Principles of nssa and stub in OSPF

Source: Internet
Author: User

As we all know, OSPF is the most widely used IGP on the Internet, while NSSA is a new attribute generated during the development of this Protocol, her full name is "not-so-stubby" area, a humorous name. To understand the characteristics of this attribute, let's start with the development of the routing protocol.
1.2 from D-V algorithm to link state algorithm RIP as the oldest dynamic routing protocol, using D-V algorithm to calculate routing. Since the network environment was very simple at that time, the design philosophy of the RIP Protocol was also concise, and only required the most basic functions. In this way, when applying RIP to a large-scale network with complex topology, problems such as low efficiency, slow convergence, and self-loop routing will occur. Specifically, the routing self-loop has the greatest harm. In this case, a new routing protocol must be provided to adapt to the increasingly complex network, and the new routing protocol must solve all the problems encountered by RIP. Because the D-V algorithm is based on the understanding of the network "plane"-in the eyes of the router running RIP Protocol, the network is only composed of directly connected neighbors and a route advertised by neighbors. In this way, when the network topology changes, it will inevitably cause computing errors and generate self-loops. To completely solve this problem, the blockchain State algorithm, a new algorithm, came into being. This algorithm looks at the network from a "three-dimensional" perspective. Each router understands the topological structure of the global network and computes routes based on this, as each vro "has everything in mind" on the overall network situation, the self-ring problem is completely solved. 1.3 Although the OSPF protocol and the region-based OSPF protocol completely solve the routing self-loop problem, this algorithm also has many inherent defects: it consumes more memory resources: each router must save the topology of the entire network (in the form of LSDB) to consume more CPU resources: the routing calculation of the algorithm using SPF algorithm, more complex than the D-V algorithm. More frequent computing: as long as the topology of any vro changes, all the vrouters in the network perform SPF computing, and each vro re executes the SPF algorithm again, to find the changed route.
Moreover, both the D-V algorithm and the Link State Routing Protocol have the following defects: The layer structure of the network is not reflected from the Protocol itself. In actual application, a network is composed of vrouters of various levels, including the backbone router of the core layer, the high-end router of the aggregation layer, and the low-end router of the access layer. These routers perform different tasks and have different processing performance. However, in the routing protocol, all routers have to do almost the same job: Send known routes to the neighbor router, and calculate the local route table based on the route information obtained from the neighbor router. Although the number of interfaces on each vro varies, the route table size calculated is basically the same. To completely solve the above problem, OSPF proposes the concept of AREA. The AREA is to divide all routers running OSPF into different groups and mark them with AREA IDs. The route calculation method remains the same in the region. After the region is divided, there will not be many routers in each region, and all of the above defects are not serious, and the consequences are negligible. The D-V algorithm is used to calculate routes between regions, so that the three shortcomings are successfully avoided. In fact, the concept of region is much more than that. After the domain is divided into regions, the topological structure of has a corresponding relationship with the routing protocol, the core and high-end routers can be planned in backbone areas due to their strong processing capabilities. Because vrouters in the backbone area need to undertake more routing computing tasks. Each separate region is actually a system independent of other regions in the network. You can test different routing policies in different regions to make the network planning more flexible and convenient. In fact, OSPF is widely used in today's networks, not because she uses a loop-free link state algorithm, but because she has proposed the concept of a region! 1.4 STUB region is the most typical application of the regional concept. The design idea of STUB region is that after a region is divided, routers in a non-backbone region must forward routes outside the region through the ABR (Regional Border Router, or for a vro in a region, ABR is a path to the external world. In this case, there is no need to know the detailed routes to the external world for the routers in the region, instead, the API publishes a default route to the region to guide message sending. In this way, there are only a few routes in the region and a default route pointing to the ABR. Regardless of the route changes outside the region, the route table of the vro in the region is not affected. Because the routers in a region are usually composed of low-end routers with limited processing capabilities, the low-end devices in the STUB region do not need to save a large route table, you do not need to perform route computing regularly. With the STUB attribute, network planning is more in line with the actual device characteristics. The description above is only the design idea of STUB region. In the Protocol text, the exact definition of STUB region is: the STUB region must be a non-backbone region and a non-convertible region (virtual connection zone can be configured), and Type 5 LSA cannot be passed in this region. Because the Protocol designer believes that most of the routes in the route table are introduced from outside the autonomous system. (Because OSPF is the routing protocol of the Link State algorithm, LSA is a data structure used to describe the network topology. In OSPF, LSA is divided into five categories: type1 and 2, which are used to describe routing information in the region; type3 is used to describe routing information between regions; type4 and 5 are used to describe the router information outside the autonomous system .) Note that the descriptive language used in the definition to filter TYPE5 type LSA is "not passed", which means not only the ASE outside the region (outside the Autonomous System) the routes cannot be transmitted to the STUB region, and the ASE routes in the STUB region cannot be transferred to other regions. In other words, the vrouters In the STUB region cannot introduce any external routes (including static routes ). Such a definition is too strict. In actual networking, not all devices run the OSPF protocol. For example, the access server used by the user for dial-up Internet access needs to connect to the NAT network on the vro. However, the Access Server generally does not support (or does not need) the OSPF protocol, instead, the routing function is implemented by configuring static routes. In many cases, the ISP uses Static Routing when connecting to the user-side router for the sake of confidentiality or ease of management. In short: OSPF is configured on all routers in a network, but static routing is not used. -- That is to say, the applicable conditions of the STUB region do not exist. 1.5 Although the STUB area of The NSSA region depicts a bright future for the rational planning of the network, it is a pity that she is not operable in the actual networking. However, at this time, the OSPF protocol has been basically formed and cannot be modified. To compensate for the defects, the Protocol designer proposed a new concept NSSA, which is described separately in RFC 1587 as an extended attribute of OSPF protocol. NSSA needs to complete the following tasks: ASE routes outside the autonomous system cannot enter the NSSA region, but the ASE routes introduced by routers in the NSSA region can be transmitted in NSSA and sent out of the region. That is, the restrictions on the two-way transmission of ASE in STUB are canceled (areas cannot be inbound or outbound) and changed to one-way restrictions (areas cannot inbound or outbound, area ). As an extended attribute of OSPF standard protocol, conflicts and compatibility issues should be minimized when coordinating with vrouters that do not support this attribute. To solve the problem of one-way ASE transfer at, a Type of LSA-Type 7 LSA is defined in NSSA, which is used as a router in the region to introduce external routes, except for the Type ID and Type 5, the Type of LSA is basically the same. In this way, the router in the region can determine whether the route is from the region by using the LSA type. However, because Type 7 LSA is newly defined and cannot be identified for vrouters that do not support the NSSA attribute, the Protocol stipulates that: on The nssa api, convert the Type 7 LSA generated inside the NSSA to the Type 5 LSA and release it again. At the same time, change the LSA publisher to the API itself. In this way, vrouters outside The NSSA region do not need to support this attribute at all. From the above description, we can see that all vrouters In The NSSA region must support this attribute (including NSSA's ABR), while other vrouters in the autonomous system do not. Since NSSA is improved by the concept of the STUB region, her name is "not-so-stubby" area, which is intended to be: not that STUB region. Chapter 2 NSSA-related configuration NSSA is not complex and easier to configure. There is only one related command: [Router-ospf] area-id nssa [default-route-advertise] [no-import-route] [no-summary] area-id: is the region Number of the region to be configured as NSSA. Parameters in "[]" take effect only when the vroabr is an API. The keyword default-route-advertise is used to generate the default Type-7 LSA. After this parameter is applied, the default route exists in the ABR no matter whether the routing table exists, the default Type-7 LSA route is generated. In the ASBR table, the default route exists to generate the default Type-7 LSA route. The no-import-route keyword is used on the ASBR, so that the routes introduced by OSPF through the import-route command are not advertised to the NSSA region. If the NSSA router is both ASBR and ABR, this parameter is generally used. To further reduce the number of link status releases (LSA) sent to The NSSA region, you can configure the no-summary attribute on the ABR, disable ABR from sending summary_net LSAs (Type-3 LSA) To The NSSA region ). After this parameter is configured, the ABR filters out lsa of the Type3 type, that is, routes between regions are not displayed in the NSSA region, and the route table is further streamlined. Since there are default routes, there is no need for other specific routes pointing outside the region. This parameter is recommended. That is, if the router is only a vro in a region, you only need to configure area-id nssa. If it is an API, add three optional parameters as needed.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.