I need a detailed example where i would use the nssa area in ospf. Here are some conclusions that i know, put me right if am off the mark :
a) A nssa area will give benefits of stub area and totally stub area, but will allow the use of an ASBR which is not the case for stub and totally stuby. If i dont want external non Ospf Routes and Summary routes why would i need a router to be an ASBR ?? My conclusion was maybe if i need an Internet EBGP connection, which will in turn make the Router an ASBR, right ? BUT, to make this internet EBGP connection to work, i will need to put a static route to the EBGP peer, right ? Again, as i said, put me right if am wrong .
My question is, in which situation would i need a NSSA area ?
I think that you have most of the concepts about this pretty close to right. The main thing that I am not sure is right is your statement about needing to put a static route to the EBGP peer. The router you are talking about would be running BGP (so that it could redistribute BGP into OSPF) and would need to already have a route to the EBGP peer so that BGP could work. You might need a static route to the BGP peer to make BGP work but needing the static route has nothing to do with configuring NSSA.
Let me suggest a somewhat different example of where you might want an NSSA. Lets assume that you have a network that runs OSPF. Lets also assume that in the backbone area 0 you have a router running BGP and providing Internet access. Lets also assume that you have another OSPF area (perhaps area 5). In area 5 you have a router that is running RIP (or maybe EIGRP). This router is learning routes from a couple of routers running the other protocol (perhaps it became part of your network through an acquisition of another company and you have not yet integrated them into your OSPF). You want these routes to be advertised into your OSPF network so you need to do redistribution. But you do not want the Internet routes from the backbone to be advertised into this area. So you configure the area as NSSA. NSSA allows the RIP (or EIGRP) routes to be redistributed but keeps the Internet routes out of the area. That is one situation where you might want NSSA.
Your explaination does really help me alot to understand OSPF NSSA. Now, using your own example, here is my next question with some illustration below
RIP/EIGRP Router -->ASBR (Area 5)--> ABR -->Area 0 --Internet
Area 5 has been made an NSSA to allow redistribution of RIP and EIGRP routes into OSPF Backbone. BUT you say that the BGP (internet) routes will be prevented from coming into Area 5, right ? How will this happen ? I presume redistributed rip/eigrp routes into Area 5 to Area 0 will be marked as O E2 routes and so will the BGP internet routes ? Wont this make the BGP routes be advertised into Area 5 through Area 0 (ASBR/ABR) ?
Second Qn. what if in the future, i decide to allow internet connectivity for the RIP/Eigrp Networks through the OSPF network (ASBR Node) ? how do i go around that ?
As for your first question: no the Internet routes (which may well be O E2 routes) will not be advertised into area 5. It is built into the functionality of the ABR that if the remote area is stub or NSSA that it will not advertise E1 or E2 routes (LSA type 5) into the area.
It may help you to understand this if we point out that the redistributed RIP/EIGRP routes in area 5 are not LSA type 5 externals but are LSA type 7 externals. The type 7 LSAs get translated into type 5 at the ABR.
As for your second question: If you propagate a default route into area 5 from the ABR, then it is possible to advertise that default to the RIP/EIGRP domain and provide Internet access to them.
From Rick's explanation, you would have got clear idea of where NSSA is used.
I have added some more :
NSSAs are similar to stub areas, except that they allow limited importing of autonomous system (AS) external routes. External routes carried into the backbone are not propagated into the NSSA. Intra-area routes are propagated into the NSSA. NSSA is an area with an ASBR that allows external Type 7 LSAs into the OSPF network while retaining the characteristics of a stub area. The Type 7 LSA is generated by the ASBR in the NSSA.
The Type 7 LSA is generated by the ASBR in the NSSA. Type 7 LSAs are similar to Type 5 LSAs, except for the following:
1.NSSAs can originate and import Type 7 LSAs. Like stub areas, NSSAs cannot originate or import Type 5 LSAs.
2.Type 7 LSAs can be advertised only within a single NSSA. They are not flooded throughout the AS, as are Type 5 LSAs.
External routing information is imported into an NSSA in Type-7-LSAs. Type-7-LSAs are identical in format to AS-external-LSAs. However, unlike AS-external-LSAs, Type-7-LSAs have only area flooding scope. In order to further distribute the NSSA's external routing information, Type-7-LSAs are selectively translated into AS-external-LSAs at the NSSA border.
Like stub areas, NSSAs limit resource consumption by preventing the flooding of AS-external-LSAs into NSSAs, relying instead on default routing to external destinations. As a result, both stub areas and NSSAs must be placed at the edge of an OSPF routing domain.
However, NSSAs are more flexible than stub areas. An NSSA can import a selected number of external routes into the OSPF routing domain, enabling the NSSA to provide transit service to small stub routing domains that themselves are not part of the OSPF routing domain.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...