[c-nsp] OSPF NSSA Question

Jack.W.Parks at alltel.com Jack.W.Parks at alltel.com
Mon Sep 13 09:55:24 EDT 2004 

The only thing I can think of is that if/when the distribution routers
need to send intra-area traffic between one another they will use one of
your "access" routers.  If these are small routers this might cause an
overload depending on the amount of traffic.  

Additionally, you might incur routing loops.  Say, D1 needs to forward a
packet to D2 due to best-path metrics, but because of the OSPF topology
you have established the traffic will be forwarded via an access router,
A1 (intra-area preference), to D2.  A1 believes the best path to that
destination is D1.  Thus a routing loop is formed.

All routers in OSPF have a topological view of the network. Intra-area
routes are preferred over inter-area routes.  Instead of trying to
remember the special circumstances surrounding this design, I would
allow the distribution routers to form and adjacency across the Ethernet
segment.  Set priorities on D1 and D2 to force DR and BDR election to
the distribution routers.  It is a good rule of thumb if your
distribution routers are ABRs, then they should have an OSPF adjacency
in the backbone area and in the NSSA.

I don't know the exact circumstances or requirements for your design,
but you asked, "Can anybody think of why this ... might break later on?"

Jack

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Armstrong
Sent: Sunday, September 12, 2004 4:26 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] OSPF NSSA Question


Thanks to everybody that replied.

I think I have a perfect solution.  

If I setup the interfaces on the distribution layer routers as ip ospf
network 
point-to-multipoint non-broadcast

and set the access routers as  point-to-multipoint without the
non-broadcast 
command 

I get exactly the behaviour I want.  The access routers all neighbour 
automatically, they all neighbour automatically with the distribution
layer 
routers, but the 2 dist routers never neighbour!

Cool..

Can anybody think of why this might be crackheaded, or might break later
on?

Dan.





On Saturday 11 September 2004 14:20, Zaheer Aziz wrote:
> At 05:36 PM 9/10/2004 -0400, Dan Armstrong wrote:
>
>
> Hi Dan,
>
> On any of the distribution routers apply this access-list on the 
> incoming interface
>
> access-list 101 deny   ospf host 116.16.13.1 host 224.0.0.5
> access-list 101 permit ip any any <<<<<< or whatever
>
> 116.16.13.1  is interface access of the  OTHER dist router.
>
> This should prevent neighbor relationship bw the two. There are other 
> methods like using secondary address etc etc but this should be the 
> simplest.
>
> Hope this helps
> Zaheer
>
> >I have a question, that may seem rather silly.... but it is driving 
> >me  nuts.
> >
> >I have an NSSA area with a few access routers in it.  They are 
> >connected  via Ethernet to 2 distribution layer routers.  The dist 
> >routers are  advertising in a default route, and life is good.
> >
> >I would like to conserve IP addresses, and I was hoping to put the  
> >interfaces on the access routers, and the corresponsing interfaces on

> >the  distribution layer routers all in the same subnet - rather than 
> >make a  whackload of /30nets everywhere.
> >
> >My problem is that when I do that, the two distribution layer routers

> >form  an adjacency with each other over the link%$#@#!!
> >
> >I realize that is "normal" behaviour... but it is not deseriable..
> >
> >Can I:
> >
> >-Explicitly force the two dist routers somehow not to form the 
> >adjacency? -Do I just go head and make my whackload of /30nets, and 
> >chew up IPs?
> >
> >It seems to me that this much have come up before....
> >
> >Any thoughts are appreciated.
> >
> >Dan.
> >
> >
> >_______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
******************************************************************************************
The information contained in this message, including attachments, may contain 
privileged or confidential information that is intended to be delivered only to the 
person identified above. If you are not the intended recipient, or the person 
responsible for delivering this message to the intended recipient, ALLTEL requests 
that you immediately notify the sender and asks that you do not read the message or its 
attachments, and that you delete them without copying or sending them to anyone else.

More information about the cisco-nsp mailing list