EIGRP/OSPF LAB: The Merger

In this update I will explore how to merge an existing OSPF network with an existing EIGRP network and also touch on some other subjects which you can read about in the objectives below.

Scenario:

Company A has bought Company B and must merge its network into its own. Company A runs the EIGRP routing protocol and Company B runs the OSPF routing protocol. The engineer will also need to take several other objectives into account such as route summarization, redistribution and the actual connection between the two companies over a leased line.

This lab comes with different objectives that we’ll have to research and try to complete.

Topology:

Preliminary configuration:

  1. Configure all interfaces and the Frame Relay connection.
  2. Configure all Loopback interfaces on each router.
  3. Configure EIGRP AS 10 for Company A.
  4. Configure OSPF 10 for Company B.
  5. Configure OSPF router ID’s for Company B.

Objectives:

  1. Before starting, verify proper operations for each network with the use of a Tcl script.
  2. Summarize the loopback networks on R2 as efficient as possible.
  3. Investigate and implement authentication between R3 & R4.
  4. Redistribute OSPF routes into the EIGRP network.
Instead of going step by step through the preliminary configuration, I will just give you an overview of each router and its base configuration.
If you’d like to know how to configure Frame Relay, base EIGRP or OSPF settings, please refer to my previous updates.

Now that is done, we can get started on our objectives.

Objective one; verify proper operations for each network with the use of a Tcl script.

I will use TCL scripting to check if each configured IP address is reachable for each router.
I have prepared the Tcl script for both companies’ networks in notepad as you can see below. This will then be easy to paste into each router’s cli to test inter-connectivity.

Interestingly enough, after the running the script I saw that everything was reachable, except for R3 and R4 Se 0/0 interface, and this only from its own network or locally on the router itself.

I did some research and it seems that on a connection like this, even when pinging its own local interface, the ping address will still transverse the serial link, which is weird if you ask me!

This can be solved by adding a frame-relay map pointing to the router’s own serial interface IP address. After adding this (and advertising the 10.1.1.3/27 on R3) , the Tcl script was showing full connectivity across the grid for Company A.

Now let’s take a look at Company B. I’ve made the same mistake with the frame relay map on R4, so let’s fix that first.

And now to run the Company B script that I prepared.

Seems like everything is working as should so let’s move on to objective #2; Summarize the loopback networks on R2 as efficient as possible.
I explained how to do manual summarization in this update, so you can click that link if you’re interested in learning how to do this. For now I’ll just calculate the best summary and configure it. Here is how it will end up looking for R2:

On to Objective #3, authentication between R3 and R4.
This is kind of a vague objective, what kind of authentication do they want? I’ll just decide for myself and go with route authentication, also because we will have to set up an OSPF relationship between R3 and R4 anyway for the route redistribution in Objective #4 so I will do both objectives in one go.

First I’ve set up an OSPF relationship between R3 and R4. You can also see that R3 is now aware of the OSPF routes of Company B.

And now we can configure OSPF redistribution into our EIGRP network on R3 with the router process command “redistribute OSPF 10“. You should also set the default-metric with the command “default-metric 10000 100 255 1 1500” or your routes will not be redistributed properly.

We will need to also configure R4’s equivalent and redistribute the EIGRP routes into the OSPF or else they will not be able to communicate. You would need to set up an EIGRP relationship between R4 and R3, and then use the command “redistribute EIGRP 10” under R4’s OSPF router process.

We can test proper functioning by checking the routing table and general reachability with the Company B Tcl script on R2.

Routing Table:
Note how you can see the External (EX) routes showing up now.

And let’s test reachability to Company B’s network from R2 with the prepared script.

Great, that seems to work aswell. Now I just need to configure authentication.
OSPF Authentication is implemented with the router OSPF command “area 1 authentication message-digest” and the interface Serial 0/0 command “ip ospf message-digest-key 1 md5 myospfkey” on both R 3 and R4.

You can verify proper operation of this authentication by seeing that the neighbor relationships come back up after setting the key on both sides.

OSPF – Stub Areas

In this update I will explore the different kinds of stub areas for OSPF.

Now, what is this all about and why would you want to use something called a stub anyway?

It’s quite simple really;

A stub area in OSPF is an area that will not learn external routes.
Instead, external routes are replaced, by means of a Type 3 LSA, with a single default route pointing to that area’s ABR.

If you’d like to learn more about the different types of LSA, Wikipedia has a very good entry on them.
Also, you might to refer to the drawing below, where we have different area types interacting with eachother with each area showing the allowed LSA types.

Clever, right? This way you can keep router resources free for areas that do not really need such a detailed routing table. Now, ofcourse they could not keep it as simple as this and had to come up with a bunch of extra types of stubs.

Atleast they gave them funny names.

Here are three kinds we will be exploring in this update.

  1. OSPF Stub area
  2. OSPF Totally Stubby area
  3. OSPF Not-so-Stubby area

Here is the topology we will be working with.

A simple topology, but it will serve our needs for this lab.
You can see that Area 0 is ofcourse present, and another area, Area 1, which we will be making different flavors of stub.
Also note that each router has a loopback interface and router ID reflecting its hostname.

Here is the initial configuration.

R1#sh run int se 0/0
Building configuration…

Current configuration : 83 bytes
!
interface Serial0/0
ip address 100.0.0.1 255.255.255.0
clock rate 2000000
end

R1#sh run int lo 1

Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
ip ospf network point-to-point

end

R1#sh run | sec ospf
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 100.0.0.0 0.0.0.255 area 0
R2#sh run int se 0/0

Building configuration…

Current configuration : 83 bytes
!
interface Serial0/0
ip address 100.0.0.2 255.255.255.0
clock rate 2000000
end

R2#sh run int se 0/1
Building configuration…

Current configuration : 83 bytes
!
interface Serial0/1
ip address 200.0.0.2 255.255.255.0
clock rate 2000000
end

R2#sh run int lo 1
Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 2.2.2.2 255.255.255.0
ip ospf network point-to-point
end

R2#sh run | sec ospf
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 1
network 100.0.0.0 0.0.0.255 area 0
network 200.0.0.0 0.0.0.255 area 1

R3#sh run int se 0/1

Building configuration…

Current configuration : 83 bytes
!
interface Serial0/1
ip address 200.0.0.1 255.255.255.0
clock rate 2000000
end

R3#sh run int lo 1
Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 3.3.3.3 255.255.255.0
ip ospf network point-to-point
end

R3#sh run | sec ospf
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 1
network 200.0.0.0 0.0.0.255 area 1

Everything is on the default configuration, so R1 and R3 are seeing the full routing tables.

R1#sh ip route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
O IA 2.2.2.0 [110/65] via 100.0.0.2, 00:00:02, Serial0/0
100.0.0.0/24 is subnetted, 1 subnets
C 100.0.0.0 is directly connected, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
O IA 3.3.3.0 [110/129] via 100.0.0.2, 00:00:02, Serial0/0

R3#sh ip route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:00:22, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:00:22, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:00:22, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1

We will now make Area 1 a Stub Area.

R2(config)#router ospf 10
R2(config-router)#area 1 stub

*Mar  1 00:49:27.987: %OSPF-5-ADJCHG: Process 10, Nbr 3.3.3.3 on Serial0/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

R3(config)#router ospf 10
R3(config-router)#area 1 stub

We have configured the stub with the command “Area x stub” and it seems our OSPF Adjacency was reset because of it.

Let’s take another look at R3’s routing table.

R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:01:28, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:01:28, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:01:28, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:01:28, Serial0/1

Here we can see a default Inter-Area route has been added towards the Area 1 ABR, R2.
If for example, Area 0 knew about an ASBR distributing RIPv2 routes, these routes would not be redistributed to Area 1 but would instead be encompassed in the default route we are now seeing.

To verify this, let’s add a RIP route to R1 and enable redistribution with the OSPF router process command “redistribute rip subnets“.

R1(config)#int lo 80
R1(config-if)#ip address 80.0.0.1 255.255.255.0
R1(config)#router rip
R1(config-router)#network 80.0.0.0
R1(config)#router ospf 10
R1(config-router)#redistribute rip subnets

Okay, let’s see if R2 sees the redistributed route.

R2#sh ip route 80.0.0.0
Routing entry for 80.0.0.0/24, 1 known subnets

O E2 80.0.0.0 [110/20] via 100.0.0.1, 00:02:27, Serial0/0

There it is, External type 2 via R1.

And what about our stubby friend, R3?

R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:06:03, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:06:07, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:06:07, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:06:08, Serial0/1

As it should be, it knows only the default route for external routes.
With the “Show IP OSPF” command, you will see that this is indeed a stub area.

R3#sh ip ospf | begin Area 1
Area 1
Number of interfaces in this area is 2 (1 loopback)
It is a stub area
Area has no authentication
SPF algorithm last executed 00:08:13.540 ago
SPF algorithm executed 2 times
Area ranges are
Number of LSA 5. Checksum Sum 0x04C935
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

Now let’s turn this Stub Area into a TOTALLY STUB AREA!
Wait, why does this have such an exciting sounding name?

First of all, this is only configured on the stub area’s ABR and will allow only a single default route from the backbone area.

This can be done with the command “area 1 stub no-summary” on the ABR R2.

R2(config)#router ospf 10
R2(config-router)#area 1 stub no-summary

I’ve reset the OSPF process to be sure.
Now we’ll look at R3’s current routing table.

 R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:01:25, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:01:25, Serial0/1

You can see now that all Inter-Area routes are also gone, except for the default one.
2.0.0.0 is still showing up because I configured it to be in Area 1 earlier, instead of 0. It’s too bad because this is kinda ruining the effect.

In any case, our Totally Stub area is working as intended.

Next up, Not-So-Stubby Areas.

A Not-So-Stubby Area  (NSSA) is similar to a regular stub area, except that it will allow routes to be redistributed from an ASBR into that area with a special LSA type, which gets converted to a normal extended route at the ABR.

A real life situation is where you might have a stub area on the edge of your network which suddenly needs to be connected to another external network in turn. Being a stub, it will not be able to redistribute the routes from the new network. In this case we could configure it as a NSSA, allowing it to do the redistribution, but keeping the benefits of a stub area.

Let’s first remove our config from the previous test.

R2(config)#router ospf 10
R2(config-router)#no area 1 stub no-summary
R2(config-router)#no area 1 stub

R3(config)#router ospf 10
R3(config-router)#no area 1 stub

And take another look at our current routing tables.

R1#sh ip route | begin Gate
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
O IA 2.2.2.0 [110/65] via 100.0.0.2, 00:09:23, Serial0/0
100.0.0.0/24 is subnetted, 1 subnets
C 100.0.0.0 is directly connected, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
O IA 3.3.3.0 [110/129] via 100.0.0.2, 00:05:15, Serial0/0
O IA 200.0.0.0/24 [110/128] via 100.0.0.2, 00:09:23, Serial0/0
80.0.0.0/24 is subnetted, 1 subnets
C 80.0.0.0 is directly connected, Loopback80

R3#sh ip route | begin Gate
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:05:27, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:05:27, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:05:27, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
80.0.0.0/24 is subnetted, 1 subnets
O E2 80.0.0.0 [110/20] via 200.0.0.2, 00:00:01, Serial0/1

I will now configure the Not-So-Stubby area with the OSPF router process command “area 1 nssa“. To make R3 an ASBR I will also add the loopback 3 interface and redistribute it with the command “redistribute connected subnets”

R2(config)#router ospf 10
R2(config-router)#area 1 nssa

R3(config)#interface loopback 3
R3(config-if)#ip address 192.168.1.1 255.255.255.0
R3(config)#router ospf 10
R3(config-router)#area 1 nssa
R3(config-router)#redistribute connected subnets

If you look at the routing table for R2, you can see the external route for the 192.168.1.0/24 subnet comes in as a Type N2 from R3. This is because it is a special NSSA external route.

R2#sh ip route | begin 192
O N2 192.168.1.0/24 [110/20] via 200.0.0.1, 00:01:00, Serial0/1

If we now look at R1’s routing table, we can see that this same route has ended up as an external type 2 route

R1#sh ip route | begin 192
O E2 192.168.1.0/24 [110/20] via 100.0.0.2, 00:03:28, Serial0/0

NSSA does Type 7 LSA to Type 5 translation. We can see this in the output below from our ABR, R2.

R2#sh ip ospf | begin Area 1
Area 1
Number of interfaces in this area is 2 (1 loopback)
It is a NSSA area
Perform type-7/type-5 LSA translation
Area has no authentication
SPF algorithm last executed 00:04:04.992 ago
SPF algorithm executed 16 times
Area ranges are
Number of LSA 5. Checksum Sum 0x0326BD
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

In this update, I explored some (but not all) types of Stub areas for OSPF.

References:
OSPF Stub area animated
LSA Types
Cisco Learning network
Link-State Advertisement