Monday, 11 July 2016

OSPF -LSA Type5 FA option

The Forwarding-Address (FA) field and how it’s processed to make a routing decision when dealing with type 5 LSA is something very interesting. In this post I will try to bring some light to this feature.
First of all, what’s the Forwarding-Address (FA) field? Well, it’s a field located in the type 5 and type 7 OSPF LSAs. In this post I will focus on LSA5, though this explanation also applies to LSA7.
The value of this field is an IP address, and it’s used to inform about which IP should be used to reach the external prefix that is announced in the LSA5. We know that LSA5’s are used to introduce in the OSPF domain information originated outside of the OSPF domain, i.e. redistributed information. When an OSPF router redistributes external info into the OSPF domain, that info is injected as an LSA5 (depending on the type of area, it could be injected as LAS7).



Which value is set as the FA in the LSA5? Well, it may have two different values:
  • The IP address of the original next-hop of the redistributed route
  • The IP address 0.0.0.0
When the ASBR (the router making the redistribution) is at the same time announcing into OSPF the prefix of the next-hop of the original external route, then it sets up the next-hop IP in the FA field of the LSA5.
However, if the ASBR is not announcing the prefix of the next-hop in OSPF, then it sets the FA field with the IP address of 0.0.0.0.
Let’s see this behaviour on the lab. R1 has a static route to the prefix 200.200.200.0/24 with next-hop its own Lo10 (10.10.10.1):


If we configure R1 to redistribute static routes into OSPF, on R2 we can see that the LSA5 has a FA of 0.0.0.0 (Loopback10 is not announced in OSPF):
R1#show run | b router ospf
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 redistribute static subnets
!
ip route 200.200.200.0 255.255.255.0 10.10.10.1
R1#
R1# sh ip ospf int brief
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Fa0/0        1     1               12.12.12.1/24      1     P2P   1/1
Fa1/0        1     1               14.14.14.1/24      1     P2P   1/1


R2#show ip ospf database external
            OSPF Router with ID (2.2.2.2) (Process ID 1)
                Type-5 AS External Link States
  Routing Bit Set on this LSA
  LS age: 548
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 200.200.200.0 (External Network Number)
  Advertising Router: 1.1.1.1
  LS Seq Number: 80000001
  Checksum: 0x8DB4
  Length: 36
  Network Mask: /24
        Metric Type: 2 (Larger than any link state path)
        TOS: 0
        Metric: 20
        Forward Address: 0.0.0.0
        External Route Tag: 0

However, if we add the command “ip ospf 1 area 1″ under Loopback10 interface in R1, the LSA5 gets the IP 10.10.10.1 in its FA field:
R1# show run | b router ospf
router ospf 1
 router-id 1.1.1.1
 redistribute static subnets
!
ip route 200.200.200.0 255.255.255.0 10.10.10.1
R1#
R1# show run int lo10
interface Loopback10 ip address 10.10.10.1 255.255.255.0 ip ospf 1 area 1
R1#
R1# sh ip ospf int brief
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Lo10 1 1 10.10.10.1/24 1 LOOP 0/0
Fa0/0        1     1               12.12.12.1/24      1     P2P   1/1
Fa1/0        1     1               14.14.14.1/24      1     P2P   1/1


R2# show ip ospf database external
            OSPF Router with ID (2.2.2.2) (Process ID 1)
                Type-5 AS External Link States
LS age: 110
 Options: (No TOS-capability, DC)
 LS Type: AS External Link
 Link State ID: 200.200.200.0 (External Network Number)
 Advertising Router: 1.1.1.1
 LS Seq Number: 80000001
 Checksum: 0x51E
 Length: 36
 Network Mask: /24
       Metric Type: 2 (Larger than any link state path)
       TOS: 0
       Metric: 20
       Forward Address: 10.10.10.1
       External Route Tag: 0
So far, we have learnt when the FA field gets an IP address or the 0.0.0.0 IP address.
Now, what is all this for? This is the challenging thing: the routing decision with LSA5 routes is made based on the IP of the FA. When the FA has an IP address different than 0.0.0.0, the routers make the decision taking that IP as the next-hop:
R3#show ip route 200.200.200.1
Routing entry for 200.200.200.0/24
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 3
  Last update from 34.34.34.4 on FastEthernet1/0, 00:00:07 ago
  Routing Descriptor Blocks:
    34.34.34.4, from 1.1.1.1, 00:00:07 ago, via FastEthernet1/0
      Route metric is 20, traffic share count is 1
  * 23.23.23.2, from 1.1.1.1, 00:00:07 ago, via FastEthernet0/0
      Route metric is 20, traffic share count is 1
R3 sees that there are 2 ways to reach the prefix 200.200.200.0/24: both with metric 20 and forward metric 3 (the metric to reach de FA). If we change the path cost through R4, we’ll see that R3 now prefers the path through R2:
R3# conf term
R3(config)#int fa1/0
R3(config-if)#ip ospf cost 5
R3(config-if)#end
R3#
R3# show ip route 200.200.200.0
Routing entry for 200.200.200.0/24
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 3
  Last update from 23.23.23.2 on FastEthernet0/0, 00:00:05 ago
  Routing Descriptor Blocks:
  * 23.23.23.2, from 1.1.1.1, 00:00:05 ago, via FastEthernet0/0
      Route metric is 20, traffic share count is 1
Now, the path through R4 disappears because, although the metric is constant (20), the forward metric through R4 has increased (ip ospf cost 5).
If we used Type 1 External LSA 5 instead of using Type 2, the forward metric to reach de FA address would be added to the external metric, resulting in a total cost of 23 to reach the external prefix (metric 20 plus forward metric 3).
Ok, so the routing is made based on the IP of the FA field. What happens when we have the value 0.0.0.0 as the IP? This will happen in most of the cases, since when redistributing, the next-hop prefix of the original route is not usually announced.
In this case, the routing decision is made based on the advertising-router ID. This is very interesting, since this field is not an IP address, but a router ID.
Let’s take the R1 Loopback10 out of OSPF and see what happens:
R1# conf term
R1(config)# int lo10
R1(config-if)# no ip ospf 1 a 1
R1(config-if)# end
R1#
R1# show ip ospf
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Fa1/0 1 1 14.14.14.1/24 1 P2P 1/1 Fa0/0 1 1 12.12.12.1/24 1 P2P 1/1
R1#
R1# show run | b router ospf
router ospf 1
 router-id 1.1.1.1
Be aware that R1 is not announcing any Loopback address, but it’s using 1.1.1.1 as its router-id.
When there is no FA to make the routing decisions, the routers use the LSA1, LSA2 or LSA4 to make the decision based on the advertising-router ID of the LSA5. Inside the Area 1, R2 and R4 will use the R1 LSA1 to know how to get to advertising-router ID 1.1.1.1 and how much it costs. Outside Area 1, because LSA1 and LSA2 are not transferred outside the area, the only way they have to know the router-id of R1 is through the LSA4. This LSA is not announcing an IP address, but the router-id of R1:
R3#show ip ospf database external
           OSPF Router with ID (3.3.3.3) (Process ID 1)
               Type-5 AS External Link States
Routing Bit Set on this LSA
 LS age: 278
 Options: (No TOS-capability, DC)
 LS Type: AS External Link
 Link State ID: 200.200.200.0 (External Network Number)
 Advertising Router: 1.1.1.1
 LS Seq Number: 80000006
 Checksum: 0x83B9
 Length: 36
 Network Mask: /24
       Metric Type: 2 (Larger than any link state path)
       TOS: 0
       Metric: 20
       Forward Address: 0.0.0.0
       External Route Tag: 0
R3#
R3#show ip route 1.1.1.1
 % Network not in table
R3#
R3#show ip ospf data asbr-summary
           OSPF Router with ID (3.3.3.3) (Process ID 1)
               Summary ASB Link States (Area 0)
Routing Bit Set on this LSA
 LS age: 1031
 Options: (No TOS-capability, DC, Upward)
 LS Type: Summary Links(AS Boundary Router)
 Link State ID: 1.1.1.1 (AS Boundary Router address)
 Advertising Router: 2.2.2.2
 LS Seq Number: 80000001
 Checksum: 0x1B14
 Length: 28
 Network Mask: /0
 TOS: 0 Metric: 1
LS age: 1121
 Options: (No TOS-capability, DC, Upward)
 LS Type: Summary Links(AS Boundary Router)
 Link State ID: 1.1.1.1 (AS Boundary Router address)
 Advertising Router: 4.4.4.4
 LS Seq Number: 80000001
 Checksum: 0xDE48
 Length: 28
 Network Mask: /0
 TOS: 0 Metric: 1
It’s interesting because in this scenario with FA set at 0.0.0.0, the metric to reach 200.200.200.0/24 from R3’s point of view is less than the metric to reach the same prefix with FA set at the next-hop IP address (remember it was metric 20 plus forward metric 3 when we had FA address, and now it’s metric 20 plus forward metric 2):
R3#sh ip route 200.200.200.0
Routing entry for 200.200.200.0/24
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2
  Last update from 23.23.23.2 on FastEthernet0/0, 00:05:49 ago
  Routing Descriptor Blocks:
  * 23.23.23.2, from 1.1.1.1, 00:05:49 ago, via FastEthernet0/0
      Route metric is 20, traffic share count is 1
In this case, if we used Type 1 LSA 5, the total metric would be 22 (20 plus 2).
So, that’s how routing is made when dealing with LSA5. First, based on the IP address of the FA, and if there is no IP address (0.0.0.0), then the routing is based not on an IP address but on the router-id of the ASBR. And that’s why we need LSA4 in areas out of the area where redistribution is made, in order to know how to get to the router-id of the ASBR.

No comments:

Post a Comment