Wednesday, June 25, 2014

OSPF NSSA Route Optimization


Well if you like to design OSPF based networks, NSSA is one of key components that goes into it. Personally I don't prefer to include Stub Areas into the design unless I am very sure that it's not going to change since every now and than customers adds some sort of routing and mostly Static Routes into the network to make something work. Very good example would be proxies and firewalls. 

Now as per standard the Stub area doesn't allow you to redistribute. So adding NSSA into the design not only allow me take benefits of Stub based design by minimizing the LSDB size but still gives me flexibility of adding redistribution in future if requirement comes.

Now let me walk through different NSSA configuration options to you guys and show their effect on routing tables of NSSA Area Devices.

Here is the quick topology:





Let's start with basic NSSA configuration on R1 and see it's effect on R3's Routing table.

 R1#sh run | s r o
router ospf 1
 log-adjacency-changes
 area 1 nssa
 redistribute eigrp 100 subnets
 network 1.1.1.1 0.0.0.0 area 0
 network 11.11.11.11 0.0.0.0 area 1
 network 12.0.0.1 0.0.0.0 area 0
 network 13.0.0.1 0.0.0.0 area 1
R3#sh ip ro os
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/11] via 13.0.0.1, 00:01:07, FastEthernet0/1
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/21] via 13.0.0.1, 00:01:07, FastEthernet0/1
     4.0.0.0/32 is subnetted, 1 subnets
O N2    4.4.4.4 [110/20] via 13.0.0.1, 00:01:02, FastEthernet0/1
     11.0.0.0/32 is subnetted, 1 subnets
O       11.11.11.11 [110/11] via 13.0.0.1, 00:10:10, FastEthernet0/1
     12.0.0.0/24 is subnetted, 1 subnets
O IA    12.0.0.0 [110/20] via 13.0.0.1, 00:01:07, FastEthernet0/1
     14.0.0.0/24 is subnetted, 1 subnets
O N2    14.0.0.0 [110/20] via 13.0.0.1, 00:01:02, FastEthernet0/1
     150.0.0.0/32 is subnetted, 1 subnets
O N2    150.0.0.1 [110/20] via 13.0.0.1, 00:01:02, FastEthernet0/1


> Now Let's add our first tweak into the equation:

R1#sh run | s r o
router ospf 1
 log-adjacency-changes
 area 1 nssa no-summary
 redistribute eigrp 100 subnets
 network 1.1.1.1 0.0.0.0 area 0
 network 11.11.11.11 0.0.0.0 area 1
 network 12.0.0.1 0.0.0.0 area 0
 network 13.0.0.1 0.0.0.0 area 1


R3#sh ip ro os
     4.0.0.0/32 is subnetted, 1 subnets
O N2    4.4.4.4 [110/20] via 13.0.0.1, 00:00:17, FastEthernet0/1
     11.0.0.0/32 is subnetted, 1 subnets
O       11.11.11.11 [110/11] via 13.0.0.1, 00:11:10, FastEthernet0/1
     14.0.0.0/24 is subnetted, 1 subnets
O N2    14.0.0.0 [110/20] via 13.0.0.1, 00:00:17, FastEthernet0/1
     150.0.0.0/32 is subnetted, 1 subnets
O N2    150.0.0.1 [110/20] via 13.0.0.1, 00:00:17, FastEthernet0/1
O*IA 0.0.0.0/0 [110/11] via 13.0.0.1, 00:00:22, FastEthernet0/1 

 All Inter Area (IA) routes are replaced with single Inter Area Default Route.
> Now Let's add our Second tweak into the equation & remove First One:

R1(config)#router ospf 1
R1(config-router)#no area 1 nssa no-summary
R1(config-router)#area 1 nssa no-redistribution
R1(config-router)#end

 R3#sh ip ro os
     1.0.0.0/32 is subnetted, 1 subnets
O IA    1.1.1.1 [110/11] via 13.0.0.1, 00:00:22, FastEthernet0/1
     2.0.0.0/32 is subnetted, 1 subnets
O IA    2.2.2.2 [110/21] via 13.0.0.1, 00:00:22, FastEthernet0/1
     11.0.0.0/32 is subnetted, 1 subnets
      11.11.11.11 [110/11] via 13.0.0.1, 00:02:43, FastEthernet0/1
     12.0.0.0/24 is subnetted, 1 subnets
O IA    12.0.0.0 [110/20] via 13.0.0.1, 00:00:22, FastEthernet0/1

 With this tweak all my Inter Area (IA) routes are back but all my Redistributed/External Routes are gone.

 What if I want best of both words to optimize LSDB size ?

 R1(config)#router ospf 1
R1(config-router)#area 1 nssa no-redistribution no-summary
R1(config-router)#end

 R3#sh ip ro os
     11.0.0.0/32 is subnetted, 1 subnets
O       11.11.11.11 [110/11] via 13.0.0.1, 00:03:56, FastEthernet0/1
O*IA 0.0.0.0/0 [110/11] via 13.0.0.1, 00:00:14, FastEthernet0/1

 Now this looks really nice. But rule of thumb is that you should always verify end to end reachability. So let's verify that quickly:

 R3#ping 2.2.2.2 so lo0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/52 ms

R3#ping 4.4.4.4 so lo0  < Exists in EIGRP World

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/31/56 ms

 HTH...
Deepak Arora
Evil CCIE
Posted by at
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)