ODPF - How to not propagate default gateway between areas?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hello.

Two OSPF areas (0 and 1) are connected with ABR (Area Border Router).
Every area has it's own default gateway (DG), that should be propagate
only in a scope of this area.

Information about networks in area 0 should be propagate to area 1.
Information about networks in area 1 should be propagate to area 0.
Information about DG from area 0 should not be propagate to area 1.
Information about DG from area 1 should not be propagate to area 0.


Example diagram (use monospace font):

(Internet)
  |
  |
  |
(cloud of routers from AREA0)
  |
  |
  |
R_AREA0 <----serial----> ABR <----serial----> R_AREA1
                                                 |
                                                 |
                                                 |
                                                 |
                        (cloud of routers from AREA1)
                                                 |
                                                 |
                                                 |
                                                 |
                         (Internet)


I try to use filter-list on ABR, but it do not work as I would like to.
Information about particular internal networks is easy to filter, but DG
are always distribute between areas and this makes a problem.

DG is propagate through command "default-information originate" and it's
seen by other routers as "OSPF external type 2". I've read somewhere
that external routes can't be filter by filter-list in ABR. That
explains why DG routes are propagate between areas. But I would like to
know, if there is possibility to resolve the problem.

Part of routing table in cloud of routers from AREA1 (notice E2 route)
O*E2 0.0.0.0/0 [110/1] via 192.168.167.6, 01:15:55, FastEthernet0/0


Part of configuration from ABR:

router ospf 1
 area 0 filter-list prefix area1nets in
 area 1 filter-list prefix area0nets in
 network 192.168.0.0 0.0.127.255 area 0
 network 192.168.128.0 0.0.127.255 area 1

ip prefix-list area0nets seq 5 permit 192.168.12.0/24
ip prefix-list area0nets seq 10 permit 192.168.24.0/24
ip prefix-list area0nets seq 15 permit 192.168.23.0/24
ip prefix-list area0nets seq 20 permit 192.168.34.0/24
ip prefix-list area0nets seq 25 deny 0.0.0.0/0
!
ip prefix-list area1nets seq 5 permit 192.168.146.0/24
ip prefix-list area1nets seq 10 permit 192.168.156.0/24
ip prefix-list area1nets seq 15 permit 192.168.167.0/24
ip prefix-list area1nets seq 20 deny 0.0.0.0/0


--
Best regards,
Sailor

Re: ODPF - How to not propagate default gateway between areas?
Sailor wrote:

Quoted text here. Click to load it

Maybe I'm not understanding correctly, but can't you just avoid
using "default-information originate"?


Re: ODPF - How to not propagate default gateway between areas?
pk pisze:
Quoted text here. Click to load it

Do you mean to configuring default gw on each router as alternative? I
would like to avoid this.

--
Best regards,
Sailor

Re: ODPF - How to not propagate default gateway between areas?
pk pisze:
Quoted text here. Click to load it

Is there another method to propagate information about default gateway
to routers in area?

--
Best regards,
Sailor

Re: OSPF - How to not propagate default gateway between areas?
Sailor wrote:

Quoted text here. Click to load it

Ok, so IIUC the internet-connected routers generate the default routes, and
you'd like to block them at the ABR. Topology:

internet----r1a0---(area0 routers)---ABR---(area1 routers)---r1a1---internet

IIUC, r1a0 and r1a1 originate a default route, which is meant to serve as
the default route for the routers of the area.

1) filter-list only filters type 3 LSAs, so in this case it does nothing to
default routes.

2) if you are worried about having multiple default routes, then have the
ASBRs originate the default route using metric type 1. This way, routers
internal to an area will use the "closest" default route (which will
probably be the one originated by the area's ASBR; if this is not the case,
you'll probably be able to adjust the metrics to make this happen).

3) even if you use the default metric type 2, routers internal to an area
will still prefer the default route advertised by the closest ASBR, so the
same concepts expressed in 2) apply, but this time you have to adjust the
metric *to the ASBR*, not the metric of the default route.

4) you didn't say anything about what default route should be used by the
ABR. If you don't want it to load-balance between the two (and you probably
don't), then make sure its metrics to the two ASBR are not equal, or that
it receives the default routes with different metrics.

5) external LSAs are flooded throughout the whole OSPF domain by definition
(unless stub or nssa areas are used, but in your case one of the areas is
area 0 so this is not an option). If you still think that you want to
filter external LSAs, you might run two different OSPF processes on the
ABR, and do mutual route redistribution between them, filtering out the
unwanted default routes using a route map. No need to say that this
solution is awkward to say the least, making all the routes coming from the
other "area" look external. If you need to do that, it's usually a symptom
of bad network design, so you better reorganize your network in a different
way.


Re: ODPF - How to not propagate default gateway between areas?
Quoted text here. Click to load it

a default gateway would have to be an external route - you explain further
you have it as an ext2.

So - silly Q - what happens when a DG goes away? it would be common practice
to want the out of area one to propagate...

anyhow - to answer.

the only things that you can easily filter in the OSPF database as it
propagates between routers are internal routes at an ABR. So you cannot
filter it directly.

If you run 2 different OSPF AS, 1 in each area, and run 2 OSPF processes on
the ex ABR, you should be able to filter.
Bit messy though....

However - you can filter routes from OSPF into the local routing table, so
you should be able to "kill" every default route that you dont want in the
router - but you would need a policy on every OSPF router (or evey router
that isnt in a stub area).
that makes this doable, but "delicate" since routers rolled out with the
wrong config will not be obviously wrong - ie stuff will work.

This is one i havent done for a long time, so you are going to need to build
your own policy...

Note this may not be a problem, since
1. filtering only matters where the 2 defaults point to different next hops.
2. each router picks the lowest cost path across OSPF to any default if it
has 2 or more to choose from.

So - if you have the freedom to put the interconnect to the default routes
in a suitable place, you may need no filters, or only filters on a couple of
routers.

Having said that this sounds like a "tail wagging dog" problem.
1 of the big strengths of OSPF is it is fairly difficult to break a design
as the LSDB propagation rules make you treat the network as a single AS.
It sounds like you really have a "2 AS" type design issue, and that a single
OSPF AS is not the best way to do this.
Quoted text here. Click to load it
--
Regards

stephen_hope@xyzworld.com - replace xyz with ntl



Re: ODPF - How to not propagate default gateway between areas?
Hello,

 From my perspective you only want/need that ABR will not propagate=20
default route to Area 1. Is it correct?
You can achive this configuring Area 1 as a NSSA area. If you configure=20
Area 1 as normal or stub area, ABR will automatically propagate default=20
route!. In OSPF you cannot simply filter it!
Consider this.

Regards
Ern



Sailor napisa=B3(a):
Quoted text here. Click to load it


Site Timeline