Configuring NSSA for OSPFv3

Cisco Open Short Shortest Path First version 3 (OSPFv3) allows you to configure a Not-So-Stubby Area (NSSA). An NSSA is similar to a stub area, except that an NSSA allows you to import autonomous system (AS) external routes within an NSSA using redistribution. This feature adds support for the OSPFv3 NSSA specification described by RFC 3101. RFC 3101 replaced and is backward compatible with RFC 1587.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tooland the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Information About Configuring NSSA for OSPFv3

RFC 1587 Compliance

RFC 3101 compliance is automatically enabled on the devices. Use the compatible rfc1587 command in router configuration mode to revert to route selection that is based on RFC 1587. When you configure the device to be compatible with RFC 1587, the device performs the following actions:

  • Reverts the route selection process to RFC 1587.

  • Configures Autonomous System Border Router (ASBR) to configure the P (propagate bit) and zero-forwarding address.

  • Disables always translating Area Border Router (ABR).

ABR as OSPFv3 NSSA LSA Translator

Use the Not-So-Stubby Area (NSSA) for Open Shortest Path First version 3 (OSPFv3) feature to simplify administration in a network that connects a central site that uses OSPFv3 to a remote site that uses a different routing protocol.

When the NSSA feature is not implemented, the connection between the border device at the corporate site and the remote device is not established as an OSPFv3 stub area due to following reasons:
  • Routes for the remote site are not redistributed into the stub area.
  • Two routing protocols must be maintained.

A protocol such as Routing Information Protocol (RIP) for IPv6 is run to handle the redistribution. By implementing NSSA, you can extend OSPFv3 to include the remote connection by defining the area between the border device at the corporate site and the remote device as an NSSA.

As with OSPFv3 stub areas, NSSA areas cannot be injected with distributed routes via a Type 5 Link State Advertisement (LSA). Route redistribution into an NSSA area is possible only with a Type 7 LSA. An NSSA Autonomous System Border Router (ASBR) generates the Type 7 LSA , and an NSSA Area Border Router (ABR) translates the Type 7 LSA into a Type 5 LSA. These LSAs can be flooded throughout the OSPFv3 routing domain. Route summarization and filtering are supported during the translation.

Route summarization is the consolidation of advertised addresses. This feature enables an ABR to advertise a single summary route to other areas. If the network numbers in an area are assigned in a way such that they are contiguous, you can configure the ABR to advertise a summary route that covers all the individual networks within the area that fall into the specified range.

When routes from other protocols are redistributed into an OSPFv3 area, each route is advertised individually in an external LSA. However, you can configure the Cisco IOS software to advertise a single route with a specified network address and mask for all the redistributed routes that are covered by a specified network address and mask. Thus, the size of the OSPFv3 link-state database decreases.

RFC 3101 allows you to configure an NSSA ABR device as a forced NSSA LSA translator.


Note

Even a forced translator might not translate all LSAs; translation depends on the content of each LSA.


The figure below shows a network diagram in which OSPFv3 Area 1 is defined as the stub area. The Enhanced Interior Gateway Routing Protocol (EIGRP) routes are not propagated into the OSPFv3 domain because routing redistribution is not allowed in the stub area. However, once OSPFv3 Area 1 is defined as an NSSA, an NSSA ASBR can include the EIGRP routes to the OSPFv3 NSSA by generating Type 7 LSAs.

Figure 1. OSPFv3 NSSA

The redistributed routes from the RIP device are not allowed into OSPFv3 Area 1 because NSSA is an extension to the stub area. The stub area characteristics still exist, including the exclusion of Type 5 LSAs.

The figure below shows the OSPFv3 stub network with NSSA Area 1. The redistributed routes that Device 4 is propagating from the two RIP networks are translated into Type 7 LSAs by NSSA ASBR Device 3. Device 2, which is configured to be the NSSA ABR, translates the Type 7 LSAs back to Type 5 so that they can be flooded through the rest of the OSPFv3 stub network within OSPFv3 Area 0.

Figure 2. OSPFv3 NSSA Network with NSSA ABR and ASBR Devices

How to Configure NSSA for OSPFv3

Configuring an OSPFv3 NSSA Area and Its Parameters

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. router ospfv3 process-id
  4. area area-id nssa default-information-originate nssa-only
  5. address-family {ipv4 | ipv6} [unicast]
  6. Enter either of the following commands:
    • (For IPv4) summary-prefix {ip-prefix | ip-address-mask} [not-advertise | [tag tag-value] [nssa-only]]
    • (For IPv6) summary-prefix ipv6-prefix [not-advertise | [tag tag-value] [nssa-only]]
  7. exit
  8. redistribute protocol [process-id ] {level-1 | level-1-2 | level-2 } [autonomous-system-number ] [metric {metric-value | transparent }] [metric-type type-value ] [match {internal | external 1 | external 2 }] [tag tag-value ] [route-map map-tag ] [nssa-only ]
  9. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router ospfv3 process-id

Example:


Device(config)# router ospfv3 10

Enables OSPFv3 routing and enters router configuration mode.

  • The process-id argument identifies the OSPFv3 process. The range is from 1 to 65535.

Step 4

area area-id nssa default-information-originate nssa-only

Example:


Device(config-router)# area 1 nssa default-information-originate nssa-only

Configures an NSSA area and sets the default advertisement to this NSSA area.

  • In the example, area 1 is configured as an NSSA area.

  • The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to Type 5 on NSSA ABR device.
Step 5

address-family {ipv4 | ipv6} [unicast]

Example:

Device(config-router)# address-family ipv4 unicast

OR

Device(config-router)# address-family ipv6 unicast

Enables address family configuration mode for Open Shortest Path First version 3 (OSPFv3).

  • The address-family ipv4 unicast command configures an IPv4 address family.

  • The address-family ipv6 unicast command configures an IPv6 address family.

Step 6

Enter either of the following commands:

  • (For IPv4) summary-prefix {ip-prefix | ip-address-mask} [not-advertise | [tag tag-value] [nssa-only]]
  • (For IPv6) summary-prefix ipv6-prefix [not-advertise | [tag tag-value] [nssa-only]]

Example:

(For IPv4)

Device(config-router-af)# summary-prefix 10.1.0.0/16 nssa-only
(For IPv6)

Device(config-router-af)# summary-prefix 2001:DB8::/32 nssa-only
  • (For IPv4 address family only) Defines an IPv4 summary prefix and address mask in Open Shortest Path First version 3 (OSPFv3) and summarizes all routes redistributed from other routing protocols.

  • (For IPv6 address family only) Defines an IPv6 summary prefix in Open Shortest Path First version 3 (OSPFv3) and summarizes all routes redistributed from other routing protocols.

  • The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to Type 5 on NSSA ABR router.
Step 7

exit

Example:

Device(config-router-af)# exit

Exits address-family router configuration mode and returns to the router configuration mode.

Step 8

redistribute protocol [process-id ] {level-1 | level-1-2 | level-2 } [autonomous-system-number ] [metric {metric-value | transparent }] [metric-type type-value ] [match {internal | external 1 | external 2 }] [tag tag-value ] [route-map map-tag ] [nssa-only ]

Example:


Device(config-router)# redistribute rip nssa-only

Redistributes routes from one routing domain into another routing domain.

  • In the example, Routing Information Protocol (RIP) subnets are redistributed into the OSPFv3 domain.

Step 9

end

Example:


Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

Configuring an NSSA ABR as a Forced NSSA LSA Translator for OSPFv3

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. router ospfv3 process-id
  4. area area-id nssa translate type7 always
  5. area area-id nssa translate type7 suppress-fa
  6. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router ospfv3 process-id

Example:


Device(config)# router ospfv3 1

Enables OSPFv3 routing and enters router configuration mode.

  • The process-id argument identifies the OSPFv3 process. The range is from 1 to 65535.
Step 4

area area-id nssa translate type7 always

Example:


Device(config-router)# area 10 nssa translate type7 always
Configures a Not-So-Stubby Area Area Border Router (NSSA ABR) device as a forced NSSA Link State Advertisement (LSA) translator.
Note 

You can use the always keyword to configure an NSSA ABR device as a forced NSSA LSA translator. This command can be used if RFC 3101 is disabled and RFC 1587 is used.

Step 5

area area-id nssa translate type7 suppress-fa

Example:


Device(config-router)# area 10 nssa translate type7 suppress-fa

OR

Device (config-router)# address-family [ipv4|ipv6] unicast
Device (config-router-af)# area 10 nssa translate type7 suppress-fa
Device (config-router-af)# exit

Allows the ABR to suppress the forwarding address in translated Type 5 LSA.

Note 

You can configure this command in both router configuration mode and address-family configuration mode.

Step 6

end

Example:


Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

Disabling RFC 3101 Compatibility and Enabling RFC 1587 Compatibility

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. router ospfv3 process-id
  4. compatible rfc1587
  5. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable
Enables privileged EXEC mode.
  • Enter your password if prompted.
Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router ospfv3 process-id

Example:


Device(config)# router ospfv3 1
Enables OSPFv3 routing and enters router configuration mode.
  • The process-id argument identifies the OSPFv3 process.
Step 4

compatible rfc1587

Example:


Device(config-router)# compatible rfc1587

Changes the method used to perform route selection to RFC 1587 compatibility and disables RFC 3101.

Step 5

end

Example:


Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

Configuration Examples for Configuring NSSA for OSPFv3

Example: NSSA for OSPFv3

Use the show ospfv3 command to confirm that the device is acting as an Autonomous System Border Router (ASBR) and that the Open Shortest Path First version 3 (OSPFv3) Area 1 has been configured as a Not-So-Stubby Area (NSSA) area.


Device# show ospfv3

 OSPFv3 1 address-family ipv4
 Router ID 3.3.3.3
 Supports NSSA (compatible with RFC 1587)
 It is an autonomous system boundary router
 Redistributing External Routes from,
    static
 Router is not originating router-LSAs with maximum metric
 Initial SPF schedule delay 5000 msecs
 Minimum hold time between two consecutive SPFs 10000 msecs
 Maximum wait time between two consecutive SPFs 10000 msecs
 Minimum LSA interval 5 secs
 Minimum LSA arrival 1000 msecs
 LSA group pacing timer 240 secs
 Interface flood pacing timer 33 msecs
 Retransmission pacing timer 66 msecs
 Number of external LSA 0. Checksum Sum 0x000000
 Number of areas in this router is 1. 0 normal 0 stub 1 nssa
 Graceful restart helper support enabled
 Reference bandwidth unit is 100 mbps
 RFC1583 compatibility enabled
    Area 1
        Number of interfaces in this area is 1
        It is a NSSA area
        Configured to translate Type-7 LSAs, inactive (RFC3101 support disabled)
        Perform type-7/type-5 LSA translation, suppress forwarding address
        Area has no authentication
        SPF algorithm last executed 00:00:07.160 ago
        SPF algorithm executed 3 times
        Area ranges are
        Number of LSA 3. Checksum Sum 0x0245F0
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0

The table below describes the significant show ip ospf display fields and their descriptions.

Table 1. show ospfv3 Field Descriptions
Field Description

Supports NSSA (compatible with RFC 1587)

Specifies that RFC 1587 is active or that the OSPFv3 NSSA area is RFC 1587 compatible.

Configured to translate Type-7 LSAs, inactive (RFC3101 support disabled)

Specifies that the OSPFv3 NSSA area has an ABR device configured to act as a forced translator of Type 7 LSAs. However, it is inactive because RFC 3101 is disabled.

The output of the router LSA in LSDB shows Nt-Bit if it is set in the header of LSA.


Router Link States (Area 1)

  LS age: 94
  Options: (N-Bit, R-bit, DC-Bit, AF-Bit, Nt-Bit)
  LS Type: Router Links
  Link State ID: 0
  Advertising Router: 2.2.2.2
  LS Seq Number: 80000002
  Checksum: 0x8AD5
  Length: 56
  Area Border Router
  AS Boundary Router
  Unconditional NSSA translator
  Number of Links: 2

The “Unconditional NSSA translator” line indicates that the status of the NSSA ASBR router is as a forced NSSA LSA translator.

Additional References for Configuring NSSA for OSPFv3

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Command List, All Releases

OSPF commands

Cisco IOS IP Routing: OSPF Command Reference

OSPFv3 in IPv6 routing

“IPv6 Routing: OSPFv3” module

RFCs

RFC

Title

RFC 1587

The OSPF NSSA Option

RFC 3101

The OSPF NSSA Option

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Configuring NSSA for OSPFv3

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 2. Feature Information for Configuring NSSA for OSPFv3

Feature Name

Releases

Feature Information

OSPFv3 Support for NSSA

Cisco Open Short Shortest Path First version 3 (OSPFv3) allows you to configure a Not-So-Stubby Area (NSSA). An NSSA is similar to a stub area, except that an NSSA allows you to import autonomous system (AS) external routes within an NSSA using redistribution. This feature adds support for the OSPFv3 NSSA specification described by RFC 3101. RFC 3101 replaced and is backward compatible with RFC 1587.

The following commands were introduced or modified: area nssa translate , compatible rfc1587 , show ospfv3 .