Ah I see. So you have also created a couple of loopbacks on R3 and R4 that exist within Area 0, so even if the physical link goes down, you still have those networks in an active Area 0. Yes, this does improve things, however, if the link fails, you will have a discontiguous Area 0, which itself is also a problem.
It is normal behavior because when you configure a stub area, the ABR advertises itself as the default route only to those OSPF neighbors within the stub area. In your case, Area 102 is the stub area, therefore R3 and R4 will only advertise themselves as a default route via their Gi0/2 interfaces. Area 0 can never be a stub area, since it is the backbone, therefore R3 and R4 will not advertise themselves to each other as the default route. Does that make sense?
Hi Guys, I have a question around being able to route to the internet from a Totally NSSA. Initially I configure the lab below so all areas are normal area. Iām using a default static route on R4, and default-information originate in the ospf process. Iām able to get to internet IP from all other routers. However Iām having trouble getting this working once I convert Area 3 into a Totally NSSA.
R3 is ABR configured with āarea 1 nssa no-summaryā
R4 is configured with āarea 1 nssaā
I notice on R4 that I donāt get the default 0.0.0.0/0 O IA route from the R3 (the ABR) and so while I can reach the internet, I cant route out of the Total NSSA. I believe this is down to R4s local static route having a better AD. If I remove the local default static route from R4, I then get the R3ās summary O IA route, so can route out of the area, but of course then cannot get to the internet.
I noticed a typo, but Iām not sure if itās a typo in your post or in your config. The ABR should be configured with
area 3 nssa no-summary
and R4 should be configured with
area 3 nssa
Not area 1.
Now I will assume thatās a typo in the post, and in your lab, you did indeed use area 3. The reason for the behavior you are facing is indeed what you have said:
You canāt have a default route within area 3 pointing to the Internet, and then have another default route pointing out of the OSPF area via the ABR. One of the two will be preferred and installed on R4.
This is not an OSPF limitation but a matter of design. For your particular case, using an NSSA would be preferable to using a Totally NSSA.
A Totally NSSA should be used only if you have an area from which the only default route should be via the ABR to the backbone area. Yes, you would have an ASBR within the area, but that ASBR should be connected only to a small network of limited size and limited address spaces so that you can advertise specific subnets rather than a default route.
If you want to have the arrangement you are creating in your topology, the best stub type would be the NSSA. That way, the ASBR can advertise its static default route, without any other advertised default route in the area, and the ABR will receive it and convey it to the rest of the topology.
But even your setup, as it is, will work as you have seen because of the AD that prefers the static default route over the one advertised by the ABR. But now you know why it works this way!
Sorry, yes your are correct it was a typo, I had indeed meant area 3.
I did think this was the case with regards to this setup. I havenāt labbed it yet, but if I instead used a NSSA for area 3, the rest of the network would be able to get to the internet, but would R4 lose its ability to get to the RIP networks since the ABR (R3) would prevent R1ās Type-5 LSAs from entering Area 3? Or would R3 also convert R1s Type-5 into Type-7 and advertise to R4?
I guess in general you wouldnāt plan/design a network that connected to the internet in this way, but it was a handy lab to understand the limitations (or exceptions) for area design.
Indeed if you used an NSSA for area 3, the rest of the network would be able to get to the internet. Now would R4 lose its routes to the RIP domain? Yes it would because as you suggest, these are advertised as Type 5 into the backbone area, which R3 will block because it is a stub. R3 would not convert the type 5 LSAs into type 7. It only works the other way around.
So the arrangement will not work! There are a couple of things you can do to make it work however. One is to make Area 3 a normal non-stub area. If you want to maintain the NSSA status of area 3, then the other way to do it is to manually apply static routes in R4 to reach those routes.
Yes youāre right, doing such experimentation helps to understand the limitations and exceptions of the area design. I believe that your experiment shows us the true reasoning behind stub networks. Stubs were created to minimize the routing table size in OSPF areas that have paths to the rest of the network via the backbone area, i.e. via one or more ABRs. However, NSSAs and Totally NSSAs were created as exceptions to allow for ASBRs and connections to non-OSPF domains. When you get to the point of trying to create stubs with too many exceptions, youāre returning to a non-stub solution, essentially negating the benefit that stubs gave you in the first place. Does that make sense?
Great discussion, though, and quite informative!! Keep networking!
