2.1 OSPF Filtering out stub network???


In 2.1 it states we need to filter out LSA's so they are not sent out stub networks.  This question makes no sense to me.  The answer has use filtering all LSA's out FA0/1 on R3.  That interrace belongs to Area 0.  What are they trying to show us here?

2.1 

Rack1R3#sh ip ospf int br

Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C

Fa0/1        1     0               130.1.33.3/24      1     DR    0/0

Lo0          1     345             150.1.3.3/24       1     LOOP  0/0

Se1/1        1     345             130.1.35.3/29      781   BDR   1/1


Comments

  • There is no need to send LSAs out stub interfaces since no device will receive it anyway. The network should still be announced though. Normally we would use the passive-interface to accomplish this but we were not allowed to use it in this task. Therefore you must use the ip ospf database-filter instead to filter the LSAs. They are testing your knowledge of OSPF.

  • Well, depends on how you read it" "should not be send out of interfaces that connect to stub" or "should not be sent out frfom interfaces that connect to stub". It's all wording. Otherwise understand the task solution and good luck with your studies!

  • It's not a stub interface though.  My question is why they have the filtiering on an " ....  AREA 0 .... " interface.


  • It's not a stub interface though.  My question is why they have the filtiering on an " ....  AREA 0 .... " interface.


  • From OSPF database perspective, a stub network is a subnet on which OSPF did not form any adjancecy/neighborship yet (issue a show ip ospf databse router RID_OF_R3) and see it for yourself. So we are filtering OSPF LSA adv from being sent out to stub networks, although technically LSA's are not advertised anyways due to lack of adjacency/neighbors.

    Initially i was thiniking it was referring to stub area, but clearly says stub network.

    Good luck with your studies!

  • I have two problems with this tast...

     

    1st one I am getting vlan3 through R4 --> routing protocol eBGP (AD-20)

    do sh ip route 130.1.3.0
    Routing entry for 130.1.0.0/16
      Known via "bgp 65178", distance 20, metric 0
      Tag 200, type external
      Last update from 130.1.124.4 00:01:10 ago
      Routing Descriptor Blocks:
      * 130.1.124.4, from 130.1.124.4, 00:01:10 ago
          Route metric is 0, traffic share count is 1
          AS Hops 1
          Route tag 200

     

    2nd Where is Stub network..

     Cisco NSF helper support enabled
        Area BACKBONE(0) (Inactive)
            Number of interfaces in this area is 1
            Area has no authentication
            SPF algorithm last executed 02:45:39.724 ago
            SPF algorithm executed 6 times
            Area ranges are
            Number of LSA 9. Checksum Sum 0x03CC95
            Number of opaque link LSA 0. Checksum Sum 0x000000
            Number of DCbitless LSA 0
            Number of indication LSA 0
            Number of DoNotAge LSA 0
            Flood list length 0
        Area 345
            Number of interfaces in this area is 2 (1 loopback)
            Area has no authentication
            SPF algorithm last executed 00:11:35.172 ago
            SPF algorithm executed 33 times
            Area ranges are
            Number of LSA 7. Checksum Sum 0x04A4F5
            Number of opaque link LSA 0. Checksum Sum 0x000000
            Number of DCbitless LSA 0
            Number of indication LSA 0
            Number of DoNotAge LSA 0
            Flood list length 0

     

    According to SG fastethernet 0/1 is stub...

     

    Please comment...........is there any one elst facing same problem

     

  • Hi Mani,

       Do not confuse stub network with stub area; stub network in OSPF terminology is when you run OSPF on an interface but you have no peerings over it; you can see this with "show ip ospf database router" if it is a LSA1 type, or with the correct value for the LSA type.

    Good luck with your studies!

  • i honestly didnt know about that command. so what i did is that i made the networn (non-broadcast). thus, my Router will never send hellos, hence no LSA will go out from that interface. 

     

    am i correct?

  • And VLAN 8 on SW2 should also have the filtering applied as this is a stub network.

    I take it that if one missed that then there's zero points for the whole section?

  • And VLAN 8 on SW2 should also have the filtering applied as this is a stub network.

    Hi Alan, the requirement applies only to R3.

    "As a security precaution, your corporate policy dictates that OSPF LSA advertisements should not be sent out interfaces that connect to stub networks.

    • Do not use the passive interfacecommand to accomplish this.

    Configure R3 to reflect this policy."

    HTH 

  • I also did the same as night_wolf - "ip ospf network non-broadcast". Unfortunately, I do not know if it would fulfill the requirements for sure. I did a debug packet detail matching all ospf packets and saw nothing go out that interface - even when I triggered a LSA advertisement by taking down an interface. So I think from a technical standpoint the logic is accurate, whether Mr. Proctor agrees with that... not sure.

    Nice to learn a new coimmand though.

    i honestly didnt know about that command. so what i did is that i made the networn (non-broadcast). thus, my Router will never send hellos, hence no LSA will go out from that interface. 

     

    am i correct?

     

Sign In or Register to comment.