PDF(71.7 KB) View with Adobe Reader on a variety of devices
ePub(138.1 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(137.2 KB) View on Kindle device or Kindle app on multiple devices
Updated:February 17, 2022
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes Open Shortest Path First (OSPF) areas and virtual links.
Note: This document describes the basic OSPF protocol. Opaque link-state advertisements (LSAs), as described in RFC 5250, are out of scope for this article.
What Are Areas, Stub Areas, and Not-So-Stubby Areas?
An OSPF network can be divided into sub-domains called areas. An area is a logical collection of OSPF networks, routers, and links that have the same area identification. A router within an area must maintain a topological database for the area to which it belongs. The router does not have detailed information about network topology outside of its area, which thereby reduces the size of its database.
Areas limit the scope of route information distribution. It is not possible to do route update filtering within an area. The link-state database (LSDB) of routers within the same area must be synchronized and be exactly the same; however, route summarization and filtering is possible between different areas. The main benefit of creating areas is a reduction in the number of routes to propagate - by the filtering and the summarization of routes.
Each OSPF network that is divided into different areas must follow these rules:
A backbone area - which combines a set of independent areas into a single domain - must exist.
Each non-backbone area must be directly connected to the backbone area (though this connection might be a simple logical connection through a virtual link).
The backbone area must not be partitioned - divided into smaller pieces - under any failure conditions, such as link or router down events.
Caution: Some of the routers in your network can have partial routing information, which negatively compromises your network if you do not follow these rules.
Areas are identified by an area ID. Cisco IOS® software supports area IDs expressed in IP address format or decimal format, for example, area 0.0.0.0 is equal to area 0. If there are multiple areas in your network, you need to name the backbone area "area 0". Since this backbone connects the areas in your network, it must be a contiguous area. If the backbone is partitioned, parts of the autonomous system will be unreachable, and you need to configure virtual links to repair the partition.
A router with interfaces in two (or more) different areas is an area border router. An area border router is in the OSPF boundary between two areas. Both sides of any link always belong to the same OSPF area.
An autonomous system boundary router (ASBR) advertises external destinations throughout the OSPF autonomous system. External routes are the routes redistributed into OSPF from any other protocol. In many cases, external link states make up a large percentage of the link states in the databases of every router. A stub area is an area in which you do not allow advertisements of external routes, which thus reduces the size of the database even more. Instead, a default summary route (0.0.0.0) is inserted into the stub area in order to reach these external routes. If you have no external routes in your network, then you have no need to define stub areas.
Stub areas are shielded from external routes but receive information about networks that belong to other areas of the same OSPF domain. You can define totally stubby areas. Routers in totally stubby areas keep their LSDB-only information about routing within their area, plus the default route.
Not-so-stubby areas (NSSAs) are an extension of OSPF stub areas. Like stub areas, they prevent the flooding of AS-external LSAs into NSSAs and instead rely on default routing to external destinations. As a result, NSSAs (like stub areas) must be placed at the edge of an OSPF routing domain. NSSAs are more flexible than stub areas in that an NSSA can import external routes into the OSPF routing domain and thereby provide transit service to small routing domains that are not part of the OSPF routing domain.
Use the area xx stub command in every router in the area to define an area as a stub area. In the topology shown, routers in area 7 do not need to know about all the external destinations. The routers in area 7 must send a packet to the ABR to reach the ASBR, no matter what the external destination. Area 7 can be defined as a stub area. In order to define area 7 as a stub area, configure the area 7 stub command in all routers in that area.
Define a Totally Stub Area
Use the OSPF router configuration area xx stub no-summary command in order to define a totally stub area. In the previous network diagram, routers in area 7 do not need to know about all external destinations or any summary LSA from the backbone for other areas. The routers in area 7 must send packets to the ABR to reach any destination outside the area 7. Area 7 can be defined as a totally stub area. In order to define area 7 as a totally stub area, configure the area 7 stub no summary command on the ABR.
Define a Not-So-Stubby Area
Use the OSPF router configuration area xx nssa command in order to define an NSSA. For example, in this topology, Area 2 was configured as an NSSA with the area 2 nssa command on all routers in the area. This protects Area 2's internal routers from all the AS-external LSAs imported by the OSPF ASBR, but still allows for the attachment of the non-OSPF router. External routing information is imported into an NSSA in Type-7 LSAs. Type-7 LSAs are similar to Type-5 AS-external LSAs, except that they can only be flooded into the NSSA. In order to further propagate the NSSA external information, the Type-7 LSA must be translated to a Type-5 AS-external-LSA by the NSSA ABR. NSSA is supported in Cisco IOS 11.2 and later.
Define an NSSA Totally Stub Area
Use the OSPF router configuration command area xx nssa no-summary command in order to define an NSSA totally stub area. In the previous network diagram, area 2 was configured as NSSA totally stub with the area 2 nssa no-summary command on the NSSA ABR. This keeps any Type 5 AS-external or Type 3 summary routes from leaking in area 2.
Normal, Stub, Totally Stub and NSSA Area Differences
This table shows the differences between the types of areas defined in this document:
No Type 4 or 5 AS-external LSAs allowed
No Type 3, 4 or 5 LSAs allowed except the default summary route
No Type 5 AS-external LSAs allowed, but Type 7 LSAs that convert to Type 5 at the NSSA ABR can traverse
NSSA Totally Stub
No Type 3, 4 or 5 LSAs except the default summary route, but Type 7 LSAs that convert to Type 5 at the NSSA ABR are allowed
All areas in an OSPF autonomous system must be physically connected to the backbone area (area 0). In some cases where this physical connection is not possible, you can use a virtual link to connect to the backbone through a non-backbone area. As mentioned previously, you can also use virtual links to connect two parts of a partitioned backbone through a non-backbone area. The area through which you configure the virtual link, known as a transit area, must have full routing information. The transit area cannot be a stub area.
Use the area area-id virtual-link router-id command in order to configure a virtual link, where the area-id is the area ID assigned to the transit area (this can be either a valid IP address or a decimal value), and where router-id is the router ID associated with the virtual link neighbor. In this example, the virtual link connects area 7 to the backbone through area 5:
In this example, the virtual link is created between the routers with router ID 22.214.171.124 and router ID 126.96.36.199. In order to create the virtual link, configure the area 5 virtual-link 188.8.131.52 subcommand on router 184.108.40.206 and the area 5 virtual-link 220.127.116.11 subcommand on router 18.104.22.168. Refer to Configuring OSPF Authentication on a Virtual Link for more information.