Saturday, May 19, 2012

Intra-area and External OSPF LSAs Explained (Briefly)

So why segment your OSPF AS into various areas all connected to a backbone area (a.k.a. area 0)?  Why not just keep it one simple backbone area?  That answer is to contain Type-1 (Router) and 2 (Network) LSA propagation, and summarize at border routers to allow for faster convergence within each area.  LSAs help us do that, but we need to know what they are and what they do for us.

First a bit about LSA's and OSPF.  Link State Advertisements or LSAs are generated for every router, for every transient network (both broadcast and non-broadcast multiaccess networks...ethernet, frame-relay, etc), for every prefix from another area, and every prefix that redistributed into an OSFP network from an external routing source.  These LSAs are flooded within an area, and some into other areas as we will see.  All this information is shared between OSPF speaking routers.  It is gathered and placed into the OSPF database called the Link State Database or LSDB on each router. Once the routers have all the information about every prefix everywhere within its AS, it then runs the Shortest Path First (SPF) algorithm against the LSDB to calculate the shortest or 'best' path to each network prefix.  This path is determined by the lowest cost calculated based on a metric that drived from the bandwidths of the links and the costs advertised by all other routers.   Each router calculates the best path to each prefix from its own perspective, essentially building a tree that no brach crosses any other branch, thus creating a loop free topology.  The problem is that the larger the database or topology is, the more processing and time it takes to calculate the shortest path, hence slower convergence.  Depending on the router's capabilities and the number of SFP calculations to process if the database is too large during convergence, I have seen routers never converge.

This is where OSPF's 2 teir hierarchy, areas and LSAs comes into play.  Area Border Routers (ABRs) are routers that connect 2 or more areas.  All areas must be connected to the backbone area (with the exception of a sham-link) and is connected via an ABR.  The ABRs do not forward type 1 or 2 LSAs into adjacent areas.  And this is good.  Instead the ABRs take the prefix information learned from the connected areas and flood them as a Type-3 (Net Summary) LSA into each adjacent area.  All other routers in the area instead of calculating the SPF to the advertising router within another area, instead use the cost the ABR provides along with the cost to get to the ABR(not always though, see stubby networks below).  Now it would not make sense to have every subnet connected to every router in an area advertised as a Type-3 LSA into the adjacent areas.  This would do nothing to reduce the number of LSAs, so at the ABRs we should summarize the prefixes contained within that area.  This summarization can effectively reduce the Type-3 LSA advertisements into adjacent areas to one Type-3 LSA, if the IP numbering schema is well designed.

The fun begins with two AS's or autonomous systems exchanging OSPF LSAs (via redistribution).  For this to occur we need a Autonomous System Boarder Router or ASBR.  The ASBRs produce Type-5 (AS-External) LSAs for each external route redistributed into OSPF and and floods them throughout the AS (again, see stubby networks below).  The ASBR can advertise the LSA as a Type-1 or Type-2 External metric.  Essentially, a Type-1 External metric is calculated based on the advertising ASBRs metric plus the metric to get to the ASBR.  In other words, a router will receive an LSA from an ASBR and add the cost to get to the ASBR to the metric received from the ASBR for the Type 1 External prefix.  The other is Type-2 External metrics are much easier the metric that ASBR advertises does not change throughout the AS.  Type-1s are preferred over Type-2s by the routers.  Again like Type-3 LSAs, Type-5 LSAs can be summarized to reduce LSA propagation throughout the AS.

So what happens if the ASBR is in a different area than the Backbone area?  The problem is how is another area's router going to calculate how to get to the ASBR of another area if all it receives is a LSA.  This is where a Type-4 LSA helps.  A ABR (remember it connects 2 or more areas) helps out by letting everyone in the area know the cost of getting to the ASBR from the ABR for each prefix.

There is one other LSA that needs to be touched on, and that is the Type-7 LSA or NSSA External.  Some say NSSA is Cisco propriety, but there is OSPF extension that describes it in RFC 1587.  An NSSA or Not-So-Stubby-Area, is an area that is confused.  But to know why it is confused need to know what a stubby network is.  In a stubby network, the ABR advertise no Type-5 LSAs into the area, and will instead advertise a default route as a Type-3 LSA. This again is to reduce the number of LSAs propagated to the stub area.  An ABR may send other Type-3 LSAs as well or it may not depending on the configuration.  A stubby network which does not receive type-3 LSAs with the exception of the default route is called a totally stubby network.  But a NSSA is a stub network (which doesn't get Type-5 LSAs, and may not get Type-3 LSAs) that is connected to another AS, whose prefixes are being redistributed into OSPF within the stub network, hence the could have been stubby network it is not so stubby any more.  These prefixes are advertised via a Type-7 LSA.  However, when the ABR receives and re-advertises the prefixes received from the Type-7 LSA it advertises them in the backbone area as a Type-5 LSA.

Of couse there are exceptions to some of these rules as we have seen with stubby areas and NSSAs.  For example, in an MPLS VRF or Layer 3 VPN that is being redistributed from MP-BGP into OSPF on a Provider Edge router, the PE router does not advertise the prefix via a Type-5 LSA but it in fact advertises it as a Type-3, even though technically BGP and OSPF are differing AS's.  But this makes sense, from a customer point of view, the prefixes the customer advertises into the VRF are not from differing AS's but all part of the customers own AS.  This way each of the customers site router actually receive Type-3 LSAs, and everything looks to be part of the same large network with no ISP interference.

I hope this provides you with some insight into the various LSA types that are used in multiarea OSPF domains.  OSPF is a very complex routing protocol with many 'button and knobs', and as the title suggested I tried to be brief and hit on the highlights of each LSA (the devil is in the details).  I know I did not touch on Type-6 Group Membership LSAs but I have never seen them used in production.  Small OSPF networks may only have one backbone area and have no convergence problems, larger OSPF network may have many areas and still work to reduce there LSDB.  How to control the propagation of LSAs is a key factor to faster OSPF convergence times.  In conclusion, OSPF is my favorite IGP, and has great convergence when designed and tuned correctly, and scales very well thanks to the controls that are built into the LSAs. In a later post I describe how to summarize and filter Type-3 and 5 LSAs from being advertised to different areas.

No comments:

Post a Comment