- OSPF uses the SPF calculation to determine the shortest loop-free path to a destination for all destinations within an area.
- OSPF is a Link State routing protocol – shares entire view of the network
- Large scalability – hierarchy through “areas” – ABR summarizes the topology
- ASBR’s redistribute routes from other protocols, (loopback redistributed into OSPF will make ASBR)
- fast convergence (hello/dead) timers – track neighbours – event driven incremental updates.
- OSPF shares the LSDB, NEVER the routing table itself. No need to share entire LSDB.
- Non OSPF devices do not need to process packets, like in RIP.
- Area – routers with same topology table (road-map) but different routing tables
- Area < 50 routers – Cisco design recommendation
- All areas must connect to area 0 (transit through)
- OSPF Area 0 backbone must be contiguous – or SPF can become broken
- Virtual Links used to transit to Area 0 – (Router ID’s are very important & NBMA is a requirement)
- SPF algorithm is run against LSDB and the result is the routing table
- Bandwidth based cost for metric – more flexible than static hop count – lowest cost wins
- Floods areas with LSA’s to build LSDB’s using LSU’s
- 5 packet types – transport over IP Protocol 89 – Type 4 & 5 multicast except when retransmitting
- Multicast and Unicast addresses of 18.104.22.168 (to all SPF routers) and 22.214.171.124(to all DR routers)
- Subinterfaces must be configured with point-to-point or multipoint
- clear text and MD5 passwords – control-plane security
- very important to change reference bandwidth > 100 mbps
- Extensible for future applications – LSA’a (e.g. MPLS Traffic Engineering)
- A main choice for choosing OSPF over EIGRP which is non extensible because it’s proprietary)
5 OSPF packet types:
- Hello– OSPF forms neighbor relationships with hello packets (sent every 10 to 30 seconds)
- Database Descriptions – Link-state databases for all routers remain synchronized
- Link State Request– To request pieces of neighbor database that is more up-to-date
- Link State Update – These packets implement the flooding of LSAs
- Link State Acknowledgment– Multiple LSAs can be acknowledged in a single LSAck packet.
Hello Packet – (4) Items must match to start exchanging hellos
- OSPF area number
- OSPF area type, such as stub or NSSA
- Subnet and subnet mask
- OSPF HELLO and Dead timer values – unlike EIGRP where timers are locally significant and don’t need to match
Negotiating neighbour adjacencies: (not all OSPF neighbours actually form an adjacency – Specifically DROthers can be a neighbor but not form an OSPF adjacency – stops at 2-way)
- Unique Local Router-ID – found in the LSDB – (configured under OSPF process)
- Unique Local IP Address
- Interface Area-ID
- Hello/Dead intervals – Need to match – (10/40 30/120)
- Interface network address (wildcard mask)
- Interface MTU (data-plane protection – all devices should have same MTU or issues can occur)
- Network Type – (How OSPF behaves over various media types) – technically do not have to match.
- Authentication -null, cleartext, md5 – no adjacency with different types of authentication.
- Stub Flags – (Filters routes based on LSA types – all area routers must agree on stub flag)
- Optional capabilities (non stop forwarding or graceful restart feature)
The fact that routers are neighbours is not sufficient to guarantee an exchange of link-state updates; they must form adjacencies to exchange link-state updates. Adjacency is an advanced form of neighborship formed by routers that are willing to exchange routing information after negotiating parameters of such an exchange. Routers reach a FULL state of adjacency when they have synchronized views on a link-state database.
OSPF adjacency states: (Pass through seven states before routing)
- Down – A neighbor discovered dynamically through HELLO packets can fall back to a down state.
- Attempt – Try and exchange packets with neighbor.
- Initiate – Router sees HELLO packets from the neighbor, but two-way has not been established
- 2-way – Router has seen its own Router ID in the Neighbor field of the neighbor’s HELLO packet.
- Exstart – Neighbors that are in exstart or exchange state are trying to exchange DBD packets.
- Exchange – The router and its neighbor form a master and slave relationship.
- Loading – Routers send link-state request packets. exchange of the link-state database.
- Full – Routing is occurring at this point
Type 1 –> Router Link –> Flood an Area with to find connected links
Type 2 –> Net Link States –> O routes (Intra Area) –> Generated by DR router
Type 3 –> Summary Net Link –> O IA (Inter Aera Routes)
Type 4 –> Summary ASB Link –> ABR generates ASBR summary & hides topolgy
Type 5 –> Type 5 External –> ASBR generates E1/E2 External Routes
Type 7 –> Type-7 AS External –> ASBR Redistribution Type 7 become Type 5
LSA’s used to describe different types of routes:
Intra Area – Type 1 & Type 2 – O routes
Inter Area – Type 3 & Type 4 – OIA routes
External – Type 5 – E1, E2 routes redistributing of other protocols
NSSA External Type 7 – N1, N2 routes redistributing other protocols, except, ABR is filtering the types of LSA’s allowed into the area.
Link State Advertisement (LSA) Types: which areas for which types?
- Router Link (type 1)– Local to area – generated by every router in the OSPF Network – describes directly connect links to all other neighbours in the area. How OSPF builds topology.
- Network Link (type 2)– Local to area – generated by the DR
- Network Summary (type 3)– ABR – exchange info about other areas (hides details of topology between areas)
- ASBR Summary (type 4) – ABR – used to describe the path to a router doing redistribution. Hides topology
- External Link (type 5) – ASBR generates these External routes (E1 & E2)
- Specialized Multicast OSPF
- NSSA External Link (type 7)– generated by ASBR – N2 routes
- Types 9,10,11 are for future upgrades
OSPF Router types:
- Internal Router – All interfaces reside within the same area.
- Backbone Router – A router with an interface in area 0 (Backbone)
- Area Border Router – Connect 2 or more areas. separates areas for efficient LSA floods (area range)
- AS Boundary Router – Additional routing domains. summarization/redistribution (summary address)
OSPF Router roles:
- Designated Router – Helps to minimize the LSA advertisements – central point on the LAN. DR is at link level, new DR for every multi-access broadcast link in OSPF network. Router-ID is for tie breaker, after priority, when electing a new DR
- Backup Designated Router – redundancy for DR – will not give up role (no preempt).
- Drother – a router that is neither a DR/BDR – stays in 2-Way state, no adjacency formed
* Neighbor priority 0 – adjacency on a P2P link
* ospf priority 0 – The router will never become a DR or BDR router (default is 1)
- DR serves as a common point for all adjacencies on a multiaccess segment
- BDR also maintains adjacencies with all routers in case the DR fails
- Election does not occur on point-to-point or multipoint links
- Default priority (0-255) is 1; Highest priority wins; 0 cannot be elected
- Router-ID – Highest loopback / interface IP; can be statically set; higher the better
- DR preemption will not occur unless the current DR is reset.
OSPF (4) Area types:
- Standard Area – Default OFPF area – no need to filter subnets
- Stub Area – External links (Type 4 & 5) LSA’s are replaced with a default route.
- Totally Stubby Area – Type 3, 4, & 5 LSA’s replaced with a default route.
- NSSA – A stub area containing an ASBR; type 5 LSA’s converted to type 7 within the area.
External Route types:
- E1 – Cost to the advertising ASBR plus the external cost of the route
- E2 – Cost of the route as seen by the ASBR
3 Types of networks defined by OSPF:
- Point to Point – Two routers, no need for a DR/BDR
- Broadcast – multi-access network, such as Ethernet
- NBMA – Frame relay, ATM, X.25
Network Types – how OSPF behaves over various media types
- How is update sent (unicast or multicast)
- Who forms adjacency
- How next hop value is implemented
6 OSPF Network types:
- broadcast – DR/BDR for Ethernet. (minimize LSA flooding by reducing adjacencies)
- non-broadcast (NBMA is default mode – all routers on one IP subnet – static neighbors)
- point-to-multipoint (hello packets discover neighbors dynamically – no DR/BDR)
- point to multipoint non-broadcast (no DR/BDR – static neighbors)
- point-to-point (no DR/BDR needed with 2 devices)
- loopbacks – treated as STUB NETWORKS and advertised as HOST ROUTES (with mask /32)
OSPF path selection order is fixed as follows: (Can’t be modified)
- O – Intra Area – router & network LSA’s
- O IA – Inter Area – summary LSA
- O E1 – External Type 1 – networks outside of the AS of the router (external cost + internal = metric)
- O E2 – External Type 2 – advertised by means of external LSA’s (external cost = metric)
- N1 – NSSA External Type 1
- N2 – NSSA External Type 2
OSPF Stub Areas – filters to reduce the LSDB size without impacting reachability
- Stub – removes LSA types 4 & 5 – default route from ABR reduces the LSDB
- Totally Stubby – Filters 3, 4 & 5 – same default route. (Cisco proprietary)
- NSSA – allows injection of external routes into stub area – type 7 converted to type 5
- Totally NSSA – Filters 3, 4 & 5 – replaces with single default route. (Cisco proprietary)
- Faster CPU, More memory = faster lookups
- Areas for flooding domain segmentation
- Summarization – results in smaller routing tables and less frequent LSA flooding
- Stub Areas – default-information-originate to inject default route into OSPF
- Hello/Dead timers
- BFD – faster lightweight L2 neighbor down detection
- Tunnel formed to join 2 areas across an intermediate
- Both end routers must share a common area
- At least one end must reside in area 0.
- Cannot traverse stub areas.
Verify OSPF is enabled:
- show ip ospf – ABR/ASBR, redistribution/summarization #areas, #interfaces in area, authentication, reference bandwidth
- show ip ospf interface (brief) – this command will show neighbors and adjacencies
Verify OSPF adjacencies:
- show ip ospf neighbor (problem between devices)
- debug ip ospf adj – (Show hello exchange and variable they do not agree on)
Verify OSPF Database:
- show ip ospf database (look at the LSA details found in the DB)
Other OSPF commands:
- clear ip ospf process – will disrupt production! DR will not preempt
- show ip ospf border-routers
- show ip ospf virtual-links
Behavior changes based on media – Ethernet, Frame-Relay, vs. PPP
Different media uses different media types to control:
- How updates are sent
- Who forms adjacencies
- How next hop is calculated
ip ospf network broadcast
- Default on multiaccess broadcast networks like Ethernet
- Sends hellos and updates as multicast
- DR/BDR election is performed based on Priority and Router-ID.
- no preemption – but sometimes order can be unpredictable based on the order that the ospf process loads. router can elect itself DR without other devices on the network based on order of operations. If you need to control this behavior, set priority to 0.
ip ospf network non-broadcast
- Default on multipoint NBMA medias like Frame Relay / ATM
- Sends hellos as unicast (neighbor command)
- Performs DR/BDR Election – ORDER OF OPERATIONS VERY CRITICAL for this type of design.
- Set spokes to priority of 0 to ensure they don’t become DR and break LSA’s.
- Spokes need to be Drothers and will respond to the unicast messages sent by DR/BDR.
- neighbor commands only need to be on the DR/BDR’s
- DR will send out multicast messages to 126.96.36.199 on Ethernet (broadcast) links
point-to-point subinterfaces – L2 network maps directly to the L3 network.
Test – if you can’t use static mappings or point-to-point subinterfaces, then that is going to limit the possible of options you have. Key point for default behavior of network type broadcast or non broadcast is that the DR is not updating the next hop value for any LSA updates coming from Drothers. Router will then have to do a L2 lookup to complete the mapping.
ip ospf network point-to-multipoint:
- Treats network as a collection of point-to-point links
- Sends hellos as multicast to 188.8.131.52
- no DR/BDR election
- Special Next Hop processing
- Usually the best design option for partial mesh NBMA networks.
This design solution solves L2 connectivity issues with L3 ospf routing process.
R2 does not need frame-relay mapping back to spokes and can send traffic directly to the spokes interfaces by doing a L3 look-up towards the Hub.
Without route summarization, every specific-link LSA is propagated into the OSPF backbone and beyond, causing unnecessary network traffic and router overhead. All prefixes are passed into the backbone as type 3 inter-area routes. When summarization is enabled, the ABR intercepts this process and instead injects a single type 3 LSA.
Summarization prevents every router from having to rerun the SPF algorithm, increases the stability of the network, and reduces unnecessary LSA flooding. Also, if a network link fails, the topology change is not propagated into the backbone.
You should configure summarization of internal routes on the ABR’s.
You should configure summarization of external routes as close as possible to the source of redistribution, preferably on the ASBR’s.
Routers in the same OSPF area must have the same database
- Limits filtering capabilities of routing advertisements
Filtering can be accomplished:
- Locally from the database to the routing table
- Distribute-list in
Can’t apply a distribute list outbound on an interface like RIP or EIGRP. OSPF is not sending updates of routes. OSPF is advertising states of the links, encoded inside of the LSA’s.
Therefore the vast majority of filtering in OSPF is done on the ABR based on hierarchy and demarcation points.
- Stub Areas
- Inter Area filter
Troubleshooting OSPF Neighbour issues:
Try using the debug ip ospf adj command. You will be able to tell because it will say something like “Neighbor <router-id> has a larger/smaller interface MTU and generally, the two devices will never make it past the EXSTART state.