Saturday, 4 January 2014

OSPF Autonomous Border System Routers:

When I first started studying for my CCNP, some of the concepts of OSPF really confused me. This was especially true for the ASBR, stub areas, and total stub areas. Sure, I could memorize the LSA types associated with these devices and area types, but there just weren't any illustrations that explained exactly what was going on. 

This CCNP tutorial shows an ASBR in operation, and also introduces you to a basic example of route redistribution. Don't worry, it gets more complicated. :) 

Here's the network we'll be working with in this tutorial: 

    R5
    |
    R1
    / \
  R2 R3 

Networks: 

R1 - R5 Ethernet Segment: 10.1.1.0 /24 

R1 - R2 - R3 Serial Segment: 172.16.123.0 /24 (Preconfigured with OSPF) 

R1 and R5 are running RIP over their common Ethernet segment, 10.1.1.0 /24. R5 has three loopbacks it will be advertising into the RIP domain. 

R1 is also running OSPF, with R2 and R3 as neighbors. Even though R1 knows about the loopbacks on R5, its OSPF neighbors do not. R1 has these routes in its RIP routing table, and for OSPF neighbors to learn of these routes, route redistribution must be manually configured. 

R5#conf t
R5(config)#router rip
R5(config-router)#version 2
R5(config-router)#no auto-summary
R5(config-router)#network 5.0.0.0
R5(config-router)#network 10.0.0.0

R1#conf t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 10.0.0.0

R1#show ip route rip
5.0.0.0/24 is subnetted, 3 subnets
R 5.1.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.2.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.3.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
 

R1 has a route for all three of R5’s loopback interfaces, learned via RIP. R1 is also running OSPF, but its neighbors R2 and R3 don’t know about these RIP routes: 

R2#show ip route ospf
R2# < no output from show command means no routes! >
R3#show ip route ospf
R3# 


Be careful when configuring redistribution use IOS Help to make sure you’re not missing any vital options. IOS Help shows that there is a “subnets” option when redistributing RIP into OSPF. If that is left off, only classful networks are redistributed (as the router is kind enough to tell us). In this case, we have no classful networks, so there will be no redistribution. R2 will not see the RIP routes. 

R1(config)#router ospf 1
R1(config-router)#redistribute rip ?

metric Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
route-map Route map reference
subnets Consider subnets for redistribution into OSPF
tag Set tag for routes redistributed into OSPF

R1(config-router)#redistribute rip
% Only classful networks will be redistributed
 

R2#show ip route ospf
R2#clear ip route *
R2#show ip route ospf
R2# 


On R1, we’ll now use the “subnets” option, and the RIP subnets are successfully redistributed into OSPF. 

R1(config)#router ospf 1
R1(config-router)#redistribute rip subnets
 

R2 now sees the redistributed routes. 

R2#show ip route ospf
5.0.0.0/24 is subnetted, 3 subnets
O E2 5.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123
O E2 5.2.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123
O E2 5.3.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123
10.0.0.0/24 is subnetted, 1 subnets
O E2 10.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123 


Notice that the routes are marked as “E2”. The E indicates that these are external routes these are routes that were learned by OSPF via redistribution. 

Naturally, you’ll want to ping these networks to make sure you have two-way communication. Even though the routes to these loopbacks are in the routing table, pings fail: 

R2#ping 5.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
 

Keep this in mind when troubleshooting: It’s not enough to have a route to a destination for pings to succeed there’s got to be a path back. At this point, R5 doesn’t know where the 172.12.123.0 network is, so there’s no way the ping can get back. More route redistribution is necessary on R1. 

Your first instinct may be to redistribute OSPF routes into RIP to make this work, but remember that the 172.12.123.0 /24 network isn’t known to R1 via OSPF it’s a directly connected network. We can redistribute connected networks into RIP to give R5 a route to 172.12.123.0 /24, which will give the ICMP packets a path back to R2, which will allow pings to succeed. 

R1(config)#router rip
R1(config-router)#redistribute connected
R5#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 10.1.1.1, 00:00:02, Ethernet0
172.12.0.0/24 is subnetted, 1 subnets
R 172.12.123.0 [120/1] via 10.1.1.1, 00:00:02, Ethernet0

R2#ping 5.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/69/76 ms
 

Performing this redistribution makes R1 an ASBR, as shown here with show ip ospf. This command even shows you what protocol(s) are being redistributed into OSPF. 

R1#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1
 

Supports only single TOS(TOS0) routes 

Supports opaque LSA 

It is an autonomous system boundary router 

Redistributing External Routes from, 

rip, includes subnets in redistribution 

Knowing exactly what the ASBR does and how to configure route redistribution are just a few of the many OSPF skills you'll need to earn your CCNP. Like any other Cisco skill, breaking a complex topic like OSPF down into smaller, manageable pieces is the best way to master these topics and pass the CCNP exams. 

No comments: