Problem: ASBR in a Stub Area cannot import external addresses to OSPF routers.
Goal: Conifgure an area as NSSA to allow SBR import externaal addesses with type 7 LSA. ABR maps type
7 LSA to type 5 and floods them to other areas.
Step1: 1) At init, routers are in Full state. LSDBs are synchronized. No Stub area or NSSA is confugured.
2) Configure area 1 NSSA (R2, R3, R4). Type 4, 5 LSA are deleted from routers in NSSA
3) R2 (ASBR) creates two type-7 LSA and floods them in area 1.
4) R4 (ABR) creates a default route 0.0.0.0 and floods it to NSSA.
5) R2 floods type 5 LSA. R4 converts type 7 LSA to type 5 LSA, and floods them to other areas.
Topology, Stub Area, NSSA
Topology: 3 AS are coonnected as RIP1-OSPF-RIP2.
R2 is an ASBR conncteced to RIP1 and OSPF. R5 is an ASBR connecting OSPF and RIP2.
R4 is ABR connecting area 0 and area 1.
Area 1 is NSSA. It includues R2, R3, R4.
Init: 126.96.36.199 is imported
At init, neighboring routers are in Full state and have sychronized their LSDB. ASBR R2 has imported external address 188.8.131.52/24 to OSPF routers as Type 5 LSA. R4 contains 4 type 5 LSA (from RIP-1 and RIP-2).
Now network admin wants to reduce area 1's LSDBs sizes. If he configures area 1 as a stub area, exterrnal addresses learbned from RIP1 would be deleted. Is there any allternatives?
NSSA: Import exteral as type 7
The solution is NSSA (Not So stub Area).
Like Stub Area, NSSA routers dont keepp type 4, 5 LSA. But ASBR can import external addresses.
- When ASBR discovers an external address, it creates a type -7 LSA and floods it into NSSA.
- When NSSA's ABR receives type 7 LSA, it converts type 7 LSA to type 5, and floods it to other area.
As a results, all OSPF reouters learn the external address. Now let's start.
Configure area 1 as NSSA
In R2, R3's command windows, type "area 1 nssa" This command makes R2, R3 NSSA routers.
In R4 command window, type "area 1 nssa defautl-information originate." R4 will create a default route 0.0.0.0 and flods it in NSSA.
Area 1: Delete Type 5 LSA
After configring area 1 as NSSA, type 4, 5 LSAs are deleted from area 1 router LSDB (R2, R3, R4).
Note. In 《CCIE：Routing TCP/IP》, p484 says NSSA contains type 4 LSA. This is inconsitent with what we see from Cisco IOS (dynamips).
R2: Create Type-7-LSA
R2 is an ASBR and a NSSA router, in addition to delete type 5 LSA, it also creates a NSSA External LSA (type 7) to specify external addresses 184.108.40.206 and 220.127.116.11.
R4 creates a NSSA External LSA to specify a default route 0.0.0.0.
The purppose of type 7 LSA is to get around the rules of Styb Area: delete type 5 LSA.
R2, R4: Flod type 7 LSA
Then 3 Updates are flooded by R2 and R4:
- R2 floods two type 7 LSA in NSSA to annouce external addresses learned from RIP-1.
- R4 floods one type 7 LSA (0.0.0.0) in NSSA to annouce the default route.
- R4 also floods type 4 LSA in area 0 cancel the ASBR Summary LSA it sent before (with age 3600.)
Area 1: LSDB synchronization
When R3 receives type 7 LSA from R2, it saves them in LSDB and floods again to its neighbor R4..
When R4 receives these type 7 LSA, it saves them to its LSDB.
When R3 receives type 7 LSA (0.0.0.0) from R4, it saves it to LSDB and floods again to R2. When R2 receives this type 7 LSA, it saves it to its LSDB.
Now NSSA's routers' LSDB are in sycnh.
R4: ABR mapps Type 7 toType 5
After R4 recevies two type 7 LSA, it conerts to type 5 LSA (External LSA) and floods them in area 0.
Type 7 LSA contains a P-bit. When P=0, ABRS does not map type 7 LSA to type 5.
When P=1, ABR maps type 7 LSA to type 5 LSA and floods it to other areas,
R4: ABR floods Type-5-LSA
When R5 receives two type 5 LSA from R4 (ABR), it discovers two external addresses from RIP-1 (18.104.22.168, 22.214.171.124.)
Note: When area 1 is configured as NSSA, R4 becomes "ASBR" from R5 (in area 0) point of view. When R5 is
accessing the externall address, the path is R5 > R4 (ASBR) > R2 (NSSA ASBR) > R1 (external AS).
R4: Configiure Totally NSSA
To remove type 3 LSA from NSSA and makes area 1 Totally NSSA, at R4 command window, type:
"area 1 nssa no-summary"
R4: No Type 3
After configuring R4 as Totally NSSA, R4 deletes type 3 LSA from LSDB.
R4: send default route
R4 floods an Update which contains two type 3 LSAs:
- Type-3-LSA（172.16.255.8）: Age 3600. When R3, R2 receive it, the exisiting LSA is deleted from LSDB.
- Type 3 LSA (0.0.0.0.0) is a new LSA generated by R4. It is used as default toute by R2 and R3.
R4: gateway to other areas/ AS
Now R4 becomes NSSA area gateway as well as external gateway.
- When R3 accesses addresses in RIP1, the path is R3 > R4 > R3> R2>R1.
- When R3 accesses RIP-2 addresses, the path is R3>R4>R5.
- When R3 accesses area 0 addresess, the path is R3> R4>R5.
1. What is NSSA? Answer: It is a Stub Area that allows ASBR to import external destinations into OSPF. 2. How does NSSA work? Answer: Let’s describe a scenario as follows:: - ASBR learns a new external address, creates a Type 7 LSA, and floods it into NSSA. - Internal routers receive this LSA and create a new entry for this address in their routing tables. - ABR receives a Type 7 LSA, converts it into an External LSA, and floods it into other areas. ABR indicates in the External LSA that it is the originating. That is, ABR behaves like an ASBR for routers in other areas. - Routers in other areas think ABR is the ASBR for this external address specified in Type 5 LSA. 3. How do you compare Stub Area and NSSA? Answer: Commons: They don't support Type 4, 5 LSA. Internal routes use ABR as defult gateway. Differences: There are 3 differences: 1) Stub Area cannot import external destinations. 2) Stub Area routers use ABR to access outside world. NSSA routers access external addresses in two ways: a) For addresses announced by NSSA ASBR, use ASBR as next hop. b) For other external addresses, use ABR as the next hop. 3) NSSA uses Type 7 LSA 4) In NSSA, ABR plays dual roles. It is an ABR and ASBR. It creates Type 5 LSA for external addresses announced by ASBR and floods them into other areas. 5) ABR floods a type 3 default route 0.0.0.0 to stub routers. ABRS floods type 7 default route 0.0.0.0 to NSSA routers. 4. What does ABR do to make routers in other areas think it is an ASBR? Answer: The short answer is E bit. Let’s assume a ABR connects area 0, 1. Area 1 is NSSA. 1) When configuring ABR as an NSSA router in area 1, ABR changes its area 0 Router LSAs by setting its E bit to 1. It means that ABR is an ASBR for area 0. Then ABR re-floods its Router LSA in area 0. 2) Also, ABR sets its area 0 Router LSA E bit to 1 and floods it in area 1. It also floods a type 7 default route 0.0.0.0 in area 1. 3). When area 1’s ASBR learns a new external address, it floods a Type 7 LSA in area 1. 4) When ABR receives this LSA, it converts it to External LSA and floods the LSA into area 0. 5) When area 0 routers receive External LSA from ABR, they see ABR as the ASBR originating the LSA. 5. How does a host in a non-NSSA area send packets to external destinations discovered by NSSA’s ASBR? Answer. It is done in 3 steps: 1) Host uses the non-NSSA router as the default gateway and forwards packet to it. 2) he router in non-NSSA area forwards packets to next hop ABR. This external address is specified in a Type 5 LSA that was originated by ABR. As fasr as these routers (in non-NSSA area) concers, ABR is their ASBR for these external addresses. 3)ABR forwards packets to NSSA’s ASBR. 4)ASBR forwards packets to the next hop in the alien AS.
|Single step forward|
|Backup one step|
|Read the next page|
|Read the last page|
|Don’t show me this message next time.|