OSPF Not-So-Stubby Areas

The basic premise behind stub areas in OSPF is that if routers want to communicate to another area they need to send packets to the Area Border Router (ABR), a router that connects OSPF areas.

So, by using a default route that points to ABRs address the routers inside an area can reach all the destinations outside their area without the need to have all the specific routes in their routing tables.

In the last blog post about different OSPF area types we noted that multiple types of OSPF areas exist. We also briefly explained each area type and why is it useful. Then we configured two of those types in GNS3: Stub areas & Totally Stubby Areas.

External Routes are not advertied into a stub area. Interarea routes are advertied.

Totally Stubby Area

  • Neither External nor Interarea routes are advertised into a Totally Stubby area.

Now, let's say something more about Not-So-Stuby-Area (NSSA) types and configure those two types on our routers.

Not-So-Stubby-Area

ABRs do not advertise External Routes into a NSSA (Not-So-Stubby-Area). Interarea routes are advertised normally, so in that regard NSSA areas are similar to stub areas, with one important exception: NSSA Areas allow redistribution of External routes.

This all might be a little confusing, so let's see a picture:

So, a router can redistribute External routes (EIGRP for example) into the area and become an ASBR. ASBR creates a Type 7 LSA (Because Type 5 LSAs can't be advertised into Stubby area) for redistributed subnets and floods into the NSSA area. That way routers inside a NSSA area learn External routes.

ABR that connects to the NSSA area then creates a Type 5 LSA for those subnets and advertises them into non-stubby area, so all routers know redistributed routes from NSSA area.

Totally Not-So-Stubby-Area

Same as NSSA Areas, Totally NSSA Areas allow redistribution of External routes, meaning an ASBR can redistribute External routes into the area. However, ABRs that connect to the area don't advertise External or Interarea into the area.

Enough talk, let's do some examples where we can configure NSSA and Totally NSSA area.

Topology & Configuration

We'll use the following topology:

First we'll do a basic interface configuration and get OSPF working.

Basic interface and OSPF Configuration

The picture should be very clear, but let's summarize the info one more time:

  1. Inside Area 0, ABR1 and ABR2 are both connected to the 192.168.0.0/24 network
  2. Inside Area 1, R7 is connected to the 192.168.1.0/24 network
  3. EIGRP router is connected to 10.1.1.0/24 network
  4. All networks between other routers begin with 172.16, meaning network between ASBR and EIGRP router is 172.16.0.0/30, network between ASBR and ABR1 is 172.16.0.4/30. ABR2 and R7 are connected with the 172.16.0.8/30 network.

Let's start with basic interface OSPF and EIGRP configuration. We'll start from the left, meaning EIGRP router is up first:

EIGRP router

interface Loopback0
 ip address 22.22.22.22 255.255.255.255
!
interface FastEthernet0/0
 ip address 172.16.0.1 255.255.255.252
!
interface FastEthernet1/0
 ip address 10.1.1.1 255.255.255.0
!
router eigrp 1
 network 10.1.1.0 0.0.0.255
 network 172.16.0.0 0.0.0.3
 no auto-summary
!

That was easy, wasn't it? We created a Loopback Interface for EIGRP Router ID, configured Fast Ethernet Interfaces with addresses and enabled EIGRP on our router's interfaces via network command.

Let's do same basic configuration on ASBR:

ASBR router

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 172.16.0.5 255.255.255.252
 ip ospf 1 area 2
!
interface FastEthernet1/0
 ip address 172.16.0.2 255.255.255.252
!
router eigrp 1
 network 172.16.0.0 0.0.0.3
 no auto-summary
!

This configuration is also pretty simple. In addition to configuring interface addresses EIGRP has been enabled on Fast Ethernet 1/0 interface, so EIGRP neighborship between ASBR and EIGRP has been established.

Also OSPF has been enabled on Fast Ethernet 0/0 Interface. For now we only put the interface into Area 2 and later we'll configure Area 2 as NSSA Area. Now, let's continue with our configuration.

ABR1 basic configuration

interface Loopback0
 ip address 10.10.10.10 255.255.255.255
!
interface FastEthernet0/0
 ip address 172.16.0.6 255.255.255.252
 ip ospf 1 area 2
!
interface FastEthernet1/0
 ip address 192.168.0.1 255.255.255.0
 ip ospf 1 area 0
!

This is a simple configuration. Interface addresses have been configured and OSPF is enabled on both Interfaces. Interface Fast Ethernet 0/0 has been placed into Area 2, while interface Fast Ethernet 1/0 is in Area 0.

ABR2 basic configuration

interface Loopback0
 ip address 12.12.12.12 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.50 255.255.255.0
 ip ospf 1 area 0
!
interface FastEthernet1/0
 ip address 172.16.0.9 255.255.255.252
 ip ospf 1 area 1
!

Same deal, OSPF enabled on interfaces. FA 0/0 is in Area 0, FA 1/0 in Area 1.

R7 Configuration

This will basically be the same as all others:

interface Loopback0
 ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet0/0
 ip address 172.16.0.10 255.255.255.252
 ip ospf 1 area 1
!
interface FastEthernet1/0
 ip address 192.168.1.1 255.255.255.0
 ip ospf 1 area 1
!

OK, we're done with the basic configuration. Now let's verify the OSPF and EIGRP operation and ensure everything's cool for the next part of our plan. :)

Verifying the configuration

First, let's check the routing table on ASBR. Remember, we didn't make AREA 2 stubby (NSSA) yet, so ASBR should have routes from both Areas 0 and 1 and no default route. Those routes are for networks 192.168.0.0/24 and 192.168.1.0/24.

Also, ASBR should have a EIGRP route for the 10.1.1.0/24 network:

ASBR#show ip route
 
!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is not set
 
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.8 [110/3] via 172.16.0.6, 00:00:17, FastEthernet0/0
C       172.16.0.4 is directly connected, FastEthernet0/0
C       172.16.0.0 is directly connected, FastEthernet1/0
     10.0.0.0/24 is subnetted, 1 subnets
D       10.1.1.0 [90/30720] via 172.16.0.1, 00:00:53, FastEthernet1/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.6, 00:00:17, FastEthernet0/0
O IA 192.168.1.0/24 [110/4] via 172.16.0.6, 00:00:19, FastEthernet0/0
 
ASBR#show ip ospf database
 
            OSPF Router with ID (2.2.2.2) (Process ID 1)
 
                Router Link States (Area 2)
 
Link ID         ADV Router      Age         Seq#       Checksum Link count
2.2.2.2         2.2.2.2         671         0x80000002 0x003964 1
10.10.10.10     10.10.10.10     672         0x80000002 0x00E773 1
 
                Net Link States (Area 2)
 
Link ID         ADV Router      Age         Seq#       Checksum
172.16.0.6      10.10.10.10     672         0x80000001 0x0058C9
 
                Summary Net Link States (Area 2)
 
Link ID         ADV Router      Age         Seq#       Checksum
172.16.0.8      10.10.10.10     657         0x80000001 0x0088C8
192.168.0.0     10.10.10.10     707         0x80000001 0x00B4F5
192.168.1.0     10.10.10.10     657         0x80000001 0x00BDE9

As you can see, ASBR router still has OSPF Interarea routes for networks. It also has a EIGRP route for network 10.1.1.0/24.

Let's see what R7 knows:

R7#show ip route
 
!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is not set
 
     172.16.0.0/30 is subnetted, 2 subnets
C       172.16.0.8 is directly connected, FastEthernet0/0
O IA    172.16.0.4 [110/3] via 172.16.0.9, 00:04:51, FastEthernet0/0
     7.0.0.0/32 is subnetted, 1 subnets
C       7.7.7.7 is directly connected, Loopback0
O IA 192.168.0.0/24 [110/2] via 172.16.0.9, 00:12:11, FastEthernet0/0
C    192.168.1.0/24 is directly connected, FastEthernet1/0

R7 also knows Interarea routes, as it should. But, because EIGRP has not been redistributed into OSPF yet, R7 doesn't know about 10.1.1.0/24 network.

Route redistribution

After redistributing EIGRP into OSPF all the routers should know about EIGRP routes, so let's do that.

ASBR#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASBR(config)#router ospf 1
ASBR(config-router)#redistribute eigrp 1 subnets

Let's verify the redistribution has taken place:

ASBR#show ip ospf database | begin AS Ext
                Type-5 AS External Link States
 
Link ID         ADV Router      Age         Seq#       Checksum Tag
10.1.1.0        2.2.2.2         102         0x80000001 0x00127A 0
172.16.0.0      2.2.2.2         102         0x80000001 0x0014CA 0

Redistributing from OSPF to EIGRP:

ASBR#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASBR(config)#router eigrp 1
ASBR(config-router)#redistribute ospf 1
ASBR(config-router)#default-metric ?
  <1-4294967295>  Bandwidth in Kbits per second
 
ASBR(config-router)#default-metric 1500 ?
  <0-4294967295>  Delay metric, in 10 microsecond units
 
ASBR(config-router)#default-metric 1500 50 ?
  <0-255>  Reliability metric where 255 is 100% reliable
 
ASBR(config-router)#default-metric 1500 50 255 ?
  <1-255>  Effective bandwidth metric (Loading) where 255 is 100% loaded
 
ASBR(config-router)#default-metric 1500 50 255 1 ?
  <1-65535>  Maximum Transmission Unit metric of the path
 
ASBR(config-router)#default-metric 1500 50 255 1 1500

EIGRP Topology:

ASBR#show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(2.2.2.2)
 
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
 
P 10.1.1.0/24, 1 successors, FD is 30720
        via 172.16.0.1 (30720/28160), FastEthernet1/0
P 192.168.0.0/24, 1 successors, FD is 1719296
        via Redistributed (1719296/0)
P 192.168.1.0/24, 1 successors, FD is 1719296
        via Redistributed (1719296/0)
P 172.16.0.8/30, 1 successors, FD is 1719296
        via Redistributed (1719296/0)
P 172.16.0.4/30, 1 successors, FD is 1719296
        via Redistributed (1719296/0)
P 172.16.0.0/30, 1 successors, FD is 28160
        via Connected, FastEthernet1/0

So, ASBR has redistributed OSPF into EIGRP and as a result EIGRP router now knows OSPF routes:

EIGRP#show ip route eigrp
     172.16.0.0/30 is subnetted, 3 subnets
D EX    172.16.0.8 [170/1721856] via 172.16.0.2, 00:03:41, FastEthernet0/0
D EX    172.16.0.4 [170/1721856] via 172.16.0.2, 00:03:41, FastEthernet0/0
D EX 192.168.0.0/24 [170/1721856] via 172.16.0.2, 00:03:41, FastEthernet0/0
D EX 192.168.1.0/24 [170/1721856] via 172.16.0.2, 00:03:41, FastEthernet0/0

Also, R7 knows about the 10.1.1.0/24 and 172.16.0.0/30 networks:

R7#show ip route ospf
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.4 [110/3] via 172.16.0.9, 00:24:39, FastEthernet0/0
O E2    172.16.0.0 [110/20] via 172.16.0.9, 00:09:53, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
O E2    10.1.1.0 [110/20] via 172.16.0.9, 00:09:53, FastEthernet0/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.9, 00:25:17, FastEthernet0/0

OK, now let's see what happens on ASBR when we make Area 2 a NSSA Area.

Configuring a NSSA Area

First, let's configure ASBR:

ASBR#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASBR(config)#router ospf 1
ASBR(config-router)#area 2 nssa
ASBR(config-router)#
*Mar  1 00:29:27.187: %OSPF-5-ADJCHG: Process 1, Nbr 10.10.10.10 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

Remember, we need to do the same thing on ABR1:

*Mar  1 00:31:47.987: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
ABR1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ABR1(config)#router ospf 1
ABR1(config-router)#area 2 nssa
ABR1(config-router)#
*Mar  1 00:32:18.935: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthernet0/0 from LOADING to FULL, Loading Done

OK, now Area 2 is a Not-So-Stubby-Area. Let's observe the effects:

ABR1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
 
Gateway of last resort is not set
 
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.8 [110/2] via 192.168.0.50, 00:01:59, FastEthernet1/0
C       172.16.0.4 is directly connected, FastEthernet0/0
O N2    172.16.0.0 [110/20] via 172.16.0.5, 00:01:59, FastEthernet0/0
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.10.10.10/32 is directly connected, Loopback0
O N2    10.1.1.0/24 [110/20] via 172.16.0.5, 00:01:59, FastEthernet0/0
C    192.168.0.0/24 is directly connected, FastEthernet1/0
O IA 192.168.1.0/24 [110/3] via 192.168.0.50, 00:02:08, FastEthernet1/0

Almost the same as before, ASBR is able to advertise EIGRP subnets to the ABR1, because Area 2 is Not-So-Stubby-Area and unlike Stub and Totally Stubby Areas NSSA allows redistribution.

ABR1 creates Type 5 Summary LSAs for networks advertised and floods them into Area 0.

Note that nothing has changed on ASBR, because Interarea routes are redistributed into a NSSA area.

ASBR#sh ip route ospf
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.8 [110/3] via 172.16.0.6, 00:00:09, FastEthernet0/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.6, 00:00:09, FastEthernet0/0
O IA 192.168.1.0/24 [110/4] via 172.16.0.6, 00:00:09, FastEthernet0/0

If we redistributed (for example) Connected routes into OSPF on ABR1, ABR1 would advertise it into Area 2 via a Type 7 LSA which are allowed inside a NSSA Area.

Also, take note that with default settings no default route is advertised into a NSSA area, so if R7 would redistribute Connected routes into OSPF, ABR1 wouldn't advertise them or default route into the NSSA area, meaning with default settings ASBR could not reach External routes redistributed into Area 1.

Advertise a default route into NSSA Area

So, ABR doesn't advertise a default route into a NSSA Area. But why? Well, simplified explanation would be: Because there might be other ways out of the NSSA Area. For example, the way out from NSSA Area to External networks could be from Redistributing router (in our case one named EIGRP). So, ABR generates default route only when asked:

ABR1(config)#router ospf 1
ABR1(config-router)#area 2 nssa ?
  default-information-originate  Originate Type 7 default into NSSA area
  no-redistribution              No redistribution into this NSSA area
  no-summary                     Do not send summary LSA into NSSA
  translate                      Translate LSA
  <cr>
 
ABR1(config-router)#area 2 nssa default-information-originate

And the results inside NSSA Area 2:

ASBR#show ip route
 
!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is 172.16.0.6 to network 0.0.0.0
 
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.8 [110/3] via 172.16.0.6, 00:02:19, FastEthernet0/0
C       172.16.0.4 is directly connected, FastEthernet0/0
C       172.16.0.0 is directly connected, FastEthernet1/0
     10.0.0.0/24 is subnetted, 1 subnets
D       10.1.1.0 [90/30720] via 172.16.0.1, 00:05:55, FastEthernet1/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.6, 00:02:19, FastEthernet0/0
O IA 192.168.1.0/24 [110/4] via 172.16.0.6, 00:02:20, FastEthernet0/0
O*N2 0.0.0.0/0 [110/1] via 172.16.0.6, 00:00:25, FastEthernet0/0

Totally NSSA

Let's see what happens when we make Area 2 Totally Not-So-Stubby-Area. To do that we simply need to add the "no-summary" keyword to ABR1's configuration:

ABR1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ABR1(config)#router ospf 1
ABR1(config-router)#area 2 nssa no-summary

Before making Area 2 Totally NSSA:

ASBR#sh ip route
 
!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is not set
 
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.8 [110/3] via 172.16.0.6, 00:00:11, FastEthernet0/0
C       172.16.0.4 is directly connected, FastEthernet0/0
C       172.16.0.0 is directly connected, FastEthernet1/0
     10.0.0.0/24 is subnetted, 1 subnets
D       10.1.1.0 [90/30720] via 172.16.0.1, 00:39:57, FastEthernet1/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.6, 00:00:11, FastEthernet0/0
O IA 192.168.1.0/24 [110/4] via 172.16.0.6, 00:00:20, FastEthernet0/0

Effects of making Area 2 Totally NSSA:

ASBR#sh ip route
 
!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is 172.16.0.6 to network 0.0.0.0
 
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     172.16.0.0/30 is subnetted, 2 subnets
C       172.16.0.4 is directly connected, FastEthernet0/0
C       172.16.0.0 is directly connected, FastEthernet1/0
     10.0.0.0/24 is subnetted, 1 subnets
D       10.1.1.0 [90/30720] via 172.16.0.1, 00:41:49, FastEthernet1/0
O*IA 0.0.0.0/0 [110/2] via 172.16.0.6, 00:00:17, FastEthernet0/0

What's happening on other routers?

Nothing has changed outside NSSA Area 2. Areas 0 and 1 still know about EIGRP routes:

R7#show ip route ospf
     172.16.0.0/30 is subnetted, 3 subnets
O IA    172.16.0.4 [110/3] via 172.16.0.9, 00:22:44, FastEthernet0/0
O E2    172.16.0.0 [110/20] via 172.16.0.9, 00:22:39, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
O E2    10.1.1.0 [110/20] via 172.16.0.9, 00:22:39, FastEthernet0/0
O IA 192.168.0.0/24 [110/2] via 172.16.0.9, 00:47:06, FastEthernet0/0
 
R7#show ip ospf database | begin AS Ex
                Type-5 AS External Link States
 
Link ID         ADV Router      Age         Seq#       Checksum Tag
10.1.1.0        10.10.10.10     1563        0x80000001 0x009317 0
172.16.0.0      10.10.10.10     1563        0x80000001 0x009567 0

There you have it. It does work.

The Conclusion

Stub, Totally Stubby, NSSA and Totally NSSA Areas enable us to have parts of the network that should not be responsible for forwarding packets between the areas.

With NSSA and Totally NSSA we have areas that can have an ASBR advertising external routes into the area. Area Border Routers (ABR) then creates a Type 5 LSA for those networks, so routes from NSSA Areas can be advertised through the network.

Thanks for visiting this site, I hope this article has been somewhat useful to you. Writing it certainly has been useful to me: Repetitio Est Mater Studiorum. :) Until next time, I wish you all the best!

Comments are closed