Skip navigation
Cisco Learning Home > CCIE Routing and Switching Study Group > Discussions
This Question is Answered
5747 Views 15 Replies Latest reply: Feb 21, 2011 2:14 AM by Billy RSS 1 2 Previous Next

Currently Being Moderated

OSPF - external route as next-hop question

Feb 11, 2011 8:39 AM

Sanjay 12 posts since
Nov 12, 2008

Hello all,

 

During my studies for the CCIE R&S, I have come across the statement "An OSPF external route cannot use another OSPF external route as its next hop."

 

I have setup a lab to view this in action, but I have found this statement to be false.  Here is my scenario (all network are 10.10.x.x):

 

R1 (10.1/24-area 0) -- (10.1/24-area 0) R2 (20.1/24-area 1) -- (20.2/24-area 1) R3 (30.1/24-no ospf ) -- (30.2/24-no ospf) R4 (40.1/24-no ospf)

 

R1:

network 10.10.10.0 0.0.0.255 area 0

 

R2:

network 10.10.10.0 0.0.0.255 area 0

network 10.10.20.0 0.0.0.255 area 1

 

R3:

network 10.10.20.0 0.0.0.255 area 1

redistribute connected subnets

redistribute static subnets

 

ip route 10.10.40.0 255.255.255.0 10.10.30.2

ip route 10.10.50.0 255.255.255.0 10.10.40.2

 

R4:

ip route 0.0.0.0 0.0.0.0 10.10.30.1

 

 

On R1 I can see routes to both 10.10.40.0 and 10.10.50.0, which according to that statement, I shouldn't see those route in the routing table.  The route to 10.10.40.0/24 has a next-hop 10.10.30.2 (10.10.30.0/24 is being redistributed via connected) and the route to 10.10.50.0/24 has a next-hop of 10.10.40.2 (10.10.40.0/24 is being redistributed via static).

 

I have even got rid of the redistribute connected and added "network 10.10.30.0 0.0.0.255 area 1" on R3, but I still get the 10.10.50.0/24 network showing on R1.

 

Am I missing something here (maybe this statement is only true under certain circumstances) or is this statement really not true???

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    1. Feb 11, 2011 9:19 AM (in response to Sanjay)
    Re: OSPF - external route as next-hop question

    You may have missed the point, slightly. OSPF router, as seen on R1, has next-hop of R3. Also, the rule applies to "forwarding-address". In your case, FA will be 0.0.0.0, meaning that next-hop will be ASBR.

     

    [Shameless plug]

     

    I wrote a series of articles on OSPF database and different LSAs. I think you may find them beneficial, especially the one dealing with types 7. Links are below.

     

    Quick Look Into OSPF Database: Router LSA

    Quick Look Into OSPF Database: Network LSA

    Quick Look Into OSPF Database: Summary LSA

    Quick Look Into OSPF Database: External and ASBR-Summary LSA

    Quick Look Into OSPF Database: NSSA External LSA

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    3. Feb 11, 2011 12:11 PM (in response to Sanjay)
    Re: OSPF - external route as next-hop question

    For example if you had a static route pointing to FA, or EIGRP route, or eBGP route, or OSPF route was filtered between areas and you happen to have external redistributed from another process... Plenty of situations when this can happen.

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    5. Feb 11, 2011 1:06 PM (in response to Sanjay)
    Re: OSPF - external route as next-hop question

    Sure thing. It will take me some time to prepare, as my rack is busy with another lab at the moment.

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    7. Feb 11, 2011 3:46 PM (in response to Sanjay)
    Re: OSPF - external route as next-hop question

    I had to modify your layout  little bit to use it in my rack. Here's the diagram.

     

    Diagram.png

     

    Here are the startup configurations, similar to what you proposed.

     

    R2:

    interface Serial0/1/0

    no ip address

    encapsulation frame-relay

    no frame-relay inverse-arp

    !

    interface Serial0/1/0.204 point-to-point

    ip address 10.10.10.1 255.255.255.0

    frame-relay interface-dlci 204  

    !

    router ospf 1

    log-adjacency-changes

    network 10.10.10.0 0.0.0.255 area 0

    !

     

    R4:

    interface Serial0/0/0

    no ip address

    encapsulation frame-relay

    no frame-relay inverse-arp

    !

    interface Serial0/0/0.402 point-to-point

    ip address 10.10.10.2 255.255.255.0

    frame-relay interface-dlci 402  

    !

    interface Serial0/0/0.405 point-to-point

    ip address 10.10.20.1 255.255.255.0

    frame-relay interface-dlci 405  

    !

    router ospf 1

    network 10.10.10.0 0.0.0.255 area 0

    network 10.10.20.0 0.0.0.255 area 1

    !

     

    R5:

    interface Serial0/1/0

    no ip address

    encapsulation frame-relay

    no frame-relay inverse-arp

    !

    interface Serial0/1/0.504 point-to-point

    ip address 10.10.20.2 255.255.255.0

    frame-relay interface-dlci 504  

    !

    interface Serial0/1/0.506 point-to-point

    ip address 10.10.30.1 255.255.255.0

    frame-relay interface-dlci 506  

    !

    router ospf 1

    redistribute connected subnets

    redistribute static subnets

    network 10.10.20.0 0.0.0.255 area 1

    !

    ip route 10.10.40.0 255.255.255.0 10.10.30.2

    ip route 10.10.50.0 255.255.255.0 10.10.40.2

     

     

    R6:

    interface Serial0/1/0

    no ip address

    encapsulation frame-relay

    no frame-relay inverse-arp

    !

    interface Serial0/1/0.605 point-to-point

    ip address 10.10.30.2 255.255.255.0

    frame-relay interface-dlci 605  

    !

    ip route 0.0.0.0 0.0.0.0 10.10.30.1

     

     

    Now, let's examine what we see on R4 to begin with.

     

    R4:

    R4#show ip route ospf

         10.0.0.0/24 is subnetted, 5 subnets

    O E2    10.10.30.0 [110/20] via 10.10.20.2, 00:19:02, Serial0/0/0.405

    O E2    10.10.40.0 [110/20] via 10.10.20.2, 00:18:39, Serial0/0/0.405

    O E2    10.10.50.0 [110/20] via 10.10.20.2, 00:18:39, Serial0/0/0.405

     

    Note the next hop information - regardless of what was the next-hop on R5, it's actually the address of R6 (ASBR). If we examine the same thing on R2:

     

    R2:

    R2#show ip route ospf

         10.0.0.0/24 is subnetted, 5 subnets

    O IA    10.10.20.0 [110/128] via 10.10.10.2, 00:21:30, Serial0/1/0.204

    O E2    10.10.30.0 [110/20] via 10.10.10.2, 00:21:20, Serial0/1/0.204

    O E2    10.10.40.0 [110/20] via 10.10.10.2, 00:20:58, Serial0/1/0.204

    O E2    10.10.50.0 [110/20] via 10.10.10.2, 00:20:58, Serial0/1/0.204

     

    We can see that the next-hop is the address of R2 (ABR). Let's dive into the database on R2.

     

    R2:

    R2#show ip ospf database external 10.10.30.0

     

     

                OSPF Router with ID (10.10.10.1) (Process ID 1)

     

     

                    Type-5 AS External Link States

     

     

      Routing Bit Set on this LSA

      LS age: 1374

      Options: (No TOS-capability, DC)

      LS Type: AS External Link

      Link State ID: 10.10.30.0 (External Network Number )

      Advertising Router: 10.10.30.1

      LS Seq Number: 80000001

      Checksum: 0x1E1D

      Length: 36

      Network Mask: /24

            Metric Type: 2 (Larger than any link state path)

            TOS: 0

            Metric: 20

            Forward Address: 0.0.0.0

            External Route Tag: 0

     

    We can see that "Forward Address" is zero, hence us using the ABR as the gateway and not FA. Note that this LSA is originated by R5. To resolve the router-id of it, we need type 4.

     

    R2:

    R2#show ip ospf database asbr-summary

     

     

                OSPF Router with ID (10.10.10.1) (Process ID 1)

     

     

                    Summary ASB Link States (Area 0)

     

     

      Routing Bit Set on this LSA

      LS age: 1494

      Options: (No TOS-capability, DC, Upward)

      LS Type: Summary Links(AS Boundary Router)

      Link State ID: 10.10.30.1 (AS Boundary Router address)

      Advertising Router: 10.10.20.1

      LS Seq Number: 80000001

      Checksum: 0x702F

      Length: 28

      Network Mask: /0

            TOS: 0  Metric: 64

     

    Let's now change area 1 to be NSSA to see what will change.

     

    R4 and R5:

    router ospf 1

    area 1 nssa

    !

     

    R2:

    R2#show ip route ospf

         10.0.0.0/24 is subnetted, 5 subnets

    O IA    10.10.20.0 [110/128] via 10.10.10.2, 00:26:21, Serial0/1/0.204

    O E2    10.10.30.0 [110/20] via 10.10.10.2, 00:00:13, Serial0/1/0.204

    O E2    10.10.40.0 [110/20] via 10.10.10.2, 00:00:13, Serial0/1/0.204

    O E2    10.10.50.0 [110/20] via 10.10.10.2, 00:00:13, Serial0/1/0.204

     

    t first glance - nothing. Let's take a look at the database.

     

    R2:

    R2#show ip ospf database external 10.10.30.0

     

     

                OSPF Router with ID (10.10.10.1) (Process ID 1)

     

     

                    Type-5 AS External Link States

     

     

      Routing Bit Set on this LSA

      LS age: 63

      Options: (No TOS-capability, DC)

      LS Type: AS External Link

      Link State ID: 10.10.30.0 (External Network Number )

      Advertising Router: 10.10.20.1

      LS Seq Number: 80000001

      Checksum: 0x6CAE

      Length: 36

      Network Mask: /24

            Metric Type: 2 (Larger than any link state path)

            TOS: 0

            Metric: 20

            Forward Address: 10.10.20.2

            External Route Tag: 0

     

    We now have non-zero FA. Let me add a static route to it, pointing the same way where the OSPF route for it is.

     

    R2:

    R2#show ip route 10.10.20.2

    Routing entry for 10.10.20.0/24

      Known via "ospf 1", distance 110, metric 128, type inter area

      Last update from 10.10.10.2 on Serial0/1/0.204, 00:28:17 ago

      Routing Descriptor Blocks:

      * 10.10.10.2, from 10.10.20.1, 00:28:17 ago, via Serial0/1/0.204

          Route metric is 128, traffic share count is 1

     

    R2#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    R2(config)#ip route 10.10.20.0 255.255.255.0 10.10.10.2

    R2(config)#^C

    R2#show ip route 10.10.20.2

    Routing entry for 10.10.20.0/24

      Known via "static", distance 1, metric 0

      Routing Descriptor Blocks:

      * 10.10.10.2

          Route metric is 0, traffic share count is 1

     

    Now, you will agree that this looks... pretty much the same, except we now have static route, don't we? Let's look at our OSPF routing table.

     

    R2:

    R2#show ip route ospf


     

    Yup - absolutely nothing! What happened here? The answer is - FA is now reachable via external route and not as internal (intra- or inter-area) OSPF route and is causing all LSAs that use it not to be considered for routing. If I remove FA, routes will pop right back in.

     

    R4:

    router ospf 1

    area 1 nssa translate type7 suppress-fa

    !

     

    R2:

    R2#show ip ospf database external 10.10.30.0

     

     

                OSPF Router with ID (10.10.10.1) (Process ID 1)

     

     

                    Type-5 AS External Link States

     

     

      Routing Bit Set on this LSA

      LS age: 27

      Options: (No TOS-capability, DC)

      LS Type: AS External Link

      Link State ID: 10.10.30.0 (External Network Number )

      Advertising Router: 10.10.20.1

      LS Seq Number: 80000002

      Checksum: 0x62E1

      Length: 36

      Network Mask: /24

            Metric Type: 2 (Larger than any link state path)

            TOS: 0

            Metric: 20

            Forward Address: 0.0.0.0

            External Route Tag: 0


    R2#show ip route ospf                      

         10.0.0.0/24 is subnetted, 5 subnets

    O E2    10.10.30.0 [110/20] via 10.10.10.2, 00:00:18, Serial0/1/0.204

    O E2    10.10.40.0 [110/20] via 10.10.10.2, 00:00:18, Serial0/1/0.204

    O E2    10.10.50.0 [110/20] via 10.10.10.2, 00:00:18, Serial0/1/0.204

     

    More clear now?

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Nice explanation.  You should copy and paste that into a document so that others can access it from "Your Documents area in your profile. 

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    9. Feb 11, 2011 3:57 PM (in response to Erick)
    Re: OSPF - external route as next-hop question

    Not at all bad idea. I never made a document on CLN, but I guess there's 1st for everything.

     

    OSPF - Woes of Forward Address

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Very cool!  It's a nice resource for people who visit your profile.

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    12. Feb 11, 2011 7:06 PM (in response to Sanjay)
    Re: OSPF - external route as next-hop question

    There is no such requirement, that I'm aware of (it is late here, my awareness may be fading). However, if E1/E2/N1/N2 route was to be used for FA, it would have failed in the same fashion as I demonstrated above.

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Scott Morris - CCDE/4xCCIE/2xJNCIE 8,396 posts since
    Oct 7, 2008

    Likely coming from:

     

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009481a.shtml#r6

     

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009405a.shtml

     

    At least one of which deals with a bug case...  but anyway, my brain is fading from cold meds, so I'm not even going to think about labbing this one tonight! 

     

    Scott

  • Marko Milivojevic 800 posts since
    Jun 26, 2008

    They both talk about FA, which I believe we covered in the thread. :-)

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)