Re: Distribute-list & OSPF LSA 3

From: Bit Gossip (bit.gossip@chello.nl)
Date: Wed Jun 20 2007 - 14:59:54 ART

Nareash,
your explanation seems to be confirmed by the following:
-referring to your original mail, add a new router R3 in area 1 downstream
R1 and remove the distribute-list from R1 so that the R3 will receive
2.2.2.2
-in doing that R1 will search for an OSPF route to 2.2.2.2 in its RT and
regenerate the summary LSA 2.2.2.2 with the cost of this route
- add the following static in R1: ip route 2.2.2.2 255.255.255.255
172.16.1.2
- R1 will not find any ospf route to 2.2.2.2 anymore, will the fail to
regenerate the LSA
- R3 will then not have any route nor LSA for 2.2.2.2

This is indeed what happens in my lab; so maybe this is the bottom :-)

Bit.

----- Original Message -----
From: "Naresh Myaka" <want2bccie@gmail.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, June 20, 2007 6:04 PM
Subject: Re: Distribute-list & OSPF LSA 3

> Hi GS,
>
> Thanks for all your replies.
>
> One thing we all know that if AREA0 has two ABRs (lets say R1 and R2) and
> if
> one ABR R1 sending LSA3 to another ABR i.e. R2, then R2 it will
> re-generate
> LSA3 (for LSA3's received from R1) and forwarded to another non-backbone
> AREA.
>
> Now in one of the OSPF book (not able to recollect the name), has
> mentioned
> that when R2 re-generates LSA3 it will take cost for the prefix from local
> routing table and advertise the same cost in the LSA3 to the attached
> non-backbone AREA.
>
> Now in my above scenario, R2 is filtering network 2.2.2.2 from entering
> into
> local routing table, so when router R2 wants to re-generate the LSA3 for
> network 2.2.2.2 it is not finding the network 2.2.2.2 in its local routing
> table to get the cost for that prefix, due to the same its not able to
> generate LSA3 for that particular network. And for net 3.3.3.3, it is
> getting the prefix as LSA2 but not as LSA3 so inspite of filter network
> 3.3.3.3 on R2 it is still generating LSA3 and forwarding it to AREA1.
>
> NOTE : When another router receives a Network Summary LSA from an ABR, it
> does not run the SPF algorithm. Rather, it simply adds the cost of the
> route
> to the ABR and the cost included in the LSA. A route to the advertised
> destination, via the ABR, is entered into the route table along with the
> calculated cost. This behaviordepending on an intermediate router instead
> of
> determining the full route to the destinationis distance vector behavior.
> So, while OSPF is a link-state protocol within an area, it uses a distance
> vector algorithm to find inter-area routes.......from JD vol1.
>
> This what I understood why I'm not getting LSA3 for network 2.2.2. in
> AREA1.
>
> Correct me if im wrong.
>
> Regards,
> Naresh Myaka
>
>
> On 6/20/07, SCDasarathan <scdman@gmail.com> wrote:
>>
>> Hi,
>>
>> Distribute-list is cumbersome, if used within OSPF domain, since if they
>> are used within OSPF Domain they wont be able to filter LSA2 being
>> converted
>> at the ABR into LSA3. Hence you were able to see the route for 3.3.3.3 in
>> the ospf database even after applying the distribute-list.
>>
>>
>> http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml#q12
>>
>> You may have to use area filter-list in ABR to achieve proper filtering.
>> I
>> am still looking if there is any way to filter routes within single OSPF
>> Area. Add the following commands if you really interested to block the
>> routes 2.2.2.2 and 3.3.3.3 in non-backbone areas connected to R1. You may
>> still be required to use the distribute-list if you dont want to have the
>> 2.2.2.2 and 3.3.3.3 routes in the routing table of R1.
>>
>> R1(config-router)#area 0 filter-list prefix BLOCK out
>> Summary:
>> Use the distribute-list to remove the route entry for 2.2.2.2 and
>> 3.3.3.3from R1
>> Use area filter-list to block LSAs being send beyond R1 into Area 1.
>>
>> Hope that clarifies.
>>
>> Regards
>> SCD
>>
>> On 6/19/07, Bit Gossip <bit.gossip@chello.nl > wrote:
>> >
>> > Daniel,
>> > I have labbed it and I get your exact same results:
>> > the distribute-list not only prevents 2.2.2.2 to be installed in the RT
>> > but
>> > also removes it from the database.
>> > I have no idea why and is certainly in contrast to my undertanding of
>> > distribute-list in OSPF
>> > Thanks,
>> > Bit.
>> >
>> >
>> > ----- Original Message -----
>> > From: "Narbik Kocharians" <narbikk@gmail.com>
>> > To: "Daniel Kutchin" < daniel@kutchin.com>
>> > Cc: < ccielab@groupstudy.com>
>> > Sent: Tuesday, June 12, 2007 12:32 AM
>> > Subject: Re: Distribute-list & OSPF LSA 3
>> >
>> >
>> > > Sorry for a delayed response, i was in the middle of some work, but I
>> > > think
>> > > the problem is with the ip prefix-list that you have configured, you
>> > > forgot
>> > > to assign sequence numbers, but here is what i got:
>> > >
>> > > *This is before the prefix-list / distribute-list*
>> > > R1#Sh ip route ospf
>> > > 2.0.0.0/32 is subnetted, 1 subnets
>> > > O IA 2.2.2.2 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
>> > > 3.0.0.0/32 is subnetted, 1 subnets
>> > > O 3.3.3.3 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
>> > > 4.0.0.0/32 is subnetted, 1 subnets
>> > > O IA 4.4.4.4 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
>> > >
>> > > *R1#sh ip ospf da rou adv-router 4.4.4.4*
>> > >
>> > > OSPF Router with ID ( 172.16.2.1) (Process ID 1
>> > >
>> > > Router Link States (Area 0)
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 239
>> > > Options: (No TOS-capability, DC)
>> > > LS Type: Router Links
>> > > Link State ID: 4.4.4.4
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000004
>> > > Checksum: 0x2F44
>> > > Length: 48
>> > > Area Border Router
>> > > Number of Links: 2
>> > >
>> > > Link connected to: a Stub Network
>> > > (Link ID) Network/subnet number: 3.3.3.3
>> > > (Link Data) Network Mask: 255.255.255.255
>> > > Number of TOS metrics: 0
>> > > TOS 0 Metrics: 1
>> > >
>> > > Link connected to: a Transit Network
>> > > (Link ID) Designated Router address: 172.16.1.1
>> > > (Link Data) Router Interface address: 172.16.1.2
>> > > Number of TOS metrics: 0
>> > > TOS 0 Metrics: 1
>> > >
>> > > *R1#sh ip ospf da summ adv-router 4.4.4.4*
>> > >
>> > > OSPF Router with ID ( 172.16.2.1) (Process ID 1)
>> > >
>> > > Summary Net Link States (Area 0)
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 293
>> > > Options: (No TOS-capability, DC, Upward)
>> > > LS Type: Summary Links(Network)
>> > > Link State ID: 2.2.2.2 (summary Network Number)
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000001
>> > > Checksum: 0xBE65
>> > > Length: 28
>> > > Network Mask: /32
>> > > TOS: 0 Metric: 1
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 283
>> > > Options: (No TOS-capability, DC, Upward)
>> > > LS Type: Summary Links(Network)
>> > > Link State ID: 4.4.4.4 (summary Network Number)
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000001
>> > > Checksum: 0x62B9
>> > > Length: 28
>> > > Network Mask: /32
>> > > TOS: 0 Metric: 1
>> > >
>> > >
>> > > *R1(config)#ip prefix-list BLOCK seq 5 deny 2.2.2.2/32
>> > > R1(config)#ip prefix-list BLOCK seq 10 deny 3.3.3.3/32
>> > > R1(config)#ip prefix-list BLOCK seq 15 permit 0.0.0.0/0 le 32
>> > > R1(config)#router ospf 1
>> > > R1(config-router)#distribute-list prefix BLOCK in*
>> > >
>> > >
>> > > *R1#sh ip rou ospf*
>> > > 4.0.0.0/32 is subnetted, 1 subnets
>> > > O IA 4.4.4.4 [110/2] via 172.16.1.2, 00:00:07, FastEthernet0/0
>> > >
>> > >
>> > >
>> > > *Note it did NOT effect the database*
>> > >
>> > > *R1#sh ip ospf da rou adv-router 4.4.4.4*
>> > >
>> > > OSPF Router with ID (172.16.2.1 ) (Process ID 1)
>> > >
>> > > Router Link States (Area 0)
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 54
>> > > Options: (No TOS-capability, DC)
>> > > LS Type: Router Links
>> > > Link State ID: 4.4.4.4
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000006
>> > > Checksum: 0x412F
>> > > Length: 48
>> > > Area Border Router
>> > > Number of Links: 2
>> > >
>> > > Link connected to: a Stub Network
>> > > (Link ID) Network/subnet number: 3.3.3.3
>> > > (Link Data) Network Mask: 255.255.255.255
>> > > Number of TOS metrics: 0
>> > > TOS 0 Metrics: 1
>> > >
>> > > Link connected to: a Transit Network
>> > > (Link ID) Designated Router address: 172.16.1.2
>> > > (Link Data) Router Interface address: 172.16.1.2
>> > > Number of TOS metrics: 0
>> > > TOS 0 Metrics: 1
>> > >
>> > >
>> > > *R1#sh ip ospf da summ adv-router 4.4.4.4*
>> > >
>> > > OSPF Router with ID ( 172.16.2.1) (Process ID 1)
>> > >
>> > > Summary Net Link States (Area 0)
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 547
>> > > Options: (No TOS-capability, DC, Upward)
>> > > LS Type: Summary Links(Network)
>> > > Link State ID: 2.2.2.2 (summary Network Number)
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000001
>> > > Checksum: 0xBE65
>> > > Length: 28
>> > > Network Mask: /32
>> > > TOS: 0 Metric: 1
>> > >
>> > > Routing Bit Set on this LSA
>> > > LS age: 537
>> > > Options: (No TOS-capability, DC, Upward)
>> > > LS Type: Summary Links(Network)
>> > > Link State ID: 4.4.4.4 (summary Network Number)
>> > > Advertising Router: 4.4.4.4
>> > > LS Seq Number: 80000001
>> > > Checksum: 0x62B9
>> > > Length: 28
>> > > Network Mask: /32
>> > > TOS: 0 Metric: 1
>> > >
>> > >
>> > >
>> > >
>> > >
>> > > On 6/11/07, Daniel Kutchin < daniel@kutchin.com> wrote:
>> > >>
>> > >> Narbik ---
>> > >>
>> > >> This is exactly the problem here. Why is the database different when
>> he
>> > >> applies the filter?
>> > >> And why only the Inter-Area prefix is filtered?
>> > >>
>> > >> #--- before:
>> > >>
>> > >> Summary Net Link States (Area 1)
>> > >>
>> > >> Link ID ADV Router Age Seq# Checksum
>> > >> 2.2.2.2 1.1.1.1 2 0x80000001 0x007DA8
>> > >> <---
>> > >> will
>> > >> be filtered
>> > >> 3.3.3.3 1.1.1.1 2 0x80000001 0x004FD2
>> > >> <---
>> > >> will
>> > >> be filtered
>> > >> 4.4.4.4 1.1.1.1 2 0x80000001 0x0021FC
>> > >> 172.16.1.0 1.1.1.1 3602 0x80000002 0x0056CA
>> > >>
>> > >>
>> > >> #--- after:
>> > >>
>> > >> Summary Net Link States (Area 1)
>> > >>
>> > >> Link ID ADV Router Age Seq# Checksum
>> > >> 3.3.3.3 1.1.1.1 574 0x80000001 0x004FD2
>> > >> <---
>> > >> only
>> > >> this remains
>> > >> 4.4.4.4 1.1.1.1 574 0x80000001 0x0021FC
>> > >> 172.16.1.0 1.1.1.1 568 0x80000003 0x00B85D
>> > >>
>> > >>
>> > >> -----Original Message-----
>> > >> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>> Of
>> > >> Narbik Kocharians
>> > >> Sent: Montag, 11. Juni 2007 22:38
>> > >> To: want2bccie@gmail.com
>> > >> Cc: ccielab@groupstudy.com
>> > >> Subject: Re: Distribute-list & OSPF LSA 3
>> > >>
>> > >> When you block prefixes using the "distribute-list in" command, the
>> > >> prefixes
>> > >> are filtered from the routing table BUT NOT the database.
>> > >>
>> > >> On 6/8/07, want2bccie@gmail.com < want2bccie@gmail.com> wrote:
>> > >> >
>> > >> > Hi GS,
>> > >> >
>> > >> > Below is my ospf topology
>> > >> >
>> > >> > Lo 3( 3.3.3.3/32)__
>> > >> > \ ___Lo 2(2.2.2.2/32)
>> > >> > +----+ +----+ /
>> > >> > Lo 1( 1.1.1.1/32)--| <http://1.1.1.1/32)--%7C> R1 | |
>> R2
>> > |--X
>> > >> > +----+ +----+ \___Lo 4( 4.4.4.4/32)
>> > >> > |fa0/0 fa0/0|
>> > >> > | |
>> > >> > |--172.16.1.0/30---| <
>> http://172.16.1.0/30---%7C>
>> > >> >
>> > >> > My config:
>> > >> >
>> > >> > -----------R1------------------------
>> > >> > interface FastEthernet1/0
>> > >> > ip address 172.16.1.1 255.255.255.0
>> > >> > !
>> > >> > interface Loopback1
>> > >> > ip address 1.1.1.1 255.255.255.255
>> > >> > !
>> > >> > router ospf 1
>> > >> > router-id 1.1.1.1
>> > >> > log-adjacency-changes
>> > >> > network 1.1.1.1 0.0.0.0 area 1
>> > >> > network 172.16.1.1 0.0.0.0 area 0
>> > >> > distribute-list prefix BLOCK in
>> > >> > !
>> > >> > ip prefix-list BLOCK seq deny 2.2.2.2/32
>> > >> > ip prefix-list BLOCK seq deny 3.3.3.3/32
>> > >> > ip prefix-list BLOCK seq permit 0.0.0.0/0 le 32
>> > >> >
>> > >> > --------------R2-----------------------
>> > >> > interface FastEthernet1/0
>> > >> > ip address 172.16.1.2 255.255.255.0
>> > >> > !
>> > >> > interface Loopback2
>> > >> > ip address 2.2.2.2 255.255.255.255
>> > >> > !
>> > >> > interface Loopback3
>> > >> > ip address 3.3.3.3 255.255.255.255
>> > >> > !
>> > >> > interface Loopback4
>> > >> > ip address 4.4.4.4 255.255.255.255
>> > >> > !
>> > >> > router ospf 1
>> > >> > router-id 2.2.2.2
>> > >> > log-adjacency-changes
>> > >> > network 2.2.2.2 0.0.0.0 area 2
>> > >> > network 3.3.3.3 0.0.0.0 area 0
>> > >> > network 4.4.4.4 0.0.0.0 area 4
>> > >> > network 172.16.1.2 0.0.0.0 area 0
>> > >> > ---------------------------------------
>> > >> > R1#show ip ospf database
>> > >> >
>> > >> > OSPF Router with ID ( 1.1.1.1) (Process ID 1)
>> > >> >
>> > >> > Router Link States (Area 0)
>> > >> >
>> > >> >
>> > >> > Link ID ADV Router Age Seq# Checksum
>> Link
>> > >> count
>> > >> > 1.1.1.1 1.1.1.1 951 0x800000A5 0x8F6F 1
>> > >> > 2.2.2.2 2.2.2.2 947 0x80000030 0x7ECF 2
>> > >> >
>> > >> >
>> > >> > Net Link States (Area 0)
>> > >> >
>> > >> >
>> > >> > Link ID ADV Router Age Seq# Checksum
>> > >> > 172.16.1.1 1.1.1.1 954 0x80000001 0x6DFD
>> > >> >
>> > >> >
>> > >> > Summary Net Link States (Area 0)
>> > >> >
>> > >> >
>> > >> > Link ID ADV Router Age Seq# Checksum
>> > >> > 1.1.1.1 1.1.1.1 1172 0x80000033 0xE21F
>> > >> > 2.2.2.2 2.2.2.2 945 0x80000049 0x6A79
>> > >> > 4.4.4.4 2.2.2.2 948 0x80000001 0x9E85
>> > >> >
>> > >> >
>> > >> > Router Link States (Area 1)
>> > >> >
>> > >> >
>> > >> > Link ID ADV Router Age Seq# Checksum
>> Link
>> > >> count
>> > >> > 1.1.1.1 1.1.1.1 1184 0x80000001 0xD351 1
>> > >> >
>> > >> >
>> > >> > Summary Net Link States (Area 1)
>> > >> >
>> > >> >
>> > >> > Link ID ADV Router Age Seq# Checksum
>> > >> > 3.3.3.3 1.1.1.1 946 0x80000001 0x4FD2
>> > >> > 4.4.4.4 1.1.1.1 946 0x80000001 0x21FC
>> > >> > 172.16.1.0 1.1.1.1 950 0x80000003 0x3B34
>> > >> > ------------------------------------------------------------
>> > >> >
>> > >> > As per above config, on R1 OSPF learned routes should not
>> > >> > installed
>> > in
>> > >> its
>> > >> > routing table but those routes still be in database and advertise
>> to
>> > >> > its
>> > >> > neighbors. But in this case R1 is not getting type-3 LSA's for
>> > >> 2.2.2.2network into ospf AREA 1.
>> > >> > If above database output is correct, then can someone clear why R1
>> > >> > won't
>> > >> > get LSA3 for 2.2.2.2.
>> > >> >
>> > >> > Regards,
>> > >> > Naresh
>> > >> >
>> > >> >
>> > _______________________________________________________________________
>> > >> > Subscription information may be found at:
>> > >> > http://www.groupstudy.com/list/CCIELab.html
>> > >> >
>> > >>
>> > >>
>> > >>
>> > >> --
>> > >> Narbik Kocharians
>> > >> CCIE# 12410 (R&S, SP, Security)
>> > >> CCSI# 30832
>> > >> Network Learning, Inc. (CCIE class Instructor)
>> > >> www.ccbootcamp.com (CCIE Training)
>> > >>
>> > >>
>> _______________________________________________________________________
>> >
>> > >> Subscription information may be found at:
>> > >> http://www.groupstudy.com/list/CCIELab.html
>> > >>
>> > >>
>> _______________________________________________________________________
>> >
>> > >> Subscription information may be found at:
>> > >> http://www.groupstudy.com/list/CCIELab.html
>> > >>
>> > >
>> > >
>> > >
>> > > --
>> > > Narbik Kocharians
>> > > CCIE# 12410 (R&S, SP, Security)
>> > > CCSI# 30832
>> > > Network Learning, Inc. (CCIE class Instructor)
>> > > www.ccbootcamp.com (CCIE Training)
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:50 ART