Hi there and welcome back to this series, where we dissect OSPF and its inner (unfamiliar) workings. In this article, we will be looking at the forwarding address for external routes that are advertised into the OSPF domain from another AS.
Let’s use this diagram below to explain what the forwarding address is and how it helps:
In the diagram, R1, R2 and R3 are routers running OSPF. R2 is also running BGP with RTR-A, receiving the 192.0.2.0/24 route and performing mutual redistribution between OSPF and BGP.
CCNA Training – Resources (Intense)
The only configuration shown is that for R2 because it’s the router relevant to our discussion since it’s the ASBR:
interface FastEthernet0/0 ip address 10.10.123.2 255.255.255.0 ! interface FastEthernet0/1 ip address 172.16.10.2 255.255.255.248 ! router ospf 1 router-id 22.214.171.124 redistribute bgp 1 subnets network 10.10.123.0 0.0.0.255 area 0 ! router bgp 1 neighbor 172.16.10.4 remote-as 2 redistribute ospf 1 !
Let’s take a look at R3’s routing table entry for the external route (192.0.2.0/24):
From the highlighted portion above, we see that if R3 wants to reach that network (or any other device that uses R3 as the next-hop for that network), it will first go through R2 and then to the network. A traceroute to a host on that network will help us confirm this:
However, since R3 also has an interface on the external network, wouldn’t it be better for R3 to send the traffic directly to 172.16.10.4, bypassing R2? That’s what the forwarding address accomplishes. By setting the forwarding address, R2 (the ASBR) is able to direct other routers to forward traffic to another address other than itself.
Let’s look at the current type-5 LSA for that external route in R3’s OSPF database:
As you can see, the forwarding address is set to 0.0.0.0, meaning that traffic should be sent to the advertising router itself. The forwarding address can also take a non-zero value if the following conditions are met (according to this Cisco document):
- OSPF is enabled on the ASBR’s next hop interface AND
- ASBR’s next hop interface is non-passive under OSPF AND
- ASBR’s next hop interface is not point-to-point AND
- ASBR’s next hop interface is not point-to-multipoint AND
- ASBR’s next hop interface address falls under the network range specified in the router ospf command.
In summary: The forwarding address in a Type-5 LSA for an AS external route will be set to a non-zero value if the interface connecting to the external network is OSPF network type is broadcast or non-broadcast and is advertised into OSPF via the network statement.
In our configuration, even though the Fa0/1 interface is of OSPF network type broadcast, we have not advertised that network into OSPF. Let’s do this on R2:
router ospf 1 network 172.16.10.0 0.0.0.7 area 0
With this configuration, the Type-5 LSA on R3 should now have a forwarding address of 172.16.10.4 and R3 should forward that traffic directly to RTR-A, bypassing R2.
Before we round up this article, let’s discuss how the forwarding address affects the path that will be used to reach an external network. For this part, I have changed OSPF interface costs, as shown in the diagram:
I will also configure R3 to advertise the external network as follows:
ip route 192.0.2.0 255.255.255.0 172.16.10.4 router ospf 1 redistribute static subnets
Case 1: Both Type-5 LSAs have zero value (0.0.0.0) forwarding address
In this first case, R1 will receive two type-5 LSAs for the 192.0.2.0/24 with 0.0.0.0 in the forwarding address field. To decide which one to use, it will compare the metric to reach to the ASBR in each LSA; the lower metric is preferred.
To see this in action, we need to make sure R2 and R3 set the forwarding address to 0.0.0.0. We can achieve this by not advertising their connection to the external network (172.16.10.0/29).
router ospf 1 no network 172.16.10.0 0.0.0.7 area 0
Also on R2, we need to change the default OSPF metric for redistributed BGP routes from 1 to 20. If we don’t change it, R2 will be preferred because lower metric trumps forwarding address in the decision process.
router ospf 1 no redistribute bgp 1 subnets redistribute bgp 1 subnets metric 20
We can now go ahead and check the OSPF database on R1 to see the type-5 LSAs:
As expected, we have one from 126.96.36.199 (R2) and 188.8.131.52 (R3). In both LSAs, the forward address is 0.0.0.0. Also, notice that they have the same metric. To determine which one to use, R1 will check the metric to reach both R2 and R3. We can use the show ip ospf border-routers command to view these metrics:
In this case, the metrics are equal (1), so R1 will load balance across both R2 and R3:
Case 2: One Type-5 LSA has a zero value (0.0.0.0) forwarding address while the other has a non-zero value
In this second case, we will configure R2 to advertise 172.16.10.4 as the forwarding address but we will leave R3 as it is. Therefore on R2, we will add the following configuration
router ospf 1 network 172.16.10.0 0.0.0.7 area 0
The Type-5 LSAs as now seen on R1 are as shown below:
In this case, R1 will compare the metric to reach the ASBR that generated the zero forwarding address Type-5 LSA to the metric to reach the forwarding address specified in the other Type-5 LSA.
We already know that the metric to reach R3 from R1 is 1 so let’s check the metric of 172.16.10.4 from R1:
Of course, the lower metric of 1 will be preferred. Therefore, R1 will use R3 to reach the 192.0.2.0/24 network:
Case 3: Both Type-5 LSAs have a non-zero forwarding address
The final scenario is where we configure both ASBRs to advertise a non-zero forwarding address. Therefore on R3, we will also add the configuration we added in case 2 for R2.
However, checking R1’s OSPF database reveals something weird:
There’s only one Type-5 LSA there and it’s from R3; where is the one from R2? The fact is that the Type-5 LSA generated by both R2 and R3 would have been the same – same cost, same forward address, same destination. To avoid this duplication of effort (and waste of space in OSPF database), the Type-5 LSA generated by R2 was deleted. The RFC on OSPF puts it like this:
“if two routers, both reachable from one another, originate functionally equivalent AS-external-LSAs (i.e., same destination, cost and non-zero forwarding address), then the LSA originated by the router having the highest OSPF Router ID is used. The router having the lower OSPF Router ID can then flush its LSA.”
Therefore, R1 only has to check the metric to reach the forwarding address and use that path, which happens to be via R2 in this case:
Note: In a case where the Type-5 LSAs are not identical (i.e., different forwarding addresses), then the router just compares the metrics to reach each forwarding address and uses the lowest one.
This brings us to the end of this article, in which we have looked at what forwarding address is in OSPF (as it relates to AS External routes) and seen its usefulness. We also considered different cases of how this forwarding address affects path selection for Type-5 LSAs when the metric for the external routes are the same.
I hope you have found this article as intriguing as I did when I read about it.
References and Further Reading
- RFC 2328: OSPF Version 2: https://tools.ietf.org/html/rfc2328
- The Effects of the Forwarding Address on Type 5 LSA Path Selection: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/25493-type5-lsa.html
- Common Routing Problem with OSPF Forwarding Address: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13682-10.html