A friend of mine asked me about the OSPF forwarding address. The question was why
must the network type be broadcast for the FA to be set? Why is not point to point
and point to multipoint network type valid?

First of all, what is the point of having a forwarding address? Look at the topology
below.

Forwarding_address_BGP

R3 is the only one running BGP to R4. If the FA is not set then there will be an
extra hop compared to R2 sending the traffic directly to R4.

R1#sh ip route 10.10.4.0
Routing entry for 10.10.4.0/24
  Known via "ospf 1", distance 110, metric 1
  Tag 4, type extern 2, forward metric 20
  Last update from 10.10.12.2 on FastEthernet0/0, 00:00:23 ago
  Routing Descriptor Blocks:
  * 10.10.12.2, from 10.10.23.3, 00:00:23 ago, via FastEthernet0/0
      Route metric is 1, traffic share count is 1
      Route tag 4

R1#sh ip ospf data ex 10.10.4.0

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Type-5 AS External Link States

  Routing Bit Set on this LSA
  LS age: 35
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 10.10.4.0 (External Network Number )
  Advertising Router: 10.10.23.3
  LS Seq Number: 80000001
  Checksum: 0xEB7D
  Length: 36
  Network Mask: /24
        Metric Type: 2 (Larger than any link state path)
        TOS: 0 
        Metric: 1 
        Forward Address: 0.0.0.0
        External Route Tag: 4

R1#traceroute 10.10.4.4 num

Type escape sequence to abort.
Tracing the route to 10.10.4.4

  1 10.10.12.2 44 msec 44 msec 32 msec
  2 10.10.23.3 60 msec 36 msec 40 msec
  3 10.10.234.4 84 msec *  76 msec

Because the forwarding address is set to 0 the traffic must flow through the
ASBR originating the LSA.

Which conditions must be met to set the FA?

The interface on the ASBR must have OSPF enabled. It must not be passive and it
must be broadcast. Let’s enable this on R3.

R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#int f0/1
R3(config-if)#ip ospf 1 area 0

Now check the external LSA on R1 and a traceroute.

R1#sh ip ospf data ex 10.10.4.0

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Type-5 AS External Link States

  Routing Bit Set on this LSA
  LS age: 243
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 10.10.4.0 (External Network Number )
  Advertising Router: 10.10.23.3
  LS Seq Number: 80000002
  Checksum: 0xF66E
  Length: 36
  Network Mask: /24
        Metric Type: 2 (Larger than any link state path)
        TOS: 0 
        Metric: 1 
        Forward Address: 10.10.234.4
        External Route Tag: 4

R1#traceroute 10.10.4.4 num

Type escape sequence to abort.
Tracing the route to 10.10.4.4

  1 10.10.12.2 48 msec 32 msec 64 msec
  2 10.10.234.4 96 msec *  88 msec

The traffic is now flowing directly via R2. The key point here is that in broadcast
networks all routers can communicate with each other (full mesh). We can see this by
looking at the type2 LSA.

R1#sh ip ospf data net 10.10.234.3

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Net Link States (Area 0)

  Routing Bit Set on this LSA
  LS age: 179
  Options: (No TOS-capability, DC)
  LS Type: Network Links
  Link State ID: 10.10.234.3 (address of Designated Router)
  Advertising Router: 10.10.23.3
  LS Seq Number: 80000001
  Checksum: 0x3485
  Length: 32
  Network Mask: /24
        Attached Router: 10.10.23.3
        Attached Router: 10.10.12.2

Why isn’t a point to point network valid? Well, the name pretty much says it all.
With point-to-point there can only be two routers connected so there is no use
in setting the FA because the traffic must flow through the router originating
the LSA.

If we look at the router LSA from R2 when we have broadcast network type it looks
like this:

R1#sh ip ospf data router 10.10.12.2

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Router Link States (Area 0)

  LS age: 7
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 10.10.12.2
  Advertising Router: 10.10.12.2
  LS Seq Number: 8000000A
  Checksum: 0x977B
  Length: 60
  Number of Links: 3

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.234.3
     (Link Data) Router Interface address: 10.10.234.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 1

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.23.2
     (Link Data) Router Interface address: 10.10.23.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.12.1
     (Link Data) Router Interface address: 10.10.12.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

You can see that the 10.10.234.0 is a transit network and then the type 2 LSA shows
which routers are connected and the network mask. Now if we change to point to point.

R1#sh ip ospf data router 10.10.12.2

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Router Link States (Area 0)

  LS age: 59
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 10.10.12.2
  Advertising Router: 10.10.12.2
  LS Seq Number: 8000000B
  Checksum: 0xF2E3
  Length: 72
  Number of Links: 4

    Link connected to: another Router (point-to-point)
     (Link ID) Neighboring Router ID: 10.10.23.3
     (Link Data) Router Interface address: 10.10.234.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 1

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 10.10.234.0
     (Link Data) Network Mask: 255.255.255.0
      Number of TOS metrics: 0
       TOS 0 Metrics: 1

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.23.2
     (Link Data) Router Interface address: 10.10.23.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.12.1
     (Link Data) Router Interface address: 10.10.12.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

The 10.10.234.0 network is now a stub network which means it can’t be used for transit.
Usually there should only be two routers connected here, we shouldn’t use P2P network
type if there is an Ethernet segment with multiple routers.

So finally why is P2MP not valid? Because P2MP is used in NBMA networks. These networks
are usually partially meshed and from the perspective of OSPF it is a collection of
point to point links. This is how the LSA looks.

R1#sh ip ospf data router 10.10.12.2

            OSPF Router with ID (10.10.12.1) (Process ID 1)

                Router Link States (Area 0)

  LS age: 8
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 10.10.12.2
  Advertising Router: 10.10.12.2
  LS Seq Number: 8000000D
  Checksum: 0xFCD6
  Length: 72
  Number of Links: 4

    Link connected to: another Router (point-to-point)
     (Link ID) Neighboring Router ID: 10.10.23.3
     (Link Data) Router Interface address: 10.10.234.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 1

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 10.10.234.2
     (Link Data) Network Mask: 255.255.255.255
      Number of TOS metrics: 0
       TOS 0 Metrics: 0

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.23.2
     (Link Data) Router Interface address: 10.10.23.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.10.12.1
     (Link Data) Router Interface address: 10.10.12.2
      Number of TOS metrics: 0
       TOS 0 Metrics: 10

It looks very similar to P2P with the difference that the stub network has a mask
of /32. This is useful in partial mesh where spokes need to reach each other via
the hub and don’t have a DLCI between them.

So it only makes sense to use FA in broadcast networks because that is the only
place where routers are guaranteed to be able to communicate to each other because
it is by nature fully meshed.

Why OSPF FA is only set on broadcast networks
Tagged on:         

6 thoughts on “Why OSPF FA is only set on broadcast networks

  • April 11, 2013 at 4:53 am
    Permalink

    Daniel nice explanation friend and I hope u keep your good work going now I have one kore good blog to follow

    Reply
  • April 14, 2013 at 8:06 am
    Permalink

    Thanks for the elaboration.

    Reply
  • April 25, 2013 at 8:50 pm
    Permalink

    For non-broadcast networks special provisions for configuration facilitate neighbor … Generally an interface is only configured in a single area, however you can …. If the priority setting on an OSPF router is set to 0, that means it can NEVER.

    Reply
  • April 5, 2015 at 6:17 pm
    Permalink

    Hi,

    Could someone explain why the redistributed route on the asbr is removed from the routing table of the routers inside the ospf area if we configure a static route to the forwarding address on the router in the ospf area that connects to the asbr ?
    The route is still present in the database though.

    I had this problem with a static redistributed route and not a bgp route.

    I had this problem in production and I reproduced it in lab.
    When I remove the static route, the redistributed route is back in the routing table.

    Reply
    • April 5, 2015 at 6:19 pm
      Permalink

      “and not a bgp route.” I meen I did not test it

      Reply
    • April 6, 2015 at 12:58 am
      Permalink

      Answer is in RFC 2328 page 173

      If the forwarding address is non-zero, look up the forwarding address in the routing table. The matching routing table entry must specify an intra-area or inter-area path; if no such path exists, do nothing with the LSA and consider the next in the list.

      So if there is a redundant static route, it will be in the routing table in place of the ospf one due to the AD, the external LSA will not be selected to be in the routing table

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: