Ticket #02

Ticket #02

Network diagram

IGP diagram


The problem:
While R3 can ping R1's Lo0 IP address, R4 can't do so. Fix the problem

The solution:

First lets try to ping R1's Lo0 IP address from R3.

On R3:

R3#ping 7.3.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.3.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/23/72 ms

We can ping from R3, now lets check R4.

On R4:

R4#ping 7.3.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.3.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Indeed, R4 can't ping R1's Lo0 IP address. Lets have a look at R4's routing table entry for R1's Lo0 IP address.

On R4:

R4#sh ip route 7.3.0.1
% Subnet not in table

Its not there, lets compare this with R3's routing table.


On R3:

R3#sh ip route 7.3.0.1
% Subnet not in table

Neither R3 have a route to R1's Lo0 IP address. Since there are no miracles, especially on the CCIE lab exam, R3 needs to somehow know where to send its packets. Maybe R3 have a default route.

On R3:

R3#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "ospf 1", distance 110, metric 2, candidate default path, type inter area
  Last update from 7.3.23.2 on FastEthernet0/0, 01:10:42 ago
  Routing Descriptor Blocks:
  * 7.3.23.2, from 7.3.0.2, 01:10:42 ago, via FastEthernet0/0
      Route metric is 2, traffic share count is 1


R3 do have a default route, and it's coming from R2 via OSPF. Maybe R4 have a default route too?

On R4:

R4#sh ip route 0.0.0.0
% Network not in table

While R3 have a default route, R4 do not. And that might be the problem in hand.

Looking at the IGP diagram, we can see that R4 should also have OSPF routes from R2. Lets verify this.

On R4:

R4#sh ip route ospf 
     7.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA    7.3.0.2/32 [110/2] via 7.3.24.2, 01:15:12, FastEthernet0/1
O IA    7.3.0.3/32 [110/3] via 7.3.24.2, 01:15:02, FastEthernet0/1
O IA    7.3.23.0/24 [110/2] via 7.3.24.2, 01:15:12, FastEthernet0/1

R4 do have OSPF routes. coming from R2. Lets have a look at R2's OSPF configuration to find out how R2 was configured to deliver the default route.

On R2:

R2#sh run | sec router ospf
router ospf 1
 log-adjacency-changes
 area 23 stub
 area 24 nssa
 default-information originate

We can see that the default-information originate OSPF command was configured to advertise the 0.0.0.0/0 route to OSPF neighbors as an external route. 

But we can see here two exceptions:
  1. It wont send an external route to stub areas.
  2. It wont send an external route to nssa area either.

How ever there is a difference between stub and nssa areas. An ABR will generate a 0.0.0.0/0 summary route into a regular stub area, but it won't do it for nssa area. And there is a very good reason for that. Remember that nssa is a special area, which whole purpose is the redistribute external routes into OSPF. And its very common to redistribute a 0.0.0.0/0 route from the edge Internet routers. Imagine what will happen if an ABR will inject a type 3 LSA 0.0.0.0/0 lsa-id into such an area and another router on that area will inject a type 7 LSA 0.0.0.0/0 lsa-id. What will happen? The answer is that the LSA type 3 will be preferred.

Fortunately, we can force an ABR to send a default route to nssa area.

On R2: 

R2(config)#router ospf 1
R2(config-router)#area 24 nssa default-information-originate

Now lets have a look at R4's routing table for 0.0.0.0/0 entry.

On R4:

R4#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "ospf 1", distance 110, metric 1, candidate default path, type NSSA extern 2, forward metric 1
  Last update from 7.3.24.2 on FastEthernet0/1, 00:05:49 ago
  Routing Descriptor Blocks:
  * 7.3.24.2, from 7.3.0.2, 00:05:49 ago, via FastEthernet0/1
      Route metric is 1, traffic share count is 1

Now that we have a route, lets try to ping from R4 to R1's Lo0 IP address.

On R4:

R4#ping 7.3.0.1       

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.3.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/20 ms

                                                    __ 
.-----.--.--.----.----.-----.-----.-----.|  |
|__ --|  |  |  __|  __|  -__|__ --|__ --||__|
|_____|_____|____|____|_____|_____|_____||__|