今回はOSPFのLSA Type 3のルート集約を行う際に使用するrangeコマンドのnot-advertiseオプションの動作を解説します。
この記事の目次
座学
rangeコマンドのnot-advertiseオプション
rangeコマンドのnot-advertiseオプションを使用することで、以前の記事で解説したOut方向のFilter Listと同様に、他のAreaに投入するルート情報をフィルタリング可能です。
area <area-id> range <network-address> <subnet-mask> not-advertiseコマンドを設定した場合、<area-id>で指定したAreaから他のAreaに対して、<network-address> <subnet-mask>で指定したプレフィックスを格納したLSA Type 3が投入されなくなります。
実機での動作確認
検証内容
R1のg2でOSPF Area 0を有効にします。
R2のg2でOSPF Area 0、g3とg4でOSPF Area 2を有効にします。
R1、R2のNetwork TypeにはPoint-to-Pointを使用します。
初期設定
interface GigabitEthernet2
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
network 10.1.1.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet3
ip address 20.1.1.2 255.255.255.0
!
interface GigabitEthernet4
ip address 20.2.2.2 255.255.255.0
!
router ospf 1
router-id 2.2.2.2
network 10.1.1.0 0.0.0.255 area 0
network 20.1.1.0 0.0.0.255 area 2
network 20.2.2.0 0.0.0.255 area 2
not-advertiseオプション有りのrangeコマンド設定前
OSPFプロセスの状態確認
R2のOSPFでnot-advertiseオプション有りのrangeコマンドが設定されていないことが確認できます。
R2
R2#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2
Start time: 1d07h, Time elapsed: 00:00:37.969
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an area border router
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 50 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
Minimum LSA arrival 100 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:37.898 ago
SPF algorithm executed 1 times
Area ranges are
Number of LSA 4. Checksum Sum 0x019C77
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 2
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm last executed 00:00:14.945 ago
SPF algorithm executed 3 times
Area ranges are
Number of LSA 2. Checksum Sum 0x010205
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
LSDBの状態確認
R2がArea 0に対して20.1.1.0/24と20.2.2.0/24を格納したLSA Type 3を投入していることが確認できます。
R2
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 46 0x80000013 0x00BB2C 2
2.2.2.2 2.2.2.2 45 0x80000002 0x008072 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
20.1.1.0 2.2.2.2 45 0x80000001 0x003BE2
20.2.2.0 2.2.2.2 22 0x80000001 0x0024F7
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 22 0x80000003 0x00449B 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 2.2.2.2 45 0x80000001 0x00BD6A
SPFの計算結果の確認
R1はOSPF経由で20.1.1.0/24と20.2.2.0/24を学習していることが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 20.1.1.0/24, Inter, cost 2, area 0
via 10.1.1.2, GigabitEthernet2
*> 20.2.2.0/24, Inter, cost 2, area 0
via 10.1.1.2, GigabitEthernet2
SPFの計算結果の確認
R1のルーティングテーブルに20.1.1.0/24と20.2.2.0/24が投入されていることが確認できます。
R1
R1#show ip route ospf
20.0.0.0/24 is subnetted, 2 subnets
O IA 20.1.1.0 [110/2] via 10.1.1.2, 00:01:27, GigabitEthernet2
O IA 20.2.2.0 [110/2] via 10.1.1.2, 00:01:04, GigabitEthernet2
SPFの計算結果の確認
R1の10.1.1.1からR2の20.1.1.2と20.2.2.2へのPingが成功することが確認できます。
R1
R1#ping 20.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R1#ping 20.2.2.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
not-advertiseオプション有りのrangeコマンド設定後
R2において、OSPFのArea 0にnot-advertiseオプション有りのrangeコマンドを設定し、Area 2からArea 0に対する20.1.1.0/24の広報を禁止します。
追加したOPSFの設定
R2にnot-advertiseオプション有りのrangeコマンドを設定し、Area 2から他のAreaに対して20.1.1.0/24を格納したLSA Type 3の投入を禁止します。
R2
router ospf 1
area 2 range 20.1.1.0 255.255.255.0 not-advertise
OSPFプロセスの状態確認
R2において、Area 2に対してnot-advertiseオプション有りのrangeコマンドが設定されていることが確認できます。
R2
R2#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2
Start time: 1d07h, Time elapsed: 00:26:59.587
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an area border router
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 50 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
Minimum LSA arrival 100 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:32.557 ago
SPF algorithm executed 15 times
Area ranges are
Number of LSA 3. Checksum Sum 0x016095
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 2
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm last executed 00:00:32.557 ago
SPF algorithm executed 27 times
Area ranges are
20.1.1.0/24 Passive DoNotAdvertise
Number of LSA 2. Checksum Sum 0x00FC08
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
LSDBの状態確認
R2がArea 0に対して20.2.2.0/24を格納したLSA Type 3のみを投入していることが確認できます。
R2
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 284 0x80000013 0x00BB2C 2
2.2.2.2 2.2.2.2 283 0x80000002 0x008072 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
20.2.2.0 2.2.2.2 26 0x80000001 0x0024F7
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 220 0x80000004 0x00429C 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 2.2.2.2 283 0x80000001 0x00BD6A0001 0x00BD6A
SPFの計算結果の確認
R1はOSPF経由で20.2.2.0/24のみを学習していることが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 20.2.2.0/24, Inter, cost 2, area 0
via 10.1.1.2, GigabitEthernet2
SPFの計算結果の確認
R1のルーティングテーブルには20.2.2.0/24のみ投入されていることが確認できます。
R1
R1#show ip route ospf
20.0.0.0/24 is subnetted, 1 subnets
O IA 20.2.2.0 [110/2] via 10.1.1.2, 00:01:27, GigabitEthernet2
SPFの計算結果の確認
R1の10.1.1.1からR2の20.1.1.2へのPingは失敗し、20.2.2.2へのPingが成功することが確認できます。
R1
R1#ping 20.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
.....
Success rate is 0 percent (0/5)
R1#ping 20.2.2.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
コメント