1
00:00:00,000 --> 00:00:00,940

2
00:00:00,940 --> 00:00:04,230
[AUDIO LOGO]

3
00:00:04,230 --> 00:00:07,060

4
00:00:07,060 --> 00:00:10,390
Now we need to look at a
couple of the advanced features

5
00:00:10,390 --> 00:00:12,850
that we have with NSSA.

6
00:00:12,850 --> 00:00:17,290
Specifically, we want to
look at that translator

7
00:00:17,290 --> 00:00:19,450
and how to control it.

8
00:00:19,450 --> 00:00:22,090
There might be situations
where we actually

9
00:00:22,090 --> 00:00:26,050
care which router becomes
the translator out

10
00:00:26,050 --> 00:00:27,670
of our different ABRs.

11
00:00:27,670 --> 00:00:30,130
So we'll take a look
at how to control that.

12
00:00:30,130 --> 00:00:35,110
And we'll take a look at
the default route in NSSA.

13
00:00:35,110 --> 00:00:37,870
As we've already seen,
it doesn't actually

14
00:00:37,870 --> 00:00:40,330
create a default automatically.

15
00:00:40,330 --> 00:00:42,280
So we're going to
be taking a look

16
00:00:42,280 --> 00:00:45,220
at how we generate
a default, and what

17
00:00:45,220 --> 00:00:47,170
that looks like when we do.

18
00:00:47,170 --> 00:00:51,130
So let's jump in and take a
look at these different features

19
00:00:51,130 --> 00:00:53,570
in NSSA.

20
00:00:53,570 --> 00:00:56,570
So as we saw in
our previous video,

21
00:00:56,570 --> 00:01:00,680
we know that router 3 is
currently the translator.

22
00:01:00,680 --> 00:01:04,160
So let's take a look at
what it would take to make

23
00:01:04,160 --> 00:01:05,900
router 1 the translator.

24
00:01:05,900 --> 00:01:07,730
And then as we
already mentioned,

25
00:01:07,730 --> 00:01:12,650
we'll also see what's involved
in generating a default route

26
00:01:12,650 --> 00:01:16,340
into the NSSA from our ABRs.

27
00:01:16,340 --> 00:01:18,950
So let's go ahead, and
jump in and get started.

28
00:01:18,950 --> 00:01:21,530
We'll go ahead, and
start on router 1

29
00:01:21,530 --> 00:01:25,080
by forcing it to
be a translator.

30
00:01:25,080 --> 00:01:29,580
So we start by going into
configuration mode, router ospf

31
00:01:29,580 --> 00:01:32,900
1, area 100.

32
00:01:32,900 --> 00:01:36,740
And on the NSSA command,
notice we have a choice here

33
00:01:36,740 --> 00:01:38,000
for translate.

34
00:01:38,000 --> 00:01:40,340
If we say translate,
there's actually

35
00:01:40,340 --> 00:01:42,050
only one choice after this.

36
00:01:42,050 --> 00:01:43,790
It's the type 7.

37
00:01:43,790 --> 00:01:46,490
And there's only one
choice after that,

38
00:01:46,490 --> 00:01:48,590
which is to, say, always.

39
00:01:48,590 --> 00:01:50,030
We'll commit that change.

40
00:01:50,030 --> 00:01:52,490
And now let's do
some verification.

41
00:01:52,490 --> 00:01:58,630
If we say show ip
ospf begin area 100,

42
00:01:58,630 --> 00:02:01,330
notice that it now says,
to perform the type

43
00:02:01,330 --> 00:02:06,160
7 to type 5 LSA translation
and to do it always.

44
00:02:06,160 --> 00:02:10,120
That's because it's been
manually configured to do so.

45
00:02:10,120 --> 00:02:12,070
Now once router 1
has been configured

46
00:02:12,070 --> 00:02:14,710
to be the translator,
router 3 should

47
00:02:14,710 --> 00:02:16,600
stop being the translator.

48
00:02:16,600 --> 00:02:20,000
Let's go check it
out on router 3.

49
00:02:20,000 --> 00:02:22,280
But notice here, this
actually is still

50
00:02:22,280 --> 00:02:26,060
performing type 7 to
type 5 translation.

51
00:02:26,060 --> 00:02:29,750
Interestingly enough,
router 3 hasn't stopped.

52
00:02:29,750 --> 00:02:34,310
So the question is, is it
really still doing that?

53
00:02:34,310 --> 00:02:36,140
Let's jump over to router 7.

54
00:02:36,140 --> 00:02:39,600
We just want to look at this
from a different router.

55
00:02:39,600 --> 00:02:42,000
We'll look at those
external LSAs,

56
00:02:42,000 --> 00:02:44,550
and look at the
advertising router.

57
00:02:44,550 --> 00:02:48,210
It is still 10.3.3.3.

58
00:02:48,210 --> 00:02:51,900
So not only does router 3 think
it should still be translating,

59
00:02:51,900 --> 00:02:54,500
it actually is.

60
00:02:54,500 --> 00:02:59,300
And this is actually due
to an issue on IOS-XR--

61
00:02:59,300 --> 00:03:02,870
how it handles not
so stubby areas.

62
00:03:02,870 --> 00:03:05,390
To see this, let's
go to router 1.

63
00:03:05,390 --> 00:03:08,690
Let's start by doing
the show ip route ospf.

64
00:03:08,690 --> 00:03:10,910
And we can actually see
something interesting right

65
00:03:10,910 --> 00:03:11,660
off the bat.

66
00:03:11,660 --> 00:03:16,670
Notice that we're actually
following the external type

67
00:03:16,670 --> 00:03:18,850
2's.

68
00:03:18,850 --> 00:03:22,090
If I say show ip ospf
database external,

69
00:03:22,090 --> 00:03:24,760
and then look at the
internal processing,

70
00:03:24,760 --> 00:03:30,130
we can see that the routing bit
is actually set on this LSA.

71
00:03:30,130 --> 00:03:34,870
We're using this
type 5 from router 3.

72
00:03:34,870 --> 00:03:36,790
Look at the advertising router.

73
00:03:36,790 --> 00:03:40,750
We're actually following
the translated LSA

74
00:03:40,750 --> 00:03:42,850
that router 3 is generating.

75
00:03:42,850 --> 00:03:45,040
And herein lies the problem.

76
00:03:45,040 --> 00:03:49,360
Because if we look at the
same thing, but for NSSA,

77
00:03:49,360 --> 00:03:51,760
we have the type 7's.

78
00:03:51,760 --> 00:03:54,190
But we're not using them.

79
00:03:54,190 --> 00:03:57,760
And the problem is, if
we're not using them,

80
00:03:57,760 --> 00:04:00,070
we can't translate them.

81
00:04:00,070 --> 00:04:05,170
Therefore, router 3 is
staying as the translator.

82
00:04:05,170 --> 00:04:07,480
Now, why is this?

83
00:04:07,480 --> 00:04:10,240
Let's jump back over
to our topology quick.

84
00:04:10,240 --> 00:04:12,880
So again, what's
happening here is,

85
00:04:12,880 --> 00:04:15,610
router 9 is sending
its routes, of course,

86
00:04:15,610 --> 00:04:18,070
to router 2, who
is redistributing

87
00:04:18,070 --> 00:04:22,510
that, sending them as
type 7's over to router 1.

88
00:04:22,510 --> 00:04:26,200
And ultimately,
down to router 3.

89
00:04:26,200 --> 00:04:29,410
Router 3 is then, of course,
translating this to a type 5

90
00:04:29,410 --> 00:04:34,210
LSA and sending it up to router
1 to the rest of the network,

91
00:04:34,210 --> 00:04:34,870
as well.

92
00:04:34,870 --> 00:04:36,820
But we're concerned
about router 1.

93
00:04:36,820 --> 00:04:42,610
So that means that router 1 is
receiving a type 5 LSA, as well

94
00:04:42,610 --> 00:04:46,960
as a type 7 LSA
for the same route.

95
00:04:46,960 --> 00:04:49,970
And herein lies the problem.

96
00:04:49,970 --> 00:04:56,180
IOS-XR follows RFC 1587.

97
00:04:56,180 --> 00:05:00,800
And IOS-XE, starting
right around version 1501,

98
00:05:00,800 --> 00:05:05,480
actually uses RFC 3101.

99
00:05:05,480 --> 00:05:08,210
So what's the difference
between these, and why

100
00:05:08,210 --> 00:05:09,440
is it important here?

101
00:05:09,440 --> 00:05:14,600
Well, 1587 says to
prefer external routes

102
00:05:14,600 --> 00:05:22,730
in the order of E1s, then
N1s, then E2s, and then N2s.

103
00:05:22,730 --> 00:05:26,840
In RFC 3101, really
to sort of address

104
00:05:26,840 --> 00:05:29,090
the issue we're dealing
with right here,

105
00:05:29,090 --> 00:05:31,070
they changed this up.

106
00:05:31,070 --> 00:05:40,820
In 3101, the order is, we prefer
N1, then E1, then N2, then E2.

107
00:05:40,820 --> 00:05:45,140
So we can see the problem here
that with IOS-XR, following

108
00:05:45,140 --> 00:05:49,670
RFC 1587, we can see
now why router 1 is

109
00:05:49,670 --> 00:05:51,140
making this decision.

110
00:05:51,140 --> 00:05:55,730
It's preferring
the E2 over the N2.

111
00:05:55,730 --> 00:05:59,840
And as such, are forcing
the translator isn't really

112
00:05:59,840 --> 00:06:02,690
making the change that
we thought it should.

113
00:06:02,690 --> 00:06:05,000
But we have configured
it properly.

114
00:06:05,000 --> 00:06:09,500
And in the case of IOS-XE, this
would be working as it should.

115
00:06:09,500 --> 00:06:14,330
In the case of IOS-XR, it
is technically working.

116
00:06:14,330 --> 00:06:16,250
But it will not
actually function

117
00:06:16,250 --> 00:06:21,230
as expected because of
this RFC 1587 issue.

118
00:06:21,230 --> 00:06:23,690
So now that we've talked
about the translator,

119
00:06:23,690 --> 00:06:26,720
let's go ahead and talk
about that default route.

120
00:06:26,720 --> 00:06:30,410
In order to have an external
route to be able to test with,

121
00:06:30,410 --> 00:06:35,270
we're going to go ahead
and change area 200, which

122
00:06:35,270 --> 00:06:37,430
is currently a stub.

123
00:06:37,430 --> 00:06:41,540
We are going to change this
so that it's no longer a stub.

124
00:06:41,540 --> 00:06:45,830
So we're going to change area
200 back to a normal area.

125
00:06:45,830 --> 00:06:47,495
Let's hop over to router 6.

126
00:06:47,495 --> 00:06:50,070

127
00:06:50,070 --> 00:06:51,945
So of course, we'll just
go into router ospf.

128
00:06:51,945 --> 00:06:54,990

129
00:06:54,990 --> 00:06:58,020
And we'll just say
no area 200 stub.

130
00:06:58,020 --> 00:07:00,510
Of course, our neighbor ship
will go down for a moment

131
00:07:00,510 --> 00:07:03,230
until we can figure router 10.

132
00:07:03,230 --> 00:07:04,730
Same configuration here.

133
00:07:04,730 --> 00:07:07,710

134
00:07:07,710 --> 00:07:09,840
And the neighbor ships
should come back up.

135
00:07:09,840 --> 00:07:11,850
Let's verify we have
reachability now

136
00:07:11,850 --> 00:07:13,290
from, say, router 7.

137
00:07:13,290 --> 00:07:16,890
So here on router 7, let's
just do a show ip route ospf.

138
00:07:16,890 --> 00:07:19,590
And we'll do a
section of E2 just

139
00:07:19,590 --> 00:07:21,180
to look at the external routes.

140
00:07:21,180 --> 00:07:27,030
And we see that we are, in fact,
learning that 100.10.10.0/24

141
00:07:27,030 --> 00:07:29,460
now from router 10.

142
00:07:29,460 --> 00:07:32,290
And we can just verify
that we can reach it.

143
00:07:32,290 --> 00:07:34,890
.10 is the actual
host address, and we

144
00:07:34,890 --> 00:07:36,240
can see that it's working.

145
00:07:36,240 --> 00:07:39,210
So now let's look at
this from router 5.

146
00:07:39,210 --> 00:07:43,350
Remember that router
5 is inside the NSSA.

147
00:07:43,350 --> 00:07:48,570
So again, if I say show ip route
ospf, the first thing we know

148
00:07:48,570 --> 00:07:50,790
is that we have
no default route.

149
00:07:50,790 --> 00:07:54,120
And the gateway of
last resort is not set.

150
00:07:54,120 --> 00:07:57,690
Remember that external cannot
come in, because this is still

151
00:07:57,690 --> 00:07:58,710
a stub.

152
00:07:58,710 --> 00:08:00,900
It's just a special
type of a stub.

153
00:08:00,900 --> 00:08:07,420
If we were to say show ip
cef for the 100.10.10.10,

154
00:08:07,420 --> 00:08:11,110
what we find is that it's
telling us it would follow

155
00:08:11,110 --> 00:08:14,110
the default, but it
doesn't have one.

156
00:08:14,110 --> 00:08:16,450
So it's telling us the route
that it would match on--

157
00:08:16,450 --> 00:08:19,120
0.0.0.0/0.

158
00:08:19,120 --> 00:08:21,580
But that there is
no route for that.

159
00:08:21,580 --> 00:08:23,740
That's because there's
no default route here.

160
00:08:23,740 --> 00:08:27,910
That, of course, also means
that it will not work.

161
00:08:27,910 --> 00:08:29,350
This should time out.

162
00:08:29,350 --> 00:08:31,480
We can, of course,
see here that it is.

163
00:08:31,480 --> 00:08:33,340
So clearly, we need a default.

164
00:08:33,340 --> 00:08:39,770
Let's configure router 1 to send
a default route into the NSSA.

165
00:08:39,770 --> 00:08:42,590
We simply go into the
router ospf process.

166
00:08:42,590 --> 00:08:44,300
We'll go into area 100.

167
00:08:44,300 --> 00:08:47,640
Say NSSA.

168
00:08:47,640 --> 00:08:48,960
Say default-info.

169
00:08:48,960 --> 00:08:50,100
We can tab that out.

170
00:08:50,100 --> 00:08:51,840
We can see it's a
rather long command,

171
00:08:51,840 --> 00:08:53,460
default-information-originate.

172
00:08:53,460 --> 00:08:55,320
And we have our
other options here.

173
00:08:55,320 --> 00:08:57,120
But let's just go
ahead and hit Enter.

174
00:08:57,120 --> 00:08:58,890
We'll commit those changes.

175
00:08:58,890 --> 00:09:02,650
And let's go back and
check on router 5 again.

176
00:09:02,650 --> 00:09:04,990
We do our show ip route ospf.

177
00:09:04,990 --> 00:09:08,230
We see that we now have an N2.

178
00:09:08,230 --> 00:09:14,630
So it's a type 7 LSA
coming in as a default.

179
00:09:14,630 --> 00:09:18,800
Now the reason this is brought
in as a type 7 for the default

180
00:09:18,800 --> 00:09:22,880
is, again, maybe I have
a default coming in

181
00:09:22,880 --> 00:09:24,410
from another protocol.

182
00:09:24,410 --> 00:09:27,530
And that's also
coming in as a type 7.

183
00:09:27,530 --> 00:09:31,580
Maybe what I want to do
is follow that other route

184
00:09:31,580 --> 00:09:34,430
as my primary
default. And maybe I

185
00:09:34,430 --> 00:09:37,070
would set a higher
metric on this one,

186
00:09:37,070 --> 00:09:39,350
and use this one as a backup.

187
00:09:39,350 --> 00:09:42,680
If I brought this in
as another LSA type.

188
00:09:42,680 --> 00:09:46,940
For example, if I brought
this in as a type 3 LSA,

189
00:09:46,940 --> 00:09:51,080
then I would have absolutely
no choice but to follow

190
00:09:51,080 --> 00:09:54,680
the internal OSPF
default. I would not

191
00:09:54,680 --> 00:09:56,960
be able to follow
an external default.

192
00:09:56,960 --> 00:09:59,720
By bringing it in as
a type 7, it still

193
00:09:59,720 --> 00:10:02,570
gives us as the
administrators the option

194
00:10:02,570 --> 00:10:05,150
to choose which
one we want to use.

195
00:10:05,150 --> 00:10:08,000
Now in this case, we're
just bringing in the 1.

196
00:10:08,000 --> 00:10:10,400
So that's not really
an issue here.

197
00:10:10,400 --> 00:10:12,470
But just be aware
that that's why

198
00:10:12,470 --> 00:10:15,200
it's brought in as a type 7.

199
00:10:15,200 --> 00:10:17,570
Now, of course, we can verify
our other commands now.

200
00:10:17,570 --> 00:10:24,110
To show ip cef for 100.10.10.10,
we can see that it's still

201
00:10:24,110 --> 00:10:25,700
going to follow
that default route.

202
00:10:25,700 --> 00:10:28,310
But now it actually has a route.

203
00:10:28,310 --> 00:10:30,830
Particularly, heading
up towards router 2

204
00:10:30,830 --> 00:10:33,460
and then over towards router 1.

205
00:10:33,460 --> 00:10:37,630
It also means we should be
able to ping our address.

206
00:10:37,630 --> 00:10:39,640
We can see that
that's working fine.

207
00:10:39,640 --> 00:10:45,010
However, if we do a show
ip ospf database nssa,

208
00:10:45,010 --> 00:10:48,400
particularly for
the 0.0.0.0 entry,

209
00:10:48,400 --> 00:10:50,770
notice we're only receiving one.

210
00:10:50,770 --> 00:10:54,280
And this is because we
only configured router 1.

211
00:10:54,280 --> 00:10:56,530
You would normally
want redundancy here.

212
00:10:56,530 --> 00:10:58,900
So we should configure
router 3 as well.

213
00:10:58,900 --> 00:11:01,420
Router 3 is the same
configuration as router 1.

214
00:11:01,420 --> 00:11:04,820
So we'll just paste it in, and
go back and verify on router 5

215
00:11:04,820 --> 00:11:05,320
again.

216
00:11:05,320 --> 00:11:07,690
So first, if we look
at our database again,

217
00:11:07,690 --> 00:11:09,400
we now have two entries--

218
00:11:09,400 --> 00:11:12,130
one from router 1,
one from router 3.

219
00:11:12,130 --> 00:11:15,220
So we'll do a show
ip route ospf.

220
00:11:15,220 --> 00:11:18,790
And we can see that we have both
entries in our routing table.

221
00:11:18,790 --> 00:11:21,040
If we look at the
details for that route,

222
00:11:21,040 --> 00:11:24,130
we can see that it's
actually load sharing on both

223
00:11:24,130 --> 00:11:25,210
of those routes.

224
00:11:25,210 --> 00:11:27,460
So now we're not only
getting the default,

225
00:11:27,460 --> 00:11:30,720
but we're also load sharing.

226
00:11:30,720 --> 00:11:35,220
In this video, we took a look
at two more advanced features

227
00:11:35,220 --> 00:11:37,770
that we have on NSSA.

228
00:11:37,770 --> 00:11:41,430
First, we took a look at how
to control the translator,

229
00:11:41,430 --> 00:11:46,650
even though on IOS-XR
following RFC 1587,

230
00:11:46,650 --> 00:11:49,320
it doesn't exactly
work as expected.

231
00:11:49,320 --> 00:11:52,200
However, we did still
see how to control that.

232
00:11:52,200 --> 00:11:54,600
And we talked
about how to do the

233
00:11:54,600 --> 00:11:58,230
default-information-originate
into the NSSA

234
00:11:58,230 --> 00:12:03,870
and saw how that brings
it in as a type 7 LSA.

235
00:12:03,870 --> 00:12:06,000
I hope this has been
informative for you.

236
00:12:06,000 --> 00:12:09,080
And I'd like to thank
you for viewing.

237
00:12:09,080 --> 00:12:12,000