In this article we will explain and discuss OSPF Not So Stubby Area (NSSA) and also how to configure this Area type on Cisco routers.
OSPF is a link state dynamic routing protocol that is used by routers to share routing information. This allows routers to inform each other of the paths that should be taken to reach particular destination networks.
As mentioned above, we’ll be talking about OSPF Not So Stubby Areas (NSSAs), why they’re useful, and how to configure them. We’ll also be looking into how that strange name came about.
OSPF is one of the most popular routing protocols used today, and one of the reasons for this is its scalability, allowing for extensively large OSPF topologies.
One of the features that enable such scalability is that an OSPF topology can be separated into multiple areas. Having multiple smaller areas makes the sharing and storing of routing information much more manageable and efficient.
OSPF routers within each area need only know details about routes found within their own area. For destinations outside of the area, routers direct their queries to the Area Border Router (ABR) which is responsible for “knowing” about routes outside of the local area.
What is a Stub Area?
In an effort to make OSPF even more efficient, designers came up with the concept of a stub area. Take a look at this OSPF topology. Notice that there is only one entry point into Area 1, and that is via the ABR.:
If no stub area configurations are applied, the ABR will send Type 3, 5, and 7 LSAs to R1 in Area 1, informing it of all the networks that exist in Area 0.
The result is that R1 will populate its OSPF database as well as its routing table with multiple destinations, all pointing to the same next hop router: the ABR. This is because the ABR is the way to reach all of those destinations.
If you configure Area 1 as a stub area, the ABR will not share all of these networks. It will instead inform R1 that it is the default route for all destinations outside of Area 1. This results in smaller routing tables, OSPF databases, and OSPF updates.
OSPF Stub Area Types
Now there are several different types of OSPF stub areas. These are:
- Stub area
- Totally stub area
- Not so stubby area (NSSA)
- Totally NSSA
Interesting names, eh? Engineers can be “creative” when naming things. In any case, each of these types of stub areas results in a slightly different behavior of OSPF, allowing only certain types of LSAs to be advertised and disallowing others.
What is an OSFP NSSA?
An NSSA is defined as an OSPF area where the ABR disallows Type 5 external LSAs while allowing the existence of an Autonomous System Border Router (ASBR).
This allowance makes such an area “not as stubby” as a stub area or a totally stub area both of which have additional restrictions. So the name is somewhat descriptive of what it actually does, albeit in a sometimes confusing way.
Specifically, an NSSA has the following characteristics:
- The ABR is allowed to flood the area with Type 3 Summary LSAs.
- The ABR is not allowed to flood the area with Type 5 External LSAs.
- The area can contain an ASBR and can send Type 7 External LSAs to the ABR which can be translated to Type 5 LSAs when sent to Area 0.
What does that look like? Take a look at the following diagram:
In this scenario:
- The ABR will inform R1 of the 126.96.36.199/32 network via a Type 3 LSA, which is allowed in the NSSA. Thus 188.8.131.52/32 will enter the OSPF database and the routing table of R1.
- The ABR will not inform R1 of the 184.108.40.206/24 network, which would require a Type 5 LSA, which is not allowed in the NSSA. Alternatively, it will inform R1 that the ABR itself is the default route for all other destinations, thus 220.127.116.11/24 will be reachable via that default route.
- The ABR will inform Area 0 about the 18.104.22.168/24 network which is advertised by R2, which is an ASBR. ASBRs are allowed to exist within the NSSA.
Configuring an NSSA on a Cisco router
Let’s take our topology above and put some more IP addresses and interface names on it like so:
Let’s assume that OSPF has been correctly configured on all of the routers in Area 0 and that the ABR and R1 have been configured with the IP addresses as shown.
We also assume that R2 and R3, which are ASBRs, are configured to redistribute their networks into the respective OSPF areas. We further configure OSPF on the ABR and R1 routers like so:
ABR(config)#router ospf 1
ABR(config-router)#network 192.168.0.0 0.0.0.255 area 0
ABR(config-router)#network 192.168.1.0 0.0.0.255 area 1
R1(config)#router ospf 1
R1(config-router)#network 192.168.1.0 0.0.0.255 area 1
So far, this is a regular OSPF configuration. In order to configure area 1 as an NSSA, we must add the following commands on the ABR and R1 routers under their respective OSPF configurations:
ABR(config-router)#area 1 nssa
R1(config-router)#area 1 nssa
Now what should we see in the routing table of R1? We should see those routes advertised via LSA Type 3s. Specifically, we should see the routes found within area 0. Let’s take a look:
R1#show ip route ospf
O IA 192.168.0.0/24 [110/2] via 192.168.1.2, 00:00:44, FastEthernet0/0
O IA 22.214.171.124/32 [110/4] via 192.168.1.2, 00:00:27, FastEthernet0/0
Both the 192.168.0.0/24 network and the 126.96.36.199/32 network are those found within Area 0, and the ABR advertises them into the NSSA as summary routes using Type 3 LSAs which are allowed.
They are indicated as Inter Area routes marked by O IA at the beginning of each line. However, we don’t see the 188.8.131.52/24 network at all because Type 5 LSAs are blocked.
You may have also noticed that there is no default route so R1 will be unable to reach the 184.108.40.206/24 network. But this can be remedied using the following command under the OSPF configuration of the ABR:
ABR(config-router)#area 1 nssa default-information-originate
This command tells the ABR to inform R1 that it is the default route for all other destinations. Looking at the routing table of R1, we can see the following:
R1#show ip route ospf
O IA 192.168.0.0/24 [110/2] via 192.168.1.2, 00:02:40, FastEthernet0/0
O IA 220.127.116.11/32 [110/4] via 192.168.1.2, 00:01:22, FastEthernet0/0
O*N2 0.0.0.0/0 [110/1] via 192.168.1.2, 00:00:27, FastEthernet0/0
Now we can see the default route, and thus we can reach the 18.104.22.168/24 network, and all other networks for that matter, via the ABR.
Finally, because the NSSA allows for the advertisement of Type 7 LSAs within the area, the 22.214.171.124/24 network should now be advertised to all of the OSPF routers in Area 0. If we were to look at one of their routing tables, we should see something like this:
Area0_OSPF_router#show ip route ospf
126.96.36.199/24 is subnetted, 1 subnets
O E2 188.8.131.52 [110/20] via 192.168.0.2, 00:07:25, FastEthernet0/0
O IA 192.168.1.0/24 [110/2] via 192.168.0.2, 00:07:41, FastEthernet0/0
Here you can see that the route to 184.108.40.206/24 is advertised successfully.
Best Practices for Using NSSA
We’ve already explained why stub networks in general are useful for OSPF, but the question remains, when should an NSSA be configured? Typically, an NSSA is useful when the following characteristics exist on a network:
- You have tens, hundreds, or even thousands of routes being redistributed into OSPF’s backbone area (area 0).
- You have relatively few destinations within the backbone area that must be advertised.
- You have an ASBR within the stub area that must be able to advertise its networks to the backbone area.
All three of the above criteria are fulfilled by the NSSA OSPF network type, resulting in smaller and more efficient OSPF databases, routing tables, and OSPF updates.