OSPF External Route Summarization

Currently my CCIE studies are taking a slight detour while renew and upgrade one of my Juniper Certifications, so lately my current study area has been focused on Junos.  Just to be a little different today I'm going to discuss an OSPF operation and demonstrate it in IOS and then Junos.

The prime message I want to give here is that summarizing of OSPF external routes in certain circumstances occur at multiple places within the network.  Some people may believe that you can only summarize on the OSPF ASBR, however if you have that ASBR in an OSPF NSSA Area, the ABR can also summarize those external routes.  This is because summarization of external routes can occur on the OSPF router that originates the Type 5 or Type 7 LSAs and the ABR will convert Type 7s to Type 5s.

The demonstration topology, configuration and verification (using IOS first, with Junos following on)  is below:


R1 is an ASBR with Fa0/0 in Area 12 (NSSA)
R2 is an ABR with Fa0/0 in Area 12 (NSSA) and S0/0.23 in Area 0 (Backbone)
R3 is a Regular OSPF Router with S0/0.32 in Area 0

R1
hostname R1
!
interface FastEthernet0/0
 ip address 10.1.12.1 255.255.255.0
 ip ospf 1 area 12
!
router ospf 1
 router-id 1.1.1.1
 area 12 nssa
 redistribute static metric 100 subnets
!
ip route 1.1.1.0 255.255.255.0 Null0

R2
hostname R2
!
interface FastEthernet0/0
 ip address 10.1.12.2 255.255.255.0
 ip ospf 1 area 12
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 no frame-relay inverse-arp
!
interface Serial0/0.23 point-to-point
 ip address 10.1.23.2 255.255.255.0
 ip ospf 1 area 0
 frame-relay interface-dlci 203
!
router ospf 1
 router-id 2.2.2.2
 area 12 nssa

R3
hostname R3
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 no frame-relay inverse-arp
!
interface Serial0/0.32 point-to-point
 ip address 10.1.23.3 255.255.255.0
 ip ospf 1 area 0
 frame-relay interface-dlci 302
!
router ospf 1
 router-id 3.3.3.3

We'll take a baseline verification to make sure we can see 1.1.1.0/24

R2#sh ip route ospf
     1.0.0.0/24 is subnetted, 1 subnets
O N2    1.1.1.0 [110/100] via 10.1.12.1, 00:01:25, FastEthernet0/0


R3#sh ip route ospf
     1.0.0.0/24 is subnetted, 1 subnets
O E2    1.1.1.0 [110/100] via 10.1.23.2, 00:01:14, Serial0/0.32
     10.0.0.0/24 is subnetted, 2 subnets
O IA    10.1.12.0 [110/74] via 10.1.23.2, 00:19:39, Serial0/0.32

All good and we can see that R2 is performing the Type 7 (N2) to Type 5 (E2) conversion.


Let's summarize R1

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#summary-address 1.1.0.0 255.255.0.0
R1(config-router)#end

R2#sh ip route ospf
     1.0.0.0/16 is subnetted, 1 subnets
O N2    1.1.0.0 [110/100] via 10.1.12.1, 00:00:31, FastEthernet0/0


R3#sh ip route ospf
     1.0.0.0/16 is subnetted, 1 subnets
O E2    1.1.0.0 [110/100] via 10.1.23.2, 00:00:35, Serial0/0.32
     10.0.0.0/24 is subnetted, 2 subnets
O IA    10.1.12.0 [110/74] via 10.1.23.2, 00:20:57, Serial0/0.32

So the point of the exercise is to demonstrate summarization on R2, so let's do it

R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#summary-address 1.0.0.0 255.0.0.0
R2(config-router)#end

R3#sh ip route ospf
O E2 1.0.0.0/8 [110/100] via 10.1.23.2, 00:00:10, Serial0/0.32
     10.0.0.0/24 is subnetted, 2 subnets
O IA    10.1.12.0 [110/74] via 10.1.23.2, 00:22:29, Serial0/0.32

Yes it does - R2 is not an ABR but it is originating Type 5 LSAs (when it converts the Type 7s from R1) Therefore we have verified that summarization can occur on OSPF routers that originates Type 5 or Type 7 LSAs


We can demonstrate the same thing using Junos but it is somewhat different in the method execution

R1 is an ASBR with em1.12 in Area 12 (NSSA)
R2 is an ABR with em1.12 in Area 12 (NSSA) and em1.23 in Area 0 (Backbone)
R3 is a Regular OSPF Router with em1.23 in Area 0

Unlike IOS, we need to specifically create a policy to redistribute static routes into OSPF, below are our baseline configurations

root@R1> show configuration | display set
set system host-name R1
set interfaces em1 vlan-tagging
set interfaces em1 unit 12 vlan-id 12
set interfaces em1 unit 12 family inet address 10.1.12.1/24
set routing-options static route 1.1.1.0/24 discard
set routing-options router-id 1.1.1.1
set protocols ospf export ExternalToOSPF
set protocols ospf area 0.0.0.12 nssa
set protocols ospf area 0.0.0.12 interface em1.12
set policy-options policy-statement ExternalToOSPF term Static from protocol static
set policy-options policy-statement ExternalToOSPF term Static to protocol ospf
set policy-options policy-statement ExternalToOSPF term Static then metric 100
set policy-options policy-statement ExternalToOSPF term Static then accept

root@R2> show configuration | display set
set system host-name R2
set interfaces em1 vlan-tagging
set interfaces em1 unit 12 vlan-id 12
set interfaces em1 unit 12 family inet address 10.1.12.2/24
set interfaces em1 unit 23 vlan-id 23
set interfaces em1 unit 23 family inet address 10.1.23.2/24
set routing-options router-id 2.2.2.2
set protocols ospf area 0.0.0.12 nssa
set protocols ospf area 0.0.0.12 interface em1.12
set protocols ospf area 0.0.0.0 interface em1.23

root@R3> show configuration | display set
set system host-name R3
set interfaces em1 vlan-tagging
set interfaces em1 unit 23 vlan-id 23
set interfaces em1 unit 23 family inet address 10.1.23.3/24
set routing-options router-id 3.3.3.3
set protocols ospf area 0.0.0.0 interface em1.23

Lets verify the baseline routing table:

root@R2> show ospf route network
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.1.0/24         Ext2  Network    IP          100 em1.12        10.1.12.1
10.1.12.0/24       Intra Network    IP            1 em1.12
10.1.23.0/24       Intra Network    IP            1 em1.23

root@R2> show ospf route network 1.1.1.0/24 extensive
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.1.0/24         Ext2  Network    IP          100 em1.12        10.1.12.1
  area 0.0.0.12, origin 1.1.1.1, type 7, P-bit, fwd NZ, priority medium



root@R3> show ospf route network
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.1.0/24         Ext2  Network    IP          100 em1.23        10.1.23.2
10.1.12.0/24       Inter Network    IP            2 em1.23        10.1.23.2
10.1.23.0/24       Intra Network    IP            1 em1.23

root@R3> show ospf route network 1.1.1.0/24 extensive
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.1.0/24         Ext2  Network    IP          100 em1.23        10.1.23.2
  area 0.0.0.0, origin 2.2.2.2, fwd NZ, priority medium

Without examining the route in more detail we weren't able to determine as easily if the external route was from an NSSA area or not.

Summarization on R1 requires a bit more effort than what we used IOS as well - First we need to set up an aggregate route (in Junos, aggregate routes are considered their own protocol) and redistribute that into OSPF.

root@R1> configure
Entering configuration mode

[edit]
set routing-options aggregate route 1.1.0.0/16
set policy-options policy-statement ExternalToOSPF term Aggregate to protocol ospf
set policy-options policy-statement ExternalToOSPF term Aggregate then metric 100
set policy-options policy-statement ExternalToOSPF term Aggregate then accept

If we leave it like this, we'll find that the 1.1.1.0/24 static route will still be advertised, so we need a method to be able to remove that - In this example we will set up a prefix list that if matched will stop the route being advertised, while still letting other static routes through

[edit]
set policy-options prefix-list Drop 1.1.1.0/24
set policy-options policy-statement ExternalToOSPF term Drop from prefix-list Drop
set policy-options policy-statement ExternalToOSPF term Drop then reject

All that's left to do is to ensure the Drop term gets evaluated first

[edit]
root@R1# insert policy-options policy-statement ExternalToOSPF term Drop before term Static

Let's examine the complete policy

root@R1# show policy-options
prefix-list Drop {
    1.1.1.0/24;
}
policy-statement ExternalToOSPF {
    term Drop {
        from {
            prefix-list Drop;
        }
        then reject;
    }
    term Static {
        from protocol static;
        to protocol ospf;
        then {
            metric 100;
            accept;
        }
    }
    term Aggregate {
        from protocol aggregate;
        to protocol ospf;
        then {
            metric 100;
            accept;
        }
    }
}


looks good, so lets apply it.

[edit]
root@R1# commit and-quit
commit complete

Now to see if the aggregate is appearing beyond R1

root@R2> show ospf route network
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.0.0/16         Ext2  Network    IP          100 em1.12        10.1.12.1
10.1.12.0/24       Intra Network    IP            1 em1.12
10.1.23.0/24       Intra Network    IP            1 em1.23

root@R2> show ospf route network 1.1.0.0/16 extensive
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.0.0/16         Ext2  Network    IP          100 em1.12        10.1.12.1
  area 0.0.0.12, origin 1.1.1.1, type 7, P-bit, fwd NZ, priority medium


root@R3> show ospf route network
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.0.0/16         Ext2  Network    IP          100 em1.23        10.1.23.2
10.1.12.0/24       Inter Network    IP            2 em1.23        10.1.23.2
10.1.23.0/24       Intra Network    IP            1 em1.23

root@R3> show ospf route network 1.1.0.0/16 extensive
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.1.0.0/16         Ext2  Network    IP          100 em1.23        10.1.23.2
  area 0.0.0.0, origin 2.2.2.2, fwd NZ, priority medium

Believe it or not, performing the summarization on R2 for R3 is very simple.

root@R2> configure
Entering configuration mode

[edit]
root@R2# set protocols ospf area 12 nssa area-range 1.0.0.0/8

[edit]
root@R2# commit and-quit
commit complete
Exiting configuration mode

To verify:

root@R3> show ospf route network
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.0.0.0/8          Ext2  Network    IP          101 em1.23        10.1.23.2
10.1.12.0/24       Inter Network    IP            2 em1.23        10.1.23.2
10.1.23.0/24       Intra Network    IP            1 em1.23

root@R3> show ospf route network 1.0.0.0/8 extensive
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
1.0.0.0/8          Ext2  Network    IP          101 em1.23        10.1.23.2
  area 0.0.0.0, origin 2.2.2.2, priority medium

So there you go, I'm not sure how useful this actually is in a production environment but in a lab exam, it may be an extra tool to get out of a sticky situation...