Date created: Monday, August 13, 2018 9:28:58 PM. Last modified: Wednesday, June 29, 2022 8:51:55 AM
OSPFv2 Inter-Area Filtering & Prefix-Suppression
In the topology below, the routes from each access area are not advertised into the backbone area 0 (area 1 see's no area 2 routes and vice verse). Equally from the backbone area only the loopback0 IP of the aggregation node within an access area is advertised (ACC1x nodes have AGG1-Lo0 and AGG2-Lo0 but not COR1-Lo0).
This is achieved so that each area can operate as a separate LDP domain, scaling independently of the others. This is in line with the Seamless MPLS architecture. The LSDB within OSPF is made from LSAs being flooded within an area, which causes each router to built a graph tree of the topology. After the graph tree is built then the prefixes that were attached to the LSAs are processed. This distinction is important, LSAs are processed first to build the graph then IP prefixes are processed to build the SPT afterwards, prefixes are extra information attached to LSAs.
Cisco IOS/XE supports the "area N filter-list prefix prefix-list-name in/out" command. "in" filters prefixes being redistributed "into" the area "N". "out" filters prefixes are they are redistributed out of area "N". All the magic happens on the AGGx nodes, the ACCxx and CORx nodes are oblivious. Also note that Cisco's prefix-suppression feature has been used here to further scale the IGP. This has removed all the transit links from the Type 1 LSAs which would have shown up type 3 links (stub networks).
ACC11 Config:
interface Loopback0
ip address 10.0.1.1 255.255.255.255
ip ospf 1 area 1
!
interface FastEthernet0/0
description AGG1-Fa0/0
ip address 10.1.11.2 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 1
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
description ACC12-Fa0/1
ip address 10.1.12.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 1
duplex auto
speed auto
mpls ip
!
router ospf 1
router-id 10.0.1.1
prefix-suppression
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface FastEthernet0/1
no passive-interface Loopback0
AGG1 Config:
interface Loopback0
ip address 10.0.0.1 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
description ACC11-Fa0/0
ip address 10.1.11.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 1
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
description AGG2-Fa0/1
ip address 10.0.12.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 0
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/0
description ACC21-Fa1/0
ip address 10.2.11.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 2
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/1
description COR1-Fa0/0
ip address 10.0.11.2 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 0
duplex auto
speed auto
mpls ip
!
router ospf 1
router-id 10.0.0.1
prefix-suppression
area 0 filter-list prefix deny-all in ! Area 0 doesn't allow any routes to be redistributed into it
area 1 filter-list prefix lo0 in
area 2 filter-list prefix lo0 in
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface FastEthernet0/1
no passive-interface FastEthernet1/0
no passive-interface FastEthernet1/1
no passive-interface Loopback0
!
ip prefix-list none seq 1 deny-all 0.0.0.0/0
!
ip prefix-list lo0 seq 10 permit 10.0.0.1/32
COR1 Config:
interface Loopback0
ip address 10.0.0.3 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
description AGG1-Fa1/1
ip address 10.0.11.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 0
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
description AGG2-Fa1/1
ip address 10.0.22.1 255.255.255.252
ip ospf network point-to-point
ip ospf prefix-suppression
ip ospf 1 area 0
duplex auto
speed auto
mpls ip
!
router ospf 1
router-id 10.0.0.3
prefix-suppression
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface FastEthernet0/1
no passive-interface Loopback0
The outputs below show that within area 1 (the same is true within area 2) that each access router only has the loopbacks from other routers within the same area, and the AGGx nodes within that area (and no other core or aggregation nodes, e.g. COR1). Note that LDP has allocated labels for /32 loopback IPs only, no /30 point-to-point link ranges, even though the GNS3 image being used don't support the "mpls ldp label; allocate global host-routes" command the OSPF prefix-suppression feature stops those point-to-point link ranges from entering the IGP database, which is what LDP allocates labels against. This means that in-line with the Seamless MPLS design label usage is kept to loopbacks only.
ACC11#show ip route
...
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
O IA 10.0.0.1/32 [110/2] via 10.1.11.1, 00:28:56, FastEthernet0/0
O IA 10.0.0.2/32 [110/3] via 10.1.12.2, 00:40:45, FastEthernet0/1
C 10.0.1.1/32 is directly connected, Loopback0
O 10.0.1.2/32 [110/2] via 10.1.12.2, 00:40:55, FastEthernet0/1
C 10.1.11.0/30 is directly connected, FastEthernet0/0
L 10.1.11.2/32 is directly connected, FastEthernet0/0
C 10.1.12.0/30 is directly connected, FastEthernet0/1
L 10.1.12.1/32 is directly connected, FastEthernet0/1
ACC11#show ip ospf database
OSPF Router with ID (10.0.1.1) (Process ID 1) Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 10.0.0.1 10.0.0.1 196 0x80000003 0x006097 1 10.0.0.2 10.0.0.2 63 0x80000004 0x00E701 1 10.0.1.1 10.0.1.1 1800 0x80000005 0x001C87 3 10.0.1.2 10.0.1.2 23 0x80000006 0x00D2C0 3 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.0.0.1 10.0.0.1 1801 0x80000001 0x00A67F 10.0.0.2 10.0.0.2 549 0x80000002 0x00948E
ACC11#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 explicit-n 10.0.0.1/32 0 Fa0/0 10.1.11.1
18 explicit-n 10.0.1.2/32 0 Fa0/1 10.1.12.2
20 18 10.0.0.2/32 0 Fa0/1 10.1.12.2
AGG1#show ip route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 20 subnets, 2 masks
C 10.0.0.1/32 is directly connected, Loopback0
O 10.0.0.2/32 [110/2] via 10.0.12.2, 00:05:44, FastEthernet0/1
O 10.0.0.3/32 [110/2] via 10.0.11.1, 00:05:44, FastEthernet1/1
O 10.0.1.1/32 [110/2] via 10.1.11.2, 00:05:08, FastEthernet0/0
O 10.0.1.2/32 [110/3] via 10.1.11.2, 00:04:54, FastEthernet0/0
O 10.0.2.1/32 [110/2] via 10.2.11.2, 00:05:44, FastEthernet1/0
O 10.0.2.2/32 [110/3] via 10.2.11.2, 00:05:44, FastEthernet1/0
C 10.0.11.0/30 is directly connected, FastEthernet1/1
L 10.0.11.2/32 is directly connected, FastEthernet1/1
C 10.0.12.0/30 is directly connected, FastEthernet0/1
The output above shows that ACC11 have two Type 3 Summary LSAs, one for the loopback0 IP on each AGG node which server as the gateways/ABRs for area 1 into the rest of the network. A router can not originate any LSAs into an area to which it is connected without originating a Type 1 LSA. This means that the loopback0 IPs on the AGGx nodes which are in area 0 can't be redistributed into area 1 as an inter-area Type 3 Summary LSA without also originating a Type 1 LSA. For AGG1 the Type 1 LSA will contain the loopback0 IP (10.0.0.1) as a type 1 link (point-to-point) with the neighboring router ID set to it's interface IP inside area 1 (10.1.11.1 towards ACC11).
The output below shows this Type 1 LSA from AGG1 and the Type 3 LSA which advertises the same loopback0 IP. Loopback0 is in area 0 which means AGG1 will by default it will send it as a Type 3 inter-area summary LSA. Because loopback0 isn't natively in area 1 it is not possible to only send the Type 1 LSA. The reason the Type 1 LSA is originated is because AGG1 wants to send the Type 3 LSA and as per the OSPF rule, no LSA can be sent into any area unless a Type 1 LSA has been originated first, to identify this local router in that area. This means that the inter-area advertisement requires a Type 1 and Type 3 LSA otherwise it can't be advertised inter-area at all:
AGG1#show ip ospf 1 1 database router 10.0.0.1
OSPF Router with ID (10.0.0.1) (Process ID 1)
Router Link States (Area 1)
LS age: 526
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 10.0.0.1
Advertising Router: 10.0.0.1
LS Seq Number: 80000003
Checksum: 0x6097
Length: 36
Area Border Router
Number of Links: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 10.0.1.1
(Link Data) Router Interface address: 10.1.11.1
Number of MTID metrics: 0
TOS 0 Metrics: 1
AGG1#show ip ospf 1 1 database summary 10.0.0.1
OSPF Router with ID (10.0.0.1) (Process ID 1)
Summary Net Link States (Area 1)
LS age: 75
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 10.0.0.1 (summary Network Number)
Advertising Router: 10.0.0.1
LS Seq Number: 80000002
Checksum: 0xA480
Length: 28
Network Mask: /32
MTID: 0 Metric: 1
The output below shows the AGG1 advertisement into area 1 before OSPF prefix-suppression was enabled. It shows that AGG1 is sending its point-to-point link subnet to ACC11 (10.1.11.0/30) as a type 3 link within the Type 1 Router LSA:
AGG1#show ip ospf 1 1 database router
OSPF Router with ID (10.0.0.1) (Process ID 1)
Router Link States (Area 1)
LS age: 3
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 10.0.0.1
Advertising Router: 10.0.0.1
LS Seq Number: 80000004
Checksum: 0x587A
Length: 48
Area Border Router
Number of Links: 2
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 10.0.1.1
(Link Data) Router Interface address: 10.1.11.1
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.11.0
(Link Data) Network Mask: 255.255.255.252
Number of MTID metrics: 0
TOS 0 Metrics: 1
The output below shows the routing table on AGG1. It can be seen that the only OSPF routes are the loopback0 IPs from all areas AGG1 is connected to (area 0, area 1 and area 2) and no point-to-point /30 IPs in OSPF, only the point-to-point /30s for it's directly connected links are in the routing table:
AGG1#show ip route
...
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 15 subnets, 2 masks
C 10.0.0.1/32 is directly connected, Loopback0
O 10.0.0.2/32 [110/2] via 10.0.12.2, 00:39:29, FastEthernet0/1
O 10.0.0.3/32 [110/2] via 10.0.11.1, 00:16:36, FastEthernet1/1
O 10.0.1.1/32 [110/2] via 10.1.11.2, 00:39:29, FastEthernet0/0
O 10.0.1.2/32 [110/3] via 10.1.11.2, 00:39:29, FastEthernet0/0
O 10.0.2.1/32 [110/2] via 10.2.11.2, 00:39:24, FastEthernet1/0
O 10.0.2.2/32 [110/3] via 10.2.11.2, 00:39:24, FastEthernet1/0
C 10.0.11.0/30 is directly connected, FastEthernet1/1
L 10.0.11.2/32 is directly connected, FastEthernet1/1
C 10.0.12.0/30 is directly connected, FastEthernet0/1
L 10.0.12.1/32 is directly connected, FastEthernet0/1
C 10.1.11.0/30 is directly connected, FastEthernet0/0
L 10.1.11.1/32 is directly connected, FastEthernet0/0
C 10.2.11.0/30 is directly connected, FastEthernet1/0
L 10.2.11.1/32 is directly connected, FastEthernet1/0
AGG1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
19 explicit-n 10.0.0.3/32 0 Fa1/1 10.0.11.1
20 18 10.0.1.2/32 0 Fa0/0 10.1.11.2
21 explicit-n 10.0.1.1/32 0 Fa0/0 10.1.11.2
22 explicit-n 10.0.0.2/32 0 Fa0/1 10.0.12.2
23 18 10.0.2.2/32 0 Fa1/0 10.2.11.2
24 explicit-n 10.0.2.1/32 0 Fa1/0 10.2.11.2
The OSPF database from AGG1 below shows that it only has Type 1 LSAs within the core/backbone area 0. With each access area (1 & 2) it has Type 1 LSAs for the loopback0 IPs of the access PEs in each area and a Type 1 LSA and Type 3 LSA for it's own loopback0 IP in each area:
AGG1#show ip ospf database
OSPF Router with ID (10.0.0.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.0.0.1 10.0.0.1 1136 0x80000005 0x000F97 3
10.0.0.2 10.0.0.2 798 0x80000006 0x001F78 3
10.0.0.3 10.0.0.3 1111 0x80000005 0x009CFD 3
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
10.0.0.1 10.0.0.1 147 0x80000005 0x005C99 1
10.0.0.2 10.0.0.2 1041 0x80000004 0x00E701 1
10.0.1.1 10.0.1.1 745 0x80000006 0x001A88 3
10.0.1.2 10.0.1.2 1000 0x80000006 0x00D2C0 3
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.0.0.1 10.0.0.1 473 0x80000002 0x00A480
10.0.0.2 10.0.0.2 1553 0x80000002 0x00948E
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
10.0.0.1 10.0.0.1 1175 0x80000003 0x007580 1
10.0.0.2 10.0.0.2 1041 0x80000004 0x00FCE9 1
10.0.2.1 10.0.2.1 1512 0x80000005 0x008815 3
10.0.2.2 10.0.2.2 783 0x80000006 0x00AEDE 3
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.0.0.1 10.0.0.1 473 0x80000002 0x00A480
10.0.0.2 10.0.0.2 1553 0x80000002 0x00948E
The output below shows that COR1 only has loopback0 IPs within it's OSPF database:
COR1#show ip ospf database
OSPF Router with ID (10.0.0.3) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.0.0.1 10.0.0.1 1054 0x80000005 0x000F97 3
10.0.0.2 10.0.0.2 710 0x80000006 0x001F78 3
10.0.0.3 10.0.0.3 1016 0x80000005 0x009CFD 3
COR1#show ip route
...
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
O 10.0.0.1/32 [110/2] via 10.0.11.2, 00:17:53, FastEthernet0/0
O 10.0.0.2/32 [110/2] via 10.0.22.2, 00:17:48, FastEthernet0/1
C 10.0.0.3/32 is directly connected, Loopback0
C 10.0.11.0/30 is directly connected, FastEthernet0/0
L 10.0.11.1/32 is directly connected, FastEthernet0/0
C 10.0.22.0/30 is directly connected, FastEthernet0/1
L 10.0.22.1/32 is directly connected, FastEthernet0/1
Previous page: LAG, ECMP, MPLS-TE: Tech Overview
Next page: OSPFv2 IPFRR - LFA & rLFA