OSPF: WHAT IS A STUB AREA?

OSPF is really easy to understand. Unfortunately, the people who write the books make it ten times harder by drowning you with jargon and buzzwords.

Of course, those new words are really important – but when two hundred new words are thrown at you all at once on day one, it can be really difficult to truly understand what’s going on. “We filter LSAs in the NSSA at the ABR, though the ASBR can send type 7s and they’ll be swapped for type 5s”.

When I hear sentences like that, I conclude that it’s good when nerds get bullied.

Stub areas are a good example. Very easy concept to understand – unless you insist on explaining it using all the jargon under the sun, in which case it can be super daunting. So, in this post I’ll take time to explain these concepts, and to define just enough jargon to make you feel elite. We’ll take it slow, like new lovers, or someone cooking an expensive turkey.

 

STUB AREAS FOR BEGINNERS

Think of stub areas as a small, self-contained part of your OSPF network. More specifically, think of it as a part of the network where you can control what kind of routes – or as experts like you and me call them, “prefixes” – are allowed in from other areas.

For example, a large nation-wide network might contain hundreds, or even thousands, of prefixes for all the LANs, and the WAN connections too. Do your branch offices really need to know the specifics of every single other prefix throughout the country? Probably not. What’s the point in having a routing table with a thousand routes in it, when all you really need is a single default route out the internet? Wouldn’t that be better? Let me save you time and answer that question for you: yes!

 

LET’S LOOK AT AN EXAMPLE, FRIEND!

Take a look at this sweet topology. We’ve got an area 0 backbone, with areas 1 and 2 attached to it. We probably asked for this for Christmas, and Santa gave it to us because we’ve been very good this year.

Area 1 is quite small – there’s only one router in it, with one LAN attached to it (it’s really just a loopback, pretending to be a LAN).

Area 2 is also small, but let’s pretend it’s big. I even made the circle bigger, to help you imagine it.

I put more fake LANs in area 2. It also connects to another external network, running EIGRP. The prefixes in the EIGRP network are being redistributed into OSPF. Isn’t it nice? Our grandparents would be so proud to see us sharing with each other.

Let’s look at the routing table on R1, the router in Area 1. For an area with only one main router, the routing table is pretty big:

We can see from this screenshot that R1 knows about every single prefix in the entire network – including the prefixes in the EIGRP network (6.6.6.0/24 and 192.168.56.0/30).

Now, in a lab this is fine. Our topology is small. But in the real world there could be thousands of prefixes, using up our router’s bandwidth, memory and processor. And at the time that I’m writing this (the 14th century), those resources are very precious indeed.

Look at the topology again, and think just about area 1. It’s small – just one router. Does it really need to know about thousands of prefixes? No sir!

So, let’s make area 1 a stub, and see what happens. It’s one line of config, added onto every router attached to area 1:

R1(config)#router ospf 1
 R1(config-router)#area 1 stub
 R1(config-router)#end
R1#

To see what this did, check out the routing table on Router 1 AFTER we turned area 1 into a stub:

It’s still pretty big – but can you see the prefixes from the EIGRP area?

Nope – the 6.6.6.0/24 and 192.168.56.0/30 networks from EIGRP have disappeared!

And, in addition, all of a sudden we’re getting a default route, pointing us back to area 0.

You can imagine that replacing hundreds of EIGRP routes with this one default route is a lot more efficient.

Stub areas block any prefixes that originated from outside of our OSPF network, for example the EIGRP prefixes – and the way it blocks them is super cool.

 

HOW DO STUB AREAS BLOCK THESE IPs?

You might have read that OSPF uses a thing called a Link State Advertisement, or LSA for short. Different types of LSA are created by each router throughout the network, to teach the rest of the network things like, for example, what links are attached to the router; what IP networks live on those links; and what the cost is on that link.

These LSAs are like bits of a jigsaw puzzle – and once every router has every LSA for all the routers in its area, it can put them together to create the entire area’s topology.

There are lots of different kinds of LSA for different purposes. Today, we only care about one of them: External LSAs, otherwise known as Type 5 LSAs.

As the name says, External LSAs teach the other OSPF routers how to get to IPs that live outside of the network. These LSAs are made by Autonomous System Boundary Routers – routers that live on the very edge of the network, like the router that connects our OSPF and EIGRP networks together.

Here’s the great thing about having an LSA specifically for this kind of information: it means that if we want to filter out these external prefixes, we don’t need to do anything complicated, like making access lists or prefix lists – all we have to do is block Type 5 LSAs! “Don’t give me any Type 5 LSAs. I’m on a diet. Type 5 LSAs are empty calories to me.” This is what the routers say.

Okay, the routers don’t say exactly that. But they do block these Type 5 LSAs from even entering the area in the first place. And the way we do it is simply to turn the area into a stub.

But it doesn’t stop there, because there’s another kind of stub area that can block even more: Totally Stubby Areas. This area not only blocks Type 5 (External) LSAs, but it also blocks another kind of LSA: Summary LSAs.

 

TOTALLY STUBBY AREAS

Summary LSAs are nothing to do with subnet summarisation. It’s yet another example of network engineers making things needlessly confusing. My advice to you: read the RFC on OSPF, make a note of the names of everyone who helped to design it, and add them all to your List Of Enemies.

Summary LSAs are easy: they tell one area about prefixes in another area.

You can see in both the routing tables above that our Router 1, which lives in Area 1, knows about all the prefixes in Areas 0 and 2. But here’s the twist: it doesn’t know precisely where those prefixes are. All Router 1 knows is that they’re somewhere outside, behind Router 2. When those prefixes came into Router 2, it took them all, stripped them of their precise topology information, and pretends they’re all attached to itself. That’s where the summary part comes in: it’s not summarising IPs, but instead it’s summarising the topology of all the other areas.

Summary LSAs are also known as Type 3 LSAs. And if you configure an area to be Totally Stubby, you’ll get rid of both Type 3 and Type 5 LSAs. You configure it like this:

R1(config)#router ospf 1
 R1(config-router)#area 1 stub no-summary
 R1(config-router)#end

And the result is a routing table like like:

No routes from the EIGRP network. No routes from Area 2. Not even any routes from Area 0. All we have is a default route. (If there were other routers in Area 1 then we’d learn about those – but nothing else.)

So, now you know all about the behind-the-scenes mechanics, we can finally give a more accurate definition of a stub area: A stub area blocks type 5 LSAs – and a totally stubby area blocks both type 3 AND type 5 LSAs.

There’s a lot of LSA types – and there’s even two other types of stub network. My advice: learn them another day. For now, let’s leave it at that. Go grab a drink, and let this new knowledge of type 3 and 5 LSAs percolate in your brain like a fine coffee bean.


If you find my blog useful or entertaining, I’d love you to share it with your friends and co-workers, whether via a Twitter/Facebook/LinkedIn post, or just emailing it to them directly. And please follow me on Twitter to find out when I make new posts, at @NetworkFunTimes.

Thank you so much for reading!

 

Leave a Reply

Your email address will not be published. Required fields are marked *