OSPF and Secondary Addresses

OSPF and Secondary Addresses

There are two rules of OSPF when it comes to Secondary IP addresses on an interface-

    1. OSPF will advertise a secondary subnetwork only if it also running on the primary subnetwork.
    2. Secondary networks are considered STUB network and hence no Hellos are sent on them. Hence, no adjacencies can be established on secondary networks.

Network topology:

Configuration:

R1 Configuration

interface Serial 1/0
 ip address 192.168.10.1 255.255.255.240
!
interface Serial 1/1
 ip address 192.168.20.1 255.255.255.240
!
router ospf 1
 router-id 1.1.1.1
 network 192.168.20.0 0.0.0.15 area 0
 network 192.168.10.0 0.0.0.15 area 1
!

The Fastethernet 0/0 interface of R2 router is configured with a secondary IP address from subnet 172.19.35.0/24.

R2 Configuration

interface Serial 1/0
 ip address 192.168.10.2 255.255.255.240
!
interface Fastethernet 0/0
 ip address 192.168.10.33 255.255.255.240
 ip address 172.19.35.2 255.255.255.0 secondary
!
router ospf 1
 router-id 2.2.2.2
 network 192.168.10.32 0.0.0.15 area 1
 network 172.19.35.0 0.0.0.255 area 1
!

OSPF is not configured on R3 router. However, a static route is configured to reach supernet 192.16.0.0/16

R3 Configuration

interface Fastethernet 0/0
 ip address 172.19.35.1 255.255.255.0
!
ip route 192.168.0.0 255.255.0.0 172.19.35.2
!

OSPF Neighbor Adjacency:

R1 router forms adjacency with R2 router. While R2 router forms adjacency with only R1 router. Even if R3 router was configured with OSPF, it will not form adjacency with R2 router since R2 will not send Hellos to secondary networks. R2 router does not act as an ASBR; it is only connected to R3 router via a secondary network.

OSPF Neighbor Adjacency

R1# show ip ospf neighbor
Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/  -        00:00:34    192.168.10.2    Serial1/0
R2# show ip ospf neighbor
Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1           0   FULL/  -        00:00:38    192.168.10.1    Serial1/0
R2# show ip ospf
 Routing Process "ospf 1" with ID 2.2.2.2
 Start time: 01:33:47.132, Time elapsed: 00:00:10.536
 Supports only single TOS(TOS0) routes
 Supports opaque LSA
 Supports Link-local Signaling (LLS)
 Supports area transit capability
 Router is not originating router-LSAs with maximum metric
 Initial SPF schedule delay 5000 msecs
 Minimum hold time between two consecutive SPFs 10000 msecs
 Maximum wait time between two consecutive SPFs 10000 msecs
 Incremental-SPF disabled
 Minimum LSA interval 5 secs
 Minimum LSA arrival 1000 msecs
 LSA group pacing timer 240 secs
 Interface flood pacing timer 33 msecs
 Retransmission pacing timer 66 msecs
 Number of external LSA 0. Checksum Sum 0x000000
 Number of opaque AS LSA 0. Checksum Sum 0x000000
 Number of DCbitless external and opaque AS LSA 0
 Number of DoNotAge external and opaque AS LSA 0
 Number of areas in this router is 1. 1 normal 0 stub 0 nssa
 Number of areas transit capable is 0
 External flood list length 0
    Area 1
        Number of interfaces in this area is 2
        Area has no authentication
        SPF algorithm last executed 00:00:01.460 ago
        SPF algorithm executed 2 times
        Area ranges are
        Number of LSA 3. Checksum Sum 0x00CF9C
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0

R2 router still advertises 172.19.35.0/24 network to R1 router and the connected interface (172.19.35.1) of R3 router is reachable from R1 router.

172.19.35.0/24 reachable from R1

R1# show ip route | begin Gateway
Gateway of last resort is not set
     192.168.10.0/28 is subnetted, 2 subnets
O       192.168.10.32 [110/65] via 192.168.10.2, 00:12:16, Serial1/0
C       192.168.10.0 is directly connected, Serial1/0
     172.19.0.0/24 is subnetted, 1 subnets
O       172.19.35.0 [110/65] via 192.168.10.2, 00:12:16, Serial1/0
     192.168.20.0/28 is subnetted, 1 subnets
C       192.168.20.0 is directly connected, Serial1/1
R1#ping 172.19.35.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.35.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 140/189/236 ms

To prove Rule#1, if the primary network (192.168.10.32/28) was removed from OSPF on R2 router, it will not advertise 172.19.35.0/24 to R1 router.

Rule#1 confirmation

R2 router:
router ospf 1
 no network 192.168.10.32 0.0.0.15 area 1
!
R1# show ip route | begin Gateway
Gateway of last resort is not set
     192.168.10.0/28 is subnetted, 1 subnets
C       192.168.10.0 is directly connected, Serial1/0
     192.168.20.0/28 is subnetted, 1 subnets
C       192.168.20.0 is directly connected, Serial1/1

RIP between R2 and R3:

R2 router will now act as an ASBR since it is redistributing routes between OSPF and RIP.

RIP has no problems with secondary addresses and is run between R2 and R3 on secondary network. Redistribution is done on R2 router.

R2 RIP Configuration

router rip
 version 2
 no auto-summary
 network 172.19.0.0
 redistribute ospf 1 metric 10 match internal external
!
router ospf 1
 ....
 redistribute rip metric 10 subnets metric-type 2
!

The following output shows routes learnt by R1 router via OSPF.

R1 routes

R1# show ip route | begin Gateway
Gateway of last resort is not set
     3.0.0.0/32 is subnetted, 1 subnets
O E2    3.3.3.3 [110/10] via 192.168.10.2, 00:00:09, Serial1/0
     4.0.0.0/32 is subnetted, 1 subnets
O E2    4.4.4.4 [110/10] via 192.168.10.2, 00:00:09, Serial1/0
     5.0.0.0/32 is subnetted, 1 subnets
O E2    5.5.5.5 [110/10] via 192.168.10.2, 00:00:09, Serial1/0
     192.168.10.0/28 is subnetted, 2 subnets
O       192.168.10.32 [110/65] via 192.168.10.2, 00:00:09, Serial1/0
C       192.168.10.0 is directly connected, Serial1/0
     172.19.0.0/24 is subnetted, 1 subnets
O       172.19.35.0 [110/65] via 192.168.10.2, 00:00:09, Serial1/0
     192.168.20.0/28 is subnetted, 1 subnets
C       192.168.20.0 is directly connected, Serial1/1

The following output shows routes learnt by R2 router.

R2 routes

R2# show ip route | begin Gateway
Gateway of last resort is not set
     3.0.0.0/32 is subnetted, 1 subnets
R       3.3.3.3 [120/1] via 172.19.35.1, 00:00:22, FastEthernet0/0
     4.0.0.0/32 is subnetted, 1 subnets
R       4.4.4.4 [120/1] via 172.19.35.1, 00:00:22, FastEthernet0/0
     5.0.0.0/32 is subnetted, 1 subnets
R       5.5.5.5 [120/1] via 172.19.35.1, 00:00:22, FastEthernet0/0
     192.168.10.0/28 is subnetted, 2 subnets
C       192.168.10.32 is directly connected, FastEthernet0/0
C       192.168.10.0 is directly connected, Serial1/0
     172.19.0.0/24 is subnetted, 1 subnets
C       172.19.35.0 is directly connected, FastEthernet0/0
     192.168.20.0/28 is subnetted, 1 subnets
O IA    192.168.20.0 [110/128] via 192.168.10.1, 00:00:43, Serial1/0

The following output shows routes on R3 router.

R3 routes

R3# show ip route | begin Gateway
Gateway of last resort is not set
     3.0.0.0/32 is subnetted, 1 subnets
C       3.3.3.3 is directly connected, Loopback0
     4.0.0.0/32 is subnetted, 1 subnets
C       4.4.4.4 is directly connected, Loopback1
     5.0.0.0/32 is subnetted, 1 subnets
C       5.5.5.5 is directly connected, Loopback2
     192.168.10.0/28 is subnetted, 1 subnets
R       192.168.10.0 [120/10] via 172.19.35.2, 00:00:19, FastEthernet0/0
     172.19.0.0/24 is subnetted, 1 subnets
C       172.19.35.0 is directly connected, FastEthernet0/0
     192.168.20.0/28 is subnetted, 1 subnets
R       192.168.20.0 [120/10] via 172.19.35.2, 00:00:19, FastEthernet0/0

A ping from R1 router to R3 router is confirmed below.

Ping output

R1# ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 196/230/264 ms
R1# ping 172.19.35.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.35.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/211/220 ms