OSPF FORWARD ADDRESS CONCEPT ~ Network Urge

“Forward address” is a field seen in LSA 5 and LSA7. It indicates the address to which the traffic should be forwarded for an advertised external prefix (LSA5). If the value is set to 0.0.0.0, this means that the traffic should be forwarded to the ASBR(Advertising-Address). In some situations, the forwarding address will be nonzero, to avoid sub-optimal routing. The following list describes events that will produce a nonzero forwarding address:

When OSPF is enabled on the ASBR’s next-hop interface.

When the ASBR’s next-hop interface is non-passive to OSPF.

When the ASBR’s next-hop interface network type is not Point-to-Point or Point-to-Multipoint.

When the ASBR’s next-hop interface address falls into the OSPF network range

Consider the diagram below:

Scenerio 1:When R3-R4 link not advertised in OSPF on R3, Forward Address in external LSA5 for 9.9.0.4/32 shows 0.0.0.0(by default).R1#sh ip ospf database external 9.9.0.4 | i ForwardForward Address: 0.0.0.0———————————————————When R3-R4 link is advertised in OSPF on R3, Forward Address in external LSA5 for 9.9.0.4/32 shows a non zero IP as 9.9.34.4 (IP Address of R4’s interface).R3#sh run int f0/1interface FastEthernet0/1 ip address 9.9.34.3 255.255.255.0    ip ospf 1 area 1  end—————————R1#sh ip ospf database external 9.9.0.4 | i Forward        Forward Address: 9.9.34.4              

Scenerio 2: When Forward Address is filtered/blocked somewhere in OSPF domain.Let’s try pinging External Prefix 9.9.0.4 from R1 without blocking the Forward Address. The ping will work fine as shown below:R1#ping 9.90.4Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 9.9.0.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 24/29/32 msNow, let’s block the Forward address by applying a distribute-list on ABR R2.R2#sh run | s router ospfrouter ospf 1 distribute-list  prefix  BLOCK_FWD_ADDRESS   in  R2#sh run | s BLOCK_FWD_ADDRESSip prefix-list BLOCK_FWD_ADDRESS seq 5 deny 9.9.34.0/24ip prefix-list BLOCK_FWD_ADDRESS seq 10 permit 0.0.0.0/0 le 32Once we block the Forward Address subnet, the External prefix 9.9.0.4 will go unreachable from R1 as shown below:R1#ping 9.9.0.4Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 9.9.0.4, timeout is 2 seconds:UUUUUSuccess rate is 0 percent (0/5)

Hope you have enjoyed reading this Post. Please share your feedback if you liked this post. You can also write to us on [email protected].