexpert
Join our Online Study List
(C3725-ADVENTERPRISEK9-M), Version 12.4(15)T10
try changing the ip address of int fa0/1.
the lowest or the highest, it’s always changing.
i can get the lower one when i use 100.100.100.1/24.
try also using different address of int loopback.
but for loopback, it’s always the highest. :)
I hope you realize that we’re having an entirely pointless discussion? This is very irrelevant for what the blog article was trying to illustrate and that is how to use OSPF database.
Now, I wasn’t lazy and I recreated the entirely new test with three routers. Here is the topology:
R5–R2–R6
R5 is connected to R2 in area 0. R2 is connected to R6 in area 26, which is NSSA. Connection between R2 and R6 is via Se0/1/0.26 (26.26.26.0/24). R6 has multiple interfaces:
Lo0: 6.6.6.6/32 [advertised in OSPF]
Lo1: 16.16.16.6/32 [advertised in OSPF]
Lo6: 66.66.66.66/32 [REDISTRIBUTED into OSPF]
Fa0/0: 36.36.36.6/24 [advertised in OSPF]
Fa0/1: 11.11.11.6/24 [advertised in OSPF]
Se0/1/0.26: 26.26.26.6/24 [advertised in OSPF]
Now, if I understand what you are saying, in this scenario, Lo1 should be the FA, since it’s the one with the highest IP address. I will observe on R5.
R5#sh ip ospf data ex | begin Network Mask Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 6.6.6.6 External Route Tag: 0It’s in fact the lowest numbered Loopback. When I shut down Loopback0 on R6:
R5#sh ip ospf data ex | begin Network Mask Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 16.16.16.6 External Route Tag: 0As expected, it’s the next available Loopback – Loopback1. Now, let’s shut that one down, too. If what you say is correct, the IP selected as FA should be the highest one, which is 36.36.36.6 (Fa0/0).
R5#sh ip ospf data ex | begin Network Mask Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 11.11.11.6 External Route Tag: 0Now, let’s shut that Fa0/1 down in a hope that 36.36.36.6 gets elected.
R5#sh ip ospf data ex | begin Network Mask Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 36.36.36.6 External Route Tag: 0Only now it has changed. This leads me to believe that there is something else in the selection algorithm other than the IP address itself. I think it begs more testing, but it could be that *Ethernet interfaces are more preferred over Serial. At least in the IOS I’m using, which is 12.2(24)T2.
–
Marko Milivojevic – CCIE #18427
Senior Technical Instructor – IPexpert
Join our Online Study List
The following is taken from RFC 3101
http://www.faqs.org/rfcs/rfc3101.html
When a router is forced to pick a forwarding address for a Type-7 LSA, preference should be given first to the router’s internal addresses (provided internal addressing is supported). If internal addresses are not available, preference should be given to the router’s active OSPF stub network addresses. These choices avoid the possible extra hop that may happen when a transit network’s address
is used. When the interface whose IP address is the LSA’s forwarding address transitions to a Down state (see [OSPF] Section 9.3), the router must select a new forwarding address for the LSA and then re-originate it. If one is not available the LSA should be flushed.
[...] Quick Look Into OSPF Database: NSSA External LSA [...]