Configuring OSPF Stub and Totally Stub Area

2007-07-24

Objective

configure ospf stub area (filter type 5 LSA E1 and E2 from populating stub area's router routing table)
configure ospf totally stub area (cisco propietary, filter type 5 LSA, type 3 IA O, and type 4 IA O from populating stub area's router routing table)
area 2 is a stub area. Capetown should have least routing table entry.

Topology

ospf stub and totally stub

Configs

Usual ConfigsSanJose1:

SanJose1:

SanJose1#sh run
Building configuration…

Current configuration : 1244 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SanJose1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$LDb6$zEg.92Fgad6druYY83bUE0
!
no aaa new-model
!
resource policy
!
ip cef
!
!
interface Loopback0 (simulate internal network on SanJose1)
ip address 192.168.64.1 255.255.255.0
!
interface Loopback1
ip address 192.168.80.1 255.255.255.0
!
interface Loopback2
ip address 192.168.96.1 255.255.255.0
!
interface Loopback3
ip address 192.168.112.1 255.255.255.0
!
interface Loopback5
ip address 10.0.0.6 255.255.255.252
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex half
!
router ospf 1
log-adjacency-changes
redistribute static (static routes redistribution using E2 type 5 LSA)
network 192.168.1.0 0.0.0.255 area 0
network 192.168.64.0 0.0.63.255 area 1
default-information originate
!
ip route 10.0.0.0 255.0.0.0 Null0 (simulate ISP connection)
no ip https server
no ip https secure-server
!
!
!
logging alarm informational
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
end

SanJose1#
SanJose3:

SanJose3#sh run
Building configuration…

Current configuration : 1783 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SanJose3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$aHy.$gyYsVc6zVpucwrv99x296/
!
no aaa new-model
!
resource policy
!
ip cef
!
interface Loopback0
ip address 192.168.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.0
duplex half
!
interface Serial1/0
ip address 192.168.208.1 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 0
network 192.168.208.0 0.0.0.3 area 2
!
no ip https server
no ip https secure-server
!
!
!
logging alarm informational
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
end

SanJose3#
Capetown:

Capetown#sh run
Building configuration…

Current configuration : 1711 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Capetown
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$FoDT$Gc/68u.1hX6wJWX66t/j2/
!
no aaa new-model
!
resource policy
!
ip cef
!
!
interface Loopback0
ip address 192.168.220.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.216.1 255.255.255.0
duplex half
!
interface Serial1/0
ip address 192.168.208.2 255.255.255.252
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
network 192.168.208.0 0.0.0.3 area 2
!
no ip https server
no ip https secure-server
!
!
!
logging alarm informational
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
end

Capetown#

Capetown# result:

Capetown#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is not set

192.168.208.0/30 is subnetted, 1 subnets
C 192.168.208.0 is directly connected, Serial1/0
192.168.64.0/32 is subnetted, 1 subnets
O IA 192.168.64.1 [110/66] via 192.168.208.1, 00:06:48, Serial1/0
192.168.80.0/32 is subnetted, 1 subnets
O IA 192.168.80.1 [110/66] via 192.168.208.1, 00:06:48, Serial1/0
O E2 10.0.0.0/8 [110/20] via 192.168.208.1, 00:06:48, Serial1/0
192.168.96.0/32 is subnetted, 1 subnets
O IA 192.168.96.1 [110/66] via 192.168.208.1, 00:06:48, Serial1/0
192.168.112.0/32 is subnetted, 1 subnets
O IA 192.168.112.1 [110/66] via 192.168.208.1, 00:06:48, Serial1/0
C 192.168.220.0/24 is directly connected, Loopback0
O IA 192.168.1.0/24 [110/65] via 192.168.208.1, 00:06:48, Serial1/0
192.168.3.0/32 is subnetted, 1 subnets
O IA 192.168.3.1 [110/65] via 192.168.208.1, 00:06:49, Serial1/0

O IA denotes LSA type 3 or type 4 Inter Area route summary, not filtered.
O E2 denotes LSA type 5 external route summary, not filtered.
So, Capetown's routing table is full, not efficient for a stub area router. We need to filter type 3 or 4 LSA using stub configuration. More efficiently, we also need to filter type 5 LSA using totally stubby configuration (cisco propietary)
gateway of last resort is not set.

Stub Configs:

SanJose3:

just add these lines to make area 2 a stub area.

SanJose3:

SanJose3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SanJose3(config)#router ospf 1
SanJose3(config-router)#area 2 stub

Capetown:

Capetown#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Capetown(config)#router ospf 1
Capetown(config-router)#area 2 stub

Result:

Capetown(config-router)#do sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is 192.168.208.1 to network 0.0.0.0

192.168.208.0/30 is subnetted, 1 subnets
C 192.168.208.0 is directly connected, Serial1/0
192.168.64.0/32 is subnetted, 1 subnets
O IA 192.168.64.1 [110/66] via 192.168.208.1, 00:09:38, Serial1/0
192.168.80.0/32 is subnetted, 1 subnets
O IA 192.168.80.1 [110/66] via 192.168.208.1, 00:09:38, Serial1/0
192.168.96.0/32 is subnetted, 1 subnets
O IA 192.168.96.1 [110/66] via 192.168.208.1, 00:09:38, Serial1/0
192.168.112.0/32 is subnetted, 1 subnets
O IA 192.168.112.1 [110/66] via 192.168.208.1, 00:09:38, Serial1/0
C 192.168.220.0/24 is directly connected, Loopback0
O IA 192.168.1.0/24 [110/65] via 192.168.208.1, 00:09:38, Serial1/0
192.168.3.0/32 is subnetted, 1 subnets
O IA 192.168.3.1 [110/65] via 192.168.208.1, 00:09:40, Serial1/0
O*IA 0.0.0.0/0 [110/65] via 192.168.208.1, 00:09:40, Serial1/0

No More O E2 routes because type 5 LSAs are filtered.
The routing table become a little bit smaller -just a little bit though.
gateway of last resort is automatically added.

Totally Stub Configs

to configure area 2 as totally stubby, u have to change the configuration above -only at the ABR, in this case SanJose3 router. While Capetown's config doesn't have to be changed.

SanJose3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SanJose3(config)#
SanJose3(config)#router ospf 1
SanJose3(config-router)#no area
SanJose3(config-router)#no area 2 stub
SanJose3(config-router)#are
SanJose3(config-router)#area
SanJose3(config-router)#area 2 stu
SanJose3(config-router)#area 2 stub no
SanJose3(config-router)#area 2 stub no-summary

Result:

Capetown(config-router)#do sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is 192.168.208.1 to network 0.0.0.0

C 192.168.208.0 is directly connected, Serial1/0
C 192.168.220.0/24 is directly connected, Loopback0
O*IA 0.0.0.0/0 [110/65] via 192.168.208.1, 00:01:05, Serial1/0

No more type 5 LSA (E1 or E2) route summary.
No more type 3 or 4 LSA (O IA) route summary.
Now, the routing table is definitely small.
gateway of last resort is automatically added.

Summary

for stub networks router, it is better to keep the routing table small. use stub or totally stub area.
stub configuration applied on both interface of an areas link. stub configuration filter type 5 LSA (E1 or E2) from populating stub networks router routing table. gateway of last resort automatically added by the ABR.
totally stub configuration applied only at the ASBRs interface. stub configuration filter type 5 (E1 or E2), type 3 and type 4 LSA (O IA) from populating stub networks router routing table. gateway of last resort automatically added by the ABR.
The problem is : network 192.168.220.1 and 192.168.216.1 (both on router Capetown) can not be accessed from SanJose1 and SanJose3 (those networks injected to the OSPF AS using type 5 LSA -remember type 5 LSAs are filtered on stub area). I believe, this will be solved by NSSA configuration.

Configuring OSPF Stub and Totally Stub Area

<< Configuring OSPF Virtual Link

Configuring OSPF NSSA >>