OSPF | 触发 Type-4 LSA 生成的原因 _Cisco

本文链接：https://blog.youkuaiyun.com/u013669912/article/details/141340740

注：机翻，未校。

OSPF – What really triggers Type-4 LSA origination?

OSPF – 究竟是什么触发了 Type-4 LSA 的生成？

December 3, 2012 John Harrington

It is a common myth that OSPF ABR generates a Type-4 ASBR summary ‘when it sees a Type-5’ from an ASBR. The ABR does generate the Type-4, but it isn’t the Type-5 that triggers the ABR to originate it. I’ve set up a quick lab in GNS3 to help track down the true trigger.
一个常见的误区是，OSPF ABR 在“看到”来自 ASBR 的 Type-5 时会生成 Type-4 ASBR 摘要。虽然 ABR 确实会生成 Type-4，但触发 ABR 生成 Type-4 的并不是 Type-5。我在 GNS3 中搭建了一个简易实验环境，以找出真正的触发因素。

Baseline Topology

基本拓扑

Below is the simplified network diagram:
以下是简化的网络拓扑图：

All three routers are configured as neighbors, and R2 is the ABR. R1 will eventually become our ASBR, but for now, it has a regular OSPF non-backbone internal router role.
所有三个路由器都配置为邻居，R2 是 ABR。R1 最终将成为我们的 ASBR，但目前它只是一个普通的 OSPF 非骨干内部路由器。

R1#sh running-config | b r ospf  
router ospf 1  
 router-id 1.1.1.1  
 log-adjacency-changes  
 network 0.0.0.0 255.255.255.255 area 5

Let’s quickly look at R3’s LSDB. As expected, there’s no Type-4 or Type-5 in its database.
让我们快速查看一下 R3 的 LSDB。正如预期的那样，它的数据库中没有 Type-4 或 Type-5。

R3#sh ip ospf database external  
OSPF Router with ID (3.3.3.3) (Process ID 1)  

R3#sh ip ospf database asbr-summary  
OSPF Router with ID (3.3.3.3) (Process ID 1)  
R3#

In GNS3, I did a Wireshark capture of R2’s interface to R1 in Area 5. I cleared the OSPF adjacency and captured the Type-1 Router LSA originated by R1 to describe itself. This is our baseline Type-1 for R1, which describes itself as “not an ASBR.”
在 GNS3 中，我对 R2 与 R1 在 Area 5 的接口进行了 Wireshark 捕获。我清除了 OSPF 邻接关系，并捕获了由 R1 生成的 Type-1 路由器 LSA，用于描述自身。这是我们为 R1 设置的基线 Type-1，它将自身描述为“非 ASBR”。

Redistribution of phantom statics

幻影静态路由的重分布

I want to test my theory by removing Type-5 and then checking if the ABR still generates the Type-4. But how do you make R1 perform the ASBR role without actually generating Type-5s? On a Cisco router, you configure an empty ‘redistribute static subnets’ under OSPF without any static routes configured.
我想通过移除 Type-5 来验证我的理论，看看 ABR 是否仍然会生成 Type-4。但是，如何让 R1 扮演 ASBR 角色而不实际生成 Type-5 呢？在 Cisco 路由器上，你可以在 OSPF 下配置一个空的“重分布静态子网”，而不配置任何静态路由。

R1#sh run | include ip route  
R1#conf t  
R1(config)#router ospf 1  
R1(config-router)#redistribute static subnets  
R1(config-router)#end  
R1#

Now let’s have a look at R3’s LSDB again. It looks like R2 has just generated a Type-4, but there are no Type-5s in the database. So we can conclude that the ABR does not generate a Type-4 because it saw a Type-5.
现在我们再来看一下 R3 的 LSDB。看起来 R2 刚刚生成了一个 Type-4，但数据库中仍然没有 Type-5。因此，我们可以得出结论，ABR 生成 Type-4 并不是因为它“看到了”Type-5。

R3#sh ip ospf database external  
OSPF Router with ID (3.3.3.3) (Process ID 1)  

R3#sh ip ospf database asbr-summary  
OSPF Router with ID (3.3.3.3) (Process ID 1)  

Summary ASB Link States (Area 0)  

Routing Bit Set on this LSA  
LS age: 361  
Options: (No TOS-capability, DC, Upward)  
LS Type: Summary Links (AS Boundary Router)  
Link State ID: 1.1.1.1 (AS Boundary Router address)  
Advertising Router: 2.2.2.2  
LS Seq Number: 80000001  
Checksum: 0x1B14  
Length: 28  
Network Mask: /0  
TOS: 0 Metric: 1

What happened?

发生了什么？

When I performed the redistribute command on R1, its role changed to an ASBR. That triggered a new Type-1 LSA with the E-bit set to signal that it is now an ASBR. When R2 processed this update, it generated a Type-4 for the newly visible ASBR.
当我在 R1 上执行重分布命令时，它的角色变成了 ASBR。这触发了一个新的 Type-1 LSA，其中的 E-bit 被设置为表明它现在是一个 ASBR。当 R2 处理这个更新时，它为新出现的 ASBR 生成了一个 Type-4。

Type-5 LSAs can be advertised and withdrawn by the ASBR, but the Type-4 will be advertised as long as the ABR sees the E-bit on R1’s Router LSA.
ASBR 可以通告和撤销 Type-5 LSA，但只要 ABR 在 R1 的路由器 LSA 中看到 E-bit，Type-4 就会一直被通告。

Sherpa Summary

总结

The arrival of a Type-5 at an ABR does not trigger the generation of Type-4.
ABR 收到 Type-5 并不会触发 Type-4 的生成。
A redistribute statement is enough to add the ASBR role to the redistributing OSPF router.
重分布语句足以使 OSPF 路由器扮演 ASBR 角色。
The ASBR status is reflected in an updated Router-LSA with the E-bit set.
ASBR 状态会反映在一个设置了 E-bit 的更新后的路由器 LSA 中。
When the updated Router LSA is processed by the ABR for that ASBR, it triggers the generation of a Type-4 into the backbone for the newly recognized ASBR.
当 ABR 处理该 ASBR 的更新后的路由器 LSA 时，会触发为新识别的 ASBR 在骨干网中生成 Type-4。

Note:

The E-bit appears in multiple fields within OSPF. It is also used in the Router LSA Options field (not Flags) to signal that the router is capable of receiving externals (non-stub). It is also used in an External LSA, where the LSA sub-type is E2 if the E-bit is set.
注意：E-bit 在 OSPF 中的多个字段中都有出现。它还用于路由器 LSA 的 Options 字段（而不是 Flags）中，以表明路由器能够接收外部路由（非末节）。它也用于外部 LSA 中，如果设置了 E-bit，则 LSA 子类型为 E2。
Tests were performed using 12.4(22)T5 on a 7200 in GNS3. Your mileage may vary.
在 GNS3 中使用 7200 设备上的 12.4(22)T5 版本进行了测试。结果可能因环境而异。

OSPF – Why have a Type-4 LSA?

OSPF – 为什么要使用 Type-4 LSA？
December 9, 2012 John Harrington

Type-4 LSAs always seemed like an ugly afterthought to me. I know it’s irrational and ignorant, but the Type-4 seemed to disturb the symmetry of OSPF. I cursed the Type-5 for needing this kludgy Type-4 helper. However, time was short, so I acknowledged my ignorance, rote-learned the Type-4, and moved on.
一直以来，Type-4 LSA 给我的感觉就像是一个丑陋的后补方案。我知道这种想法是不理性和无知的，但 Type-4 似乎打破了 OSPF 的对称性。我曾因为 Type-5 需要这样一个笨拙的 Type-4 帮助器而感到困惑。然而，由于时间有限，我承认了自己的无知，死记硬背了 Type-4 的相关内容，然后继续学习其他部分。

When I later revisited OSPF for a deeper understanding, I got confused and questioned if a Type-4 really was necessary. [Hint: John Moy is considerably smarter than me!] In this post, I show you where I got stuck and what I learned about the Type-4.
当我后来重新深入研究 OSPF 时，我感到困惑，并质疑 Type-4 是否真的有必要。[提示：约翰·莫伊比我聪明得多！]在这篇文章中，我将展示我在哪里卡住了，以及我关于 Type-4 的学习心得。

A quick review of the Type-5 LSA

Type-5 LSA 的快速回顾

Let’s start by looking at a few of the key fields in a Type-5 LSA.
首先，让我们看一下 Type-5 LSA 中的一些关键字段。

Router ID (RID) – (dotted.quad format – looks like an IP address, often matches lo0 IP address)
路由器 ID（RID）–（点分十进制格式——看起来像 IP 地址，通常与环回接口 lo0 的 IP 地址一致）
Prefix/Mask (the prefix information, e.g., 192.168.1.0/24)
前缀/掩码（前缀信息，例如 192.168.1.0/24）
Forwarding Address (defaults to 0…00.0, which means ‘follow-path-to-RID’). We’ll assume an all-zeros forwarding address for this post.
转发地址（默认为 0.0.0.0，表示“跟随路径至 RID”）。在本文中，我们假设转发地址为全零。

In a regular area, the Type-1 and Type-2 LSAs are used to build a full shared view of the topology; an interconnected topology graph of router nodes and interconnecting links. The nodes and links are identified by router identifier (RID) and link identifier.
在常规区域中，Type-1 和 Type-2 LSA 用于构建拓扑的完整共享视图；这是一个由路由器节点和互连链路组成的互连拓扑图。节点和链路由路由器标识符（RID）和链路标识符识别。

ABR hides area topology info from other areas

ABR 向其他区域隐藏区域拓扑信息

Within the ASBR’s native area, it can survive by identifying itself using its RID. That’s because the ASBR’s RID has meaning for those area-internal routers; they recognize that RID as the node in the topology graph they’ve built for that area.
在 ASBR 的本地区域内，它可以通过使用其 RID 来识别自己。这是因为 ASBR 的 RID 对于该区域内的路由器是有意义的；它们将该 RID 识别为它们为该区域构建的拓扑图中的节点。

However, for scaling purposes, the ABR deliberately hides all of the ASBR-area topology from Area 0 and just sends prefixes using Type-3 LSAs sent with the ABR’s RID. “Hey Area 0, just come to me (ABR’s RID) if you want to reach prefixes from this area”. All the other backbone routers can place the ABR’s RID as a node in their Area 0 topology graph. All is good with the world again.
然而，出于扩展性考虑，ABR 故意向 Area 0 隐藏所有 ASBR 区域的拓扑信息，并仅使用带有 ABR RID 的 Type-3 LSA 发送前缀。_“嘿，Area 0，如果你想访问该区域的前缀，就来找我（ABR 的 RID）”_其他。所有骨干路由器都可以将 ABR 的 RID 作为节点放置在其 Area 0 的拓扑图中。这样一来，世界又恢复了秩序。

Why is the Type-4 needed?

为什么需要 Type-4？

The Type-5 is flooded across all non-stub areas. But the ASBR’s RID only makes sense to routers in its native area and isn’t helpful to non-native routers. If the RID advertised by the Type-5 isn’t meaningful, then the path to its advertised prefix can’t be resolved. External prefix => unreachable.
Type-5 会在所有非末节区域泛洪。然而，ASBR 的 RID 仅对其本地区域的路由器有意义，对非本地路由器并无帮助。如果 Type-5 所通告的 RID 毫无意义，那么其通告的前缀路径将无法解析。外部前缀 => 不可达。

Well… that’s a bit of a problem. So, a Type-4 ASBR-summary LSA is needed to help make the ASBR reachable and, by extension, make the associated Type-5 prefix valid. The Type-4 acts like a glue record and uses the ABR’s well-known RID as a care-of address for the ASBR and its advertised prefixes.
那么，这就有点麻烦了。因此，需要一个 Type-4 ASBR 摘要 LSA 来帮助使 ASBR 可达，并进而使相关的 Type-5 前缀有效。Type-4 就像一个“粘合记录”，它使用 ABR 的知名 RID 作为 ASBR 及其通告前缀的转交地址。

Now the process is:
现在的处理过程如下：

Receive Type-5, read the ASBR’s RID. If the ASBR’s RID isn’t in your area graph, then…
接收 Type-5，读取 ASBR 的 RID。如果 ASBR 的 RID 不在你的区域图中，那么……
We need a glue record. Look for a Type-4 with a LinkID matching the ASBR’s RID. This Type-4 was advertised by your ABR, which you can locate in your area graph, then…
我们需要一个“粘合记录”。查找 LinkID 与 ASBR 的 RID 匹配的 Type-4。这个 Type-4 是由你的 ABR 通告的，你可以在你的区域图中找到它，然后……
Look for a Type-1 for the ABR’s RID and calculate the path to the ABR.
查找 ABR 的 Type-1 RID，并计算到 ABR 的路径。

Where did I get confused?

我在哪里感到困惑？

In many networks, you configure OSPF using the following convention:
在许多网络中，配置 OSPF 时通常会遵循以下约定：

Name the RID after the primary loopback interface of the OSPF router.
将 RID 命名为 OSPF 路由器的主要环回接口地址。
Advertise that loopback into OSPF with a /32 mask.
使用 /32 掩码将该环回接口通告到 OSPF 中。

When I looked at the Type-5 LSA of a router in a remote area, it had a RID of 1.1.1.1. However, there is also a Type-3 LSA for 1.1.1.1/32 in that router’s LSDB. “If there is a valid reachable Type-3 for 1.1.1.1/32, then why do I need a Type-4 LSA?”
当我查看偏远地区路由器的 Type-5 LSA 时，它的 RID 是 1.1.1.1。然而，该路由器的 LSDB 中还有一个 1.1.1.1/32 的 Type-3 LSA。“如果已经有了一个可达的 1.1.1.1/32 的 Type-3，那么为什么还需要 Type-4 LSA 呢？”

Well, I made the mistake of confusing the prefix 1.1.1.1/32 with the RID 1.1.1.1. They look the same but have completely different functions. The prefix 1.1.1.1/32 is an OSPF routed prefix, while the RID 1.1.1.1 is a label for that router in the graph built for its native area. The RID is functionally equivalent to a name.
问题在于，我把 1.1.1.1/32 的前缀和 RID 1.1.1.1 混淆了。它们看起来一样，但功能完全不同。1.1.1.1/32 是 OSPF 的路由前缀，而 RID 1.1.1.1 是在为本地区域构建的拓扑图中标识该路由器的标签。从功能上讲，RID 相当于一个名称。

Also, you need to remember that the convention of naming the RID after loopback 0 is optional. The RID does not have to be the loopback address of the router. I can set the ASBR’s RID to 1.1.1.1 and never advertise 1.1.1.1/32 into OSPF. OSPF will still work, thanks to the Type-4 LSA.
此外，你还需要记住，将 RID 命名为环回接口 0 的地址只是一个可选的约定。RID 并不一定非要是路由器的环回地址。我可以将 ASBR 的 RID 设置为 1.1.1.1，而不将 1.1.1.1/32 通告到 OSPF 中。由于 Type-4 LSA 的存在，OSPF 仍然可以正常工作。

Sherpa Summary

总结

The OSPF RID is a node-identifier. It uses an IP address format but does not need to match any interface present on the device.
OSPF RID 是一个节点标识符。它使用 IP 地址格式，但 不需要 与设备上的任何接口地址一致。
All intra-area routers can locate the ASBR RID as a node in the graph for that area.
所有区域内路由器都可以将 ASBR 的 RID 识别为该区域拓扑图中的一个节点。
The ABR strips the prefix information from Type-1s and Type-2s and throws away the topology information before forwarding prefixes as Type-3 LSAs.
ABR 会从 Type-1 和 Type-2 LSA 中剥离前缀信息，并在将前缀作为 Type-3 LSA 转发之前丢弃拓扑信息。
Routers in other areas see a Type-5 with a meaningless RID. They might have a Type-3 prefix that looks like the ASBR’s RID, but this doesn’t help them find the ASBR.
其他区域的路由器会看到一个带有毫无意义的 RID 的 Type-5 LSA。它们可能有一个类似于 ASBR 的 RID 的 Type-3 前缀，但这并不能帮助它们找到 ASBR。
The Type-4 generated by the ABR is needed as a glue record, so that routers can “anchor” the unknown ASBR RID against a well-known node, the local ABR.
ABR 生成的 Type-4 LSA 作为一个“粘合记录”，使得路由器可以通过本地 ABR 这一已知节点来“锚定”未知的 ASBR RID。

From RFC 2328 Section 4.2:
出自 RFC 2328 第 4.2 节：

“To utilize external routing information, the path to all routers advertising external information must be known throughout the AS (except for stub areas). For that reason, the locations of these AS boundary routers are summarized by the (non-stub) area border routers.”
“为了利用外部路由信息，必须在整个自治系统（AS）内知晓所有发布外部信息的路由器的路径（末节区域除外）。因此，这些自治系统边界路由器的位置由（非末节）区域边界路由器进行汇总。”