Advanced OSPF Topics Part II

Cisco CCNP ROUTE Training

Instructor: Joe Rinehart, CCIE #14256

Advanced OSPF Topics Cisco CCNP ROUTE Training

In This Lesson:
Route Summarization Route Filtering Functionality Virtual Links Configuration of Advanced OSPF Lab Exercises

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Summarization
1. Why Summarize Routes at All? 2. Configuring Summary Routes 3. Verification of Summary Routes

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Summarization
Why Summarize Routes at All? Positive Aspects of Route Summarization Reduction in size and scope of routing tables Shrinking of query scope (stops at router configured with summary) Summary routes carry best metric Potential Drawbacks Possible less than optimal routing Packet discards (if networks contained in the summary are unreachable)

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Summarization
Configuring Summary Routes Uses the area <area #> range <prefix> <mask> command on the ABR in OSPF router configuration mode Summary route to Null0 will be created in the IP routing table for OSPF More specific routes in neighbor routing tables will be suppressed in favor of the configured summary route Multiple summary routes per area

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Summarization
Configuring Summary Routes Uses the summary-address <prefix> <mask> command on the ASBR in OSPF router configuration mode Used for summarization of external routes into the OSPF routing domain More specific routes in neighbor routing tables will be suppressed in favor of the configured summary route Creates a Type 5 LSA for the summary route

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Summarization
Verification of Summary Routes Verify Existence of Summary Route show ip route ospf should list only the summarized route show ip route <prefix> should list route details show ip ospf summary-address should list the summary route show ip route <summary prefix> on the originating router should list the route to Null0 show ip ospf database should list the summary route in the topology

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

1. Understanding OSPF Route Filtering 2. Configuring OSPF Route-Filtering 3. Verifying Route-Filtering

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Understanding OSPF Route Filtering Filtering Inherent to OSPF Certain OSPF area types filter certain types of routes by default Stub/Totally stubby NSSA/Totally NSSA Area Filtering (LSA Type 3 Filtering) Identifying routes to be filtering into or out of a particular area Configured using the area <area#> filter-list prefix <prefix-list> <in|out> command

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Understanding OSPF Route Filtering Filtering OSPF Routes from the IP Routing Table Essentially blocks routes from the OSPF LSDB from being installed in the routing table Utilizes distribute-lists with caveats: While distribute-lists can be used in or out with other protocols, OSPF only supports the in option Using an ACL, prefix-list or route map, permit allows route in the table deny filters the route

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Configuring OSPF Route-Filtering Using Access-Lists for Route Filtering Route filtering uses standard rather than extended access lists Always place more specific entries before more general ones Applying the access-list is performed using the distribute-list command Access-List Filtering Syntax access-list <number | name> <permit | deny> <prefix> <mask> distribute-list <number | name> out <interface>

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Configuring OSPF Route-Filtering Using Prefix-Lists for Route Filtering Allows for the ability to match: Route prefix/subnet Prefix length/mask le and ge can be used together to specify a range of prefix lengths Prefix-List Filtering Syntax prefix-list <name> <permit | deny> <prefix/length> [le | ge] <value> Distribute-list <number | name> <out> <interface>

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Configuring OSPF Route-Filtering Using Route-Maps for Route Filtering Route Maps can be utilized by all routing protocols to perform multiple levels of route manipulation Route Maps use sequence numbers to identify successive steps Route Map actions include: Match: Specifying Match Criteria: IP address Next-hop Interface Route metric

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Configuring OSPF Route-Filtering Using Route-Maps for Route Filtering Route Map actions include: Match: Specifying Match Criteria: Route type (internal/external) MPLS labels (out of scope) Tag (tagged routes) Set: Actions to take: Metric (offset or static value) Tag (tagged routes) Other values exist but do not apply to EIGRP route manipulation

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Configuring OSPF Route-Filtering Route-Map Syntax route-map <map-name> <permit| deny> <sequencenumber> match <match-criteria> set <set-actions> distribute-list route-map <mapname> <out>

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Verifying Route-Filtering Access-List Filtering Use show access-list command and determine if the counters are nonzero Execute show ip route ospf and confirm route does not appear If filtering on all interfaces, execute the show ip protocols command and verify that filtering is applied Prefix-List Filtering Use show ip prefix-list command and determine if the counters are non-zero

Advanced OSPF Topics Cisco CCNP ROUTE Training

Route Filtering Functionality

Verifying Route-Filtering Prefix-List Filtering Execute show ip route ospf and confirm route does not appear Route-Map Filtering Use previously listed commands to confirm specific actions have worked

Advanced OSPF Topics Cisco CCNP ROUTE Training

Virtual Links
1. Understanding Virtual Links 2. Configuring Virtual Links 3. Verifying Virtual Links

Advanced OSPF Topics Cisco CCNP ROUTE Training

Virtual Links
OSPF Area 0
R7

OSPF Area 79
R9

VLAN 79

Virtual-Link

VLAN 910

OSPF Area 910

Understanding Virtual Links What Virtual-Links Accomplish The OSPF hierarchy requires that all areas connect to Area 0 as a transit area Virtual-Links create a legitimate exception by using another area as a R10 transit When to Use Virtual-Links As seldom as possible (design issue) When companies merge To prevent partitioning of Area 0 (called split-brain)

Advanced OSPF Topics Cisco CCNP ROUTE Training

Virtual Links
OSPF Area 0
R7

OSPF Area 79
R9

VLAN 79

Virtual-Link

VLAN 910

OSPF Area 910

Configuring Virtual Links Configuration Takes Place on ABRs of Transit Area (Area 79 pictured left) Use area <area#> virtual-link <router-id> command on ABR on each side of the transit area Other optional commands include: R10 authentication, authentication-key or message-digest-key hello-interval, dead-interval Retransmit-interval, transmitdelay

Advanced OSPF Topics Cisco CCNP ROUTE Training

Virtual Links
OSPF Area 0
R7

OSPF Area 79
R9

VLAN 79

Virtual-Link

VLAN 910

OSPF Area 910

Verifying Virtual Links On the Transit ABRs Execute show ip ospf neighbors command and verify presence of virtual-link neighbor ABR (status full) Execute show ip ospf virtual-links and confirm adjacency and state is up R10 Execute show ip ospf interface and verify virtual-link interface presence and state is up On the Discontiguous Area Router(s) Execute show ip route ospf command and verify expected routes

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

1. Review of OSPF Configuration Commands 2. Configuration of OSPF Routers 3. Verification of OSPF Configuration

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

R6

OSPF Area 0
607 608

706

Frame Relay WAN

806

708

807

R7

Backbone

OSPF Area 79
R9

VLAN 79

VLAN 910

R10

OSPF Area 8 (Stub)

Review of OSPF Configuration Commands Neighbor Authentication Creation of keys using the ip ospf message-digest-key command in interface configuration mode Specification of area parameters using the area <area#> messagedigest command R8 Application to the interface using the ip ospf authentication messagedigest commands

OSPF Area 910

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

R6

OSPF Area 0
607 608

706

Frame Relay WAN

806

708

807

R7

Backbone

OSPF Area 79
R9

VLAN 79

VLAN 910

R10

OSPF Area 8 (Stub)

OSPF Area 910

Review of OSPF Configuration Commands Route Summarization on R10 Suppression of loopback 0 (10.10.10.10/32) on R10 using the area <area#> range <prefix> <mask> command Route Filtering on R9 Creation of standard access-list using R8 the access-list <number> <permit | deny> <network> <mask> command Applying filtering using the distribute-list command

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

R6

OSPF Area 0
607 608

706

Frame Relay WAN

806

708

807

R7

Backbone

OSPF Area 79
R9

VLAN 79

Review of OSPF Configuration Commands OSPF Stub Area Configuration on R8 Configuration of the stub area using the area 8 stub command under the OSPF routing process OSPF Virtual-Link Configuration on R7/R9 Configuration of a virtual-link joining area 910 to Area 0 using the area R8 <area#> virtual-link command under the OSPF routing process

VLAN 910

R10

OSPF Area 8 (Stub)

OSPF Area 910

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

R6

OSPF Area 0
607 608

706

Frame Relay WAN

806

708

807

R7

Backbone

OSPF Area 79
R9

VLAN 79

VLAN 910

R10

OSPF Area 8 (Stub)

OSPF Area 910

Configuration of OSPF Routers Using preshared key of myospfkey between Area 0 frame-relay neighbors Configuration of default route to 192.168.254.1 (ASA Firewall) for Internet access Creating Area 910 range summary of 10.10.10.0/24 from R10 R8Filtering of 10.10.10.10/32 on all routing updates from R9 to R7 Configuration of OSPF stub area on R8 Configuration of a Virtual-Link on R7 and R9

Advanced OSPF Topics Cisco CCNP ROUTE Training

Configuration of Advanced OSPF Lab Exercises

R6

OSPF Area 0
607 608

706

Frame Relay WAN

806

708

807

R7

Backbone

OSPF Area 79
R9

VLAN 79

VLAN 910

R10

OSPF Area 8 (Stub)

OSPF Area 910

Verification of OSPF Configuration Verify fully functional neighbor relationships on R6, R7, & R8 using the show ip ospf neighbor command Verify no 10.10.10.10/32 route exists on all routers except R10 using the show ip route ospf and show ip ospf database summary commands Verify Stub Area using ip ospf command R8 Verify Virtual-Link is correctly configured by confirming output of show ip ospf virtual-links and show ip ospf interface commands on R7

Advanced OSPF Topics Cisco CCNP ROUTE Training

Key Terms You Should Know

Area-Range OSPF route summarization method that advertises a summarized prefix at the Area Border Router Summary-Address OSPF route summarization method that advertises a summarized prefix at the ASBR for external routes Route Summarization The process of taking a larger number of contiguous and expressing them in a reduced form Route-Filtering The process of selectively removing routes from the routing table and/or routing process Distribute-List In OSPF, a route filtering method making use of access-lists, prefix-lists and route maps to prevent OSPF routes from being installed in the IP routing table Virtual-Link Virtual point-to-point link used to link a discontiguous area to Area 0

Advanced OSPF Topics Cisco CCNP ROUTE Training

What We Covered
Route Summarization Route Filtering Functionality Virtual Links Configuration of Advanced OSPF Lab Exercises