| Description | This article describes how to redistribute a default route in an OSPF NSSA area. |
| Scope | FortiGate |
| Solution |
Topology:
The goal is to advertise the default route from the NSSA ASBR towards the rest of the OSPF domain, and the NSSA ABR to the NSSA area.
config router ospf config area edit 0.0.0.1 set nssa-default-information-originate ?
To advertise the default route, 'always' requires the router to be an ABR, whereas 'enable' only requires that the default route be in the routing table.
'set nssa-default-information-originate enable' use case:
FortiGate 3:
show router ospf
config router ospf
set router-id 34.0.0.1
config area
edit 0.0.0.1
set type nssa <-
set nssa-default-information-originate enable <-
next
end
config ospf-interface
edit "1"
set interface "port1"
set network-type point-to-point
next
edit "2"
set interface "port2"
set network-type point-to-point
next
end
config network
edit 2
set prefix 23.0.0.0 255.255.255.0
set area 0.0.0.1
next
end
FortiGate 2:
show router ospf
config router ospf
set router-id 23.0.0.1
config area
edit 0.0.0.0
next
edit 0.0.0.1
set type nssa <-
next
end
config ospf-interface
edit "1"
set interface "port1"
set network-type point-to-point
next
edit "2"
set interface "port2"
set network-type point-to-point
next
edit "3"
set interface "1.1.1.1"
set network-type point-to-point
next
end
config network
edit 1
set prefix 12.0.0.0 255.255.255.0
next
edit 2
set prefix 23.0.0.0 255.255.255.0
set area 0.0.0.1
next
edit 3
set prefix 1.1.1.1 255.255.255.255
next
end
In the FortiGate 3 routing table, the default route already exists:
get router info routing-table static
Routing table for VRF=0
S* 0.0.0.0/0 [10/0] via 10.109.63.254, mgmt, [1/0]
FortiGate 2 receives the default route from FortiGate 3.
get router info routing-table ospf
Routing table for VRF=0
O*N2 0.0.0.0/0 [110/10] via 23.0.0.2, port2, 01:13:59, [1/0]
'set nssa-default-information-originate always' use case:
In the FortiGate 3 routing table, the default route doesn't exist.
get router info routing-table static
config router ospf config area edit 0.0.0.1 set nssa-default-information-originate always <- end end
FortiGate 2 does not receive the default route from FortiGate 3 because, according to the condition, it should be enabled on ABR (NSSA ABR), and not in ASBR (NSSA ASBR).
get router info routing-table ospf
config router ospf config area edit 0.0.0.1 set nssa-default-information-originate always end
FortiGate 3 receives the default route from FortiGate 2.
get router info routing-table ospf
Note: FortiGate 2 does not advertise the default route to FortiGate 1, which is the expected behavior in accordance with the OSPF design.
To advertise the default route to Area 0, follow the instructions in Technical Tip: How to redistribute a default route in OSPF. |
