OSPF Stub and NSSA configuration

You have been hired as a Network Engineer in an International Chemical Company. They have been running OSPF for very long time.  External routes are redistributed on router R1 which are propagating all through the OSPF domain. Recently they have done partnership with one of the Local Export company which run RIP in their Network.

  1. For efficiency, configure area 50 as a Stub.
  2. Redistribute RIP routes on R4 into OSPF domain.
  3. Configure area 50 as a nssa.
  4. Make sure that the area 50 can reach the External routes redistributed through Backbone ASBR.


Download the gns3 topology here:

OSPF Special Areas.rar
OSPF Special Areas_Solved.rar

IOS: c3660-ik9o3s-mz.124-15.T6.bin

    1: To configure area 50 as stub, we have to to do the following configuration on R5 and R6.
    R5(config)#router ospf 10
    R5(config-router)#area 50 stub
    R6(config)#router ospf 10
    R6(config-router)#area 50 stub
     We can verify on router R6 that we are not getting External routes.

    stub area

    2: To redistribute RIP routes on R4 into OSPF domain, issue the following commands on R4.
    router ospf 10
     redistribute rip subnets

    3: To configure area 50 as a nssa, we have to do following configuration on R2, R3 and R4.
    R2(config-router)#router ospf 10
    R2(config-router)#area 11 nssa
    R3(config-router)#router ospf 10
    R3(config-router)#area 11 nssa
    R4(config-router)#router ospf 10
    R4(config-router)#area 11 nssa

    We can verify on router R3 that now after configuring area 11 as a nssa, we are not getting Type-5 LSA (External routes), but at the same time we are receiving the external routes from R4 in the form of Type-7 LSAs.

    nssa area

    4: While verifying the solution for objective 3 i.e. the routes on R3 (above image), we can see that R3 can only receive external routes from the ASBR in the same area i.e. from R4, but cannot reach the external routes advertised by Backbone ASBR i.e. R3 cannot reach 10.x.x.x subnets advertised by R1. To resolve this issue, we can make the ABR of area 11 i.e. R2 to inject a default route into the area so that the routes in area 11 can reach the routes advertised by R1. To do so, we can use the following command.
    R2(config-router)#router ospf 10
    R2(config-router)#area 11 nssa default-information-originate

     Now we can see that R3 is receiving a default route.

    So, our all objectives are completed. You can also download this lab for your practice.


    Popular posts from this blog

    Specifying SSH port in Ansible Inventory

    Ansible-Playbook to display output of multiple show commands (using stdout_lines with Loop)

    Filtering Routes in BGP using Route-maps and Prefix-list

    Ansible Playbook for Network OS Upgrade with pre and post checks

    Bypassing Proxy Server in Google Chrome

    VMware NSX Traffic Flow — East-West & North-South

    Export or Backup Azure Network Security Groups into CSV using PowerShell

    Ansible-playbook for backing up running config of Cisco IOS