Useful Articles

25/recent/ticker-posts

OSPF FORWARD ADDRESS

OSPF Forward Address

You might have missed or ignored noticing OSPF Forward Address in OSPF command outputs. Forward address is a IP field seen in LSA 5 and LSA7. It is the IP address to which the traffic should be forwarded for an advertised external prefix (LSA5). The output is shown below.
 
R1#show ip ospf database external 9.9.0.4

  OSPF Router with ID (9.9.0.1) (Process ID 1)

  Type-5 AS External Link States

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 243
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 9.9.0.4 (External Network Number )
  Advertising Router: 9.9.0.3
  LS Seq Number: 80000001
  Checksum: 0xE189
  Length: 36
  Network Mask: /32
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 20
        Forward Address: 0.0.0.0
        External Route Tag: 0
 
 
To view all external LSAs on an OSPF node simply use "show ip ospf database external" command without mentioning the specific prefix.
 
If the value of OSPF Forward Address is generally set to 0.0.0.0 for an external prefix(for example, route learned from RIP domain), this means that the traffic should be forwarded to the ASBR(Advertising-Address). However, in some situations, the OSPF Forwarding Address will be non-zero, to avoid sub-optimal routing. Below are the criteria that will lead to a non-zero forwarding address
 
  1. When OSPF is enabled on the ASBR’s next-hop interface. For your understanding, ASBR's next hop interface is R4's interface IP (9.9.34.4).
  2. When the ASBR’s next-hop interface is non-passive to OSPF.
  3. When the ASBR’s next-hop interface network type is not Point-to-Point or Point-to-Multipoint.
  4. When the ASBR’s next-hop interface address falls into the OSPF network range


Let us understand the OSPF Forward Address concept with help of below lab topology.
 
OSPF Forward Address
 

OSPF FORWARD ADDRESS - Scenario 1

When R3-R4 link is advertised in OSPF on R3, Forward Address in external LSA5 for 9.9.0.4/32 shows a non zero IP as 9.9.34.4 (IP Address of R4’s interface).
 
R1#show ip ospf database external 9.9.0.4 | i Forward
Forward Address: 0.0.0.0

 
When R3-R4 link not advertised in OSPF on R3, Forward Address in external LSA5 for 9.9.0.4/32 shows 0.0.0.0(by default).
 
R3#show run int f0/1
interface FastEthernet0/1
 ip address 9.9.34.3 255.255.255.0  
 ip ospf 1 area 1  

 
R2#show ip ospf database external 9.9.0.4

            OSPF Router with ID (9.9.0.2) (Process ID 1)

                Type-5 AS External Link States

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 4
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 9.9.0.4 (External Network Number )
  Advertising Router: 9.9.0.3
  LS Seq Number: 80000007
  Checksum: 0xE94D
  Length: 36
  Network Mask: /32
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 20
        Forward Address: 9.9.34.4
        External Route Tag: 0

 
 

OSPF FORWARD ADDRESS - Scenario 2

If we change the OSPF network to point-to-point on the external link R3-R4, and even if we enable OSPF on R3-R4 link (only on R3 interface), OSPF Forward Address will again be 0.0.0.0. Below is the config.

R3#show run int f1/1

interface FastEthernet1/1
 ip address 9.9.34.3 255.255.255.0
 ip ospf 1 area 1


R3(config-if)#int f1/1
R3(config-if)#ip ospf network point-to-point


R2#sh ip ospf database external 9.9.0.4

            OSPF Router with ID (9.9.0.2) (Process ID 1)

                Type-5 AS External Link States

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 4
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 9.9.0.4 (External Network Number )
  Advertising Router: 9.9.0.3
  LS Seq Number: 80000008
  Checksum: 0x244A
  Length: 36
  Network Mask: /32
        Metric Type: 2 (Larger than any link state path)
        MTID: 0
        Metric: 20
        Forward Address: 0.0.0.0
        External Route Tag: 0

 

 

OSPF FORWARD ADDRESS - Scenario 3

When Forward Address is filtered/blocked somewhere in OSPF domain. The blocking or filtering of Forward Address can create routing issues in the network as explained below.

Let’s try pinging External Prefix 9.9.0.4 from R1 without blocking the Forward Address. The ping will work fine as shown below.

R1#ping 9.9.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/29/32 ms

 
Now, let’s block the Forward address by applying a distribute-list on ABR R2.

R2#show run | s router ospf
router ospf 1
 distribute-list  prefix  BLOCK_FWD_ADDRESS   in

R2#show run | s BLOCK_FWD_ADDRESS
ip prefix-list BLOCK_FWD_ADDRESS seq 5 deny 9.9.34.0/24
ip prefix-list BLOCK_FWD_ADDRESS seq 10 permit 0.0.0.0/0 le 32


Once we block the Forward Address subnet, the External prefix 9.9.0.4 will go unreachable from R1. From the below output we can see that we now cannot ping the 9.9.0.4 from R1.

R1#ping 9.9.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.0.4, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)


Imp Note: Such scenarios are specifically created in CCIE Written or LAB exams to test the in-depth knowledge of the candidate. We might not find such scenarios though in real time networks.

Also see the important article related to Forward Address selection criteria in NSSA (for LSA 7 and corresponding LSA 5).