Friday, December 30, 2011

OSPF Route Summarization and Filtering

Route summarization consolidates multiple routes into a single summary route. Proper route summarization planning and implementation directly affects the amount of bandwidth, CPU, and memory resources consumed by routers.

Without route summarization, every inter-area LSA (Type-3, Type-4, and Type-5) is propagated by ABRs throughout an OSPF domain, consuming additional bandwidth and router resources. Upon the flooding of an inter-area LSA, all affected OSPF routers must process the LSA and perform route computation to locate the lowest metric path to the ABR for the destination network (link up) or flush an MaxAge LSA (link down).

With route summarization, only the summary routes are being propagated by ABRs. Route summarization reduces unnecessary LSA flooding, reduces route re-computation upon topology changes, and increases network stability.

Below describes the 2 types of route summarization:

Inter-area route summarization Occurs on ABRs and applies upon routes propagated between areas.
Does not apply to external routes injected into OSPF via redistribution.
To achieve effective inter-area route summarization, network numbers within areas should be assigned contiguously for the addresses to be summarized into a minimal number of summary addresses as possible.
External route summarization Applies upon external routes injected into OSPF via redistribution.
It is important to ensure the continuity of external address ranges that are being summarized. Summarizing overlapping address ranges from different ASBRs can cause packets to be forwarded through the wrong path. External addresses should be assigned contiguously as well.

OSPF Route Summarization on an ABR

Note: Always reconsider when summarizing networks in the backbone area to other areas. When there is more than 1 ABR between an area and the backbone area, propagating a Type-3 Network-Summary-LSA with the explicit network information into an area ensures that the shortest path to the destination outside the area will be selected and prevents suboptimal routing.

OSPF Route Summarization on an ASBR

The summary-address {{address mask} | {prefix mask}} [not-advertise] [tag tag] OSPF router subcommand configures a summary route for external routes on an OSPF ASBR. The not-advertise keyword suppresses the routes that match the prefix/mask pair.

Link-state routing protocols do not advertise routes, but advertise topology information instead. OSPF is a link-state routing protocol that relies upon the information in the topology database for route computation. All routers within an area must have the same and consistent topology information to make accurate routing decisions; the routers independently calculate the shortest paths to destination networks based on the topology information using the SPF algorithm.

OSPF route filtering within an area can be achieved using distribute lists (in conjunction with access lists, prefix lists, and route maps), or modifying the administrative distance.
Note: OSPF routers do not advertise routes; instead, they advertise LSAs. Any filtering applied upon OSPF LSU packets would need to filter the transmission of LSAs. Performing OSPF route filtering within an area does not affect routes as they enter the OSPF topology database, but the IP routing table instead; and on only the router on which the route filtering is configured. Additionally, it does not affect the propagation of LSAs from the router that performs route filtering – route filtering is local significant.
Note: Route filtering on link-state routing protocols often result in different routing tables (but same topology database) on routers, which would then introduce routing loops or routing black holes to the network.

The OSPF ABR Type-3 LSA Filtering feature extends the ability of OSPF ABRs to filter routes that are being propagated between OSPF areas. It allows only routes matched with specified prefixes to be sent from one area to another area and restricts all other routes. It can be applied out from an area, into an area, or both into and out of an area at the same time.

The main benefit of the OSPF ABR Type-3 LSA Filtering feature is provides improved control of route distribution between OSPF areas by filtering Type-3 LSAs originated from ABRs.

OSPF ABR Type-3 LSA Filtering

Below shows the routing table on RT1 and RT3 with route filtering configured on RT2:
RT2#sh ip ospf
--- output omitted ---
    Area BACKBONE(0)
--- output omitted ---
        Area-filter Area0-IN in
        Area-filter Area0-OUT out
--- output omitted ---
    Area 1
--- output omitted ---
        Area-filter Area1-IN in
--- output omitted ---

RT1#sh ip route

--- output omitted ---
O IA [110/3] via, 00:00:32, FastEthernet0/0
O IA [110/3] via, 00:00:32, FastEthernet0/0
O IA [110/3] via, 00:00:32, FastEthernet0/0
RT3#sh ip route

--- output omitted ---
O IA [110/3] via, 00:00:40, FastEthernet0/0
O IA [110/3] via, 00:00:40, FastEthernet0/0

Note: RT3 does not see in its routing table. This is because the route was not advertised from Area 0 (Area0-OUT) even it is allowed to be advertised into Area 1 (Area1-IN).

The area area-id filter-list prefix prefix-name {in | out} OSPF router subcommand filters IP prefixes or subnets as advertised as Type-3 Network-Summary-LSAs between OSPF areas. The area-id is the identifier of the area for which route filtering is configured; it can be specified as either a decimal value or an IP address. The prefix keyword indicates that a prefix list is used. Prefixes that do not match any entry in the prefix list are implicitly denied.

The in direction applies upon the Type-3 LSAs originated by the ABR based on the information from other areas into the specified area; while the out direction applies upon the Type-3 LSAs originated by the ABR based on the information from the specified area to other areas. Eventually, the area filter-list command filters Type-3 LSAs from going in or out of an area. Filtering Type-3 LSAs between areas prevents the routes from entering the OSPF topology database and eventually prevents them from entering the routing table.

Type-3 LSAs that were originated as a result of the area range OSPF router subcommand are treated as ordinary Type-3 LSAs. When route summarization (area range) and route filtering (area filter-list) are implemented together on an OSPF router to propagate a summary route into an area (in direction), the summary route must be matched with an entry in the prefix list for it to be propagated into the area. While propagating a summarized route from an area (out direction), at least one prefix in the summarized area range must be matched with an entry in the prefix list for it to be propagated to other areas – if no subordinate routes exist, the ABR does not advertise the summary.

When the area range OSPF router subcommand is configured with the not-advertise keyword, both the summary route and component routes will not be advertised as Type-3 LSAs. As a result, it has the same effect as the area filter-list OSPF router subcommand with the out keyword, which filters the LSAs from originating from a specific area to other areas.

Component routes are also being referred to as subordinate routes – the routes whose address ranges are inside the range of addresses defined by the summary route.

No comments:

Post a Comment