今回はOSPFのNSSAのno-redistributionオプションを解説します。
この記事の目次
座学
NSSAのno-redistributionオプション
NSSAのABRでルート情報を再配送した場合、ABRはNSSAに対してはLSA Type 7を広報し、NSSA以外のAreaに対してはLSA Type 5を広報します。
area <area-id> nssaコマンドのno-redistributionオプションを有効にした場合、ABRはNSSAに対してはLSA Type 7は広報せず、NSSA以外のAreaに対してのみLSA Type 5を広報します。
実機での動作確認
検証内容
R1のg2、R2のg2でOSPF Area 0を有効にします。
R2のg3、R3のg2でOSPF Area 2を有効にします。
Network TypeにはPoint-to-Pointを使用します。
R2でOSPFに対してConnected Routeである180.1.1.0/24を再配送します。
Area 2でNSSAを有効化します。
R2のNSSAでno-redistributionを有効にし、状態の変化を観察します。
初期設定
interface GigabitEthernet2
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
network 10.1.1.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet3
ip address 20.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet4
ip address 180.1.1.2 255.255.255.0
!
router ospf 1
router-id 2.2.2.2
area 2 nssa
redistribute connected subnets
network 10.1.1.0 0.0.0.255 area 0
network 20.1.1.0 0.0.0.255 area 2
interface GigabitEthernet2
ip address 20.1.1.3 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 3.3.3.3
area 2 nssa
network 20.1.1.0 0.0.0.255 area 2
no-redistributionオプション無し
OSPFプロセスの状態確認
R2において、Area 2でno-redistributionオプションが無効なことが確認できます。
R2
R2#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2
Start time: 2w0d, Time elapsed: 02:19:58.119
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an area border and autonomous system boundary router
Redistributing External Routes from,
connected, includes subnets in redistribution
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 50 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
Minimum LSA arrival 100 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 1. Checksum Sum 0x00677A
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 1 normal 0 stub 1 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:01:35.327 ago
SPF algorithm executed 41 times
Area ranges are
Number of LSA 3. Checksum Sum 0x01598A
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 2
Number of interfaces in this area is 1
It is a NSSA area
Perform type-7/type-5 LSA translation
Area has no authentication
SPF algorithm last executed 00:01:35.327 ago
SPF algorithm executed 55 times
Area ranges are
Number of LSA 4. Checksum Sum 0x021252
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
LSDBの状態確認
R2はArea 0に対して180.1.1.0/24を格納したLSA Type 5を広報していることが確認できます。
R1
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1163 0x8000000C 0x00C925 2
2.2.2.2 2.2.2.2 82 0x8000001B 0x005483 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
20.1.1.0 2.2.2.2 599 0x80000001 0x003BE2
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
180.1.1.0 2.2.2.2 81 0x80000001 0x00677A 0
R2はArea 2に対して180.1.1.0/24を格納したLSA Type 7を広報していることが確認できます。
R3
R3#show ip ospf database
OSPF Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 115 0x8000001C 0x00694B 2
3.3.3.3 3.3.3.3 134 0x8000001E 0x00FBB4 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 2.2.2.2 835 0x80000002 0x0061BF
Type-7 AS External Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Tag
180.1.1.0 2.2.2.2 114 0x80000001 0x004B94 0
SPFの計算結果の確認
R1は180.1.1.0/24へのベストパスを正しく計算できていることが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 20.1.1.0/24, Inter, cost 2, area 0
via 10.1.1.2, GigabitEthernet2
*> 180.1.1.0/24, Ext2, cost 20, fwd cost 1, tag 0
via 10.1.1.2, GigabitEthernet2
R3は180.1.1.0/24へのベストパスを正しく計算できていることが確認できます。
R3
R3#show ip ospf rib
OSPF Router with ID (3.3.3.3) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
*> 10.1.1.0/24, Inter, cost 2, area 2
via 20.1.1.2, GigabitEthernet2
* 20.1.1.0/24, Intra, cost 1, area 2, Connected
via 20.1.1.3, GigabitEthernet2
*> 180.1.1.0/24, NSSA2, cost 20, fwd cost 1, tag 0, area 2
via 20.1.1.2, GigabitEthernet2
ルーティングテーブルの確認
R1のルーティングテーブルに180.1.1.0/24が投入されていることが確認できます。
R1
R1#show ip route ospf
20.0.0.0/24 is subnetted, 1 subnets
O IA 20.1.1.0 [110/2] via 10.1.1.2, 00:01:13, GigabitEthernet2
190.1.0.0/24 is subnetted, 1 subnets
O E2 180.1.1.0 [110/20] via 10.1.1.2, 00:01:13, GigabitEthernet2
R3のルーティングテーブルに180.1.1.0/24が投入されていることが確認できます。
R3
R3#show ip route ospf
10.0.0.0/24 is subnetted, 1 subnets
O IA 10.1.1.0 [110/2] via 20.1.1.2, 00:49:01, GigabitEthernet2
180.1.0.0/24 is subnetted, 1 subnets
O N2 180.1.1.0 [110/20] via 20.1.1.2, 00:03:36, GigabitEthernet2
疎通確認
R1の10.1.1.1からR2の180.1.1.2へのPingが成功することが確認できます。
R1
R1#ping 180.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R3の20.1.1.3からR2の180.1.1.2へのPingが成功することが確認できます。
R3
R3#ping 180.1.1.2 source 20.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 20.1.1.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
no-redistributionオプション有り
追加した設定
R2において、Area 2に対して再配送されたルート情報を格納したLSA Type 7の広報を抑制します。
R2
router ospf 2
area 2 nssa no-redistribution
OSPFプロセスの状態確認
R2において、Area 2でno-redistributionオプションが有効なことが確認できます。。
R2
R2#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2
Start time: 2w0d, Time elapsed: 02:23:03.835
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
It is an area border and autonomous system boundary router
Redistributing External Routes from,
connected, includes subnets in redistribution
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 50 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
Minimum LSA arrival 100 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 1. Checksum Sum 0x00677A
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 1 normal 0 stub 1 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:19.513 ago
SPF algorithm executed 42 times
Area ranges are
Number of LSA 3. Checksum Sum 0x01578B
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 2
Number of interfaces in this area is 1
It is a NSSA area, no redistribution into this area
Perform type-7/type-5 LSA translation
Area has no authentication
SPF algorithm last executed 00:00:19.513 ago
SPF algorithm executed 56 times
Area ranges are
Number of LSA 3. Checksum Sum 0x01C4BF
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
LSDBの状態確認
R2はArea 0に対して180.1.1.0/24を格納したLSA Type 5を広報していることが確認できます。
R1
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1163 0x8000000C 0x00C925 2
2.2.2.2 2.2.2.2 82 0x8000001B 0x005483 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
20.1.1.0 2.2.2.2 599 0x80000001 0x003BE2
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
180.1.1.0 2.2.2.2 81 0x80000001 0x00677A 0
R2はArea 2に対して180.1.1.0/24を格納したLSA Type 7を広報していないことが確認できます。
R3
R3#show ip ospf database
OSPF Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 115 0x8000001C 0x00694B 2
3.3.3.3 3.3.3.3 134 0x8000001E 0x00FBB4 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 2.2.2.2 835 0x80000002 0x0061BF
SPFの計算結果の確認
R1は180.1.1.0/24へのベストパスを正しく計算できていることが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 20.1.1.0/24, Inter, cost 2, area 0
via 10.1.1.2, GigabitEthernet2
*> 180.1.1.0/24, Ext2, cost 20, fwd cost 1, tag 0
via 10.1.1.2, GigabitEthernet2
R3は180.1.1.0/24へのベストパスを正しく計算できていることが確認できます。
R3
R3#show ip ospf rib
OSPF Router with ID (3.3.3.3) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
*> 10.1.1.0/24, Inter, cost 2, area 2
via 20.1.1.2, GigabitEthernet2
* 20.1.1.0/24, Intra, cost 1, area 2, Connected
via 20.1.1.3, GigabitEthernet2
ルーティングテーブルの確認
R1のルーティングテーブルに180.1.1.0/24が投入されていることが確認できます。
R1
R1#show ip route ospf
20.0.0.0/24 is subnetted, 1 subnets
O IA 20.1.1.0 [110/2] via 10.1.1.2, 00:01:13, GigabitEthernet2
190.1.0.0/24 is subnetted, 1 subnets
O E2 180.1.1.0 [110/20] via 10.1.1.2, 00:01:13, GigabitEthernet2
R3のルーティングテーブルに180.1.1.0/24が投入されていないことが確認できます。
R3
R3#show ip route ospf
10.0.0.0/24 is subnetted, 1 subnets
O IA 10.1.1.0 [110/2] via 20.1.1.2, 00:49:01, GigabitEthernet2
疎通確認
R1の10.1.1.1からR2の180.1.1.2へのPingが成功することが確認できます。
R1
R1#ping 180.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R3の20.1.1.3からR2の180.1.1.2へのPingが失敗することが確認できます。
R3
R3#ping 180.1.1.2 source 20.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 20.1.1.3
.....
Success rate is 0 percent (0/5)
コメント