Configuring ospf nssa – Cisco ASA 5505 User Manual

24-11

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 24 Configuring OSPF

Customizing OSPF

Configuring OSPF NSSA

The OSPF implementation of an NSSA is similar to an OSPF stub area. NSSA does not flood Type 5
external LSAs from the core into the area, but it can import autonomous system external routes in a
limited way within the area.

NSSA imports Type 7 autonomous system external routes within an NSSA area by redistribution. These
Type 7 LSAs are translated into Type 5 LSAs by NSSA ABRs, which are flooded throughout the whole
routing domain. Summarization and filtering are supported during the translation.

You can simplify administration if you are an ISP or a network administrator that must connect a central
site using OSPF to a remote site that is using a different routing protocol using NSSA.

Before the implementation of NSSA, the connection between the corporate site border router and the
remote router could not be run as an OSPF stub area because routes for the remote site could not be
redistributed into the stub area, and two routing protocols needed to be maintained. A simple protocol
such as RIP was usually run and handled the redistribution. With NSSA, you can extend OSPF to cover
the remote connection by defining the area between the corporate router and the remote router as an
NSSA.

Before you use this feature, consider these guidelines:

•

You can set a Type 7 default route that can be used to reach external destinations. When configured,
the router generates a Type 7 default into the NSSA or the NSSA area boundary router.

•

Every router within the same area must agree that the area is NSSA; otherwise, the routers will not
be able to communicate.

To specify area parameters for your network to configure OSPF NSSA, perform the following steps:

Detailed Steps

area

area-id authentication

Example:

hostname(config-router)# area 0

authentication

Enables authentication for an OSPF area.

area

area-id authentication message-digest

Example:

hostname(config-router)# area 0

authentication message-digest

Enables MD5 authentication for an OSPF area.

Command

Purpose

Command

Purpose

Step 1

router ospf

process_id

Example:

hostname(config)# router ospf 2

Creates an OSPF routing process and enters router configuration
mode for the OSPF process that you want to redistribute.

The process_id argument is an internally used identifier for this
routing process. It can be any positive integer. This ID does not
have to match the ID on any other device; it is for internal use
only. You can use a maximum of two processes.

Step 2

Do one of the following to configure optional OSPF NSSA parameters: