CCIE Routing & Switching Advanced Technologies Class - OSPF Type 7 to 5 Translator Election, OSPF LSA Type 3 Filter, OSPF Forwarding Address Suppression

Transcript

1	Introduction	0h 43m
2	Using the Cisco Documentation	0h 52m
3	Ethernet Overview, Layer 2 Switchports, Trunking, ISL, 802.1q, DTP	0h 47m
4	VTP, VTP Authentication, VTP Pruning	1h 02m
5	VTP Prune Eligible List, VTP Transparent, VTP Troubleshooting, Trunk Allowed List, Extended VLANs	0h 48m
6	VLAN and VTP Review	0h 19m
7	SVIs, Native Routed Interfaces, Router-on-a-Stick	0h 46m
8	Layer 2 EtherChannel, EtherChannel Load Balancing, Layer 3 EtherChannel	0h 57m
9	802.1q Tunneling, Layer 2 Protocol Tunneling, EtherChannel over 802.1q Tunneling	1h 03m
10	STP Root Bridge Election, STP Root Port Election, STP Designated Port Election, STP Priority, STP Cost, STP Port-Priority	1h 46m
11	STP Review	0h 12m
12	STP Timers, STP PortFast	0h 34m
13	STP UplinkFast	0h 11m
14	STP BackboneFast	0h 12m
15	STP BPDU Filter	0h 13m
16	STP BPDU Guard	0h 11m
17	STP Root Guard	0h 11m
18	STP Loop Guard, Unidirectional Link Detection (UDLD)	0h 11m
19	Multiple Spanning-Tree Protocol (MST)	0h 40m
20	Rapid Spanning-Tree Protocol (RSTP), Rapid-PVST	0h 18m
21	MST with Multiple Regions	0h 33m
22	Flex Links	0h 16m
23	Frame Relay	0h 39m
24	Frame Relay Configuration Part 1	0h 34m
25	Frame Relay Configuration Part 2	0h 41m
26	Frame Relay Switching	0h 27m
27	Back-to-Back Frame Relay	0h 08m
28	Frame-Relay End-to-End Keepalives	0h 18m
29	PPP, PPP PAP Authentication, PPP CHAP Authentication	0h 59m
30	PPPoFR, PPPoE	0h 40m
31	Transparent Bridging, IRB	0h 32m
32	Fallback Bridging	0h 14m
33	IP Routing Overview, Switching Paths, Static Routing	0h 42m
34	Static Routing Examples	0h 25m
35	IP Default-Gateway, IP Default-Network	0h 14m
36	On-Demand Routing (ODR)	0h 07m
37	Floating Static Routes	0h 10m
38	Backup Interface	0h 29m
39	Enhanced Object Tracking, IP SLA, Reliable Static Routing	0h 21m
40	Policy Routing	0h 43m
41	GRE Tunneling, GRE Recursive Routing Errors	0h 27m
42	Reliable Backup Interface with GRE	0h 25m
43	RIP Overview, RIP Versions, RIP Auto-Summary	0h 48m
44	RIP Split-Horizon, RIP Timers	0h 22m
45	RIP Broadcast Updates, IP Directed Broadcast, IP Broadcast-Address, Smurf Attacks, Fraggle Attacks	0h 16m
46	RIP Unicast Updates	0h 03m
47	RIP Offset-List	0h 18m
48	RIP Authentication	0h 11m
49	RIP Summarization	0h 10m
50	Prefix-Lists, RIP Distribute-List Filtering, RIP Administrative Distance Filtering	0h 48m
51	RIP Default Routing, RIP Conditional Default Routing	0h 18m
52	RIP Triggered, RIP Validate Update Source,	0h 12m
53	EIGRP Overview	0h 29m
54	EIGRP Auto-Summary	0h 07m
55	EIGRP Split-Horizon	0h 11m
56	EIGRP Update Types, EIGRP Neighbor, EIGRP Passive-Interface	0h 24m
57	EIGRP Hello-Interval, EIGRP Hold-Time	0h 05m
58	EIGRP Authentication	0h 11m
59	EIGRP Time Based Authentication	0h 25m
60	EIGRP Path Selection, EIGRP Metric Weights, EIGRP Traffic Engineering	0h 47m
61	EIGRP Unequal Cost Load Balancing, EIGRP Variance	0h 19m
62	EIGRP QUERY, EIGRP Summarization, EIGRP Leak-Map	0h 28m
63	EIGRP Stub Router Advertisement	0h 22m
64	EIGRP Default Routing	0h 13m
65	EIGRP Route Filtering	0h 11m
66	EIGRP Router-ID	0h 07m
67	Miscellaneous EIGRP Features	0h 02m
68	OSPF Overview	0h 27m
69	Establishing OSPF Adjacencies, Understanding the OSPF Database	0h 43m
70	OSPF Network Type Broadcast, OSPF DR/BDR Election, OSPF over NBMA, OSPF Network Type Non-Broadcast and Point-to-Multipoint	0h 56m
71	OSPF Network Type Point-to-Point, OSPF Network Type Mismatch	0h 13m
72	OSPF Network Type Point-to-Multipoint Non-Broadcast, OSPF Per Neighbor Cost	0h 17m
73	OSPF Network Type Loopback	0h 02m
74	OSPF Path Selection	0h 27m
75	OSPF Convergence Timers	0h 09m
76	OSPF Authentication	0h 12m
77	OSPF Summarization	0h 32m
78	OSPF Stub Areas, OSPF Totally Stubby Areas, OSPF NSSAs, OSPF Totally NSSAs	0h 40m
79	Controlling OSPF NSSA Redistribution	0h 02m
80	OSPF Type 7 to 5 Translator Election, OSPF LSA Type 3 Filter, OSPF Forwarding Address Suppression	0h 24m
81	Route Redistribution Overview	0h 36m
82	Route Redistribution Configuration & Verification, Connected Redistribution	0h 22m
83	OSPF External Path Selection, TCL PING Scripting	0h 33m
84	Routing Loops Overview, EIGRP Route Loop Prevention	0h 55m
85	Metric Based Routing Loops, Route Tagging	0h 46m
86	Administrative Distance Based Routing Loops, Debug IP Routing, IP Route Profile	0h 58m
87	BGP Overview, BGP Peering Types	0h 51m
88	Establishing BGP Peerings, EBGP Multihop, BGP Neighbor Disable Connected Check, BGP TTL Security	0h 49m
89	BGP 4-Byte ASNs	0h 20m
90	BGP Local AS, BGP Peer Groups	0h 30m
91	BGP Next-Hop Self, BGP Next-Hop Processing	0h 30m
92	BGP Route Reflectors	0h 37m
93	Large Scale BGP Route Reflectors with Clusters	0h 34m
94	BGP Confederation	0h 37m
95	BGP NLRI Advertisements, BGP Network Statement, BGP Redistribution	0h 43m
96	BGP Aggregation, BGP Aggregation & Summary-Only, BGP Aggregation & Unsuppress-Map	0h 46m
97	BGP Origin, BGP Aggregation & AS-Set, BGP Aggregation & Advertise-Map	0h 22m
98	BGP Conditional Route Injection	0h 21m
99	BGP Bestpath Selection, BGP Multipath, BGP Weight	0h 53m
100	BGP Local Preference, BGP Local Preference and Communities, BGP AS-Path Prepending,	0h 30m
101	BGP MED, BGP MED Missing As Worst, BGP Deterministic MED	0h 34m
102	BGP Communites, BGP Regular Expressions	0h 43m
103	BGP Filtering, BGP Convergence Timers, BGP Default Routing, Miscellaneous BGP Features	0h 24m
104	MPLS Overview, MPLS Label Distribution Protocol (LDP)	1h 05m
105	MPLS Tunnels, MPLS Penultimate Hop Popping (PHP)	0h 40m
106	MPLS Layer 3 VPNs Overview, VRF Lite	0h 36m
107	MPLS Layer 3 VPNs and VPNv4 BGP	1h 08m
108	MPLS Layer 3 VPN Verification & Troubleshooting	0h 49m
109	MPLS Layer 3 VPN OSPF PE-CE Routing Overview	0h 06m
110	MPLS Layer 3 VPN OSPF PE-CE Routing Path Selection & Sham-Links	2h 01m
111	MPLS Layer 3 VPN OSPF PE-CE Routing Loop Prevention & Down-Bit, OSPF Capability VRF-Lite	0h 40m
112	IPv6 Overview, IPv6 ICMPv6 ND, IPv6 over NBMA	0h 44m
113	IPv6 Routing Overview, IPv6 Static Routing	0h 28m
114	IPv6 RIPng	0h 20m
115	IPv6 EIGRPv6	0h 09m
116	IPv6 OSPFv3	0h 31m
117	MP-BGP for IPv6	0h 26m
118	IPv6 Tunneling	1h 13m
119	Multicast Overview, IGMP	0h 34m
120	PIM Overview	0h 18m
121	PIM Dense Mode	1h 03m
122	PIM Sparse Mode	0h 30m
123	PIM Sparse Mode Configuration	0h 36m
124	PIM Sparse Mode RPF & RP Troubleshooting	0h 27m
125	Auto-RP, Multicast over GRE Tunnels	0h 53m
126	Bootstrap Router (BSR), Bidirectional PIM, Source Specific Multicast (SSM)	0h 40m
127	MSDP, Anycast RP	0h 27m
128	IPv6 Multicast Routing	0h 24m
129	QoS Overview, IntServ QoS, DiffServ QoS, IP Precedence, DSCP, MQC, HQF	0h 41m
130	MQC Classification	0h 44m
131	FIFO, FQ, WFQ, CBWFQ, HQF	0h 50m
132	LLQ	0h 23m
133	WRED	0h 31m
134	Traffic Shaping, Traffic Policing	0h 40m
135	Frame Relay Traffic Shaping (FRTS)	0h 33m
136	RSVP	0h 07m
137	Catalyst 3560 QoS	1h 00m
138	IOS Security Overview, Access Lists (ACLs)	0h 58m
139	Time Based ACLs, Dynamic ACLs	0h 33m
140	Reflexive ACLs	0h 21m
141	TCP Intercept, Content Based Access Control (CBAC)	0h 34m
142	Zone Based Policy Firewall (ZBPF)	1h 09m
143	AAA, Local Authentication, Local Authorization, Role Based CLI Access	0h 43m
144	Port Security, Static CAM Entries, Storm Control, 802.1X Authentication, PACLs, RACLs, VLAN Access Maps (VACLs)	0h 48m
145	DHCP Snooping, Dynamic ARP Inspection (DAI), IP Source Guard	0h 12m
146	Protected Ports, Private VLANs	0h 25m
147	IP Services Overview, HSRP	1h 10m
148	VRRP, GLBP	0h 28m
149	NAT	0h 42m
150	DHCP, DNS	0h 30m
151	NetFlow	0h 09m
152	WCCP, Miscellaneous IP Services	0h 06m
153	System Management Overview, NTP, NTP Authentication	0h 24m
154	SNMP, RMON	0h 38m
155	Syslog, Telnet, SSH, Banners	0h 21m
156	EEM Scripting, Miscellaneous System Management	0h 26m
Total Duration		81h 59m

Slides - Diagrams

Slides - Introduction

Slides - Ethernet Switching

Slides - Advanced Ethernet Switching

Slides - Frame Relay

Slides - PPP

Slides - Transport Bridging

Slides - Redistribution

Slides - IOS Security

Slides - Layer 2 Security

Slides - IP Services

Slides - System Management

0:00:13	Where with this section, the NSSA translator
0:00:16	is going to define who is actually in-charged of taking the Type-7 LSA,
0:00:23	which is either the N1 or the N2 route,
0:00:26	and translating it into a Type-5 LSA to be advertised into area zero.
0:00:34	Now, in the case that there are multiple ABRs that are servicing the NSSA,
0:00:39	only one of them is actually gonna do the advertisement.
0:00:43	And this is based on an election process that chooses the higher router ID.
0:00:49	However, what we will see is that since the forwarding address
0:00:54	of the Type-7 LSA is a non-zero value,
0:00:59	it doesn't necessarily mean that the ABR
0:01:01	will actually be in the transit path.
0:01:06	Now, in our particular topology here,
0:01:10	we have both router 3 and router 1 as ABRs for the NSSA.
0:01:16	Router 6 is learning routes from EIGRP.
0:01:20	Redistributing them into the NSSA.
0:01:23	These get to router 1 as Type-7 LSAs,
0:01:27	they get to router 3 as Type-7 LSAs.
0:01:31	Whichever one of these routers has the higher router ID
0:01:35	is then elected as Type-7 to Type-5 translator.
0:01:40	In this case, we're looking at two values that are 150.42.1.1 on router 1
0:01:48	versus 150.42.3.3 on router 3.
0:01:54	So, router 3 is the one that generates them as the Type-5 LSA.
0:02:00	Now, when this happens,
0:02:02	router 3 is not going to change
0:02:05	what the forwarding address value is that originally came from the ASBR.
0:02:12	So, when router 1 receives the Type-5,
0:02:15	or when router 4 receives the Type-5,
0:02:17	they're gonna see the forwarding address as router 6.
0:02:24	This then means, if the path to router 6
0:02:28	is shorter to how through router 1,
0:02:33	the person who actually did the routing advertisement
0:02:36	doesn't necessarily have to be in the data plane.
0:02:41	So, we can route the traffic around router 3
0:02:44	while still using router 3
0:02:46	for the actual advertisement in the control plane.
0:02:48	Now, if we look at it in this case,
0:02:51	let's revert back on router 1 to our default path selection.
0:02:57	So, on the Ethernet interface, I have the cost that was modified.
0:03:01	We're gonna remove this value.
0:03:08	If we now look on router 5,
0:03:12	and we'll check what is our route
0:03:13	to get to the loopback interface of router 6.
0:03:18	Okay, it says, "To get to 150.42.6.6, we're gonna go towards router 6."
0:03:29	If we look at the external route that router 6 was generating,
0:03:34	which is the 200.0.0.0,
0:03:38	it says that this route is being learned from router 3,
0:03:45	but notice that the next hop value is router 1.
0:03:51	So, when we trace the path to 200.0.0.1,
0:03:57	we are gonna take the same path
0:04:00	that we would use to reach the forwarding address.
0:04:03	So, on router 5, if we Show IP OSPF Database
0:04:07	for the external LSA 200.0.0.0,
0:04:14	notice that the forwarding address is not a zero value.
0:04:18	This is the value that is router 6's loopback.
0:04:22	So, for whatever route we're using to reach that,
0:04:26	whether it is or is not through router 3,
0:04:29	that's the path that the traffic is gonna flow.
0:04:32	So, it's not gonna make a difference
0:04:34	that only one of the ABR's is originating the Type-5 LSA.
0:04:39	Because by default, the NSSA is going to decouple
0:04:42	the forwarding of the traffic towards the Type-7 LSA
0:04:46	versus the one that actually does the translation.
0:04:50	Now, we could affect who does the actual advertisement.
0:04:53	If we were to go to the OSPF process of router 1,
0:04:57	and let's say that the router ID is a higher value.
0:05:01	Let's say we set it to all 255's.
0:05:07	Then, we clear the OSPF process.
0:05:12	When router 3 learns about router 1 in the area,
0:05:17	router 1 is also gonna be advertising itself
0:05:19	as a potential Type-7 to Type-5 translator
0:05:24	since router 1 now has the higher router ID, the all 255's.
0:05:29	When we look at the change of the LSA,
0:05:33	we should see now that router 1 is the one that 1 is advertising it.
0:05:41	Now, we'll see, the previous one is still gonna show up here until the...
0:05:47	Until it ages out. So, it has an infinite metric value.
0:05:50	We should see shortly, it's gonna get removed from the table.
0:05:52	Okay, it says it has the delete flags except for the LSA.
0:05:57	The reason it's being deleted is has the maximum age.
0:06:01	So, when an OSPF router wants to withdraw a route,
0:06:05	it sets the age field to the maximum.
0:06:08	Then, it causes the routers in the path to remove it from the database.
0:06:13	So now, on router 5,
0:06:14	if we look at the Show IP OSPF Database External 200.0.0.0.
0:06:23	We see that the advertising router of all 255's
0:06:28	is telling us that we can get towards this particular destination
0:06:33	via routing to get to the loopback of 6.
0:06:38	So again, when we trace the full path,
0:06:42	this path should be identical...
0:06:46	to what we use to get towards 150.42.6.6.
0:06:54	Likewise, if we were to change the path that we use to 150.42.6.6,
0:07:01	so by on router 1, we'll say the...
0:07:03	the OSPF cost is higher of its link to router 6.
0:07:12	So now, we see that via this link, it's a real high cost,
0:07:16	this path is a lower cost.
0:07:19	Now, router 5 should route this way to get to the external destinations
0:07:24	even though router 1 is the device doing the translation.
0:07:31	So, if we trace to the destination,
0:07:35	now, we're going to router 3.
0:07:37	Because this is inherited from the path
0:07:39	that we're using to get to the loopback of 6,
0:07:42	which is the forwarding address.
0:07:45	If we look at the LSA,
0:07:49	we see that it's still being learned from router 1,
0:07:55	but the forward address is router 6.
0:08:00	So, it's still allowing us to have a dynamic path selection
0:08:03	between the multiple ABRs,
0:08:05	but it's optimizing the database so that both router 1 and router 3
0:08:10	don't need to generate identical Type-5 LSAs.
0:08:15	Only one of them is gonna do the advertisement.
0:08:17	Then, it's still up to router 5 to figure out
0:08:19	what is its best path to get there.
0:08:22	Now, there's a very specific design here
0:08:26	when we are using not-so-stubby areas,
0:08:28	and this Type-7 to Type-5 translator election
0:08:32	when there can be a failure of the lookup in the database,
0:08:37	and we are then unable to install the routes towards the NSSA externals.
0:08:43	And it has to do specifically with a feature
0:08:46	that is know as the "Type-3 LSA Filter".
0:08:50	Now, we saw with the stub area and the NSSA's,
0:08:54	that these are used to filter simply based
0:08:57	on the type of link state advertisement.
0:09:01	So, whether they are inter-area routes like the Type-3 LSAs,
0:09:06	whether they are external routes that are the Type- 4 and Type-5 LSAs,
0:09:10	it's not talking about the specific prefix,
0:09:14	but instead, it's talking about just the generic type.
0:09:18	With this particular feature, the Area Filter List,
0:09:21	we are allowed to control with a prefix list
0:09:25	that specific routes that we do or do not want to advertise
0:09:29	as the ABR is re-originating the summary routes.
0:09:35	So, we could use this to stop particular destination from being reachable,
0:09:40	or we could use it for traffic engineering
0:09:43	by filtering out what are the possible options
0:09:45	that we could use to reach the path.
0:09:49	Now, there's kind of a logic problem that we could run into though
0:09:53	that if one of the addresses that becomes filtered out
0:09:58	is used as a forwarding address for external LSA's,
0:10:05	there's a failure in the external lookup state machine.
0:10:09	So that you have a route in the database,
0:10:11	but you cannot actually install it in the routing table.
0:10:16	So first, let's look at a basic example
0:10:18	of just filtering the routes between the areas.
0:10:21	Then, we'll look at the case
0:10:22	where we have the logic area with the NSSA routes.
0:10:28	So, let's say that from router 5's perspective,
0:10:32	to get to the VLAN... Or let's say switch 1's loopback,
0:10:39	I wanna route to get to...
0:10:43	Let's say whatever the opposite of the path is now.
0:10:45	So, let's say on router 5,
0:10:48	we trace to 150.42.7.7.
0:10:55	Okay, we see right now, this path is being advertised by router 3.
0:11:01	Now, if we look at the specific match for this route,
0:11:04	let's say Show IP Route for 150.42.7.7,
0:11:10	this is a /32 host route.
0:11:13	Okay, as should be the loopback of 6.
0:11:18	Okay, because on these loopbacks, I did not say IP OSPF network point-to-point.
0:11:23	So, right now, there's /32's.
0:11:25	Now, on router 3, if I wanted to not allow this
0:11:28	to move from area 1 to area 0,
0:11:31	this is what the area filter list is gonna be used for.
0:11:36	So first, I'm gonna define a prefix list.
0:11:39	It says, IP Prefix List LSA...
0:11:44	LSA 3 filter...
0:11:46	is going to deny 150.42.7.7/32.
0:11:55	Then, we're going to permit everything else.
0:12:00	So, Permit 0.0.0.0/0.
0:12:07	Next, under the OSPF process,
0:12:12	we're going to apply this as an area 1 filter list.
0:12:17	So, for the prefix LSA 3 filter,
0:12:23	as routes are going out of area 1 into area 0,
0:12:29	we're going to use this prefix list.
0:12:32	This would be the same syntax as if I were to say Area 0 In.
0:12:39	The reason that we have both options
0:12:43	is that if there are more than two areas on the ABR,
0:12:48	so if we have area 0, 1, and 2,
0:12:51	there could be a difference
0:12:52	between filtering from area 1 to 0
0:12:57	versus from area 0 to 1, and 0 to 2.
0:13:02	So, it gives us both directions.
0:13:03	Either the source or destination area,
0:13:05	and then inbound or outbound.
0:13:07	In our case, since there's only one area, it doesn't matter.
0:13:11	Okay, we're filtering these as they go out of area 1.
0:13:14	Now, if we look at the result on router 5,
0:13:16	we should see that this prefix is no longer reachable via router 3.
0:13:23	It's using the path from router 1,
0:13:25	which actually had a higher metric.
0:13:29	So now, even though router 3's route had a metric of 32,000,
0:13:34	we're picking router 1's route that has 42,000
0:13:38	simply because this path has been filtered out.
0:13:42	So now, if we look at the traceroute,
0:13:44	we see now the traffic forwards through...
0:13:58	forwards through router 1.
0:14:01	Okay, there's a comment here, "I think you need the...
0:14:04	0.0.0.0/0 LE 32 on the prefix list.
0:14:08	Let's see... What syntax did I use on router 3? Actually, yes.
0:14:12	Okay, so this syntax is wrong.
0:14:14	Actually what the result of this is gonna be
0:14:17	is that router 3 is gonna filter out everything.
0:14:21	So, if I were to look at router 5,
0:14:22	let's say Show IP OSPF Database,
0:14:28	we'll see that the summary network link states,
0:14:32	remember these are the ABRs.
0:14:35	Router 3 is not listed for anything there.
0:14:37	So, router 3 is filtering out everything.
0:14:38	What I should have said instead
0:14:43	is that, for this prefix list,
0:14:47	it should be LE 32.
0:14:49	So, if we do Show IP Prefix List,
0:14:54	I wanna delete sequence number 10.
0:15:05	So, No IP Prefix List LSA 3 Filter Seq 10.
0:15:16	And that should delete the middle entry.
0:15:19	So now, if I dot Show IP Prefix List,
0:15:24	Okay now, it's the correct numbers.
0:15:26	So now, let's look on router 5, if we look at the database,
0:15:32	we should see that router 3 is advertising us different destinations...
0:15:38	with the exception of the 150.42.7.7.
0:15:44	So, this is coming only from router 1.
0:15:46	It's not coming from router 3.
0:15:53	So, really, the only possible thing
0:15:56	that could trip you up with this configuration
0:15:59	is really the direction of the filter.
0:16:04	So, I'm saying, "It's coming from area 1
0:16:05	and then, it's going out to area 0."
0:16:08	If I said area 1 in, or area 1 zero out,
0:16:11	it would not have the effect that I want.
0:16:14	Now, the problem we could run into with this...
0:16:18	for the NSSA external routes.
0:16:24	Again, when router 5 does a lookup on...
0:16:29	the...
0:16:33	external route 200.0.0.0,
0:16:38	it says, "The forward address is 50.42.6.6."
0:16:43	So, in order for me to use this prefix,
0:16:45	I then need to have a route to 150.42.6.6, which I do.
0:16:53	But what would now happen in the case where this was filtered out
0:16:57	based on the LSA 3 filter?
0:17:02	If I were to go to router 3,
0:17:06	and say IP Prefix List LSA 3 Filter
0:17:13	Sequence Number 10 Deny 150.42.6.6/32.
0:17:22	Then, if we Show Run Include Prefix List,
0:17:28	or router OSPF,
0:17:32	I'm gonna take this identical syntax and put it on router 1 as well.
0:17:45	Or Filter, let's say.
0:17:53	So, Area 1 Filter List Out.
0:17:55	So, this is applied on both ABR's on router 1 and router 3,
0:18:01	we're essentially using this now
0:18:02	just to stop reachability to those destinations.
0:18:05	So, we should see, we no longer have reachability to...
0:18:09	the loopback of switch 1,
0:18:14	because we filtered the route out.
0:18:19	We filtered that route out,
0:18:20	and also would be the same thing for the 6.6.
0:18:28	The problem is now, if we try to do a lookup on the 200.0.0.1,
0:18:35	router 5 doesn't know what interface to forward towards,
0:18:40	because it doesn't have a route to the forwarding address now.
0:18:45	So, it's a very, very particular design
0:18:48	in which case you have a Type-7 LSA that was translated to Type-5,
0:18:57	and the forwarding address ends up to be something
0:19:00	that you do not have a route to.
0:19:04	The lookup process fails,
0:19:06	and router 5 will not be able to install this in the routing table.
0:19:11	So, if we now look at the Show IP Route 200.0.0.1,
0:19:18	we can install that prefix.
0:19:21	Devices inside that area, like router 1,
0:19:24	they would still have reachability to it though, if we ping 200.0.0.1,
0:19:29	that's gonna be fine.
0:19:31	Because router 1 knows how to get to that forwarding address.
0:19:35	Router 1 knows how to reach 150.42.6.6.
0:19:40	But since on router 1 and router 3,
0:19:44	we filtered that loopback is it's going in its direction,
0:19:49	it means that everyone on this side is no longer able to reach the BB1 routes.
0:19:57	So, there's a feature that we can do on the device
0:20:00	that is doing the Type-7 to Type-5 translation.
0:20:05	To say that when I take my Type-7 LSA,
0:20:08	and I'm converting it into Type-5.
0:20:12	I'm gonna remove whatever is in the forwarding address field,
0:20:16	and set it to be myself.
0:20:20	In this very particular case,
0:20:22	the device that does the translation
0:20:25	would then also be the device that is receiving the traffic.
0:20:30	So, previously, when we looked at router 5,
0:20:33	tracing the route to the 200 network,
0:20:47	The traffic went from us to router 3,
0:20:52	to switch 1 to router 6 to BB1.
0:20:57	So, from router 3 to get out to that external domain,
0:21:00	back it's went to 3, to switch 1, to router 6, and then out.
0:21:07	Because in the field of the forward address,
0:21:14	it says, "Use router 6's loopback to get to this destination."
0:21:19	Previously, our preferred path to get to that loopback was from router 3.
0:21:25	But the person doing the translation is router 1.
0:21:29	So, there's a difference on who's actually doing the advertisement
0:21:31	versus where the traffic is going to.
0:21:35	Now, in this specific case, since we no longer have a route to the forward address,
0:21:40	we need to tell the device that is doing the translation
0:21:46	that when area 1 is an NSSA, so let's Show Run Section Router OSPF.
0:22:00	That for area 1 NSSA no summary,
0:22:05	when we do a translation of Type-7 to Type-5,
0:22:11	we wanna suppress the forwarding address.
0:22:17	What this now means is that when router 1 generates the Type-5 LSA,
0:22:24	and we look at this on router 5,
0:22:26	we'll see that now, the forwarding address is zero.
0:22:33	If the forwarding is zero,
0:22:35	it means we're gonna route towards who to reach this.
0:22:43	It's gonna be towards the advertising router.
0:22:46	So now router 5 is gonna say, how do I get towards
0:22:49	this router ID 255.255.255.255.
0:22:54	Okay, in reality, this is router 1.
0:22:58	So now, when we trace this path,
0:23:03	if we trace 200.0.0.1,
0:23:09	Now, the packets are actually transiting through the device
0:23:12	that is doing the translation.
0:23:16	If I were to go to router 1 and remove the OSPF router ID,
0:23:22	so, No Router ID.
0:23:25	Then, Clear IP OSPF Process.
0:23:28	It means this is gonna revert back to my loopback address.
0:23:32	Okay, my loopback address is 150.42.1.1.
0:23:37	Since router 3's address is higher,
0:23:40	it now means that router 3 becomes the translator.
0:23:44	If we look at the LSA again in the database,
0:23:49	now, router 3 does the translation.
0:23:53	Router 3 is then not suppressing the forwarding address,
0:23:58	which in turn means that we don't know how to reach the destination.
0:24:02	Because we no longer have a route to 6's loopback.
0:24:05	If router 3 were then to say likewise under the process,
0:24:15	that for area 1 NSSA,
0:24:19	whatever other options we have,
0:24:21	in this case, default information originate.
0:24:23	But when I do a translation of Type-7 to Type-5,
0:24:26	I wanna suppress the forwarding address.
0:24:28	So, I'm changing it to zero.
0:24:32	Now, when we look at the result of this,
0:24:36	the forwarding address is zero,
0:24:39	which means we route towards the advertising router,
0:24:43	which then means that router 3 is gonna receive the traffic.
0:24:47	So, it's a very, very specific design case here,
0:24:50	you would only run into this problem if you're filtering out,
0:24:55	or for some reason don't have reachability to,
0:24:58	whatever address is normal in the forward address field.
0:25:02	But the Type-7 to Type-5 translation is using this field
0:25:07	to decouple the relationship between who actually does the advertisement,
0:25:11	and who is receiving the traffic inbound.
0:25:15	And the corporate was related to the LSA 3 filter.
0:25:18	If we never filtered out the...
0:25:20	forwarding address to begin with,
0:25:23	then, we would have never seen this problem.

Now Viewing

CCIE Routing & Switching Advanced Technologies Class
Title:	CCIE Routing & Switching Advanced Technologies Class
Duration:	81h 59m
The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab will be described in detail using an instructor led hands on demonstration. The class consists of over 80 hours of in depth explanations and examples.
Get instant access to our entire library!
$159/month	Add to Cart
Download this Course
$299.00	Add to Cart

OSPF Type 7 to 5 Translator Election, OSPF LS...

Create Bookmark