Home
>
Personal Technology
>
Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

When I first started studying for my CCNP, some of the concepts of OSPF really confused me. This was especially true for the ASBR, stub areas, and total stub areas. Sure, I could memorize the LSA types associated with these devices and area types, but there just weren't any illustrations that explained exactly what was going on.

This CCNP tutorial shows an ASBR in operation, and also introduces you to a basic example of route redistribution. Don't worry, it gets more complicated. :)

Here's the network we'll be working with in this tutorial:

R2 R3

Networks:

R1 - R5 Ethernet Segment: 10.1.1.0 /24

R1 - R2 - R3 Serial Segment: 172.16.123.0 /24 (Preconfigured with OSPF)

R1 and R5 are running RIP over their common Ethernet segment, 10.1.1.0 /24. R5 has three loopbacks it will be advertising into the RIP domain.

R1 is also running OSPF, with R2 and R3 as neighbors. Even though R1 knows about the loopbacks on R5, its OSPF neighbors do not. R1 has these routes in its RIP routing table, and for OSPF neighbors to learn of these routes, route redistribution must be manually configured.

R5#conf t
R5(config)#router rip
R5(config-router)#version 2
R5(config-router)#no auto-summary
R5(config-router)#network 5.0.0.0
R5(config-router)#network 10.0.0.0

R1#conf t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 10.0.0.0

R1#show ip route rip
5.0.0.0/24 is subnetted, 3 subnets
R 5.1.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.2.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.3.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0

R1 has a route for all three of R5's loopback interfaces, learned via RIP. R1 is also running OSPF, but its neighbors R2 and R3 don't know about these RIP routes:

R2#show ip route ospf

R2# < no output from show command means no routes! >

R3#show ip route ospf

R3#

Be careful when configuring redistribution use IOS Help to make sure you're not missing any vital options. IOS Help shows that there is a "subnets" option when redistributing RIP into OSPF. If that is left off, only classful networks are redistributed (as the router is kind enough to tell us). In this case, we have no classful networks, so there will be no redistribution. R2 will not see the RIP routes.

R1(config)#router ospf 1
R1(config-router)#redistribute rip ?

metric Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
route-map Route map reference
subnets Consider subnets for redistribution into OSPF
tag Set tag for routes redistributed into OSPF

R1(config-router)#redistribute rip
% Only classful networks will be redistributed

R2#show ip route ospf

R2#clear ip route *

R2#show ip route ospf

R2#

On R1, we'll now use the "subnets" option, and the RIP subnets are successfully redistributed into OSPF.

R1(config)#router ospf 1

R1(config-router)#redistribute rip subnets

R2 now sees the redistributed routes.

R2#show ip route ospf

5.0.0.0/24 is subnetted, 3 subnets

O E2 5.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

O E2 5.2.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

O E2 5.3.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

10.0.0.0/24 is subnetted, 1 subnets

O E2 10.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

Notice that the routes are marked as "E2". The E indicates that these are external routes these are routes that were learned by OSPF via redistribution.

Naturally, you'll want to ping these networks to make sure you have two-way communication. Even though the routes to these loopbacks are in the routing table, pings fail:

R2#ping 5.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Keep this in mind when troubleshooting: It's not enough to have a route to a destination for pings to succeed there's got to be a path back. At this point, R5 doesn't know where the 172.12.123.0 network is, so there's no way the ping can get back. More route redistribution is necessary on R1.

Your first instinct may be to redistribute OSPF routes into RIP to make this work, but remember that the 172.12.123.0 /24 network isn't known to R1 via OSPF it's a directly connected network. We can redistribute connected networks into RIP to give R5 a route to 172.12.123.0 /24, which will give the ICMP packets a path back to R2, which will allow pings to succeed.

R1(config)#router rip

R1(config-router)#redistribute connected

R5#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 10.1.1.1, 00:00:02, Ethernet0

172.12.0.0/24 is subnetted, 1 subnets

R 172.12.123.0 [120/1] via 10.1.1.1, 00:00:02, Ethernet0

R2#ping 5.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 68/69/76 ms

Performing this redistribution makes R1 an ASBR, as shown here with show ip ospf. This command even shows you what protocol(s) are being redistributed into OSPF.

R1#show ip ospf

Routing Process "ospf 1" with ID 1.1.1.1

Supports only single TOS(TOS0) routes

Supports opaque LSA

It is an autonomous system boundary router

Redistributing External Routes from,

rip, includes subnets in redistribution

Knowing exactly what the ASBR does and how to configure route redistribution are just a few of the many OSPF skills you'll need to earn your CCNP. Like any other Cisco skill, breaking a complex topic like OSPF down into smaller, manageable pieces is the best way to master these topics and pass the CCNP exams.

Keep watching The Bryant Advantage website for more free CCNA and CCNP tutorials!

To your success,
Chris Bryant
CCIE #12933
chris@thebryantadvantage.com

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage. The Bryant Advantage offers dozens of FREE CCNA, CCNP, and Home Lab tutorials and articles. The Bryant Advantage sells the world's most comprehensive CCNA Study Guide, and my exclusive Binary Math and Subnetting Mastery book. My CCNA Online Fast Track is the world's fastest-growing CCNA course. Get your CCNA and CCNP today at http://www.thebryantadvantage.com

recurring cleaning service Mundelein ..

In The News:

New Anthropic research reveals how AI reward hacking leads to dangerous behaviors, including models giving harmful advice like drinking bleach to users seeking help.

The Fox News AI Newsletter gives readers the latest AI technology advancements, covering the challenges and opportunities AI presents.

Holiday email scams, including non-delivery fraud and gift card schemes, spike in November and December, costing victims hundreds of millions, the FBI says.

Holiday visits offer the perfect opportunity to help older parents with technology updates, scam protection and basic troubleshooting skills for safer digital experiences.

Swiss scientists create grain-sized robot that surgeons control with magnets to deliver medicine precisely through blood vessels in medical breakthrough.

Researchers exploited WhatsApp's API vulnerability to scrape 3.5 billion phone numbers. Learn how this massive data breach happened and protect yourself.

Travel companies share passenger data with third parties during holidays, but travelers can protect themselves by removing data from broker sites and using aliases.

Xpeng's humanoid robot moves so realistically that crowds believed it was fake, marking a major advancement in robotics technology ahead of 2026 commercial launch.

Researchers discover phishing scam using invisible characters to evade email security, with protection tips including password managers and two-factor authentication.

iPhone and Android users can reduce battery drain and data usage by restricting Background App Refresh to Wi-Fi connections instead of mobile networks.

Scammers nearly stole an Apple account by exploiting the support system with authentic-looking tickets and phone calls, users can protect themselves with safety steps.

FoloToy restored sales of its AI teddy bear Kumma after a weeklong suspension following safety group findings of risky and inappropriate responses to children.

Threat intelligence firm Synthient uncovers one of the largest password exposures ever, prompting immediate security recommendations.

Viral video shared by Elon Musk shows Tesla's Optimus humanoid robots performing tasks from cooking to construction, garnering over 58.5 million views on social media.

Chinese hackers used Anthropic's Claude AI to launch autonomous cyberattacks on 30 organizations worldwide, marking a major shift in cybersecurity threats.

Apple's new Sleep Score feature gives you a rating for your nightly rest quality. Learn how to set it up on your Apple Watch and iPhone today.

Essential phone settings to enable before losing your device, including Find My network, location services and security features for iPhone and Android.

The Fox News AI Newsletter gives readers the latest AI technology advancements, covering the challenges and opportunities AI presents.

Cybersecurity research shows weak passwords remain a major threat, with simple patterns and number sequences putting millions of accounts at risk.

New Android malware BankBot YNRK silences phones, steals banking data and drains crypto wallets automatically. Learn how this advanced threat works.

FDA approves first human trial for Paradromics' brain-computer interface that could restore speech for paralyzed patients through neural technology.

New phishing platform QRR targets Microsoft 365 users across 1,000 domains in 90 countries. Learn how to spot fake login pages and protect your accounts.

OpenTable now uses AI to track your dining habits and share insights with restaurants. Learn what data they collect and how to protect your privacy.

Google's discontinued Nest thermostats still secretly upload home data to company servers despite losing smart features, raising serious privacy concerns.

New Android malware NGate steals NFC payment codes in real-time, allowing criminals to withdraw cash from ATMs without your card. Learn protection tips.

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

Personal Technology