Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

NSSA confusion

Hi all,

I just needed to confirm one thing. I know that if i have 2 ABRs connected to NSSA area one of them will be selected as the translator. Now when i look at the ospf database, i can see external entry by one ABR only which is fine. But when i look at the routing table of area 0 router, it still shows 2 routes, via ABR1 and ABR2. How is it possible ? i looked at the database of area 0 router but only found entry with ABR1 (with highest router id).

Kindly guide

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: NSSA confusion

Jonn,

Then Sir, apparently we dont have any advantage of NSSA election here i think 

We do. If both R2 and R3 in your topology translated LSA7 to LSA5, they would create LSA5 that are called functionally equivalent LSAs in OSPF terminology: they describe the same destination, the same metric and metric type, and the same forwarding address. Regardless of who originated them, these LSAs would describe the very same destination. Clearly, that would be a duplication of effort. That is the reason why only one your ABRs translates LSA7 to LSA5.

Electing a single translator is not to make sure that just one path ever exists to an external destination, but rather, to stop originating multiple copies of an LSA that all describe the same path. However, if there are multiple equal paths available towards an ASBR, it is logical to use them all to reach networks behind that ASBR.

This is admittedly a confusing topic. Please feel welcome to ask further!

Best regards,

Peter

7 REPLIES
Cisco Employee

Re: NSSA confusion

Hi Jonn,

If you have a good look at the show ip ospf database output on an internal router in area 0, you should see the translated LSA5 (that originally come from LSA7) to be originated by a single ABR only - check the ADV Router column. This is an indication that only a single router performs the 7-to-5 translation.

However, each translated LSA5 contains a non-zero forwarding address - the IP address of the ASBR inside the NSSA area. This address itself is an address internal to the NSSA area, and advertised as LSA3 by both ABRs to your area 0. It is possible that the backbone router you were inspecting was equally far from the ASBR (note - inter-area destination by itself!) through both ABRs, and hence the external routes behind the ASBR are also equally reachable via both ABRs - so the router installed both routes into its routing table.

So the two paths you may be seeing are there not because both ABRs do the translation but because both ABRs provide the same total distance from your router to the ASBR in the NSSA area.

Best regards,

Peter

Community Member

Re: NSSA confusion

Sir, you are right and i am seeing 2 routes for the ASBR router on the internal router (with equal cost). But why i am seeing 2 routes for the external route ? i mean if i see the database on the internal router, i see only 1 entry advertised by ABR1, but i am seeing 2 routes, one of which dont even exist in the database

Cisco Employee

Re: NSSA confusion

Hi Jonn,

you are right and i am seeing 2 routes for the ASBR router on the internal router (with equal cost).

Perfect.

But why i am seeing 2 routes for the external route ?

Because the external route is reachable via the ASBR. To reach the external route, you must first reach the ASBR. And if you have two paths to the ASBR, you also have two paths to external routes behind that ASBR. Does this make sense?

Best regards,

Peter

Community Member

Re: NSSA confusion

Then Sir, apparently we dont have any advantage of NSSA election here i think

Cisco Employee

Re: NSSA confusion

Jonn,

Then Sir, apparently we dont have any advantage of NSSA election here i think 

We do. If both R2 and R3 in your topology translated LSA7 to LSA5, they would create LSA5 that are called functionally equivalent LSAs in OSPF terminology: they describe the same destination, the same metric and metric type, and the same forwarding address. Regardless of who originated them, these LSAs would describe the very same destination. Clearly, that would be a duplication of effort. That is the reason why only one your ABRs translates LSA7 to LSA5.

Electing a single translator is not to make sure that just one path ever exists to an external destination, but rather, to stop originating multiple copies of an LSA that all describe the same path. However, if there are multiple equal paths available towards an ASBR, it is logical to use them all to reach networks behind that ASBR.

This is admittedly a confusing topic. Please feel welcome to ask further!

Best regards,

Peter

Community Member

Re: NSSA confusion

Sir, i am attaching the diagram. R1 is redistributing 1.1.1.0 in area 1 NSSA. Also result of show ip route and show ip ospf database of R4 which is in area 0

R4#show ip route os

     1.0.0.0/24 is subnetted, 1 subnets

O E2    1.1.1.0 [110/20] via 10.1.34.3, 00:01:36, FastEthernet0/0

                [110/20] via 10.1.24.2, 00:01:36, FastEthernet0/1

     10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks

O       10.1.24.2/32 [110/10] via 10.1.24.2, 00:07:38, FastEthernet0/1

O       10.1.34.3/32 [110/10] via 10.1.34.3, 00:01:36, FastEthernet0/0

O IA    10.1.123.1/32 [110/20] via 10.1.34.3, 00:01:36, FastEthernet0/0

                      [110/20] via 10.1.24.2, 00:07:38, FastEthernet0/1

O IA    10.1.123.2/32 [110/10] via 10.1.24.2, 00:07:38, FastEthernet0/1

O IA    10.1.123.3/32 [110/10] via 10.1.34.3, 00:01:36, FastEthernet0/0

R4# show ip os database

            OSPF Router with ID (4.4.4.4) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count

2.2.2.2         2.2.2.2         531         0x80000003 0x00ACFE 2

3.3.3.3         3.3.3.3         169         0x80000004 0x00D7B4 2

4.4.4.4         4.4.4.4         168         0x80000007 0x008E79 4

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum

10.1.123.1      2.2.2.2         820         0x80000001 0x00CAD8

10.1.123.1      3.3.3.3         699         0x80000002 0x00AAF3

10.1.123.2      2.2.2.2         846         0x80000001 0x005C50

10.1.123.2      3.3.3.3         714         0x80000001 0x00A2FB

10.1.123.3      2.2.2.2         716         0x80000001 0x00B6EA

10.1.123.3      3.3.3.3         714         0x80000001 0x003473

                Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Tag

1.1.1.0         3.3.3.3         624         0x80000001 0x0037D2 0

Sir, as you can see, there is only one entry for 1.1.1.0, but its showing 2 routes in routing table. Routes to reach the advertiser (R1) are shown as IA as you described before. But why 2 external routes ?

Cisco Employee

Re: NSSA confusion

Hi Jonn,

The output of your show ip ospf database is indeed in agreement of everything we have discussed so far.

Sir, as you can see, there is only one entry for 1.1.1.0, but its  showing 2 routes in routing table. Routes to reach the advertiser (R1)  are shown as IA as you described before. But why 2 external routes ? 

Let's say it differently: you have only one external route but two equal paths of reaching it, so you are using both.

Also check my response to your previous question here.

Best regards,

Peter

443
Views
0
Helpful
7
Replies
CreatePlease to create content