Introduction
This document describes the concepts and the problem associated with the Open Shortest Path First (OSPF) forwarding address. Refer to Why Are Some OSPF Routes in the Database but Not the Routing Table? for more information about troubleshooting OSPF.
The problem explained in this document is only observable with Cisco IOS® Software releases earlier than 12.1(3). The behavior of redistribution has changed in Cisco IOS Software Release 12.1(3) and later. For more details, refer to Cisco bug IDCSCdp72526 (registered customers only) . This bug has the list of Cisco IOS Software releases affected and the fixed versions. Also refer to Redistributing Connected Networks into OSPF where the change in Cisco IOS behavior is explained.
Prerequisites
Requirements
Readers of this document should have knowledge of these topics:
- General IP routing.
- OSPF routing protocol concepts and terms.
Components Used
The information in this document is based on these software and hardware versions:
- Cisco 2503 routers
- Cisco IOS® Software Release 12.2(24a) running on all the routers
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
Description of OSPF Forwarding Address
The concept of the OSPF forwarding address was introduced to avoid extra hops when traffic is routed to an external autonomous system (AS), as shown in this figure.
In the figure, there are two routers in the OSPF domain that connect to the external domain. However, only Router 1 exchanges routing information with Router 100. Router 1 redistributes the information learned from Router 100 into OSPF and advertises the information to the rest of the OSPF domain. In doing this, Router 1 becomes the next hop (or forwarding address) for the information that it redistributes to the OSPF domain. When Router 2 receives a packet from the OSPF domain destined for an address in the external domain, it forwards the packet to Router 1. Router 1 then forwards it to Router 100. The forwarding address concept allows this extra hop to be avoided because it allows Router 1 to specify another router's IP address as the forwarding address. In thefigure, Router 1 can specify Router 100 as the forwarding address for external information that Router 1 redistributes into the OSPF domain. When Router 2 receives a packet from the OSPF domain destined for an address in the external domain, it forwards the packet to Router 100. The result is that the extra hop is avoided through Router 1.
The value of the forwarding address specified by the autonomous system boundary router (ASBR) (Router 1 in the previous figure) can be either 0.0.0.0 or non-zero. The 0.0.0.0 address indicates that the originating router (the ASBR) is the next hop. The forwarding address is determined by these conditions:
- The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes. This is true in the figure if Router 1 does not have OSPF enabled on the Ethernet interface.
- These conditions set the forwarding address field to a non-zero address:
- OSPF is enabled on the ASBR's next hop interface AND
- ASBR's next hop interface is non-passive under OSPF AND
- ASBR's next hop interface is not point-to-point AND
- ASBR's next hop interface is not point-to-multipoint AND
- ASBR's next hop interface address falls under the network range specified in the router ospf command.
- Any other conditions besides these set the forwarding address to 0.0.0.0.
For information on how the forwarding address is set and affects path selection refer to The Effects of the Forwarding Address on Type 5 LSA Path Selection.
Common OSPF Routing Problem Related to the Forwarding Address
The R2513 router, which only runs RIP (and may be connected to a RIP-only network), is added to the Token Ring network in thefigure. When the routes learned from R2513 are redistributed into OSPF by the ASBR (R2515), some of the routes are not installed into the routing table of some of the routers. The relevant configuration information of each of the routers is given in these tables.
| hostname R2504 |
|---|
interface Serial0
ip address 1.1.1.2 255.255.255.0
interface TokenRing0
ip address 3.3.4.2 255.255.255.0
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
network 3.0.0.0 0.255.255.255 area 1
area 1 range 3.0.0.0 255.0.0.0
|
| hostname R2507 |
|---|
interface Serial0
ip address 1.1.1.1 255.255.255.0
interface Serial1
ip address 7.7.7.1 255.255.255.0
router ospf 1
network 1.1.1.1 0.0.0.0 area 0
default- information originate metric 20
ip route 0.0.0.0 0.0.0.0 Serial1
|
| hostname R2513 |
|---|
interface TokenRing0
ip address 3.3.4.4 255.255.255.0
interface ethernet 0
ip address 200.1.1.4 255.255.255.0
router rip
network 3.0.0.0
network 200.1.1.0
|
| hostname R2515 |
|---|
interface TokenRing0
ip address 3.3.4.3 255.255.255.0
interface ethernet 0
ip address 3.44.66.3 255.255.255.0
interface ethernet 1
ip address 3.22.88.3 255.255.255.0
router ospf 1
redistribute rip metric 20 subnets
network 0.0.0.0 255.255.255.255 area 1
router rip
network 3.0.0.0
passive-interface ethernet 0
passive-interface ethernet 1
|
The configurations in the tables show that R2515 redistributes RIP into OSPF and that R2504 (the area border router [ABR]) creates a summarized network 3.0.0.0/8.
These are the routing tables for each of the OSPF enabled routers:
R2507# show ip route Gateway of last resort is 0.0.0.0 to network 0.0.0.0 1.0.0.0/ 24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Serial0 3.0.0.0/ 8 is variably subnetted, 4 subnets, 2 masks O IA 3.0.0.0/ 8 [110/ 70] via 1.1.1.2, 00: 15: 37, Serial0 O E2 3.3.4.0/ 24 [110/ 20] via 1.1.1.2, 00: 06: 37, Serial0 O E2 3.22.88.0/ 24 [110/ 20] via 1.1.1.2, 00: 06: 37, Serial0 O E2 3.44.66.0/ 24 [110/ 20] via 1.1.1.2, 00: 06: 37, Serial0 7.0.0.0/ 24 is subnetted, 1 subnets C 7.7.7.0 is directly connected, Serial1 S* 0.0.0.0/ 0 is directly connected, Serial1 R2504# show ip route Gateway of last resort is 1.1.1.1 to network 0.0.0.0 1.0.0.0/ 24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Serial0 3.0.0.0/ 8 is variably subnetted, 4 subnets, 2 masks S 3.0.0.0/ 8 is directly connected, Null0 C 3.3.4.0/ 24 is directly connected, TokenRing0 O 3.22.88.0/ 24 [110/ 11117] via 3.3.4.3, 00: 15: 16, TokenRing0 O 3.44.66.0/ 24 [110/ 11117] via 3.3.4.3, 00: 15: 16, TokenRing0 O E2 200.1.1.0/ 24 [110/ 20] via 3.3.4.4, 00: 06: 16, TokenRing0 O* E2 0.0.0.0/ 0 [110/ 20] via 1.1.1.1, 00: 15: 16, Serial0 R2515# show ip route Gateway of last resort is 3.3.4.2 to network 0.0.0.0 1.0.0.0/ 24 is subnetted, 1 subnets O IA 1.1.1.0 [110/ 70] via 3.3.4.2, 00: 10: 28, TokenRing0 3.0.0.0/ 24 is subnetted, 3 subnets C 3.3.4.0 is directly connected, TokenRing0 R 200.1.1.0/ 24 [120/ 1] via 3.3.4.4, 00: 00: 10, TokenRing0 O* E2 0.0.0.0/ 0 [110/ 20] via 3.3.4.2, 00: 10: 28, TokenRing0
Network Missing from the Routing Table
R2515 has a RIP (R) derived route for network 200.1.1.0/24. R2515 is the ASBR and redistributes the RIP protocol into OSPF. R2504 learns about network 200.1.1.0/24 from R2515 and installs it in its routing table as an OSPF external type 2 (E2) route. The problem is that R2507 does not have network 200.1.1.0/24 in its routing table.
R2507 has external routes for networks 3.3.4.0/24, 3.22.88.0/24 and 3.44.66.0/24, even though all of these networks should be included in the summary of 3.0.0.0/8.
The reason these external routes show up is that the ASBR, which redistributes RIP into OSPF, has RIP running on these three subnets. It therefore redistributes the subnets as external routes into OSPF. Since these subnets are external routes, they are not summarized by the ABR (R2504). External OSPF routes can only be summarized by the ASBR. In this case, R2515. The ABR summarizes only internal OSPF routes from area 1 into area 0.
Note: With the fix of Cisco bug ID CSCdp72526 (registered customers only) , OSPF does not generate a type-5 link-state advertisement (LSA) of an overlapped external network. R2507 only has a summary inter-area route of 3.0.0.0/8. Then, R2507 installs 200.1.1.0/24 as the forwarding address and it is reachable via inter-area route 3.0.0.0/8. This is in compliance with RFC 2328
.
.
This output shows the external LSA for network 200.1.1.0/24 in the OSPF database of R2507:
R2507# show ip ospf data external 200.1.1.0 OSPF Router with ID (7.7.7.1) (Process ID 1) Type- 5 AS External Link States LS age: 72 Options: (No TOS- capability, DC) LS Type: AS External Link Link State ID: 200.1.1.0 (External Network Number ) Advertising Router: 3.44.66.3 LS Seq Number: 80000001 Checksum: 0xF161 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 3.3.4.4 External Route Tag: 0
OSPF allows the ASBR to specify another router as the forwarding address to external routes. In this case, the ASBR (R2515) has specified 3.3.4.4 as the forwarding address for the external network 200.1.1.0.
RFC 2328 , section 16.4 (Calculating AS external routes), states:
, section 16.4 (Calculating AS external routes), states:
"If the forwarding address is non-zero, look up the forwarding address in the routing table. The matching routing table entry must specify an intra-area or inter-area path; if no such path exists, do nothing with the LSA and consider the next in the list."
In this example, the route to the forwarding address 3.3.4.4 is shown here:
R2507# show ip route 3.3.4.4 Routing entry for 3.3.4.0/ 24 Known via "ospf 1", distance 110, metric 20,type extern 2, forward metric 70 Redistributing via ospf 1 Last update from 1.1.1.2 on Serial0, 00: 00: 40 ago Routing Descriptor Blocks: * 1.1.1.2, from 3.44.66.3, 00: 00: 40 ago, via Serial0 Route metric is 20, traffic share count is 1
The forwarding address of 3.3.4.4 is matched by the external route 3.3.4.0/24 instead of the inter-area summary route 3.0.0.0/8 due to the longest match rule. Because the router does not have an internal OSPF route to the forwarding address, it does not install the external route 200.1.1.0/24 in the routing table. The use of an external route to reach another external route may lead to loops. Therefore OSPF does not permit it.
Do Not Summarize on the ABR
How can you ensure that the non-zero forwarding address exists in the routing table as an intra-area or inter-area route?
The first solution is not to summarize on the ABR.
The second solution is not to configure any LSA type 3 filtering. If type 3 routes are filtered, the Forwarding address that appears on the output of the show ip ospf database external command is not reachable. This makes the external network unreachable. In this case, R2504. This causes routers in area 0 to have inter-area routes (instead of external routes) for all the specific subnets in other areas.
Use these commands to remove the summarization on the ABR:
R2504(config)# router ospf 1 R2504(config- router)# no area 1 range 3.0.0.0 255.0.0.0
The results of this command in the routing table on R2507 are shown here:
R2507# show ip route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
1.0.0.0/ 24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Serial0
3.0.0.0/ 24 is subnetted, 3 subnets
O IA 3.3.4.0 [110/ 70] via 1.1.1.2, 00: 00: 48, Serial0
O IA 3.22.88.0 [110/ 80] via 1.1.1.2, 00: 00: 48, Serial0
O IA 3.44.66.0 [110/ 80] via 1.1.1.2, 00: 00: 48, Serial0
7.0.0.0/ 24 is subnetted, 1 subnets
C 7.7.7.0 is directly connected, Serial1
O E2 200.1.1.0/ 24 [110/ 20] via 1.1.1.2, 00: 00: 48, Serial0
S* 0.0.0.0/ 0 is directly connected, Serial1
R2507# show ip route 3.3.4.4
Routing entry for 3.3.4.0/24
Known via "ospf 1", distance 110, metric 70, type inter area
Last update from 1.1.1.2 on Serial1, 00:03:52 ago
Routing Descriptor Blocks:
* 1.1.1.2, from 3.3.4.2, 00:03:52 ago, via Serial1
Route metric is 74, traffic share count is 1
From the output, you can see that the address 3.3.4.4 is reachable through an inter-area route to the network 3.3.4.0/24 . The router R2507 learns the route to this network through both a Type-5 LSA and Type-3 LSA, after summarization on the ABR R2504 is removed. Since OSPF prefers an inter-area route over an external route to the same network, it installs it as an inter-area route. Sine R2507 now has an inter-area route to the forwarding address 3.3.4,4, the external network 200.1.1.0/24 is also installed in its routing table.
Note: If the NSSA ( Not So Stubby Area) is used and if the type 3 LSA filtering is done on NSSA ABR, then the same issue Forwarding Address unreachable will exist.
Prevent the Subnet from Being Redistributed into OSPF as an External Route
Another solution is to prevent the subnet 3.3.4.0 from being redistributed into OSPF as an external route, since OSPF runs on it. These configuration commands in the ASBR (R2515) create a route-map. This is used by the redistribute command to allow only network 200.1.1.0/24 to be redistributed into OSPF. The ABR (R2504) still summarizes internal OSPF routes from area 1 into area 0.
R2515# configure terminal R2515(config)# router ospf 1 R2515(config-router)# redistribute rip metric 20 subnets route-map rip_to_ospf_filter R2515(config-router)# exit R2515(config)# access-list 28 permit 200.1.1.0 0.0.0.255 R2515(config)# route-map rip_to_ospf_filter permit 10 R2515(config-route-map)# match ip address 28
The results of this command in the routing table on R2507 are shown here:
R2507# show ip route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
1.0.0.0/ 24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Serial0
O IA 3.0.0.0/ 8 [110/ 70] via 1.1.1.2, 00: 07: 05, Serial0
7.0.0.0/ 24 is subnetted, 1 subnets
C 7.7.7.0 is directly connected, Ethernet0
O E2 200.1.1.0/ 24 [110/ 20] via 1.1.1.2, 00: 00: 21, Serial0
S* 0.0.0.0/ 0 is directly connected, Ethernet0
The only external route in the routing table is 200.1.1.0/24. This network is in the routing table because the forwarding address of this external network (3.3.4.1) is covered by the summary route 3.0.0.0/8, which is an inter-area route.
Source :http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13682-10.html
沒有留言:
張貼留言