This post represents the solution and explanation for quiz-5.
Have a look at the quiz to understand the problem.
Quiz Explained
At first look, the quiz seemed tricky because of the OSPFv3/IPv6, but in reality the same problem may affect OSPFv2 in the same manner. I used IPv6 intentionally to give the impression that the problem is related to OSPFv3 only.
As most of you already indicated in the Comments section, the junior engineer did make a mistake: he put/left the Vlan102 interface in area 0.0.0.0 (clearly shown in the output of command show ipv6 ospf int br
). As a result
You may think: "
We all know that the motivation of having an NSSA is to allow external routes (learned from different routing domains) into that area and they will be carried as Type-7 LSA.
NOTES
|
As specified in RFC 1587, there are some bits in the Options field that are important in our context:
|
Have a look at the picture below:
On the left-hand side, the ABR-1 and ABR-2 (COREs in our quiz) originate type-7 default route and they
On the right-hand side, the ASBR (connected to other routing domains) will send the external prefixes as type-7 LSAs with the P-bit set. These LSAs will be translated into type-5 LSAs on both ABRs.
Let's have a look at OSPF's database on our Dist-2:
Dist-2#sh ipv ospf database ... Type-7 AS External Link States (Area 192.168.1.0) ADV Router Age Seq# Prefix 192.168.255.1 231 0x80000001::/0 192.168.255.2 220 0x80000001::/0 ... Dist-2#sh ipv ospf database nssa-external OSPFv3 Router with ID (192.168.255.4) (Process ID 1) Type-7 AS External Link States (Area 192.168.1.0) LS age: 263 LS Type: AS External Link Link State ID: 1Advertising Router: 192.168.255.1 LS Seq Number: 80000001 Checksum: 0x6565 Length: 28Prefix Address: :: Prefix Length: 0,Options: None Metric Type: 2 (Larger than any link state path) Metric: 1 LS age: 252 LS Type: AS External Link Link State ID: 1Advertising Router: 192.168.255.2 LS Seq Number: 80000001 Checksum: 0x5F6A Length: 28Prefix Address: :: Prefix Length: 0,Options: None Metric Type: 2 (Larger than any link state path) Metric: 1 Dist-2#sh ipv route ::/0 % Route not found
As you can see, Dist-2 knows the two default injected by cores in the OSPF database, but does not put them into the routing table -
Solution
Now, let's fix the mistake ( configure area 192.168.1.0 on Vlan102 interface) and check again:
Dist-2(config)#int vlan 102 Dist-2(config-if)#ipv6 ospf 1 area 192.168.1.0 Dist-2(config-if)#end Dist-2# Dist-2#sh ipv route ::/0 ...ON2 ::/0 [110/1] via FE80::C001:1CFF:FE3C:10,FastEthernet0/1 via FE80::C000:1CFF:FE3C:10,FastEthernet0/0 Dist-2#
Dist-2#sh ipv osp int br Interface PID Area Intf ID Cost State Nbrs F/CVl102 1 192.168.1.0 30 1 DR 0/0 Vl201 1 192.168.1.0 35 1 DR 0/0 Vl200 1 192.168.1.0 34 1 DR 0/0 Vl105 1 192.168.1.0 33 1 DR 0/0 Vl104 1 192.168.1.0 32 1 DR 0/0 Vl103 1 192.168.1.0 31 1 DR 0/0 Vl101 1 192.168.1.0 29 1 DR 0/0 Vl100 1 192.168.1.0 28 1 DR 0/0 Fa0/1 1 192.168.1.0 5 1 DR 1/1 Fa0/0 1 192.168.1.0 4 1 DR 1/1 Lo0 1 192.168.1.0 27 1 LOOP 0/0
Voila!... DIST-2 is not an ABR anymore - it's an internal OSPF router with all interfaces in NSSA area 192.168.1.0, so it accepts the default routes from ABRs (the core).
Interesting enough, if you have a look again at the OSPF database:
Dist-2#sh ipv ospf database nssa-external OSPFv3 Router with ID (192.168.255.4) (Process ID 1) Type-7 AS External Link States (Area 192.168.1.0)Routing Bit Set on this LSA LS age: 543 LS Type: AS External Link Link State ID: 1 Advertising Router: 192.168.255.1 LS Seq Number: 80000001 Checksum: 0x6565 Length: 28 Prefix Address: :: Prefix Length: 0,Options: None Metric Type: 2 (Larger than any link state path) Metric: 1Routing Bit Set on this LSA LS age: 532 LS Type: AS External Link Link State ID: 1 Advertising Router: 192.168.255.2 LS Seq Number: 80000001 Checksum: 0x5F6A Length: 28 Prefix Address: :: Prefix Length: 0,Options: None Metric Type: 2 (Larger than any link state path) Metric: 1
you'll notice the additional information Routing Bit Set on this LSA
In the end, let's have a look how a type-7 LSA with P-bit SET looks like: suppose ASBR (Dist-1 in our case) redistributes the external prefix 2003:1:1:1::/64
Dist-2#sh ipv route 2003:1:1:1::/64 ...ON2 2003:1:1:1::/64 [110/20] via FE80::C001:1CFF:FE3C:10, FastEthernet0/1 via FE80::C000:1CFF:FE3C:10, FastEthernet0/0 Dist-2# Dist-2#sh ipv ospf database nssa-external ...Routing Bit Set on this LSA LS age: 42 LS Type: AS External Link Link State ID: 2Advertising Router: 192.168.255.3 LS Seq Number: 80000001 Checksum: 0x89B4 Length: 36Prefix Address: 2003:1:1:1:: Prefix Length: 64,Options: P Metric Type: 2 (Larger than any link state path) Metric: 20
As you can see, this type-7 LSA will be flooded into entire NSSA area and it has the P-bit set (also notice the "Routing Bit Set on this LSA").
Thanks everyone for your comments in the quiz !
Comments
comments powered by Disqus