I have a quick question: You have Router-A as an ABR touching Areas 0 and 1.
Area 1 is an NSSA area.
In Area 1, you have Router-B that connects to an ISP. You create a static default route to the ISP.
Can the NSSA Router-B still inject the default-route into OSPF via the default-information originate command?
What about if it is NSSA no-summary?
The reason I ask is that Router-B is a smaller Pix in the case that I'm thinking of, and I'd rather not have the full corporate routing table on there. I'd prefer NSSA no-summary, but then won't that thing see two default routes? (One static and one injected by the ABR)
It's definetely will lead to having two 0.0.0.0/0 routes in that area. And without having view of the rest of the network, how should PIX find other internal networks since its default is statically pointing to ISP?
If your network is well summarised, you could make dedicated normal (non-NSSA) area for your PIX. Sole purpose of this area will be to advertise one aggregate address towards PIX(es) and filter everything else (using Type-3 LSA filtering). Then PIX(es) will have quite small routing table and will be still able to advertise default route.
Now thinking of it, even better solution could be to have your two redundant (aren't they?) PIXes just statically routing your internal networks to an virtual IP address maintained by HSRP/VRRP on some of your capable routers, those routers in turn will have static default pointing towards active PIX and in turn redistributing it into OSPF. This way you don't have to worry about route filters and resources, configs will become more simple and easier to maintain, while still providing you with redundancy.
You do not want to use 'nssa no-summary' option as that would cause Router-A (ABR) to inject a default into Area 1 as Type-7 LSA. Configure area 1 as an nssa area (without the keyword no-summary) and the Router-A would advertise only up to Type-3 LSA to Router-B.
NSSA Router-B , which happens to be the ASBR, can inject a default route with the command 'area 1 nssa default-information originate' command. When Router-A learns the default route it would transalate that into Type-5 LSA (external) and advertise it to the rest of the OSPF domain.
If you have a large corporate routing table and do not want Router-B to learn them configure Area 1 as stub (not NSSA) and summarize type-3 LSAs using the 'area range' command on Router-A into Area 1. In this case you can advertise the default route from Router-B as a type-5 LSA using the redistribute or default-information originate command.
Sundar, thank you, that's very helpful. One further question:
Using the first scenario where area 1 is NSSA, and Router-A learns the default route from Router-B, Router-A will not need to use the 'default-information originate' commands to carry the default route into area 0, correct? It will just be seen like any other external route?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...