Tidbit of the day: NSSA – External forwarding address.

• March 17, 2010
• CCIE  
• Technology  
• CCIE  
• NSSA  
• OSPF  

I wanted to share a very interesting tidbit i figured out the hard way.

Again, its about NSSA areas in OSPF. When redistributing a route into an NSSA area, how is the forwarding address chosen?

Some say the lowest IP address of any loopback interfaces thats advertised into the NSSA area. Others say the highest. Which one is correct?

The answer is suprisingly: Neither!

The question then becomes, how DOES it choose it?

Well, first of, its correct that the loopback interface has to be advertised into the NSSA area to begin with. Secondly, OSPF chooses the interface that was LAST configured. Weird? yes. Fact? yes.

Take a look at this topology:

NSSA - External Forwarding Address Topology

Now take a look at R3’s output of interfaces in the OSPF routing protocol:

R3(config-router)#do sh ip os int b
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Lo50         1     1               50.50.50.50/8      1     P2P   0/0
Lo100        1     1               100.100.100.100/8  1     P2P   0/0
Lo0          1     1               1.1.1.1/8          1     P2P   0/0
Fa0/0        1     1               172.16.0.3/24      10    DR    1/1

From this we can see that the first interface configured is Fa0/0, then Lo0, Lo100 and finally Lo50. To end it all off, we have redistributed lo1000 (redistribute connected subnets):

Loopback1000               123.123.123.123 YES manual up                    up

Now, lets check out R2’s view of the NSSA external route:

R2(config-router)#do sh ip os data nssa
 OSPF Router with ID (2.2.2.2) (Process ID 1)
 Type-7 AS External Link States (Area 1)
 Routing Bit Set on this LSA
 LS age: 279
 Options: (No TOS-capability, Type 7/5 translation, DC)
 LS Type: AS External Link
 Link State ID: 123.123.123.0 (External Network Number )
 Advertising Router: 3.3.3.3
 LS Seq Number: 80000003
 Checksum: 0x65E7
 Length: 36
 Network Mask: /24
 Metric Type: 2 (Larger than any link state path)
 TOS: 0
 Metric: 20
 Forward Address: 50.50.50.50
 External Route Tag: 0

As you can see the forwarding address is now set to lo50’s address. Its not the lowest, nor the highest IP address. It IS however, the lastly added interface. Lets take it a step further and create a lo49 interface, with 49.49.49.49/8 and advertise this loopback into the OSPF domain:

On R3:

R3(config-router)#do sh ip os int b
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Lo49         1     1               49.49.49.49/8      1     P2P   0/0
Lo50         1     1               50.50.50.50/8      1     P2P   0/0
Lo100        1     1               100.100.100.100/8  1     P2P   0/0
Lo0          1     1               1.1.1.1/8          1     P2P   0/0
Fa0/0        1     1               172.16.0.3/24      10    DR    1/1

And then on R2:

Delete flag is set for this LSA
 LS age: MAXAGE(3604)
 Options: (No TOS-capability, Type 7/5 translation, DC)
 LS Type: AS External Link
 Link State ID: 49.0.0.0 (External Network Number )
 Advertising Router: 3.3.3.3
 LS Seq Number: 80000002
 Checksum: 0x4A5D
 Length: 36
 Network Mask: /8
 Metric Type: 2 (Larger than any link state path)
 TOS: 0
 Metric: 16777215
 Forward Address: 49.49.49.49
 External Route Tag: 0

Lets shut down the lo49 interface, and my stipulation is that lo50 will be the forwarding address:

After sh on lo49 on R3, R2 shows:

Routing Bit Set on this LSA
 LS age: 2
 Options: (No TOS-capability, Type 7/5 translation, DC)
 LS Type: AS External Link
 Link State ID: 123.123.123.0 (External Network Number )
 Advertising Router: 3.3.3.3
 LS Seq Number: 80000005
 Checksum: 0x61E9
 Length: 36
 Network Mask: /24
 Metric Type: 2 (Larger than any link state path)
 TOS: 0
 Metric: 20
 Forward Address: 50.50.50.50
 External Route Tag: 0

So go figure 🙂