Injecting a default route in an OSPF NSSA area from a Juniper device

OSPF not-so-stubby area is described in RFC 3101 (https://tools.ietf.org/html/rfc3101) and it’s main characteristics are that it does not accept OSPF external LSAs (Type 5) as a stubby area, but it allows injection of AS external prefixes, as a normal area. It makes use of Type 7 LSAs that get translated into Type 5 External LSAs by the ABR into the rest of the OSPF domain. Section 1.3 of the RFC describes NSSA areas better than I can ever try

.

A default route in an not-so-stubby OSPF area can result either from a Type 3 LSA or from a Type 7 LSA.

JunOS: How to inject a default route into an NSSA area with a Type - 3 Summary LSA

To inject a default route from a Juniper device which is an ABR into a not so stubby area, Junos needs to actually have “no-summaries” configured. This will prevent other Type 3 Summaries to go into the NSSA area with the exception of a “0.0.0.0” Summary. From the ABR:

Code:

@hub-vSRX1# show protocols ospf
area 0.0.0.1 {
    nssa {
        default-lsa {
            default-metric 1;
            metric-type 1;
        }
        no-summaries;
    }
    interface st0.0 {
        interface-type p2p;
    }
    interface st0.1 {
        interface-type p2p;
    }
}

and the result in OSPF database:

Code:

@spoke-vSRX2# run show ospf database

    OSPF database, Area 0.0.0.1
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   172.16.255.1     172.16.255.1     0x80000097  1256  0x20 0x7cfe  72
Router  *172.16.255.2     172.16.255.2     0x800000a0  1256  0x20 0x6516  84
Summary  0.0.0.0          172.16.255.1     0x80000002   100  0x20 0x1768  28
NSSA    *8.0.0.0          172.16.255.2     0x80000038   811  0x28 0xf17a  36

See the default LSA is a Summary LSA.

JunOS: How to inject a default route into an NSSA area with a Type - 7 NSSA LSA

On the ABR:

Code:

admin@hub-vSRX1# set protocols ospf area 1 nssa default-lsa type-7

[edit]
admin@hub-vSRX1# commit
commit complete

And the result:

Code:

[edit]
admin@spoke-vSRX2# run show ospf database

    OSPF database, Area 0.0.0.1
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   172.16.255.1     172.16.255.1     0x80000097  1311  0x20 0x7cfe  72
Router  *172.16.255.2     172.16.255.2     0x800000a0  1311  0x20 0x6516  84
Summary  0.0.0.0          172.16.255.1     0x80000002  3600  0x20 0x1768  28
NSSA     0.0.0.0          172.16.255.1     0x80000001     2  0x20 0xf083  36
NSSA    *8.0.0.0          172.16.255.2     0x80000038   866  0x28 0xf17a  36

The default Summary LSA gets aged out (age 3600) and a new default NSSA LSA is generated by the ABR.

To note here:
“no-summaries” disables Type 3 Summary LSAs the NSSA with the exception of default one. This turns the area practically into a NSSA totally stub area.
“Type-3” is default type for the default LSA into a NSSA area when "no-summaries" is set. If "no-summaries" is left out, it is injected as a Type-7.
The ABR needs an area 0 adjacency in order to inject a default route into the NSSA area.

Juniper official documentation: https://www.juniper.net/documentation/en_US/junos14.1/topics/topic-map/ospf-stub-and-not-so-stubby-areas.html.
Please comment.

Topics related to - "Injecting a default route in an OSPF NSSA area from a Juniper device"

Topics

Author

Replies

Views

Last post

OSPF: Dangers of non-standard area design - Juniper way

Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides