Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Fri Oct 18, 2019 5:19 am


Username:
Subject:
Message body:
Enter your message here, it may contain no more than 60000 characters. 

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
Font size:
 
Font colour
Options:
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Disable BBCode
Disable smilies
Do not automatically parse URLs
Confirmation code
Confirmation code:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.
     

Topic review - Injecting a default route in an OSPF NSSA area from a Juniper device
Author Message
Post subject: Injecting a default route in an OSPF NSSA area from a Juniper device  |  Post Posted: Sun Mar 15, 2015 5:24 pm
OSPF not-so-stubby area is described in RFC 3101 (https://tools.ietf.org/html/rfc3101) and it’s main characteristics are that it does not accept OSPF external LSAs (Type 5) as a stubby area, but it allows injection of AS external prefixes, as a normal area. It makes use of Type 7 LSAs that get translated into Type 5 External LSAs by the ABR into the rest of the OSPF domain. Section 1.3 of the RFC describes NSSA areas better than I can ever try :).

A default route in an not-so-stubby OSPF area can result either from a Type 3 LSA or from a Type 7 LSA.

JunOS: How to inject a default route into an NSSA area with a Type - 3 Summary LSA


To inject a default route from a Juniper device which is an ABR into a not so stubby area, Junos needs to actually have “no-summaries” configured. This will prevent other Type 3 Summaries to go into the NSSA area with the exception of a “0.0.0.0” Summary. From the ABR:

Code:
@hub-vSRX1# show protocols ospf
area 0.0.0.1 {
    nssa {
        default-lsa {
            default-metric 1;
            metric-type 1;
        }
        no-summaries;
    }
    interface st0.0 {
        interface-type p2p;
    }
    interface st0.1 {
        interface-type p2p;
    }
}

and the result in OSPF database:
Code:
@spoke-vSRX2# run show ospf database

    OSPF database, Area 0.0.0.1
Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   172.16.255.1     172.16.255.1     0x80000097  1256  0x20 0x7cfe  72
Router  *172.16.255.2     172.16.255.2     0x800000a0  1256  0x20 0x6516  84
Summary  0.0.0.0          172.16.255.1     0x80000002   100  0x20 0x1768  28
NSSA    *8.0.0.0          172.16.255.2     0x80000038   811  0x28 0xf17a  36


See the default LSA is a Summary LSA.

JunOS: How to inject a default route into an NSSA area with a Type - 7 NSSA LSA


On the ABR:
Code:
admin@hub-vSRX1# set protocols ospf area 1 nssa default-lsa type-7

[edit]
admin@hub-vSRX1# commit
commit complete


And the result:
Code:
[edit]
admin@spoke-vSRX2# run show ospf database

    OSPF database, Area 0.0.0.1
Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   172.16.255.1     172.16.255.1     0x80000097  1311  0x20 0x7cfe  72
Router  *172.16.255.2     172.16.255.2     0x800000a0  1311  0x20 0x6516  84
Summary  0.0.0.0          172.16.255.1     0x80000002  3600  0x20 0x1768  28
NSSA     0.0.0.0          172.16.255.1     0x80000001     2  0x20 0xf083  36
NSSA    *8.0.0.0          172.16.255.2     0x80000038   866  0x28 0xf17a  36

The default Summary LSA gets aged out (age 3600) and a new default NSSA LSA is generated by the ABR.


To note here:
“no-summaries” disables Type 3 Summary LSAs the NSSA with the exception of default one. This turns the area practically into a NSSA totally stub area.
“Type-3” is default type for the default LSA into a NSSA area when "no-summaries" is set. If "no-summaries" is left out, it is injected as a Type-7.
The ABR needs an area 0 adjacency in order to inject a default route into the NSSA area.

Juniper official documentation: https://www.juniper.net/documentation/en_US/junos14.1/topics/topic-map/ospf-stub-and-not-so-stubby-areas.html.
Please comment.
Jump to:  
News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO