Friday, December 24, 2010

OSPF Troubleshooting Lab - It's All About LSA Magic

Yesterday I got this OSPF Troubleshooting Challenge sent by one CCIE candidate friend on email. So I thought to share it with you guys.


With that being said , here is the topology {Which I redraw to look better of course :-) } & quick requirements.
Note: Click Images To Enlarge
Requirements :
---------------------


On R3 we have redistribute the Loopback interfaces into OSPF process using "redistribute connected subnets" command. Over R2 we have configured "Summary x.x.x.x x.x.x.x" command under OSPF process to summarize these loopbacks of R3. But R1 is still seeing the all more specific routes for R3's loopbacks. In short it's not getting the summary route from R2. 


So how we gonna fix it ?


Ummm.... Interesting ? .... May Be :-)


Lets hop on to all three routers and check the basic configuration already done for us.







So based on this we can see that it's just a normal misconfiguration. Because to summarize the External Routes we need to put this command on R3 since it's the one who is ASBR. Or in short - Only ASBR can summarize the external prefixes not ABR. It looks simple and meaningful though but I have seen many people with this misconception that since as most of books we read says in OSPF the summarization can only be done at Boundary Routers so they assume that external routes can also be summarized by ABR. Which we can see here is that not the case. Or may be they should have mentioned this behavior explicitly :-)


So by that same token if we configure "Summary x.x.x.x x.x.x.x" command on R3 instead of R2 in that case it will work just fine.

But that will be two simple... how about if we are not allowed to put this command on R3 ?

Ummm.... that will actually make life more complicated. Lets check the database on R2 and see how it looks like with command "sh ip ospf database"



 So R2 sees those prefixes as LSA Type - 5 and we are Adv router (Originator) is 33.33.33.33 which is Router ID (RID) of R3 which I setup manually.

Ummm.... so only LSA 5 Originator can summarize the prefixes by using "Summary" command. 

Is there any way we can take charge of these prefixes and convert them to LSA Type 5 with Originator set being Ourself ?


How about NSSA ? :-) 

Because if convert Area 1 into NSSA in that case we will see those external prefixes being advertised by R3 as Type 7 LSA. Since R2 is the ABR it will convert LSA 7 into LSA 5 before advertising into Area 0. So in that sense we are now originator of LSA - 5 and very well can use summary command.

Lets see this on command line by configuring AREA 1 as NSSA on R2 & R3:



Now lets take a look at database on R2 again:


Lets see if this worked for us just fine by taking a look at R1's Routing Table.



So far so good. :-) Time for Celebration


But what if we are not even allowed to make Area 1 as NSSA ? ..... horrible ?


See if you can make it work with this restriction before I present the solution which came from a great Network Engineer and friend Michael Miller.


Take it as challenge and see if you can make this work with this last restriction by not configuring Area 1 as NSSA. 


I'll post the solution though some time next week.


And Of course.... Merry Christmas Everyone



HTH...
Deepak Arora
CCIE - 0::0/0 Null0

6 comments:

Rahul said...

Merry Christmas to you. Thanks for Sharing the Lab.

Nazir said...

Hi,

Will configuring virtual link between R1 and R3 do this work ?

Your way explaining a concept is really nice.

Thanks

Neo said...

Let's take R1 & R3 configuration as per question: (No NSSA for Area 1, No 'summary-address ...." on R3)

R1

router ospf 1
router-id 11.11.11.11
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0

R3

router ospf 1
router-id 33.33.33.33
log-adjacency-changes
redistribute connected subnets
network 13.13.13.3 0.0.0.0 area 1

-----------------------------------------

R2

router ospf 1
router-id 22.22.22.22
log-adjacency-changes
summary-address 10.10.0.0 255.255.252.0
redistribute ospf 2 subnets
network 12.12.12.2 0.0.0.0 area 0
router ospf 2
log-adjacency-changes
redistribute ospf 1 subnets
network 13.13.13.2 0.0.0.0 area 1

We will create two ospf process, Process-1 is for ospf adjacency between R1/R2 (12.12.12.0/24) and Process-2 is for ospf adjacency between R2/R3 (13.13.13.0/24).

Redistribute OSPF 2 into OSPF1 will make 10.10.x.0 external LSAs.

R2#sh ip ospf database | b Process ID 1
OSPF Router with ID (22.22.22.22) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
11.11.11.11 11.11.11.11 185 0x80000002 0x0097F6 1
22.22.22.22 22.22.22.22 184 0x80000002 0x0064CE 1

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum
12.12.12.2 22.22.22.22 184 0x80000001 0x005ADC

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
10.10.0.0 22.22.22.22 173 0x80000001 0x0047EF 0
13.13.13.0 22.22.22.22 223 0x80000001 0x00BC77 0

Now if we do route-summarization in OSPF1 it will advertise summary LSA to R1.

We see summary route on R1.

R1#sh ip route | b Gate
Gateway of last resort is not set

10.0.0.0/22 is subnetted, 1 subnets
O E2 10.10.0.0 [110/20] via 12.12.12.2, 00:19:37, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
O E2 13.13.13.0 [110/1] via 12.12.12.2, 00:19:37, FastEthernet0/0

Neo said...

We can create route-map for OSPF1 to OSPF2 redistribution on R2, to filter summary route advertising back to R3.

ip prefix-list SUMMARY seq 5 permit 10.10.0.0/22
match ip address prefix-list SUMMARY
!
route-map OSPF1->OSPF2 deny 10
match ip address prefix-list SUMMARY
route-map OSPF1->OSPF2 permit 20
!
router ospf 1
router-id 22.22.22.22
log-adjacency-changes
summary-address 10.10.0.0 255.255.252.0
redistribute ospf 2 subnets
network 12.12.12.2 0.0.0.0 area 0
router ospf 2
log-adjacency-changes
redistribute ospf 1 subnets route-map OSPF1->OSPF2
network 13.13.13.2 0.0.0.0 area 1

R3 routing rable before route-map on R2.

R3#sh ip route | b Gate
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
C 10.10.0.0/24 is directly connected, Loopback0
O E2 10.10.0.0/22 [110/20] via 13.13.13.2, 00:04:32, FastEthernet0/0
C 10.10.1.0/24 is directly connected, Loopback1
C 10.10.2.0/24 is directly connected, Loopback2
C 10.10.3.0/24 is directly connected, Loopback3
12.0.0.0/24 is subnetted, 1 subnets
O E2 12.12.12.0 [110/1] via 13.13.13.2, 00:04:33, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
C 13.13.13.0 is directly connected, FastEthernet0/0



After applying route-map:

R3#sh ip route | b Gate
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 4 subnets
C 10.10.0.0 is directly connected, Loopback0
C 10.10.1.0 is directly connected, Loopback1
C 10.10.2.0 is directly connected, Loopback2
C 10.10.3.0 is directly connected, Loopback3
12.0.0.0/24 is subnetted, 1 subnets
O E2 12.12.12.0 [110/1] via 13.13.13.2, 00:04:57, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
C 13.13.13.0 is directly connected, FastEthernet0/0

-------------------------------------------------------------------------

Merry Christmas to ALL

-Amolak

Deepak Arora said...

Thanks Amolak for presenting the third Solution. It was same as I expected.

sonihacker said...

Dear sir i wants to know which ospf command is used in real company.