This question is for Keith Bogart ONLY .it`s about an issue in your lecture

Hi
https://my.ine.com/Networking/courses/802434b0/ccnp-routing-switching-course
OSPF Path Manipulation

did you see that ?

as you can see here in this course ,Keith said that the O E2 is more preferred than O N2 routes ,but that is really really weird because that is not what happened with me

are you following me ?

i`m using this simple lab
not modified anything
not changing costs
not changing anything
a very simple configuration
this is the default configuration BEFORE redistribution and NSSA configurations

1

ECMP is supported here .the results is expected here

and now

and this is after configuring the NSSA and redisribution
here the N2 route is much more preferred than the E2 routes
NOT THE OPPOSITE like what Keith said in the video

anyone here can help!

Hey Major,

I see this has been sitting a while without getting answered and I wanted to provide some context. The video done by Keith explicitly says changing metric type CAN change play a role in path manipulation. When looking at the information you provided, you were just checking the routing table and what was installed. The route looks identical, because they have the same METRIC (20, as they are both external type 2). However, located inside the type 5/type 7 LSA there is another number called COST. This means that even though they are both have the same metric, OSPF keeps track of the cost to be used in a tie breaking situation. If the cost received in both of the LSAs is the same, and the routes are functionally identical, then, and only then, do they rely on the order shown in the video. Here’s some info from the RFC.

(e) If the current LSA is functionally the same as an
installed LSA (i.e., same destination, cost and non-zero
forwarding address) then apply the following priorities in
deciding which LSA is preferred:

  1. A Type-7 LSA with the P-bit set.
  2. A Type-5 LSA.
  3. The LSA with the higher router ID.

ok sir, let`s talk a little about this point

(e) If the current LSA is functionally the same as an
installed LSA (i.e., same destination, cost and non-zero
forwarding address) then apply the following priorities in
deciding which LSA is preferred:

  1. A Type-7 LSA with the P-bit set.
  2. A Type-5 LSA.
  3. The LSA with the higher router ID.

1

in the point number 3 you mentioned that “3. The LSA with the higher router ID.” but here 100.1.1.0/24 is received via R2 with RID 0.0.0.2 and R3 with RID 0.0.0.3 and both are installed in the global rib even though R3 RID 0.0.0.3 is higher than R2 . which means the point number 3 is not correct

Hey Major,

That is correct, because those are both E2 routes, that screenshot is from before you did the NSSA. You have to keep in mind, cost under the LSA is factored in first, and P-bit being applied by the ASBR is counted as well before that point. I recommend you look further in to LSAs and if you’re interested to go through the RFC on the subject. Another bit from the RFC on the P-Bit below.

An NSSA internal AS boundary router must set the P-bit in the LSA
header’s option field of any Type-7 LSA whose network it wants
advertised into the OSPF domain’s full transit topology. The LSAs of
these networks must have a valid non-zero forwarding address. If the
P-bit is clear the LSA is not translated into a Type-5 LSA by NSSA
border routers.

When an NSSA border router originates both a Type-5 LSA and a Type-7
LSA for the same network, then the P-bit must be clear in the Type-7
LSA so that it isn’t translated into a Type-5 LSA by another NSSA
border router.

sir, i`m totally lost at that point .

Hey Major,

Sorry for the confusion. The issue is, you’re looking at the routing table, you’re not looking at the link state database of OSPF. OSFP does not make decisions about the best route based on the routing table. The original RFC that details OSPF path selection is RFC 1587. RFC 1587 describes the behavior you believe that OSPF should be following. However, RFC 3101 made updates to the standard and all IOS-XE devices are compatible with RFC 3101 by default (You can modify this behavior with a command if you want to revert back to RFC 1587 behavior). The change in 3101 relevant to your question I posted previously. If the routes are functionally identical, then Type 7 LSA (NSSA routes) are preferred if the P-bit is set by the ASBR. I then provided the quote saying how the P-bit can be modified.

I did miss small part in my original reply about calling out the P-bit, but it was provided in the quote below it.

So, for simplicity sake

Route preference in OSPF:

  • O routes
  • O IA Routes
  • N1 if P-bit is set and all other metrics are equal
  • E1 if P-bit is not set on the N1 route and all other metrics are equal or metrics are not equal
  • N1 if P-bit is not set on route
  • N2 if P-bit is set and all other metrics are equal
  • E2 if P-bit is not set on the N2 route and all other metrics are equal or metrics are not equal
  • N2 if P-bit is not set

The provided route hierarchy in the video is accurate from an RFC 1587 reference, and while not technically correct since the changes in RFC 3101, it is still true depending on the P-bit settings. Though, it’s worth noting, the purpose of the slide was to highlight that the metric type can play a role in path selection, not go in to great detail breaking down the path selection method.

For what it’s worth, this is well outside the scope of the CCNP and you’re really branching in to a depth that would be more important at the CCIE level. I do still highly encourage you to go through both RFCs if you still have additional questions.

1 Like

THanks sir,

are you ok if i ask you another question about the same topology ?or not ?

Of course, I’ll see if I can help.

R4#show ip ospf database

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
1.1.1.1 0.0.0.3 9 0x80000002 0x00D7A7 0
R4 should get 1.1.1.1/32 via both R2 and R3.both R2 and R3 are advertising 1.1.1.1/32 as a type-5 LSA to R4 but here i only see 1.1.1.1/32 via R3 only why ?
let`s do another test
R4(config)#interface fastEthernet 0/0 → facing R3
R4(config-if)#shutdown

R4#show ip ospf database

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
1.1.1.1 0.0.0.2 2 0x80000001 0x00DFA1 0
1.1.1.1 0.0.0.3 658 0x80000002 0x00D7A7 0

what is going on? why i see 1.1.1.1/32 via both R2 and R3 in this case unlike the previous test?

another question
what is the difference between
clear ip ospf process
vs
router ospf 1
shutdown
?
is there any difference between them?

Hey Major,

So, with NSSA areas, only a single ABR will convert the Type 7 to Type 5 LSA and inject it in to the backbone area. It favors the highest router ID. The other ABR essentially functions like a hot standby in case the ABR is no longer able to forward the route.

You saw both LSAs at once when you shut the port because the neighborship ended and the area was changed. Router 2 started forwarding the route in to area 0. You have an age timer counting for the LSA coming from router 3.

For your question on clear ip ospf process, that command forces the neighbor relationships and databases, etc to clear and resend. Think of it as a reset button on the process, mainly used if it’s taking a long time for packets to update. The shutdown command will shut the entire process down, and it will not come back up until you issue a no shut command. So a power button instead of a reset. You can reset with a power button, but it’s less efficient.

Typically OSPF, and most other IGPs, has a rather fast convergence time, so we don’t typically use the clear ip ospf process command. BGP on the other hand (including iBGP) is fairly slow on convergence (unless specifically configured) with a high emphasis on reliability. This makes clear ip bgp *, or the more specific clear ip bgp * in/out much more common to use.

Hope you found these answers helpful.

1 Like

thanks eric for your reply.
is it ok if we talk about the virtual link because i`m not expert in this part.


this is my lab.
the first thing i need to talk about with you is the final design for the virual link .
in my lab what i`m thinking about how the virtual link is going to work is like this

on R2 i have 2.2.2.2/32 on area 0 . R2 is going to put 2.2.2.2/32 into the LSDB on area 1 as a type-3 LSA .
which means R2 is going to send 2.2.2.2/32 to R3 two times:
the first time , R2 is going to send 2.2.2.2/32 to R3 as the normal behavior . send it to R3 as a type-3 LSA to R3 with cost of 1 .
the second time by using the virtual link, R2 is has 2.2.2.2/32 with cost=1 and will send it to R3 with cost of 1 via the virtual link

R3#show ip ospf database summary
LS age: 1581
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 2.2.2.2 (summary Network Number)
Advertising Router: 0.0.0.3
LS Seq Number: 80000001
Checksum: 0x2F01
Length: 28
Network Mask: /32
MTID: 0 Metric: 2

Q.1 but why R3 has cost=2 NOT 1?

LS age: 1639
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 2.2.2.2 (summary Network Number)
Advertising Router: 0.0.0.2
LS Seq Number: 80000001
Checksum: 0x2B07
Length: 28
Network Mask: /32
MTID: 0 Metric: 1

Q.2 why the cost here is 1 ?
Q3 how to change the cost of the virtual link ?
Q4 how to change the area of the virtual link ? the default area is area 0
Q5 does my imagination and what i draw in the paint is correct or not ?
Q6 why i have some LSAs have this flag ( DNA) and other LSAs don`t? for ex.

R3#show ip ospf database summary

        OSPF Router with ID (0.0.0.3) (Process ID 1)

            Summary Net Link States (Area 0)

Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 6 (DoNotAge)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 5.5.5.5 (summary Network Number)
Advertising Router: 0.0.0.5
LS Seq Number: 80000001
Checksum: 0x8E94
Length: 28
Network Mask: /32
MTID: 0 Metric: 1

here i have DNA on R3 with the LSA 5.5.5.5/32

LS age: 1556
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 5.5.5.5 (summary Network Number)
Advertising Router: 0.0.0.3
LS Seq Number: 80000001
Checksum: 0xAE74
Length: 28
Network Mask: /32
MTID: 0 Metric: 3

but this does not have (DNA) flag even its the same network

Hey Major,

Q1. The cost on the LSA is for the other Area, the originating router has changed and the cost along with it. Your Cost of 2 is the LSA for area 2, so cost from the LSA received from router 2 plus the cost to get to router 2.

Q2. Loopback interfaces are default treated as a Stub host on Cisco devices with a cost of 1 to reach.

Q3. Virtual Links do not have a cost as they do not transmit data. The Virtual Link only transfers OSPF management data so it’s never calculated in the cost to a destination.

Q4. A Virtual Link is intended to connect areas that don’t have a connection to area 0 back to area 0, you cannot change the area of a virtual link. You can, however, use GRE tunnels and assign them to other areas. Keep in mind that the GRE tunnel will be adding to the costs and also has a packet overhead, so you may need to adjust MTU.

Q5. The drawing is a fairly accurate depiction.

Q6. So, DNA in RFC 1793, the primary purpose is for Demand Circuits. These typically have a cost associated with how much bandwidth is used. DNA bit was designed to make it so that as long as the link itself is up, you don’t have to re-flood the LSU when no changes have occurred, reducing the bandwidth used on the link, and therefore your charges. Since Virtual Links can traverse several routers by definition, they apply the DNA bit to all LSAs learned over the virtual link to reduce the amount of flood traffic going across, as there is no way for the Virtual Link to know if any of the hops are Demand Circuits.

Hope you find the above helpful!

1 Like

Thanks Eric,
i need to learn what is the difference in cost manipulation about type-7 related to :=
RFC 2328
RFC 1583
RFC 1587
RFC 3101

Happy I could help Major, good luck with your studies!

@Network_Eric
are you going to stop helping me at that point ?what do you mean ? i need some extra help . i`ve a lot of questions for you

Hey Major,

I didn’t see any questions in your post, just a statement that you were going to learn about cost manipulation. I check the forum regularly, if you have any specific questions you can always post a topic and I’ll do what I can to help. I’m sure other members will as well.