Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

OSPF Control

Our structure is one in which we have a worldwide WAN designed upon OSPF. The headquarters is Area 0 while each country connecting via the WAN is a separate OSPF area. The ABR's are therefore all located at the headquarters site.

We are attempting to accomplish two tasks:

1. Minimize the size of the IP route tables around the world.

2. Given that we do not maintain control over the routers at the remote ends; control the route tables so that inadvertent changes at the edge do not impact the enterprise network.

I'm inclined toward the establishment of these areas as stub areas. The concern I have is that many of these countries maintain their own Internet connectivity, versus traversing the WAN and connecting through the central site.

Any suggestions?

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: OSPF Control

If they are learning a default from someplace else (a connection through a service provider to the 'net), then you can't just give them a default--you'll have to give them long prefix matches, as well. If you don't have any externals, you could still make them stub, but that's not going to help you control what's being fed into your area 0, really.

You best option is to use type 3 LSA filtering:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00800b5d4f.html

combined with normal distribution lists to block anything the area's not supposed to be advertising to you from making it into area 0. The type 3 filtering will prevent the ABR from creating type 3's for anything that's not supposed to be learned from a given area, and the distribution list would keep the ABR from installing things it's not supposed to be hearing about from a given area into the local routing table.

Hope that helps...

:-)

Russ.W

2 REPLIES
Gold

Re: OSPF Control

If they are learning a default from someplace else (a connection through a service provider to the 'net), then you can't just give them a default--you'll have to give them long prefix matches, as well. If you don't have any externals, you could still make them stub, but that's not going to help you control what's being fed into your area 0, really.

You best option is to use type 3 LSA filtering:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00800b5d4f.html

combined with normal distribution lists to block anything the area's not supposed to be advertising to you from making it into area 0. The type 3 filtering will prevent the ABR from creating type 3's for anything that's not supposed to be learned from a given area, and the distribution list would keep the ABR from installing things it's not supposed to be hearing about from a given area into the local routing table.

Hope that helps...

:-)

Russ.W

Silver

Re: OSPF Control

Also, don't forget to summarize routes.

104
Views
0
Helpful
2
Replies
CreatePlease to create content