OSPF Type 7 LSA and "cost"

I'm trying to configure an NSSA, and have run into an interesting issue - I'm curious what I'm missing from both a real world and a knowledge gap perspective.  I imagine this is the kind of thing that would come up on the IE.  I put quotes around cost since I'm not certain that's the issue, but I imagine that it is.

 

Basically, the scenraio is this - there's a single ABR directly connected to two internal routers inside an NSSA, so one layer 3 hop to each.  Those two internal routers are also directly connected - r1, r2, and r3 in an OSPF love triangle.  Fairly standard scenario.  When I include interfaces in OSPF, they show up in the RIB/FIB correctly, and route via the shortest path.  However, when connected routes (interfaces on each internal router) are redistributed into the NSSA, they show up on the ABR as equal cost paths, when they obviously are not.

 

I know I've read something about dealing with this in the past, but I simply cannot find it at this point.  I can run OSPF on all the major interfaces on the internal routers to overcome the issue short term, but eventually some customer is going to require a subnet, and I'll have to redistribute static subnets for that customer.  I imagine it's something as simple as dealing with E1 and E2 routes, but I'm coming up short.

«1

Comments

  • JoeMJoeM ✭✭✭

    When I include interfaces in OSPF, they show up in the RIB/FIB correctly, and route via the shortest path.  However, when connected routes (interfaces on each internal router) are redistributed into the NSSA, they show up on the ABR as equal cost paths, when they obviously are not.

    Hi Po8,

    My immediate thinking, is that because you are redistributing them, your "cost" is showing  a default of 20 on the E2 routes. edit: N2 routes at the ABR.

    However, we also need to consider the "forward metric" to get to the ASBR.

                        show ip route  x.x.x.x

     

    Here is an INE blog about it. http://blog.ine.com/2011/04/04/understanding-ospf-external-route-path-selection/

     

    Hope I am reading your scenario correctly.

  • Hi,

    Just to make sure that we are not interpreting your question incorrectly, I have made a quick diagram for you to present your question as specific as possible. Is the diagram accurate to your design ? If so, please do.

    https://www.dropbox.com/s/xikqkww5ux2loel/Screen Shot 2014-07-21 at 7.53.01 PM.png

     

     

  • JoeMJoeM ✭✭✭

    A possible solution is to redistribute with type-1, then there will be an incremental of the cost from router to router.

    edit:  but this will likely only help after the ABR.   Can you give some output for the routes?  This way we are talking apples-to-apples.  Thanks Po8.

  • Hi Ciprian - that's basically the design, though it's done with dot1q subints on a single gige, and there are no r4 and r4 external domains.

    edit - sorry, I meant dot1q subints on R1, which is the ABR.

  • Hi Joe, the ABR is where the issue exists.  I've tried setting metrics and also setting the metric type, but the issue persists.  Currently I'm using a cisco as the ABR and two vyatta routers as the internal routers, but labbing it up with all cisco I see the same issue.  I'll lab it up with all cisco again, post a diagram and configs and show output in a few.  What's truly odd is that sometimes forward metric does seem to come in to play and sometimes it doesn't.

  • JoeMJoeM ✭✭✭

    Can you show the output on the ABR?    

    My guess is that your metric is 20 (N2). This is the default.   The "forward metric" would depend on the connections (cost) to the ASBRs.

     

    A diagram would definitely help.  Questions I have while guessing at it. ;-)

    Do you have control of the vyatta routers? 

    Can they adjust their metrics during the redistribution, in order to match what you want the ABR to see?

     

    route-map <-- to match and set metrics

    metric <-- for all redistributed routes on a given router

  • OK, having just labbed this up in gns3 with cisco routers, I can recreate the issue if I shut/no shut a link or similar.  This accounts for the strangeness I was seeing with some routes being effected and others not - order of router boot/reboot or whatever, or maybe during failover testing or similar.

     

    I do have access to the vyattas, but since I can recreate with gns3 and 7200 VMs, I'll just work with those.

  • Back in business ! So now, I assume your design looks like this : 

    image

    So let's say from the ABR - R1, you are trying to route to external segment between R3 and R5 ... and the ABR is reporting the same cost if going directly between R1 to R3 or if going the long way R1-R2-R3 ? 

     

  • OK, here's the Q&D diagram, bassically the same as ciprian's:

    http://ieoc.com/members/pieces_5F00_of_5F00_eight/files/nssa_2D00_diagram.jpg.aspx

    After a fresh reload:

    [code]

    R1:

    interface Loopback0
     ip address 1.1.1.1 255.255.255.255
    !
    interface Loopback123
     ip address 123.123.123.123 255.255.255.255
    !
    interface Loopback223
     ip address 223.223.223.223 255.255.255.255
    !
    interface GigabitEthernet5/0
     no ip address
     negotiation auto
    !
    interface GigabitEthernet5/0.12
     encapsulation dot1Q 12
     ip address 10.12.12.1 255.255.255.0
    !
    interface GigabitEthernet5/0.13
     encapsulation dot1Q 13
     ip address 10.13.13.1 255.255.255.0
    !
    router ospf 100
     router-id 1.1.1.1
     log-adjacency-changes
     area 100 nssa default-information-originate
     network 10.12.12.0 0.0.0.255 area 100
     network 10.13.13.0 0.0.0.255 area 100
     network 123.123.123.0 0.0.0.255 area 0


    R2:

    interface Loopback0
     ip address 2.2.2.2 255.255.255.255
    !
    interface FastEthernet0/0
     ip address 10.2.2.2 255.255.255.0
     duplex auto
     speed auto
    !
    interface GigabitEthernet5/0
     ip address 10.12.12.2 255.255.255.0
     negotiation auto
    !
    interface GigabitEthernet6/0
     ip address 10.23.23.2 255.255.255.0
     negotiation auto
    !
    router ospf 100
     router-id 2.2.2.2
     log-adjacency-changes
     area 100 nssa
     redistribute connected subnets
     network 10.2.2.0 0.0.0.255 area 100
     network 10.12.12.0 0.0.0.255 area 100
     network 10.23.23.0 0.0.0.255 area 100


    R3:

    interface Loopback0
     ip address 3.3.3.3 255.255.255.255
    !
    interface FastEthernet0/0
     ip address 10.3.3.3 255.255.255.0
     duplex auto
     speed auto
    !
    interface GigabitEthernet5/0
     ip address 10.13.13.3 255.255.255.0
     negotiation auto
    !
    interface GigabitEthernet6/0
     ip address 10.23.23.3 255.255.255.0
     negotiation auto
    !
    router ospf 100
     router-id 3.3.3.3
     log-adjacency-changes
     area 100 nssa
     redistribute connected subnets
     network 10.3.3.0 0.0.0.255 area 100
     network 10.13.13.0 0.0.0.255 area 100
     network 10.23.23.0 0.0.0.255 area 100
    [/code]

     

    And the view from the ABR:

    R1#show ip route
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
           o - ODR, P - periodic downloaded static route

    Gateway of last resort is not set

         223.223.223.0/32 is subnetted, 1 subnets
    C       223.223.223.223 is directly connected, Loopback223
         1.0.0.0/32 is subnetted, 1 subnets
    C       1.1.1.1 is directly connected, Loopback0
         2.0.0.0/32 is subnetted, 1 subnets
    O N2    2.2.2.2 [110/20] via 10.13.13.3, 00:06:05, GigabitEthernet5/0.13
                    [110/20] via 10.12.12.2, 00:06:05, GigabitEthernet5/0.12
         3.0.0.0/32 is subnetted, 1 subnets
    O N2    3.3.3.3 [110/20] via 10.13.13.3, 00:06:05, GigabitEthernet5/0.13
                    [110/20] via 10.12.12.2, 00:06:05, GigabitEthernet5/0.12
         10.0.0.0/24 is subnetted, 5 subnets
    O       10.23.23.0 [110/2] via 10.13.13.3, 00:06:05, GigabitEthernet5/0.13
                       [110/2] via 10.12.12.2, 00:06:05, GigabitEthernet5/0.12
    C       10.13.13.0 is directly connected, GigabitEthernet5/0.13
    C       10.12.12.0 is directly connected, GigabitEthernet5/0.12
    O       10.3.3.0 [110/2] via 10.13.13.3, 00:06:06, GigabitEthernet5/0.13
    O       10.2.2.0 [110/2] via 10.12.12.2, 00:06:06, GigabitEthernet5/0.12
         123.0.0.0/32 is subnetted, 1 subnets
    C       123.123.123.123 is directly connected, Loopback123
    R1#
    R1#show ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 2
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:06:12 ago
      Routing Descriptor Blocks:
        10.13.13.3, from 2.2.2.2, 00:06:12 ago, via GigabitEthernet5/0.13
          Route metric is 20, traffic share count is 1
      * 10.12.12.2, from 2.2.2.2, 00:06:12 ago, via GigabitEthernet5/0.12
          Route metric is 20, traffic share count is 1

    R1#show ip route 3.3.3.3
    Routing entry for 3.3.3.3/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 2
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:06:17 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 3.3.3.3, 00:06:17 ago, via GigabitEthernet5/0.13
          Route metric is 20, traffic share count is 1
        10.12.12.2, from 3.3.3.3, 00:06:17 ago, via GigabitEthernet5/0.12
          Route metric is 20, traffic share count is 1

    R1#
    R1#show ip route 10.2.2.2
    Routing entry for 10.2.2.0/24
      Known via "ospf 100", distance 110, metric 2, type intra area
      Last update from 10.12.12.2 on GigabitEthernet5/0.12, 00:06:33 ago
      Routing Descriptor Blocks:
      * 10.12.12.2, from 2.2.2.2, 00:06:33 ago, via GigabitEthernet5/0.12
          Route metric is 2, traffic share count is 1

    R1#show ip route 10.3.3.3
    Routing entry for 10.3.3.0/24
      Known via "ospf 100", distance 110, metric 2, type intra area
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:06:37 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 3.3.3.3, 00:06:37 ago, via GigabitEthernet5/0.13
          Route metric is 2, traffic share count is 1

    You can see that the redistributed connected loopbacks are equal cost.  I'll set the metric type to 1 and then reload again.

  • R1#show ip route
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
           o - ODR, P - periodic downloaded static route

    Gateway of last resort is not set

         223.223.223.0/32 is subnetted, 1 subnets
    C       223.223.223.223 is directly connected, Loopback223
         1.0.0.0/32 is subnetted, 1 subnets
    C       1.1.1.1 is directly connected, Loopback0
         2.0.0.0/32 is subnetted, 1 subnets
    O N1    2.2.2.2 [110/22] via 10.13.13.3, 00:01:42, GigabitEthernet5/0.13
                    [110/22] via 10.12.12.2, 00:01:42, GigabitEthernet5/0.12
         3.0.0.0/32 is subnetted, 1 subnets
    O N1    3.3.3.3 [110/22] via 10.13.13.3, 00:01:42, GigabitEthernet5/0.13
                    [110/22] via 10.12.12.2, 00:01:42, GigabitEthernet5/0.12
         10.0.0.0/24 is subnetted, 5 subnets
    O       10.23.23.0 [110/2] via 10.13.13.3, 00:01:42, GigabitEthernet5/0.13
                       [110/2] via 10.12.12.2, 00:01:42, GigabitEthernet5/0.12
    C       10.13.13.0 is directly connected, GigabitEthernet5/0.13
    C       10.12.12.0 is directly connected, GigabitEthernet5/0.12
    O       10.3.3.0 [110/2] via 10.13.13.3, 00:01:42, GigabitEthernet5/0.13
    O       10.2.2.0 [110/2] via 10.12.12.2, 00:01:42, GigabitEthernet5/0.12
         123.0.0.0/32 is subnetted, 1 subnets
    C       123.123.123.123 is directly connected, Loopback123
    R1#
    R1#show ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 22, type NSSA extern 1
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:01:47 ago
      Routing Descriptor Blocks:
        10.13.13.3, from 2.2.2.2, 00:01:47 ago, via GigabitEthernet5/0.13
          Route metric is 22, traffic share count is 1
      * 10.12.12.2, from 2.2.2.2, 00:01:47 ago, via GigabitEthernet5/0.12
          Route metric is 22, traffic share count is 1

    R1#
    R1#show ip route 3.3.3.3
    Routing entry for 3.3.3.3/32
      Known via "ospf 100", distance 110, metric 22, type NSSA extern 1
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:01:51 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 3.3.3.3, 00:01:51 ago, via GigabitEthernet5/0.13
          Route metric is 22, traffic share count is 1
        10.12.12.2, from 3.3.3.3, 00:01:51 ago, via GigabitEthernet5/0.12
          Route metric is 22, traffic share count is 1

    As you can see, the routes are type 1 now, and the routes are still load shared.

  • JoeMJoeM ✭✭✭

    You can see that the redistributed connected loopbacks are equal cost.  I'll set the metric type to 1 and then reload again.

    Also, how about raising the cost between R2 and R3?  That would make metric-type 1 have a real affect when the routes finally reach R1.

  • And with metrics set to 222 on r2 and 333 on r3:

    R1#show ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 224, type NSSA extern 1
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:00:10 ago
      Routing Descriptor Blocks:
        10.13.13.3, from 2.2.2.2, 00:00:10 ago, via GigabitEthernet5/0.13
          Route metric is 224, traffic share count is 1
      * 10.12.12.2, from 2.2.2.2, 00:00:10 ago, via GigabitEthernet5/0.12
          Route metric is 224, traffic share count is 1

    R1#show ip route 3.3.3.3
    Routing entry for 3.3.3.3/32
      Known via "ospf 100", distance 110, metric 335, type NSSA extern 1
      Last update from 10.13.13.3 on GigabitEthernet5/0.13, 00:00:14 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 3.3.3.3, 00:00:14 ago, via GigabitEthernet5/0.13
          Route metric is 335, traffic share count is 1
        10.12.12.2, from 3.3.3.3, 00:00:14 ago, via GigabitEthernet5/0.12
          Route metric is 335, traffic share count is 1

     

    And just so we're all on the same page, this is what the ospf config looks like on the internal routers at this point:

    router ospf 100
     router-id 2.2.2.2
     log-adjacency-changes
     area 100 nssa
     redistribute connected metric 222 metric-type 1 subnets
     network 10.2.2.0 0.0.0.255 area 100
     network 10.12.12.0 0.0.0.255 area 100
     network 10.23.23.0 0.0.0.255 area 100

    router ospf 100
     router-id 3.3.3.3
     log-adjacency-changes
     area 100 nssa
     redistribute connected metric 333 metric-type 1 subnets
     network 10.3.3.0 0.0.0.255 area 100
     network 10.13.13.0 0.0.0.255 area 100
     network 10.23.23.0 0.0.0.255 area 100

     

    It appears I can effect things by setting cost on the g6/0 link between r2 and r3, but that has the unwanted consequence of essentially setting that link as a hot spare.

  • JoeMJoeM ✭✭✭

    As you can see, the routes are type 1 now, and the routes are still load shared.

    Interesting.   I am wondering if this has something to do with the two statements:

          network <loopback>


          redistribute  connected...




    The reason I think this, is because, R3 should be showing an additional cost to reach R2's loopback.  


    But your output is showing like R3 is actually redistributing R2's loopback?




    Try removing the network statements.

    EDIT:   ignore this. I was looking at your config wrong.   I am having trouble with my computer.   So, I was glancing through your config to fast.

  • Hi,

    Set the network type to p2p on the loopbacks.

  • Which network statements?  I'm not including the lo0 in ospf on r2 or r3, only the ethernet interfaces.

  • JoeMJoeM ✭✭✭

    Which network statements?  I'm not including the lo0 in ospf on r2 or r3, only the ethernet interfaces.

    Sorry. I was mistaken.  I thought I was seeing something else in your config.  I corrected my post above.

  • Hi ciprian - setting the setwork type on the loopbacks does work.  What effect would that have on a broadcast interface, though?

    Also, setting autocost to 1000 and setting costs (222 and 333 respectively) seems to overcome the issue I was seeing earlier with the g6/0 link not being used.

    So basically, it looks like redistributing connected interfaces in an NSSA is a pita.

    I need to see how redistributing statics works now.

     

    Thanks for all of the good ideas guys!

  • JoeMJoeM ✭✭✭

    Hi ciprian - setting the setwork type
    on the loopbacks does work.  What effect would that have on a broadcast
    interface, though?

    Please do tell.    It changes the mask from /32 to /24.      But what difference does that make?   Matching router-id? (grasping here).

    This is a nice hidden fault.  ;-)

  • That's what I would have thought, too, and actually, it looks like I was mistaken - it may have been that I still had the costs on the g6/0 link.  I need to tear all of the config out and try one thing at a time rather than stacking - I'm getting totally confused.  Again.

  • Hi,

    Also, if setting the netw type to p2p on loopback doesn't solve the issue, let's take a look at the IOS you're running, I'm not having any issue with this design.

    Here's my expected outputs the config has been copy-pasted (changed around to accomodate Fa interfaces instead of Gi ) :

     

    R1#sh ip rou ospf

         2.0.0.0/32 is subnetted, 1 subnets

    O N2    2.2.2.2 [110/20] via 10.12.12.2, 00:07:04, FastEthernet0/0.12

         3.0.0.0/32 is subnetted, 1 subnets

    O N2    3.3.3.3 [110/20] via 10.13.13.3, 00:06:19, FastEthernet0/0.13

                    [110/20] via 10.12.12.2, 00:06:19, FastEthernet0/0.12

         10.0.0.0/24 is subnetted, 3 subnets

    O       10.23.23.0 [110/20] via 10.13.13.3, 00:06:19, FastEthernet0/0.13

     

                       [110/20] via 10.12.12.2, 00:07:04, FastEthernet0/0.12

     

    Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)


  • Also, there's no need to define loopack0 interfaces on the router to statically define the router-id, you can set it to whatever 32 bit value that you want, as long it's unique in your OSPF domain.

    Not my words, but John Moy's ... [:D]

    Glad you got it done !

  • Yeah, but I do it to IRL keep myself sane.  Every router has a loopback to run IGP/BGP from and that interface is the router ID, with differeing ranges per-POP.

  • Yeah, it definitely doesn't change anything to munge the network type with just basic "redistribute connected subnets" in the config, and no interface costs.  Running 12.4(23) in gns3 currently - I'll see if 15 changes anything.

    Try saving your config and relaoding.  On initial config, it appears that everything works correctly, but after a link loss or a reload is when there are extra equal cost routes in the FIB.

  • JoeMJoeM ✭✭✭

    This is a bug of some sort.   I just built a mini-lab (triangle in one area), and everything works as expected.

       verification

    shut f0/0 (to R2)

    R1(config-if)#do sh ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 21
      Last update from 10.13.13.3 on FastEthernet0/1, 00:00:03 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 2.2.2.2, 00:00:03 ago, via FastEthernet0/1
          Route metric is 20, traffic share count is 1

    no shut f0/0 (to R2)

    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 11
      Last update from 10.12.12.2 on FastEthernet0/0, 00:00:03 ago
      Routing Descriptor Blocks:
      * 10.12.12.2, from 2.2.2.2, 00:00:03 ago, via FastEthernet0/0
          Route metric is 20, traffic share count is 1

     

    I would blame it on the ASBR's (vendor), but you say you produced the same thing in GNS3.  Bug?

          (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7

     

     

     

     

  • Hi,

    My design doesn't change after reloads or shutting down the adjacencies.

    And yes, having a loopback defined definetely a good idea for real world implementations, where BGP is in place.

    Nice tech talk, see you guys !

  • I reproduced the issue in GNS3 with both 12.4(23) and 15.2(4)M1.  Additionally, if I aim a static route out a redistributed ethernet interface at a next hop in that ethernet interface's netblock, that static route has the same issue.  It's really weird.

    I'll relab it with discrete interafces rather than vlans on a single int and see if the issue persists, but IRL I don't have this option.  Luckily, I can just avoid redistributing connected subnets and just redist static subnets - as long as the exit interface isn't redistributed there don't seem to be any issues.

  • JoeMJoeM ✭✭✭

    Had success again, after rebuilding the min-lab with 7200 

       C7200-ADVENTERPRISEK9-M), Version 15.2(4)M5

    Same result.  It is working correctly

    SHUT F0/0 (to R2)

    R1(config-if)#do sh ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 3
      Last update from 10.13.13.3 on FastEthernet0/1, 00:00:09 ago
      Routing Descriptor Blocks:
      * 10.13.13.3, from 2.2.2.2, 00:00:09 ago, via FastEthernet0/1
          Route metric is 20, traffic share count is 1

    NO SHUT F0/0 (to R2)

    R1(config-if)#do sh ip route 2.2.2.2
    Routing entry for 2.2.2.2/32
      Known via "ospf 100", distance 110, metric 20, type NSSA extern 2, forward metric 2
      Last update from 10.12.12.2 on FastEthernet0/0, 00:00:02 ago
      Routing Descriptor Blocks:
      * 10.12.12.2, from 2.2.2.2, 00:00:02 ago, via FastEthernet0/0
          Route metric is 20, traffic share count is 1

  • OK, well something is obviously odd on my end then.  When I get time I'll revisit this, maybe on the ine racks, to see what I could be doing wrong.

  • JoeMJoeM ✭✭✭

    Please do follow-up on this.   If it is a bug, it feels like a waste of time.  But it would be interesting, if there is something in your config, that we just are not seeing.

    At this point, I am not seeing any rhyme-or-reason = bug?

  • Can you please share the output of ip os database external from any router inside Area 0?

    Krish

Sign In or Register to comment.