Wednesday, February 06, 2013

OSPFv3 Forwarding Address under NSSA vs Regular External

ospfv3_simple

I am sharing something I researched recently at work, and still do not have the final answer, however it is interesting so I decided to write about it, some of the development group asked us why and if it is really important to use the Forwarding address in OSPFv3 implementation.

I have used the above model (and another that may be I will share later).

External NSSA

External without NSSA

  • I am advertising from R6 and R5 net 2001:11:145:56::
  • On the External database of R1 there is only a single selected although under R3 both options (from R5 and R6) are there, so it looks like it is being filtered.

R1#sh ipv ospf database external

            OSPFv3 Router with ID (150.1.1.1) (Process ID 1)

                Type-5 AS External Link States

  …

  Routing Bit Set on this LSA

  LS age: 143

  LS Type: AS External Link

  Link State ID: 1

  Advertising Router: 150.3.3.3

  LS Seq Number: 80000002

  Checksum: 0xEC3F

  Length: 56

  Prefix Address: 2001:11:145:56::

  Prefix Length: 64, Options: None

  Metric Type: 2 (Larger than any link state path)

  Metric: 20

Forward Address: 2001:11:143:36::2

  External Route Tag: 600

  • R3 is the ABR and as such it translate the LSA-7 to 5
  • To reach Advertising router we must use link local

R1#sh ipv ospf database link

            OSPFv3 Router with ID (150.1.1.1) (Process ID 1)

                Link (Type-8) Link States (Area 0)

  LS age: 1175

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Link-LSA (Interface: FastEthernet1/1)

  Link State ID: 4 (Interface ID)

  Advertising Router: 150.1.1.1

  LS Seq Number: 80000001

  Checksum: 0x8CFC

  Length: 56

  Router Priority: 1

  Link Local Address: FE80::C800:19FF:FE9C:1D

  Number of Prefixes: 1

  Prefix Address: 2001:11:141:13::

  Prefix Length: 64, Options: None

  LS age: 1131

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Link-LSA (Interface: FastEthernet1/1)

  Link State ID: 5 (Interface ID)

Advertising Router: 150.3.3.3

  LS Seq Number: 80000001

  Checksum: 0xCC98

  Length: 56

  Router Priority: 1

Link Local Address: FE80::C802:19FF:FE9C:38

  Number of Prefixes: 1

  Prefix Address: 2001:11:141:13::

  Prefix Length: 64, Options: None

R1#

R1#show ipv route 2001:11:145:56::

Routing entry for 2001:11:145:56::/64

  Known via "ospf 1", distance 110, metric 20

  Tag 600, type extern 2

  Route count is 1/1, share count 0

  Routing paths:

FE80::C802:19FF:FE9C:38, FastEthernet1/1

      Last updated 00:16:00 ago

R1#

  • The FWD address used is the selected default gateway to reach the External prefix as it can have 2 paths (one from R5 and the other from R6)
  • However it looks like the FWD address is ignored as R3 install both paths and use both of them

R1#traceroute 2001:11:145:56::1

Type escape sequence to abort.

Tracing the route to 2001:11:145:56::1

  1  *

    2001:11:141:13::2 8 msec 4 msec

  2 2001:11:143:36::2 16 msec

    2001:11:143:35::2 16 msec

    2001:11:143:36::2 12 msec

R1#traceroute 2001:11:145:56::2

Type escape sequence to abort.

Tracing the route to 2001:11:145:56::2

  1 2001:11:141:13::2 4 msec 4 msec 8 msec

  2 2001:11:143:36::2 20 msec

    2001:11:143:35::2 8 msec

    2001:11:143:36::2 16 msec

R1#

  • On that case we both LSA to the External route

R1#show ipv os database external

            OSPFv3 Router with ID (150.1.1.1) (Process ID 1)

                Type-5 AS External Link States

  …

  Routing Bit Set on this LSA

  LS age: 54

  LS Type: AS External Link

  Link State ID: 7

  Advertising Router: 150.5.5.5

  LS Seq Number: 80000001

  Checksum: 0x442

  Length: 40

  Prefix Address: 2001:11:145:56::

  Prefix Length: 64, Options: None

  Metric Type: 2 (Larger than any link state path)

  Metric: 20

  External Route Tag: 500

Routing Bit Set on this LSA

  LS age: 28

  LS Type: AS External Link

  Link State ID: 4

  Advertising Router: 150.6.6.6

  LS Seq Number: 80000001

  Checksum: 0xAC35

  Length: 40

  Prefix Address: 2001:11:145:56::

  Prefix Length: 64, Options: None

  Metric Type: 2 (Larger than any link state path)

  Metric: 20

  External Route Tag: 600

  • To reach them R3 the ABR is advertising an Inter area router (similar to LSA 4)

R1#show ipv os database inter-area router

            OSPFv3 Router with ID (150.1.1.1) (Process ID 1)

                Inter Area Router Link States (Area 0)

  Routing Bit Set on this LSA

  LS age: 143

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Inter Area Router Links

  Link State ID: 2516911365

  Advertising Router: 150.3.3.3

  LS Seq Number: 80000001

  Checksum: 0x45D5

  Length: 32

  Metric: 1

  Destination Router ID: 150.5.5.5

  Routing Bit Set on this LSA

  LS age: 116

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Inter Area Router Links

  Link State ID: 2516977158

  Advertising Router: 150.3.3.3

  LS Seq Number: 80000001

  Checksum: 0x4BC9

  Length: 32

  Metric: 1

  Destination Router ID: 150.6.6.6

R1#

  • And again we need link local to reach ABR

R1#show ipv os database link

            OSPFv3 Router with ID (150.1.1.1) (Process ID 1)

                Link (Type-8) Link States (Area 0)

  LS age: 1959

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Link-LSA (Interface: FastEthernet1/1)

  Link State ID: 4 (Interface ID)

  Advertising Router: 150.1.1.1

  LS Seq Number: 80000001

  Checksum: 0x8CFC

  Length: 56

  Router Priority: 1

  Link Local Address: FE80::C800:19FF:FE9C:1D

  Number of Prefixes: 1

  Prefix Address: 2001:11:141:13::

  Prefix Length: 64, Options: None

  LS age: 34

  Options: (V6-Bit, E-Bit, R-bit, DC-Bit)

  LS Type: Link-LSA (Interface: FastEthernet1/1)

  Link State ID: 5 (Interface ID)

  Advertising Router: 150.3.3.3

  LS Seq Number: 80000002

  Checksum: 0xCA99

  Length: 56

  Router Priority: 1

Link Local Address: FE80::C802:19FF:FE9C:38

  Number of Prefixes: 1

  Prefix Address: 2001:11:141:13::

  Prefix Length: 64, Options: None

R1#

· Forwarding is correctly.

R1#traceroute 2001:11:145:56::1

Type escape sequence to abort.

Tracing the route to 2001:11:145:56::1

  1 2001:11:141:13::2 4 msec 8 msec 4 msec

  2 2001:11:143:35::2 8 msec

    2001:11:143:36::2 32 msec

    2001:11:143:35::2 12 msec

R1#traceroute 2001:11:145:56::2

Type escape sequence to abort.

Tracing the route to 2001:11:145:56::2

  1 2001:11:141:13::2 4 msec 4 msec 8 msec

  2 2001:11:143:35::2 8 msec

    2001:11:143:36::2 20 msec

    2001:11:143:35::2 16 msec

R1#

I have to say that the following implementation was based on Cisco IOS 15.2, older versions, do not use the Forwarding address at all although from the results above technically I do not see how it is used here as well forwarding wise.

As for the RFC’s the reference is https://tools.ietf.org/html/rfc5340

  • The forwarding address is present in the AS-external-LSA if and only if the AS-external-LSA's bit F is set.
  • case the F bit is marked:
  • It MUST NOT be set to the IPv6 Unspecified Address (0:0:0:0:0:0:0:0) or an IPv6 Link-Local Address (Prefix FE80/10)
  • forwarding address MUST advertise a global IPv6 address
  • Section A.4.8.  NSSA-LSAs

"The selection should proceed the same as OSPFv2 NSSA support [NSSA]with additional checking to ensure IPv6 link-local address are not selected."

  • that is referencing to NSSA RFC 3031 where it clearly indicate under section 2.3  Type-7 LSAs

          "6. Those Type-7 LSAs that are to be translated into Type-5 LSAs must have their forwarding address set."

What do you think?