Lesson Contents
OSPF LSA type 7, also known as the NSSA External LSA, is one of the OSPF LSA types and exists to allow external route redistribution inside a Not So Stubby Area (NSSA). By design, Type 5 LSAs are blocked in stub-like areas, but NSSAs solve this by introducing LSA type 7 as a local replacement.
An ASBR inside the NSSA generates a type 7 LSA to advertise external prefixes within that area. When the LSA reaches the ABR, it is translated into an LSA type 5 and flooded into the rest of the OSPF domain as usual. In this lesson, you will learn how type 7 LSAs are generated, how the ABR performs the type 7-to-type 5 translation, and what all of this looks like in the Link State Database (LSDB) on Cisco IOS routers.
Key Takeaways
- The type 7 LSA is the NSSA External LSA. It is used to advertise external prefixes redistributed into OSPF inside an NSSA area.
- Type 5 LSAs are not allowed inside an NSSA. Type 7 is the NSSA-local equivalent.
- Type 7 LSAs are generated by an ASBR within the NSSA and flood only within that NSSA. They do not leave the area unchanged.
- The ABR at the boundary of the NSSA translates type 7 LSAs into type 5 LSAs and floods them into the rest of the OSPF domain.
- The translated type 5 LSA shows the ABR as the Advertising Router, not the original ASBR.
- Unlike type 5 LSAs (where the Forward Address is typically 0.0.0.0), type 7 LSAs carry a non-zero Forward Address. The ASBR’s interface IP inside the NSSA. The ABR preserves this in the translated type 5.
- Because the ABR advertises the translated type 5, routers outside the NSSA do not need a type 4 ASBR Summary LSA. They reach the ABR through normal OSPF.
- OSPF supports two NSSA metric types: N1 (translates to E1) and N2 (translates to E2, the default).
Prerequisites
To understand this lesson, you should be familiar with the following topics:
- OSPF fundamentals: How OSPF builds neighbor adjacencies, exchanges LSAs, and runs SPF.
- OSPF multi-area: How ABRs work and how LSAs are handled across area boundaries.
- OSPF stub areas: Stub areas block type 5 LSAs. Understanding this is what makes NSSA necessary.
- OSPF NSSA: What an NSSA is and why it exists.
- LSA type 5 (AS External LSA): Type 7 mirrors type 5 in structure and purpose. Knowing type 5 first makes type 7 much easier to follow.
- Route redistribution: Type 7 LSAs exist because of redistribution into OSPF from an external source.
Configuration
We’ll use the following topology:
We can learn how LSA type 7 works with only four routers. Area 1 is an NSSA area, so LSA type 5 is not allowed there. R1 is an ASBR and redistributes an external prefix into OSPF. Because area 1 is an NSSA, R1 generates a type 7 LSA instead of a type 5 LSA.
R2 is the ABR between area 1 and area 0 and is responsible for translating LSA type 7 into LSA type 5. R3 floods another LSA type 5 into area 2.
All routers run Cisco IOS Software [Dublin], Linux Software (X86_64BI_LINUX-ADVENTERPRISEK9-M), Version 17.12.1, RELEASE SOFTWARE (fc5).
Topology: OSPF Area 0-1-2 NSSA
Configurations
Want to take a look for yourself? Here you will find the startup configuration of each device.
R1
hostname R1
!
ip cef
!
interface Loopback0
ip address 11.11.11.11 255.255.255.255
!
interface Ethernet0/1
ip address 192.168.12.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
area 1 nssa
redistribute connected route-map CONNECTED_TO_OSPF
network 192.168.12.0 0.0.0.255 area 1
!
ip access-list standard R1_L0
10 permit 11.11.11.11
!
route-map CONNECTED_TO_OSPF permit 10
match ip address R1_L0
!
endR2
hostname R2
!
ip cef
!
interface Ethernet0/1
ip address 192.168.12.2 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0/2
ip address 192.168.23.2 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 2.2.2.2
area 1 nssa
network 192.168.12.0 0.0.0.255 area 1
network 192.168.23.0 0.0.0.255 area 0
!
endR3
hostname R3
!
ip cef
!
interface Ethernet0/1
ip address 192.168.23.3 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0/2
ip address 192.168.34.3 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 3.3.3.3
network 192.168.23.0 0.0.0.255 area 0
network 192.168.34.0 0.0.0.255 area 2
!
endR4
hostname R4
!
ip cef
!
interface Ethernet0/1
ip address 192.168.34.4 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 4.4.4.4
network 192.168.34.0 0.0.0.255 area 2
!
endVerification
We’ll check all four routers.
R1
Let’s look at the type 7 LSA on R1 first:
R1#show ip ospf database nssa-external self-originate
OSPF Router with ID (1.1.1.1) (Process ID 1)
Type-7 AS External Link States (Area 1)
LS age: 440
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 11.11.11.11 (External Network Number )
Advertising Router: 1.1.1.1
LS Seq Number: 80000001
Checksum: 0x14DB
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.12.1
External Route Tag: 0Let’s break down what we have here:
- Link State ID is the external network prefix (11.11.11.11). This is what other routers will install in their routing tables.
- Advertising Router is R1 (1.1.1.1), the ASBR that originated this LSA.
- Metric Type is 2 (N2). This is the default for redistributed routes in an NSSA.
- The metric is 20. This is the external cost assigned during redistribution.
- Forward Address is 192.168.12.1. Unlike type 5 LSAs, type 7 LSAs typically have a non-zero forward address. This is the address of the ASBR’s interface inside the NSSA. Routers use this address to forward traffic directly to R1 rather than to the ABR.
R2
Now let’s check R2, our ABR. R2 sits between Area 1 (the NSSA) and Area 0. It receives the type 7 LSA from R1 and translates it into a type 5 LSA for the rest of the domain. We should see both LSA types on R2:
R2#show ip ospf database nssa-external 11.11.11.11
OSPF Router with ID (2.2.2.2) (Process ID 1)
Type-7 AS External Link States (Area 1)
LS age: 475
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 11.11.11.11 (External Network Number )
Advertising Router: 1.1.1.1
LS Seq Number: 80000001
Checksum: 0x14DB
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.12.1
External Route Tag: 0R2 has the same type 7 LSA as R1. Now, let’s check if R2 has generated the translated type 5:
R2#show ip ospf database external 11.11.11.11
OSPF Router with ID (2.2.2.2) (Process ID 1)
Type-5 AS External Link States
LS age: 485
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 11.11.11.11 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x8A6B
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.12.1
External Route Tag: 0The translated type 5 LSA shows Advertising Router 2.2.2.2. This is R2, the ABR that did the translation. You don’t see R1 in this LSA. R2 preserves the Forward Address (192.168.12.1) from the original LSA type 7.
Because the type 5 LSA is now advertised by R2 (not R1), there is no need for a type 4 ASBR summary LSA. Routers outside the NSSA need to reach R2, which is already known through normal OSPF.
R3
Let’s confirm R3 if we only see the translated LSA type 5:
R3#show ip ospf database nssa-external
OSPF Router with ID (3.3.3.3) (Process ID 1)There is nothing here. No type 7 LSAs. We do have LSA type 5:
R3#show ip ospf database external 11.11.11.11
OSPF Router with ID (3.3.3.3) (Process ID 1)
Type-5 AS External Link States
LS age: 532
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 11.11.11.11 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x8A6B
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.12.1
External Route Tag: 0R3 only sees LSA type 5.
R4
And we see the same thing on R4: