Home
>
Personal Technology
>
Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

When I first started studying for my CCNP, some of the concepts of OSPF really confused me. This was especially true for the ASBR, stub areas, and total stub areas. Sure, I could memorize the LSA types associated with these devices and area types, but there just weren't any illustrations that explained exactly what was going on.

This CCNP tutorial shows an ASBR in operation, and also introduces you to a basic example of route redistribution. Don't worry, it gets more complicated. :)

Here's the network we'll be working with in this tutorial:

R2 R3

Networks:

R1 - R5 Ethernet Segment: 10.1.1.0 /24

R1 - R2 - R3 Serial Segment: 172.16.123.0 /24 (Preconfigured with OSPF)

R1 and R5 are running RIP over their common Ethernet segment, 10.1.1.0 /24. R5 has three loopbacks it will be advertising into the RIP domain.

R1 is also running OSPF, with R2 and R3 as neighbors. Even though R1 knows about the loopbacks on R5, its OSPF neighbors do not. R1 has these routes in its RIP routing table, and for OSPF neighbors to learn of these routes, route redistribution must be manually configured.

R5#conf t
R5(config)#router rip
R5(config-router)#version 2
R5(config-router)#no auto-summary
R5(config-router)#network 5.0.0.0
R5(config-router)#network 10.0.0.0

R1#conf t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 10.0.0.0

R1#show ip route rip
5.0.0.0/24 is subnetted, 3 subnets
R 5.1.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.2.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0
R 5.3.1.0 [120/1] via 10.1.1.5, 00:00:10, Ethernet0

R1 has a route for all three of R5's loopback interfaces, learned via RIP. R1 is also running OSPF, but its neighbors R2 and R3 don't know about these RIP routes:

R2#show ip route ospf

R2# < no output from show command means no routes! >

R3#show ip route ospf

R3#

Be careful when configuring redistribution use IOS Help to make sure you're not missing any vital options. IOS Help shows that there is a "subnets" option when redistributing RIP into OSPF. If that is left off, only classful networks are redistributed (as the router is kind enough to tell us). In this case, we have no classful networks, so there will be no redistribution. R2 will not see the RIP routes.

R1(config)#router ospf 1
R1(config-router)#redistribute rip ?

metric Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
route-map Route map reference
subnets Consider subnets for redistribution into OSPF
tag Set tag for routes redistributed into OSPF

R1(config-router)#redistribute rip
% Only classful networks will be redistributed

R2#show ip route ospf

R2#clear ip route *

R2#show ip route ospf

R2#

On R1, we'll now use the "subnets" option, and the RIP subnets are successfully redistributed into OSPF.

R1(config)#router ospf 1

R1(config-router)#redistribute rip subnets

R2 now sees the redistributed routes.

R2#show ip route ospf

5.0.0.0/24 is subnetted, 3 subnets

O E2 5.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

O E2 5.2.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

O E2 5.3.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

10.0.0.0/24 is subnetted, 1 subnets

O E2 10.1.1.0 [110/20] via 172.12.123.1, 00:00:08, Serial0.123

Notice that the routes are marked as "E2". The E indicates that these are external routes these are routes that were learned by OSPF via redistribution.

Naturally, you'll want to ping these networks to make sure you have two-way communication. Even though the routes to these loopbacks are in the routing table, pings fail:

R2#ping 5.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Keep this in mind when troubleshooting: It's not enough to have a route to a destination for pings to succeed there's got to be a path back. At this point, R5 doesn't know where the 172.12.123.0 network is, so there's no way the ping can get back. More route redistribution is necessary on R1.

Your first instinct may be to redistribute OSPF routes into RIP to make this work, but remember that the 172.12.123.0 /24 network isn't known to R1 via OSPF it's a directly connected network. We can redistribute connected networks into RIP to give R5 a route to 172.12.123.0 /24, which will give the ICMP packets a path back to R2, which will allow pings to succeed.

R1(config)#router rip

R1(config-router)#redistribute connected

R5#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 10.1.1.1, 00:00:02, Ethernet0

172.12.0.0/24 is subnetted, 1 subnets

R 172.12.123.0 [120/1] via 10.1.1.1, 00:00:02, Ethernet0

R2#ping 5.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 68/69/76 ms

Performing this redistribution makes R1 an ASBR, as shown here with show ip ospf. This command even shows you what protocol(s) are being redistributed into OSPF.

R1#show ip ospf

Routing Process "ospf 1" with ID 1.1.1.1

Supports only single TOS(TOS0) routes

Supports opaque LSA

It is an autonomous system boundary router

Redistributing External Routes from,

rip, includes subnets in redistribution

Knowing exactly what the ASBR does and how to configure route redistribution are just a few of the many OSPF skills you'll need to earn your CCNP. Like any other Cisco skill, breaking a complex topic like OSPF down into smaller, manageable pieces is the best way to master these topics and pass the CCNP exams.

Keep watching The Bryant Advantage website for more free CCNA and CCNP tutorials!

To your success,
Chris Bryant
CCIE #12933
chris@thebryantadvantage.com

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage. The Bryant Advantage offers dozens of FREE CCNA, CCNP, and Home Lab tutorials and articles. The Bryant Advantage sells the world's most comprehensive CCNA Study Guide, and my exclusive Binary Math and Subnetting Mastery book. My CCNA Online Fast Track is the world's fastest-growing CCNA course. Get your CCNA and CCNP today at http://www.thebryantadvantage.com

recurring cleaning service Wilmette ..

In The News:

New Android malware NGate steals NFC payment codes in real-time, allowing criminals to withdraw cash from ATMs without your card. Learn protection tips.

DoorDash confirms data breach exposing customer names, emails, addresses after social engineering attack. Learn how to protect yourself from scams.

Concerned about Google's AI scanning your Gmail? Learn how to disable Gemini features that access your emails, Drive files and Chat messages for privacy.

Google warns Android users about dangerous fake VPN apps hiding malware that steals passwords, banking details and personal data from phones and tablets.

Apple's digital passport feature lets iPhone users breeze through TSA checkpoints this holiday season using Digital ID technology at 250+ airports.

A new phishing scam targets family photos with fake "Cloud Storage Full" alerts. Criminals steal credit card information through fake sites. Learn protection tips.

South Korean scientists create ultra-thin fabric muscles that turn clothes into robotic assistants, lifting 33 pounds while weighing under half an ounce.

Archer Aviation has acquired Hawthorne Airport for $126M to launch an LA air taxi network ahead of the 2028 Olympics, featuring AI-powered eVTOL operations and next-gen aviation tech.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.

Fake AI apps disguised as "ChatGPT" and "DALL·E" are flooding app stores with dangerous malware that steals data and monitors users without detection.

Fake buyers demand specific vehicle reports from unknown sites to steal credit card information from car sellers, but warning signs can help identify these scams before paying.

Android users can now manage apps across multiple devices more easily with Google Play Store's updated remote uninstall button in the latest update.

NASA's Perseverance rover discovers shiny metallic rock on Mars that could be a meteorite from an ancient asteroid, containing high levels of iron and nickel.

Holiday scams spike during Black Friday and Cyber Monday as criminals exploit your leaked personal data. Learn how to protect yourself from fake stores and phishing.

Commerce Department proposes TP-Link router ban over Chinese security risks. Learn how this potential prohibition could affect your home network and devices.

Hyundai AutoEver America suffered a data breach affecting 2,000 current and former employees, exposing names, Social Security numbers and driver's license information.

Washington court rules automated license plate reader images are public records, even when stored by vendors like Flock Safety, setting precedent for transparency.

Fake airline texts claiming flight cancellations are targeting travelers with convincing scams. Learn how cybercriminals steal personal data and credit card info.

Discover how iOS 26's new Adaptive Power feature automatically extends iPhone battery life by learning your usage patterns and adjusting performance intelligently.

New TikTok malware campaign tricks users into running PowerShell commands that download Aura Stealer, which steals credentials and authentication tokens.

Gaia Family offers fixed upfront pricing for IVF cycles with unlimited embryo transfers and financial protection, partnering with over 100 U.S. fertility clinics.

The Jetsons Act aims to position Pennsylvania as a leader in advanced air mobility by establishing regulations for hybrid ground-air vehicles.

Fake Geek Squad invoice emails are targeting users with convincing charges and urgent phone numbers to steal personal information and money.

Fox News Digital's artificial intelligence newsletter digs into a robot in Russia that faceplanted, George Clooney's alarm and OpenAI's rivalry with the New York Times.

Major data breach at Conduent exposes personal information of 10+ million people. Government contractor hit by cyberattack affecting Medicaid, child support systems.

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

Personal Technology