[nsp] OSPF NSSA

Stephen J. Wilcox steve at telecomplete.co.uk
Wed Feb 11 14:07:15 EST 2004 

> Depending on the IOS version you are at you can use the command:
> passive-interface default under OSPF so now you will only be enabling
> OSPF on the interfaces that you specifically do a no passive-interface
> [interface#] on.  Works very well to control specifically what gets
> turned up.  Redistributing the connected interfaces also now makes them
> external routes which is not ideal.

Do you have any known problems with external ospf routes?

Steve

> 
> Paul Van Lierop
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Stephen J.
> Wilcox
> Sent: Wednesday, February 11, 2004 10:30 AM
> To: Oliver Boehmer (oboehmer)
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] OSPF NSSA
> 
> > It is standard practice, and also best practice for any connected
> > interface for this matter. You can always add a "passive-interface"
> > statement if you don't want any neighbor relationships established
> over
> > the interface.  
> 
> Oliver, just as an aside.. whats the benefit of having these in the OSPF
> rather 
> than redistributed.. I guess my concern is for example on each PoP I
> assign /30 
> customer connections out of /24 blocks so I could easily add the /24 as
> on ospf 
> network, however it means I must remember to set each interface passive 
> explicitly and I'm worried I'll forget and I dont want my customers to
> get my 
> ospf traffic...
> 
> Steve
> 
> > 
> > > Previously I used to do redistribute connected to
> > > inject the loopback IP address into OSPF. How is this
> > > different from manually specifying the loopback IP
> > > address as a member of the area?
> > 
> > As Andrew already mentioned: this prevents external LSAs from being
> > generated. So depending on your topology this might or might not make
> a
> > difference. 
> > 
> > 	oli
> > 
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list