OSPF Scenario with two Backbone Areas



In the following topology we have two companies: East Company (routers WR1,WR2,WR3), and West Company (router ER1). Some employees of EastCompany reside on WR3 router of West Company (subnet 192.168.10./24). As we can see between West and East Companies there is an uplink which connects routers WR3 and ER1 with OSPF protocol Area 0. As matter of fact we have very odd scenario with two OSPF Backbone Areas. And one more thing, router ER1 should not maintain/see the routes in Backbone Area 0 of WR1 and WR2 routers but users in East Company should be able to get access to all subnets in West Company.

 
The approach described violates one of the concepts of OSPF which is that the area 0 backbone should be contiguous. It may work or things may break depending on some details of how it gets implemented. Some of the things that can cause black holing of traffic or other problems can include:

- if you have configured stub areas, the stub area will have a default route pointed to its area 0. Traffic to destinations reached through the other area 0 will be unreachable if the area 0s are discontiguous.

- if you have configured summarization it may become ambiguous where some of the routes are located and how to get to them.

- if you configure area(s) as NSSA it may become ambiguous how to get to some destinations.

The choice of OSPF protocol designers is clear: in a multi area domain the backbone area is the center and all other areas have to connect to it.

You can visualize the OSPF multi-area rules as a daisy flower with area 0 that is the center of the flower and the other areas are the petals. For going from a petal to another one you have to go through the center.
More on OSPF Area Types you can find here: https://packetlife.net/blog/2008/jun/24/ospf-area-types/


Let’s see if can find a solution here:

First of all let’s check the routers configuration:

Configuration on WR1:


router ospf 1
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 0
network 3.3.3.0 0.0.0.255 area 0
network 4.4.4.0 0.0.0.255 area 0
network 10.1.1.0 0.0.0.255 area 0
network 192.168.0.0 0.0.0.255 area 0

Configuration on WR2:

Since East Company (ER1 router) should not maintain routes from Backbone Area 0 (WR1, WR2 routes) standard areas won’t work here, because all routers know about all routes. We have to make Area 10 as a stub area which will be providing a limited access to the subnets in Backbone Area for East Company router ER1, and maintaining a full link state database is unnecessary.

Additionally, an area may contain low-end routers incapable of maintaining a full database for a large OSPF network. Such areas can be configured to block certain LSA types and become lightweight stub areas.

We gonna make Area 10 as a totally NSSA area. An NSSA makes use of type 7 LSAs, which are essentially type 5 LSAs in disguise. This allows an ASBR to advertise external links to an ABR, which converts the type 7 LSAs into type 5 before flooding them to the rest of the OSPF domain. An NSSA can function as either a stub or totally stubby area. To expand an NSSA to function as a totally stubby area, eliminating type 3 LSAs, all of its ABRs must be configured with the no-summary parameter:
 
router ospf 1
log-adjacency-changes
area 10 nssa no-summary
network 10.1.1.0 0.0.0.255 area 0
network 10.10.10.0 0.0.0.255 area 10
 
Configuration on WR3

Router WR3 is an ABR and also an ASBR, as such we should not only configure Area 10 as totally NSSA but also we have to redistribute OSPF routes from one OSPF domain (West Company) to another (East Company) and vice versa.

router ospf 1
log-adjacency-changes
area 10 nssa no-summary
redistribute ospf 10 subnets
network 10.10.10.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 10

router ospf 10
log-adjacency-changes
redistribute static
redistribute ospf 1 subnets
network 10.30.30.0 0.0.0.255 area 0
default-information originate

Note: As traffic cannot be routed to external destinations without a default route, you'll probably want to include one by appending default-information-originate. To pass the default route to ER1 router we gonna redistribute it to OSPF as well with redistribute static command.

Configuration on ER1

router ospf 10
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 10.30.30.0 0.0.0.255 area 0

Now let’s check the routing tables:

On WR3 Router:

WR3#show ip route

Gateway of last resort is 10.10.10.254 to network 0.0.0.0
 
1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/11] via 10.30.30.253, 03:45:22, FastEthernet0/1

C 192.168.10.0/24 is directly connected, FastEthernet1/0

10.0.0.0/24 is subnetted, 2 subnets

C 10.30.30.0 is directly connected, FastEthernet0/1

C 10.10.10.0 is directly connected, FastEthernet0/0

O*IA 0.0.0.0/0 [110/11] via 10.10.10.254, 03:45:27, FastEthernet0/0

 
On ER1 Router:


ER1#show ip route
 
Gateway of last resort is 10.30.30.254 to network 0.0.0.0
1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback0

O E2 192.168.10.0/24 [110/1] via 10.30.30.254, 03:47:32, FastEthernet0/0

10.0.0.0/24 is subnetted, 2 subnets

C 10.30.30.0 is directly connected, FastEthernet0/0

O E2 10.10.10.0 [110/10] via 10.30.30.254, 03:47:32, FastEthernet0/0

O*E2 0.0.0.0/0 [110/1] via 10.30.30.254, 03:47:32, FastEthernet0/0

As we can see there are no routes belonging to OSFP Backbone Area 0 formed by WR1 and WR2 routers. But router ER1 can reach these networks with redistributed default route.






 


Comments

Post a Comment

Popular posts from this blog

HPE MSR series router NAT, DHCP, SSH config

Image
1. NAT Configuration    1.1. Define Access List [Router] acl basic 2001  [Router] step 1 [Router] rule 0 permit [Router] rule 10 deny 2. Interfaces Configuration    2.1. External (WAN) interface configuration [Router] interface GigabitEthernet 0/0/0 [Router] ip address 10.163.195.2 255.255.255.0 [Router] nat outbound 2001     2.2. Internal (LAN) sub-interfaces configuration [Router] interface GigabitEthernet 0/0/1.2 [Router] ip address 192.168.1.2 255.255.255.0 [Router] vlan-type dot1q vid 2 [Router] interface GigabitEthernet 0/0/1.3 [Router] ip address 192.168.2.2 255.255.255.0 [Router] vlan-type dot1q vid 3 [Router] interface GigabitEthernet 0/0/1.4 [Router] ip address 192.168.3.2 255.255.255.0 [Router] vlan-type dot1q vid 4 3. DHCP Server Configuration     3.1. Enable DHCP service on router [Router] dhcp enable     3.2. Define dhcp settings for vlan 2...
Read more

Install Junos with USB

You discover that your Junos EX or SRX device does not complete normal boot up. The image seems to be corrupted for some reason, such as a continuous power failure. If this occurs, don’t worry, you can get it back up within few minutes using the USB port. Step 1. Get a USB flash drive. Copy the Junos image to the USB drive (without creating folders). Use FAT file format if the USB size is less than 2 GB. Use FAT32 if the USB size is greater than or equal to 4 GB. The example below uses the file image junos-srxsme-10.4R1.9-domestic .tgz. Step 2. Insert the flash into an EX/SRX USB port. Step 3. Reboot the device. When Junos boots up, you will see the message : Press Space to abort autoboot Do nothing. A little while later, you will see: Hit [Enter] to boot immediately, or space bar for command prompt. Press the space bar. You will be at loader mode; the prompt should be loader>. If the prompt is > , type >boot to make it loader>. Step 4. Now type the following command: lo...
Read more

Juniper SRX Routing Instances Configuration and Importing Routes to and from virtual routers

Image
Our goal is to configure routing instances on all devices and provide routing between all instances with ospf protocol. Configure routing instances on SRX1: We will be using a tagged interface ge-0/0/1 where vlan 10 is for vr10.10 routing instance and vlan 20 is for vr20.20: set interfaces ge-0/0/1 vlan-tagging set interfaces ge-0/0/1 unit 10 vlan-id 10 set interfaces ge-0/0/1 unit 10 family inet address 172.16.10.1/24 set interfaces ge-0/0/1 unit 20 vlan-id 20 set interfaces ge-0/0/1 unit 20 family inet address 172.16.20.1/24 Now create routing instances and assign interfaces to them: set routing-instances vr10.10 instance-type virtual-router set routing-instances vr10.10 interface ge-0/0/1.10 set routing-instances vr20.20 instance-type virtual-router set routing-instances vr20.20 interface ge-0/0/1.20 Configure rib-groups to import routes from one routing instance to another (Another alternative is to configure policy-options for importing): set routing-instances vr10.10 routing-opti...
Read more