What are stub networks and why to use them?

A stub network is a term describing a computer network part of a large whole that will typically send much or all of its non-local traffic out via a single path. Stub networks are usually only aware of a default route to non-local destinations or are presented with significantly less routing information. As a practical analogy, think of an island which is connected to the rest of the world through a bridge and no other path is available either through air or sea. Continuing this analogy, the island might have more than one physical bridge to the mainland, but the set of bridges still represents only one logical path.

In the network below there is four routers, three end-user computers, one stub area, one totally stubby area, one not so stubby area, and one transit area. In real world deployments a network could have dozens or hundreds of routers, devices, or areas depending on the scale of the network. We will configure OSPF to distribute routing information as needed and configure the stub networks accordingly. Stub areas and not so stubby areas should be part of any route distributions whereas totally stub areas should not.

Steps to configure the OSPF network

Step 1: Configure all applicable router interfaces on each router.

R3(config)#interface Loopback0
R3(config-if)#ip address 1.1.1.3 255.255.255.0
!
R3(config)#interface FastEthernet0/0
R3(config-if)#ip address 10.3.0.1 255.255.255.0
!
R3(config)#interface FastEthernet1/0
R3(config-if)#ip address 10.250.3.2 255.255.255.252
!
R3(config)#interface FastEthernet1/1
R3(config-if)#ip address 10.250.2.2 255.255.255.252

Step 2: Enable a OSPF routing process with each router having a unique router-id using the address of the loopback0 interfaces, and enable OSPF routing on all applicable IP networks within one or more OSPF areas.

R3(config)#router ospf 101
R3(config-router)#router-id 1.1.1.3
R3(config-router)#network 10.3.0.0 0.0.0.255 area 3
R3(config-router)#network 10.250.0.0 0.0.255.255 area 0

Step 3: Log neighbor up/down and reset reasons on each router.

R3(config)#router ospf 101
R3(config-router)#log-adjacency-changes

Step 4: Configure OSPF peer authentication used to form an adjacency on each router and configure interfaces used to connect to hosts as passive.

R3(config)#interface FastEthernet0/0
R3(config-if)#ip ospf authentication-key ospf-pw1
!
R3(config)#interface FastEthernet1/0
R3(config-if)#ip ospf authentication-key ospf-pw1
!
R3(config)#interface FastEthernet1/1
R3(config-if)#ip ospf authentication-key ospf-pw1
!
R3(config)#router ospf 101
R3(config-router)#area 0 authentication
R3(config-router)#area 3 authentication

Caution: When peer authentication is added to the interface of a router, that router stops receiving routing messages from its peers until they are also configured for authentication. This does interrupt routing communications on your network.

Step 5: Configure password encryption on your routers so the passwords are not shown in the configuration in clear text.

R3(config)#service password-encryption

Step 6: Suppress routing updates out of interfaces not used to form an adjacency.

R1(config)#router ospf 101
R1(config-router)#passive-interface fa0/0

Step 7: Repeat the same steps on all remaining routers with the applicable interface and routing configurations.

Configuring stub networks

Step 8: Configure area 1 as a stub network using the area 1 stub command on R1. This will ensure any router behind R1 also participating in OSPF will only receive summarized routing information in place of much more detailed routing information.

R1(config)#router ospf 101
R1(config-router)#area 1 stub

Step 9: Configure area 2 as a not so stubby area using the area 2 nssa command on R2. This will ensure any router behind R2 also participating in OSPF will only receive summarized routing information in place of much more detailed routing information. NSSA areas are used to connect discontiguous networks and external routing processes together.

R2(config)#router ospf 101
R2(config-router)#area 2 nssa

Step 10: Configure area 4 as a totally stubby area using the area 4 stub no-summary command on R4. A totally stubby area will only have a default route advertised to them.

R4(config)#router ospf 101
R4(config-router)#area 4 stub no-summary

Configuring virtual links

Step 11: Configure R4 to make use of a virtual-link. All areas in an OSPF autonomous system must be physically connected to the backbone area, area 0. In this example R4 is not physically connected to the backbone area and as such you must configure a virtual-link to connect R4 to the backbone through R3.

R4(config)#router ospf 101
R4(config-router)#area 3 virtual-link 1.1.1.3 authentication-key ospf-pw1

Step 12: Configure R3 to allow a backbone connection from R4. In this example R3 is a transit area for area 4 to reach the backbone and as such R4 must use a virtual-link to connect to the backbone area using R3.

R3(config)#router ospf 101
R3(config-router)#area 3 virtual-link 1.1.1.4 authentication-key ospf-pw1

Verify the configuration

Now that the configuration is finished lets verify our OSPF deployment. Using the show ip ospf neighborshow ip route, and show ip ospf virtual-links commands on R3 you can verify the remote routers to which your router has formed an adjacency and verify the expected routes are being advertised. Use the ping command to verify connectivity. As designed OSPF is distributing routing information for all networks except for area 4.


Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Cisco Networking

BGP Load Sharing

What is load sharing and why to use it?Load balancing with BGP is not possible in a multihomed environment with two ISPs. BGP selects only the single best path to a destination among the BGP Read more…

Cisco Firewall

Configuring Dynamic Multipoint VPN and Zone Based Firewall

What is a Dynamic Multipoint VPN and why to use it?DMVPN provides the capability for creating a dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers, including IPsec (Internet Protocol Security) Read more…

Cisco Networking

Configuring Layer 2 MPLS VPN

What is a Layer 2 MPLS VPN and why to use it?Layer 2 VPNs are a type of Virtual Private Network (VPN) that uses MPLS labels to transport data. The communication occurs between routers that Read more…