You are on page 1of 109

Into The OSPF

By – MANJU DEVARAJ

Intro
• Open Shortest
Path First
• Link State or SPF technology
• Developed by the IETF’s OSPF
working group (RFC 1247)
• Designed for TCP/IP
• Fast Convergence





Variable length netmasks
Non-contiguous subnets
No need for periodic updates
Route authentication
OSPF is defined in RFC2328

Manju Devaraj

2

OSPF Features

Provides authentication of routing messages

Supports subnetting

Supports multicasting

Allows hierarchical routing

Allows route filtering & stops flooding at ABRs

Enables load balancing by allowing traffic to be split evenly across routes with
equal cost

Important: An OSPF process running on a
router must have its own router ID, which is a
32-bit unsigned integer, the unique identifier
of the router in the AS.

Type-of-Service routing allows to setup different routes dependent on the TOS
field
- Uses own transport protocol: 89
- Supports equal-cost load balancing for more efficient use.

Manju Devaraj

3

(more in a moment) Manju Devaraj 4 .Terminology   Router ID – Used to identify the routers in the OSPF network  IP address configured with the OSPF router-id command (extra)  Highest loopback address (configuration coming)  Highest active IP address (any IP address) Loopback address has the advantage of never going down. thus diminishing the possibility of having to re-establish adjacencies.

because a node is down). • If parts of the directions incorrect. Manju Devaraj 5 . each node has information only about the next hop: • • • • Node A: to reach F go to B Node B: to reach F go to D Node D: to reach F go to E Node E: go directly to F A B C • Distance vector routing makes poor routing decisions if directions are not completely F D E correct (e..Distance Vector vs. Link State Routing • With distance vector routing.g. the routing may be incorrect until the routing algorithms has re-converged.

Distance Vector vs. each node has a complete map of the topology  If a node fails. each node can calculate the new route  Difficulty: All nodes need to have a consistent view of the network A B C D E A F A Note: The optimal path is determined by adding the costs of the interfaces : Cost = 10^8/(Bandwidth) B C D E A F B D E C D E B C A D E F F F C Manju Devaraj D C B A A B E B C D E F6 F . Link State Routing  In link state routing.

neighbors of the link) 3. which describes the network has a graph with weighted edges 4. Each router uses its link state database to run a shortest path algorithm (Dijikstra’s algorithm) to produce the shortest path to each network Manju Devaraj 7 . Each router establishes a relationship (“adjacency”) with its neighbors 2. Each router maintains a database of all received LSAs (topological database or link state database). cost. state of the link.Link State Routing: Basic princples 1.Each router generates link state advertisements (LSAs) which are distributed to all routers LSA = (link id.

Manju Devaraj 8 . •l Each router uses the SPF algorithm to compute a Shortest Path Tree that shows the routes to the nodes in the autonomous system. •l Each router transforms the LSDB to a weighted directed graph. which actually reflects the topology architecture of the entire network. An LSA describes the network topology around a router. •l Each OSPF router collects LSAs from other routers to compose a LSDB (Link State Database). so the LSDB describes the entire network topology of the AS. All the routers have the same graph. each router generates Link State Advertisements (LSA) and sends them to other routers in update packets. The router itself is the root of the tree.OSPF route computation OSPF route computation in an area : •l Based on the network topology around itself.

Operation of a Link State Routing protocol Received LSAs Link State Database Dijkstra’s Algorithm IP Routing Table LSAs are flooded to other interfaces Manju Devaraj 9 .

Link State Faster Convergence

•Each node requires complete topology information
•Link state information must be flooded to all nodes
•Guaranteed to converge

• Finding a new path
– Flood LSAs in the area
– Based in acknowledgements (Ack)
– Synchronized topology DB
– Each router calculates its routing table for
each destination network

LSA

X

N1
R1
Manju Devaraj

10

OSPF Packet types

OSPF uses five types of packets:
•l
Hello packet: Periodically sent to find and maintain neighbors, containing the values of
some timers, information about the DR, BDR and known neighbors.
•l
DD packet (database description packet): Describes the digest of each LSA in the LSDB,
exchanged between two routers for data synchronization.
•l
LSR (link state request) packet: Requests needed LSAs from the neighbor. After
exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from
the local LSDBs. In this case, they send an LSR packet to each other, requesting the missing LSAs.
The LSA packet contains the digest of the missing LSAs.
•l
LSU (link state update) packet: Transmits the needed LSAs to the neighbor.
•l
LSAck (link state acknowledgment) packet: Acknowledges received LSU packets. It
contains the headers of received LSAs (a packet can acknowledge multiple LSAs).

Manju Devaraj

11

OSPF Areas , Route types



Manju Devaraj

Internal Router (IR)
Area Border Router (ABR)
Backbone Router (BR)
Autonomous System Border
Router (ASBR)

12

0.Multi-Access networks All routers must accept packets sent to the AllSPFRouters (224.0.0.6) address Hello packets are sent to the AllSPFRouters address (Unicast for point-to-point and virtual links) Manju Devaraj 13 .5) address All DR and BDR routers must accept packets sent to the AllDRouters (224.0.

0 10 LS Type 10.1. Router 10.1.1.3 .10.1.1.10.10.5 .10.2 .1.3 .10.1.2 /2 .0 / 24 10.0/24 10.1 .10.10.7.3 0x6b53 0x80000003 1712 Router-LSA 10.1.0 / 24 .2 10.1.1 .10.1 .1.0 / 24 10.2 LS Age Router-LSA 10.5 10.1 10.4.5.10.1 10.5 10.1. Link StateID .1.1 0x9b47 0x80000006 0 Router-LSA 10.4 10.6.5 Each router has a database which contains the LSAs from all other routers 14 .1.6 .1 10.10.10.2 0x219e 0x80000007 1618 Router-LSA 10.4 10.10.1.6 8 .10.10.10.4 0xe39a 0x8000003a 20 Router-LSA 10.3.2 .10.1.Network and Link State Database 10.0 / 24 .10.10.6 0x05c3 0x80000005 1680 Manju Devaraj 4 LS SeqNo /2 Checksum 2 .1.10.5 .3 .1.10.10.4 10.10.3 10.10.1.2 .6 10.5 0xd2a6 0x80000038 18 Router-LSA 10.0 / 24 .0 Adv.4 .1.6 4 . .10.4 10 10.

the more likely the interface is to be used to forward data traffic. This cost is configurable by the system administrator. The lower the cost. essentially making the OSPF cost reflect hop counts. Moy • “A cost is associated with the output side of each router interface. J. OSPF version 2.OSPF’s Metric is Cost (Bandwidth) RFC 2328. Manju Devaraj 15 . • Bay and some other vendors use a default cost of 1 on all interfaces.” • RFC 2328 does not specify any values for cost.

• Cost of a route is the cumulative costs of the outgoing interfaces from this router to the network. lower the cost the better the route.OSPF’s Metric is Cost (Bandwidth) Cisco: Cost = Bandwidth • Cisco uses a default cost of 108/bandwidth • Default bandwidth of the interface (bandwidth command) • 108 (100. – Routing metrics. – I.000 bps (100 Mbps).000. See ospf auto-cost reference-bandwidth command.e.000.000) as the reference bandwidth: This is used so that the faster links (higher bandwidth) have lower costs. Manju Devaraj 16 . RIP: 3 hops is better than 10 hops – Extra: The reference bandwidth can be modified to accommodate networks with links faster than 100.

OSPF’s Metric is Cost (Bandwidth)
Cisco default interface costs:

56-kbps serial link = 1785

64-kbps serial link = 1562

T1 (1.544-Mbps serial link) = 64

E1 (2.048-Mbps serial link) = 48

4-Mbps Token Ring = 25

Ethernet = 10

16-Mbps Token Ring = 6

Fast Ethernet = 1

Problem: Gigabit Ethernet and faster = 1

128-kbps serial link = 781

Cost =
100,000,000/Bandwidth

Notes:

Cisco routers default to T1 (1.544 Mbps) on all serial interfaces and require manual modification with the bandwidth command.

ospf auto-cost reference-bandwidth reference-bandwidth can be used to modify the reference-bandwidth for higher speed
interfaces

Manju Devaraj

17

OSPF’s Metric is Cost (Bandwidth)
Few final notes
• For serial links, if it is not a T1 line, use the bandwidth command to configure
the interface to the right bandwidth
• Both sides of the link should have the same bandwidth value
• If you use the command ospf auto-cost reference-bandwidth
reference-bandwidth, configure all of the routers to use the same
value.

Manju Devaraj

18

OSPF Packet Types

Manju Devaraj

19

OSPF Hello Protocol Hello subprotocol is intended to perform the following tasks within OSPF: • Dynamic neighbor discovery • Detect unreachable neighbors • Ensure two-way communications between neighbors • Ensure correctness of basic interface parameters between neighbors • Provide necessary information for the election of the Designated and Backup Designated routers on a LAN segment (coming) Manju Devaraj 20 .

120 secconds for NBMA) and can be changed with the command ip ospf dead-interval. the Hello. = 40 seconds. ATM) –Most cases OSPF Hello packets are sent as multicast to ALLSPFRouters (224. • RouterDeadInterval .0. DeadInterval and network types must be identical between routers or Hello packets get dropped! Manju Devaraj 21 .25.Cisco default = 10 seconds or 30 seconds and can be changed with the command ip ospf hello-interval. X. –Cisco uses a default of four-times the HelloInterval (4 x 10 sec.OSPF Hello Protocol • OSPF routers send Hellos on OSPF enabled interfaces: –Default every 10 seconds on multi-access and point-to-point segments –Default every 30 seconds on NBMA segments (Frame Relay.The period in seconds that the router will wait to hear a Hello from a neighbor before declaring the neighbor down.5) • HelloInterval . • Note: For routers to become adjacent.0.

• Many administrators prefer to use point-to-point or point-to-multipoint for NMBA to avoid the DR/BDR and full-mesh issues. Manju Devaraj 22 .Network Types – more later show ip ospf interface Unless you are configuring an NBMA network like Frame Relay. this won’t be an issue.

OSPF packet types (Extra) OSPF Type-2 (DBD) OSPF Type-3 (LSR) OSPF Type-4 (LSU) OSPF Type-5 (LSAck) Manju Devaraj 23 .

OSPF packet types (Extra) OSPF Type-4 packets have 7 LSA packets Manju Devaraj 24 .

Steps to OSPF Operation Manju Devaraj 25 .

my name is Carlos. my name is Carlos.Steps to OSPF Operation with States 1. Carlos. my name is Maria.” –Two-way State – Hello received. my name is Maria. Calculating the Routing Table –Two-way State with all other routers 3. Discovering Routes 5.” 2. and with this router’s Router ID •“Hi. Establishing router adjacencies (Routers are adjacent) –Down State – No Hello received –Init State – Hello received. Maria. but not with this router’s Router ID •“Hi. Electing DR and BDR – Multi-access (broadcast) segments only –ExStart State with DR and BDR 4. Maintaining the LSDB and Routing Table –ExStart State –Exchange State –Loading State –Full State (Routers are “fully adjacent”) Manju Devaraj 26 .” “Hi.” “Hi.

• When a router (sends or) receives its first Hello packet.5.0.OSPF routers send Type 1 Hello packets at regular intervals (10 sec.1 10.0.0.6.0.6.1. the router is ready to take the relationship to the next level.0. • Now. Establishing Adjacencies Hello 10.1 Down State .5.1 Hello 10. indicating that the Hello packet was received but did not contain the Router ID of the receiving router in the list of neighbors.5.6. so two-way communications is not yet ensured.1 Hello 10.1 2-way Down Init 2-way Down Init Hello 10.1 10.0. • As soon as the router sends a Hello packet to the neighbor with its RouterID and the neighbor sends a Hello packet packet back with that Router ID. the router’s interface will transition to the two-way state.Init State – Two Way State • Down State . it enters the init state. Manju Devaraj 27 .) to establish neighbors.

Electing the DR and BDR •   On multi-access. a DR and BDR (if there is more than one router) need to be elected. the formation of an adjacency between every attached router would create many unnecessary LSA (Link State Advertisements). n(n-1)/2 adjacencies. • DR . • If the IP network is multi-access.Designated Router • BDR – Backup Designated Router • DR’s serve as collection points for Link State Advertisements (LSAs) on multi-access networks • A BDR back ups the DR. Flooding on the network itself would be chaotic. broadcast links (Ethernet). Manju Devaraj 28 . the OSPF routers will elect one DR and one BDR Without a DR.

Rtr(config-if)# ip ospf priority <0-255>   Higher priority becomes DR/BDR  Default = 1  0 = Ineligible to become DR/BDR The router can be assigned a priority between 0 and 255. this one can be rigged.) Manju Devaraj 29 .Electing the DR and BDR  Router with the highest Router ID is elected the DR.  The router’s priority field can be set to either ensure that it becomes the DR or prevent it from being the DR.  But like other elections. with 0 preventing this router from becoming the DR (or BDR) and 255 ensuring at least a tie. next is BDR. (The highest Router ID would break the tie.

0.Electing the DR and BDR • All other routers. “DROther”.BDR • Listens. but doesn’t act. it becomes the DR and takes over the update process.0. establish adjacencies with only the DR and BDR. • The process for a new BDR begins. BDR sets a timer. • If timer expires before it sees the reply from the DR. Manju Devaraj 30 .0. • DRother routers multicast LSAs to only the DR and BDR – (224.0.6 .all DR routers) • DR sends LSA to all adjacent neighbors (DROthers) –(224.5 . • If LSA is sent.all OSPF routers) Backup Designated Router .

BDR. (The reason for a DR/BDR.Clarifications • Hello packets are still exchanged between all routers on a multi-access segment (DR. which might be between two DROthers.) • Normal routing of IP packets still takes the lowest cost route. DROthers. • OSPF LSA packets (coming) are packets which are sent from the BDR/DROthers to the DR.) to maintain neighbor adjacencies. Manju Devaraj 31 .…. and then from the DR to the BDR/DROthers.

Steps to OSPF Operation with States Discovering Routes and Reaching Full State Manju Devaraj 32 .

• This will prepare for initial database exchange. • Once the roles are established they enter the Exchange state. routers in ExStart state are characterized as adjacent. • Routers are now ready to exchange routing information. • Formally. • Purpose of ExStart is to establish a “master/slave relationship” between the two routers decided by the higher router id. But who goes first in the exchange? • ExStart is established by exchanging OSPF Type-2 DBD (Database Description) packets (I believe the curriculum says LSA type 2 which is something else). but have not yet become “fully adjacent” as they have not exchanged data base information.ExStart State – the explanation ExStart State • This state starts the LSDB (Link State Data Base) synchronization process. Manju Devaraj 33 . – Between routers on a point-to-point network – On a multi-access network between the DRothers and the DR and BDR.

.. | (LSA descriptions) Manju Devaraj 34 .DBD Packet 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version # | 2 | Packet length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Router ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Area ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | AuthType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Interface MTU | Options |0|0|0|0|R|I|M|MS +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DD sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+ | | +An LSA Header -+ | | +-+ | | +-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | .

which is a summary of the link-state database – send LSAcks to verify Routers compare these DBDs with information in its own database. Manju Devaraj 35 . This process ends when both routers stop have sent and received acknowledgements for all their DBD packets – that is they have successfully sent all their DBD packets to each other. When a DBD packet is received the router looks through the LSA (Link State Advertisement) headers and identifies LSAs that are not in the router’s LSDB or are a different version from its LSDB version (older or newer). If the LSA is not in its LSDB or the LSA is a more recent version. the router adds an entry to its Link State Request list.• • • • • Exchange State – the explanation Routers exchange one or more Type-2 DBDs (Database Description) packets.

Complete routing information is exchanged in the loading state. then it enters the loading state. Manju Devaraj 36 . meaning that it needs additional information from the other router for routes that are not in its LSDB or has more recent versions. discussed next. If there are no entries in its Link State Request list.Exchange State – the explanation Exchange State • • • If a router has entries in its Link State Request list. than the router’s interface can transition directly to full state.

The router needing additional information sends LSR (Link State Request) packets using LSA information from its LSR list. Manju Devaraj 37 . meaning that it needs additional information from the other router for routes that are not in its LSDB or has more recent versions.Loading State . then it enters the loading state.the explanation Loading State • • If a router has entries in its Link State Request list.

the explanation Loading State • • • The other routers replies by sending the requested LSAs in the Link State Update (LSU) packet. When all LSAs on the neighbors Link State Request list have been received. Manju Devaraj 38 .Loading State . the “neighbor FSM” transitions this interface to Full state. The receiving router sends LSAck to acknowledge receipt.

Link State Requests (LSR) .

.

after all LSRs have been updated. Flooding LSAs • Once this interface transitions to or from Full state the router originates a new version of a Router LSA (coming) and floods it to its neighbors.all OSPF routers) – BDR/DROther: If the LSA was received on this interface.Full State .0. distributing the new topological information – out all OSPF enabled interfaces. Calculating Routing Table • The router still must calculate its routing table – Next! Manju Devaraj 41 . send it out this interface so DROthers receive it (224.0. do not send out this interface (received from DR). • At this point the routers should have identical LSDBs (link-state databases). • Broadcast networks: – DR: If the LSA was received on this interface.the explanation Full State • Full state .5 .

Special note: When a link goes down and a router wants to send a LSA to tell other routers to remove this link state. OSPF only floods link state state advertisements when there is a change in topology (this includes when a routers are first booted). OSPF uses hop-by-hop flooding of LSAs. it sends this link state with a value of 60 minutes (MAXAGE). it is removed and SPF is recalculated. an LSA received on one interface are flooded out other OSPF enabled interfaces. Every 30 minutes (LSRefreshTime). Manju Devaraj 42 .Couple of notes on link state flooding… • • • • • • OSPF is a link state routing protocol and does not send periodic updates like RIP. OSPF routers flood only their link states to all other routers (in the area). If a link state entry in the LSDB (Link State DataBase) reaches an age of 60 minutes (MaxAge) without being updated. – This is known as a “paranoid update” – These do not trigger SPF recalculations.

• To minimize this problem: – SPF calculations are delayed by 5 seconds after receiving an LSU (Link State Update) – Delay between consecutive SPF calculations is 10 seconds • You can configure the delay time between when OSPF receives a topology change and when it starts a shortest path first (SPF) calculation (spf-delay). Router(config-router)#timers spf spf-delay spf-holdtime 43 . the number of routers.Calculating the Routing Table SPF Holdtime • SPF algorithm is CPU intensive and takes some time depending upon the size of the area (coming next week). the size of the link state database. and never converge. • You can also configure the hold time between two consecutive SPF calculations (spf-holdtime). • A flapping link can cause an OSPF router to keep on recomputing a new routing table.

Checksum Sum 0x1D81A Number of opaque link LSA 0.0. Checksum Sum 0x0 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0 44 .6.1 <OUTPUT OMITTED> Area BACKBONE(0) Number of interfaces in this area is 2 Area has no authentication SPF algorithm executed 5 times Area ranges are Number of LSA 4.Calculating the Routing Table RTB#show ip ospf 1 Routing Process "ospf 1" with ID 10.

OSPF characteristics • OSPF areas are designed to keep issues like flapping links within an area. • OSPF uses link-state principles only within an area. This is why show ip ospf does not show a change in the number of times SPF has been executed when the topology change is in another area. • ABRs do not announce topological information between areas. only routing information is injected into other areas. SPF is not recalculated if the topology change is in another area. 45 . instead. announcing multiple routes as a single inter-area route. • ABRs relay routing information between areas via distance vector technique similar to RIP or IGRP. Note: It is still a good idea to perform route summarization between areas. • The interesting thing is that OSPF distributes inter-area (between areas) topology information using a distance-vector method . This will hide any changes in one area from affecting routing tables in other areas.

Maintaining LSDB and Routing Table Information R1 sends out LSU to DR DR sends out LSU to DROthers (Note graphic should include R1) DR sends ACK to R1 46 DRothers reply with ACK to DR (Note graphic should include R1) .

Step 5 – Maintaining LSDB and Routing Table Information Routers forward LSU out other interfaces Routers rerun SPF to calculate a new routing table 47 .

link failure can be determined by: – Physical layer or data link layer – directly reporting a state change on a directly connected interface. installation or removal of a route in the routing table may trigger the need to send LSAs to other areas. – The Hello subprotocol – The router’s interface has not received a Hello packet from an adjacent neighbor within the OSPF RouterDeadInterval time (40 seconds or 120 seconds on NBMA links).Maintaining LSDB and Routing Table Information OSPF convergence time for intra-area routing is determined by the amount of time routers spend on: • Link-failure or neighbor unreachability detection • Origination of the new LSA • Flooding the new version of the LSA to all routers • SPF calculation on all routers When inter-area routing is considered. Link-failure or neighbor unreachability detection • In OSPF. 48 . • Remember. so changes in other areas to not cause the router to re-run the SPF algorithm. • OSPF uses link-state principles only within an area. OSPF distributes inter-area (between areas) topology information using a distancevector method. • New inter-area routes may need to be calculated in the other areas.

• LSU packet Router LSA 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version # | 4 | Packet length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Router ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Area ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | AuType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | # LSAs | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ++-+ | +| LSAs .Maintaining LSDB and Routing Table Information • FYI: LSAs are not originated any faster than every 5 seconds (MinLSInterval) to prevent flooding storms in unstable networks. it sets the LS Age field to the MaxAge value (3.600 seconds). | +-+ | 49 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS age | Options | 1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link State ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Advertising Router | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS checksum | length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0 |V|E|B| 0 | # links | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link Data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | # TOS | metric | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | . | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TOS | 0 | TOS metric | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link Data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . which tells routers to flush this entry from their LSDB. When the router wants to report a down link.....

600 seconds). 50 .800 seconds) and when this time expires the router that originated the LSA will floods a new LSA to all its neighbors.” or “periodic update. who will reset the age of the LSA in its LSDB. • This is also known as the “paranoid update. – this is known as the MaxAge value of the LSA entry. • Before this happens the LSA has a Link State Refresh Time (LSRefreshTimer). • When an LSA reaches MaxAge.” • These updates do not trigger recalculation of the routing table. it is flushed from the LSDB. with a default of 60 minutes (3.Periodic updates • Each LSA entry in the link-state database has its own age timer. 30 minutes. (1.

one for static route sources. which allows you to run multiple. and does not have to be the same number on other routers (they don’t care). • This is different than the process-id used for IGRP and EIGRP which must be the same on all routers sharing routing information.535 • Cisco feature. . • Extra: FYI .65.Enabling OSPF Rtr(config)# router ospf process-id • process-id: 1 . This is because it limits the number of protocol descriptors to 32. using one for connected route sources. different OSPF routing processes on the same router. and 30 for dynamic route sources. (But don’t!) • Process-id is locally significant.Cisco IOS limits the number of dynamic routing processes to 30.

• Also. tells OSPF to include this network in its routing updates • Wildcard is necessary because OSPF supports CIDR and VLSM • Most of the time you can just use an inverse-mask (like access-lists) as the network wildcard mask.255 area 0 .0.1.0.Configuring the Network Command Rtr(config)# router ospf process-id Rtr(config-router)#network address wildcard-mask area area-id • Tells OSPF which interfaces to enable OSPF on (send and receive updates).1.0 0.5. matching the address and wildcard mask.255.5.255.0 Rtr(config)# router ospf 10 Rtr(config-router)#network 10. Rtr(config-if)#ip add 10.1 255.

168.4/30 Vargas Vargas(config)#router ospf 10 Vargas(config-router)#network 192.0.Network Command and the Wildcard Mask RouterID: lo0 200.168.1.1 fa0 RouterID: lo0 201.1.1/32 192.0.255.0/30 .1 192.5 Non-OSPF link 192.168.0.0/24 .20.0/24 .0/30 Merida Merida(config)#router ospf 1 Merida(config-router)#network 192.1/32 Merida lo1 S0 S0 .255.255 area 0 53 .168.0.1 Vargas lo1 .0.0.168.20.0.0.3 area 0 Vargas(config-router)#network 192.20.0.2.0 0.255 area 0 Merida(config-router)#network 192.20.255 area 0 Merida(config-router)#network 192.168.3 area 0 Only 192.0 0.1 fa0 192.0 0.168.30.0.20.0/24 192.30.0 0.0.0/30 255.168.252 NOT 192.168.0.168.0.4.20.168.2 .0.2.168.0 0.

0 Subnets 49-63 Range 255.117.0.255.240.108.0 area 3 Network 131.0 Area 1 Network 131.0 Subnets 33-47 Range 255.Addressing Area 0 Network 192.49.255.108.255.0.0 Area 2 Network 131.240.0 Try to assign contiguous subnet ranges to facilitate summarization .108.0 Range 255.240.255.0.0 Subnets 17-31 Range 255.255.

n interfaces. Rtr(config-if)#ip add 10.1.255.255. not recommended Rtr(config)# router ospf 10 Rtr(config-router)#network 10.0 255.0.255 area 0 • Matches all interfaces on this router.0 area 0 • Matches only the interface 10.0 Rtr(config)# router ospf 10 Rtr(config-router)#network 0.1. MANJU DEVARAJ 55 .0.2 and not any other 10.5.1 255.1.5.1.5.2 0.0.5.Configuring the Network Command Extra Other times you may wish to get more specific or less specific.255.255.0.

10 . Jeff Doyle 192.0/27 192.0/29 .10.168.10. I.168.65 .255 does the actual matching with “don’t care” bits placed across the entire four octets of the address.0 is just a placeholder.0 Matisse Extra Info Rubens router ospf 10 network 0.9 Rubens 192.0.255 area 1 • • • This will match all interfaces on the router. MANJU DEVARAJ 56 . The address 0.1 .From Routing TCP/IP Vol.168.255.168.2 Chardin .20.10.30.168.0/28 Area 1 192.0 255.0/26 Area 192.255.2 Area 0 . the inverse mask of 255.0.255.10.1 . This method provides the least precision control and is generally discouraged against.255.0/30 .1 Goya .0.168.0.33 192. as you may bring up another interface on the router and you did not mean to run OSPF on that interface.

168.255.255.From Routing TCP/IP Vol.30.65 .1 .n in the first three octets belongs to area 1 and any interface that has 192. Notice that the inverse mask does not have to inversely match the subnet mask of the interface (255.9 Rubens 192.0/30 .168.20.2 Chardin .10 .33 192.10.168.1 .0.248 and 255.2 Area 0 .20.0 0.168.255 area 0 • • • • Chardin is a ABR (Area Border Router) which we will discuss next chapter.10.n in the first three octets belongs to area 0.168.0.10.0.255. We need to be more specific here as each interface belongs to a different area.0 Matisse Extra Info Chardin router ospf 20 network 192.0/26 Area 192.252).255 area 1 network 192.168.168. Jeff Doyle 192.168.30.0 0.168.1 Goya .0/28 Area 1 192.0/27 192. Here we are saying that any interface that has 192. MANJU DEVARAJ 57 .0/29 .0.30.168. and belongs to two different areas.10.255. I.20.

10.168.10.10.0.9 Rubens 192.10. Jeff Doyle 192.255.1 .0 0.0 Extra Info Goya router ospf 30 network 192.0/30 .0.0.255.0/26 Matisse Area 192.2 Chardin .10. The network statements will only match the specific subnets configured on the two interfaces.3 area 0.168.0/29 .255.1 .0/28 Area 1 192.224 = 11100000 00000 = host bits 31 = 00011111 .0 network 192.168.31 area 192.From Routing TCP/IP Vol.168.1 Goya .Match last two bits of subnet mask /27 = 255.0/27 192.252 = 11111100 00 = host bits 3 = 00000011 . /30 = 255.0 0.0.168.0 • • Goya is also an ABR.0.30.2 Area 0 .Match last five bits of subnet mask MANJU DEVARAJ 58 .33 192.10 .20.20.168.168.255. I.0.65 .10.168.168.

168. MANJU DEVARAJ 59 .10.0.20.0.10 .168.31 area 192. but when it is used.168. – When the dotted decimal is used OSPF packets are converted to “0” so the two can be compatible.0/29 .0.10. Area 0 can be represented as 0 or 0.0.0.0.1 .20.10.30.10.33 192. most people use the network address.10.0 Matisse Extra Info Goya router ospf 30 network 192.168. I.168.168.2 Area 0 .From Routing TCP/IP Vol.0/27 192.2 Chardin .1 Goya .168.0.0 • • • • Goya is also an ABR.0/28 Area 1 192.0 0.10.0 network 192.168.0. In my experience it is not very common.65 .0.9 Rubens 192.1 .0/30 .0 0.0/26 Area 192.168. Also notice that you can use an dotted decimal notation to represent an area.3 area 0. Jeff Doyle 192.

168.2 Chardin .10.0.20.33 192.0/29 .2 0.0.0.1 .30. Jeff Doyle 192.0/30 .168.10.168. The network statements for this router are configured specifically for the individual addresses and the inverse mask indicates that all 32 bits must match exactly.10.65 . MANJU DEVARAJ 60 .168. This method provides the most precise control over which interfaces will run OSPF.0 Matisse Extra Info Matisse router ospf 40 network 192.168.168.168.33 0.168.65/26.10. 192.168.0 network 192.0/27 192. which is not running OSPF.0/28 Area 1 192.10.From Routing TCP/IP Vol.0 • • • Matisse has one interface.0.10.0 area 192.1 Goya .10 .9 Rubens 192.10. I.1 .168.2 Area 0 .0/26 Area 192.0 area 192.10.10.168.

Configuring a Loopback Address Rtr(config)# interface loopback 0 Rtr(config-if)# ip add 10.1.1.255. useful to configure “virtual” networks that you can ping and route as if they were attached networks.1 255.255. MANJU DEVARAJ 61 .0 • Automatically are “up” and “up” • Very useful in setting Router IDs as they never go down. • RouterID is used to identify the routers in the OSPF network – IP address configured with the Router-ID command (extra) – Highest loopback address – Highest active IP address • Important for DR/BDR elections unless you use the ip ospf priority command (next) • Extra: Also.

Rtr(config)# interface fastethernet 0 Rtr(config-if)# ip ospf priority <0-255> • Higher priority becomes DR/BDR • Default = 1 • Ineligible to become DR/BDR = 0 MANJU DEVARAJ 62 . • But like other elections. next is BDR. this one can be rigged.DR/BDR Elections • Router with the highest Router ID is elected the DR.

• Does not modify the actual speed of the link.Modifying the Cost Rtr(config-if)# bandwidth 64 = Rtr(config-if)# ip ospf cost 1562 bandwidth command Rtr(config-if)# bandwidth kilobits (ex: 64 = 64.000bps) • Changes the default bandwidth metric on a specific interface. MANJU DEVARAJ 63 . ip ospf cost command RTB(config-if)# ip ospf cost value (ex: 1562. • Used in the 108/bandwidth calculation for cumulating the cost of a route from the router to the network on the outgoing interfaces. same as bandwidth = 64kbps) • Configures the cost metric for a specific interface • Uses this value for the cost of this interface instead of the 108/bandwidth calculation • Common for multivendor environments.

has come from a router that should be sending it. trusts that routing information received. but they must be same between neighbors. in ospf router mode. MANJU DEVARAJ 64 .Configuring Simple Authentication A router. by default. After a password is configured. you enable authentication for the area on all participating area routers with: Rtr(config-router)# area area authentication • Configured for an OSPF area. Rtr(config-if)# ip ospf authentication-key passwd • Configured on an interface • password = Clear text unless message-digest is used (next) –Easily captured using a packet sniffer –Passwords do not have to be the same throughout an area.

16.0/8 s2 RouterA 172.16.64.0.16.2 255.64.0.0.0.16.16.64.0.255.255.0.16.255.255.0 ip address 192.0.0/16 RouterB 192.0.0 ip ospf authentication-key secret ip ospf authentication-key secret ! ! router ospf 10 router ospf 10 network 192.64.2/24 RouterA RouterB interface Serial1 interface Serial2 ip address 192.Configuring Simple Authentication s1 70.64.0 0.255.0 0.1/24 192.16.255.0 0.64.0.16.255 area 0 network 192.255.255 area 0 area 0 authentication area 0 authentication MANJU DEVARAJ 65 .1 255.0.255 area 0 network 70.0.255 area 0 network 172.0 0.

you enable authentication for the area on all participating area routers with: Rtr(config-router)# area area authentication [messagedigest] • message-digest option must be used if using message-digest-key • If optional message-digest is used. or hash. • md5 = Encryption-type • password = encrypted –Passwords do not have to be the same throughout an area. but they must be same between neighbors. After a password is configured. of the password is sent. a message digest.Configuring MD5 Encrypted Authentication Rtr(config-if)# ip ospf message-digest-key key-id md5 password • Key-id = 1 to 255. must match on each router to authenticate. MANJU DEVARAJ 66 .

16.0/16 RouterB 192.0.255.255.255 area 0 area 0 authentication message-digest area 0 authentication message-digest MANJU DEVARAJ 67 .64.0.255.0.0 0.2/24 RouterA RouterB interface Serial1 interface Serial2 ip address 192.0.16.64.255.255.64.0 0.0/8 s2 RouterA 172.0 ip address 192.16.0.0.16.0 0.1 255.0.255 area 0 network 70.0.16.0.2 255.64.Configuring MD5 Encrypted Authentication s1 70.16.64.0 ip ospf message-digest-key 1 md5 secret ip ospf message-digest-key 1 md5 secret ! ! router ospf 10 router ospf 10 network 192.16.0 0.0.64.255.1/24 192.0.255 area 0 network 192.255 area 0 network 172.255.16.

creates a message digest. • The Message Digest is like a watermark that can’t be faked. • The receiving router uses the shared password and the packet to recalculate the digest.MD5 Encryption • MD5 authentication. • In the case of message-digest authentication. the authentication data field contains the key-id and the length of the message digest that is appended to the packet. MANJU DEVARAJ 68 . • This is scrambled data that is based on the password and the packet contents . • If the digests match. the router believes that the source of the packet and its contents have not been tampered with.

• On non-broadcast networks hello interval = 30 seconds. dead interval 40 seconds. the dead interval is 4 times the hello interval.Configuring OSPF Timers Rtr(config-if)# ip ospf hello-interval seconds Rtr(config-if)# ip ospf dead-interval seconds • Configured on an interface • For OSPF routers to be able to exchange information. dead interval 120 seconds. MANJU DEVARAJ 69 . • Note: On some IOS’s. • By default. so the a router has four chances to send a hello packet being declared dead. the must have the same hello intervals and dead intervals. • Do not modify defaults unless you have a compelling need to do so. Defaults • On broadcast networks hello interval = 10 seconds. Hello timers may need to be adjusted. the deadinterval automatically changes when the hellointerval is modified. (not required) • In multi-vendor networks.

0.0 0. the router that connects your network to the outside world. MANJU DEVARAJ 70 .0.0.0/0 to the other routers in the area.Configuring and Propagating a Default Route Router(config)# ip route 0.0.0.0 serial0 Router(config)# router ospf 1 Router(config-router)# default-information originate [always] • If the ASBR has a default route configured (ip route 0.0.0.0 0.0).0. –This router is known as the ASBR (Autonomous System Boundary Router) • Extra: The always option will propagate a default “quad-zero” route even if one is not configured on this router. • Important: The default route and the default-information originate command are usually only be configured on your “Entrance” or “Gateway” router.0. the default “quad-zero” route will not be propagated. • If the default-information originate command is not used.0. the default-information originate command is necessary to advertise 0.

0.0/0 Marketing Engineering and Marketing will have 0.0.0/0 default routes forwarding packets to the Entrance router.0.0.0.0 0.0. Entrance(config)# ip route 0.0.255 area 0 Entrance(config-router)# default-information originate MANJU DEVARAJ 71 .Default Route Example Engineering 0.0.0.0.0.0.0.0.0/0 ip route 0.0.0 0.0.0.0.0/24 Entrance Static Route ISP 0.0.0/0 s0 10.0 0.0.0.0.0 serial 0 Entrance(config)# router ospf 1 Entrance(config-router)# network 10.0.255 area 0 Entrance(config-router)# network 11.0/24 Automatically Propagated 11.0.

00:11:44. Serial0 C 172.0/8 [110/782] via 172. 00:11:44.16.16.1.0/8 [110/20] via 172.1. 4 subnets. 3 masks O IA 172. Serial0 C 172.0.16.1.10.4/30 is directly connected. FastEthernet0 O E2 11. MANJU DEVARAJ 72 .1/32 [110/783] via 172. 00:11:44.16. redistributed into OSPF.16.16.51. FastEthernet0 • O = OSPF routes within the same area (intra-area routes) • 110/number = Administrative Distance/metric (cumulative 108/bandwidth) • E2 = Routes outside of the OSPF routing domain. FastEthernet0 O E1 12.0.16.0.0/16 is variably subnetted.16.10.16.1. FastEthernet0 O 172.0/24 [110/782] via 172. 00:12:29.1.20.0.0.6. – Default is E2 with a cost of 20 and does not get modified within the OSPF • O IA = OSPF routes from another area (inter-area routes) • E1 = Routes outside of the OSPF routing domain and get additional cumulative costs added on by each router. just like other OSPF routes.2.show ip route Router# show ip route 172.0/24 is directly connected.1.

show ip ospf Router#show ip ospf Routing Process "ospf 1" with ID 192.1 Supports only single TOS(TOS0) routes It is an area border router SPF schedule delay 5 secs.168. Minimum LSA arrival 1 secs Number of external LSA 3. Checksum Sum 0x97E3 Number of DCbitless external LSA 0 Number of DoNotAge external LSA 0 Number of areas in this router is 2.3. Hold time between two SPFs 10 secs Minimum LSA interval 5 secs. 2 normal 0 stub 0 nssa External flood list length 0 Area BACKBONE(0) Number of interfaces in this area is 1 Area has no authentication SPF algorithm executed 8 times <text omitted> Area 1 <text omitted> MANJU DEVARAJ 73 .

2.206.206. Wait 40.206. Wait 40. Retransmit 5 Hello due in 00:00:00 Neighbor Count is 1. Adjacent neighbor count is 1 Adjacent with neighbor 2.206. Network Type BROADCAST. Dead 40. Interface address 206.202.206 (Designated Router) Suppress hello for 0 neighbor(s) Serial0 is up. Router ID 1.202. Retransmit 5 Hello due in 00:00:04 Neighbor Count is 1. Area 1 Process ID 1.2. line protocol is up Internet Address 206. Area 1 Process ID 1. Timer intervals configured. Dead 40. Router ID 1.2.206 MANJU DEVARAJ 74 Suppress hello for 0 neighbor(s) .1 Timer intervals configured.202.2.202.2/24. line protocol is up Internet Address 206.1/24. Network Type POINT_TO_POINT.2 Backup Designated router (ID) 1. State POINT_TO_POINT. Adjacent neighbor count is 1 Adjacent with neighbor 2. Interface address 206. Hello 10.2. Cost: 64 Transmit Delay is 1 sec.202. Priority 1 Designated Router (ID) 2.2. State BDR.1.202.show ip ospf interface Router# show ip ospf interface Ethernet0 is up.2.202.202.202. Hello 10.0.2. Cost: 10 Transmit Delay is 1 sec.202.

202.0. we are the DR • DROTHER may be in FULL or 2 WAY state.2 Interface Ethernet0 Ethernet0 Ethernet0 Serial0 • In this example.202.202.202.0.4 206.202.206 Pri 1 1 1 1 State FULL/DROTHER FULL/BDR 2WAY/DROTHER FULL/ - Dead Time 00:00:33 00:00:32 00:00:30 00:00:32 Address 206.3 206.0.0. they will be in either FULL or 2WAY state but not both.202.show ip ospf neighbor RouterB#show ip ospf neighbor Neighbor ID 1.206 1.10. • Usually if there are multiple DROTHERs. MANJU DEVARAJ 75 .1 206.202.202.206 1.1.206 1. both cases are normal.5.2.

0.0.0.1 04:20:22: OSPF: Elect DR 200. We are the SLAVE 04:20:23: OSPF: Send DBD to 201.1 on FastEthernet0 seq 0x2657 opt 0x2 flag 0x7 len 32 mtu 1500 state EXSTART 04:20:23: OSPF: NBR Negotiation Done. state FULL • Displays adjacency information including Hello processing.” MANJU DEVARAJ 76 . authentication.0.1 04:19:46: OSPF: 2 Way Communication to 201.0. DR/BDR election.1 (Id) 04:20:23: OSPF: Rcv DBD from 201.0.0.20.1 on FastEthernet0 seq 0x2658 opt 0x2 flag 0x3 len 72 mtu 1500 state EXCHANGE <text omitted> 04:20:23: OSPF: Synchronized with 201.0.1 on FastEthernet0 seq 0x2657 opt 0x2 flag 0 x2 len 92 04:20:23: OSPF: Rcv DBD from 201.1 04:20:22: OSPF: Elect BDR 201.0.0.0.1 04:20:22: OSPF: Elect DR 200.0.168.0.0.0.0.0. and the “Steps to OSPF Operation.0.1 04:20:22: DR: 201.0.1 on FastEthernet0.0.0.1 (Id) BDR: 200.1 on FastEthernet0.0.0. state 2WAY 04:19:46: OSPF: End of hello processing <text omitted> 04:20:22: OSPF: end of Wait on interface FastEthernet0 04:20:22: OSPF: DR/BDR election on FastEthernet0 04:20:22: OSPF: Elect BDR 200.1 area 0 from FastEthernet0 192.debug ip ospf adj (adjacency) Router# debug ip ospf adj 04:19:46: OSPF: Rcv hello from 201.0.

1 08:00:56: OSPF: Mismatched hello parameters from 192. Hello R 10 C 5 Mask R 255.168.168. adjacencies.1 area 0 from FastEthernet0 192.255.20.1 08:00:56: Dead R 40 C 20. flooding information. • R = Received • C = Current (?) MANJU DEVARAJ 77 .255.2 52 • Shows much of the same information as debug ip ospf adj in the previous slide including.debug ip ospf events Router# debug ip ospf events 08:00:56: OSPF: Rcv hello from 201.255.0.252 C 255.255. and shortest path first (SPF) calculation. designated router selection.20. • This information is also displayed with debug ip ospf events.0.

Summary Net Link States (Area 0) Link ID ADV Router Age 172.3.168.1 937 Seq# Checksum Link count 0x80000003 0xCE56 2 0x80000003 0xFD44 3 Link states of any DRs in this area.1 States Age 1302 1303 78 Seq# Checksum Tag 0x80000001 0x3FEA 0 0x80000001 0x32F6 0 .1.16.168.0 192.1 912 Seq# Checksum 0x80000003 0x93CC Link states summaries of links external routes.168. Router Link States (Area 0) Link ID ADV Router Age 192.3.1 843 Seq# Checksum 0x80000005 0xD339 0x80000001 0xB329 Link states summaries of links outside this area.51.1 848 172.3.4.168.0.168.1. this is what the SPF uses.168. (No SPF) Type-5 AS External Link Link ID ADV Router 11.0 192.4.0.1 192.1.1 MANJU DEVARAJ 12.1 192.168.3.0 192.1 898 192.3.168.1) (Process ID 1) Link states within this area. (No SPF) Summary ASB Link States (Area 0) Link ID ADV Router Age 192.4.0.16.1 192.0.1 192.Later: show ip ospf database (summary of link state database) Internal#show ip ospf data OSPF Router with ID (192.1.168.168.168.

Review Required Commands: Rtr(config)# router ospf process-id Rtr(config-router)#network address wildcard-mask area area-id Optional Commands: Rtr(config-router)# default-information originate (Send default) Rtr(config-router)# area area authentication (Plain authen.OSPF Configuration Commands . cost) Rtr(config-if)# ip ospf hello-interval seconds (Modify Hello) Rtr(config-if)# ip ospf dead-interval seconds (Modify Dead) Rtr(config-if)# ip ospf authentication-key passwd (Plain/md5authen) Rtr(config-if)# ip ospf message-digest-key key-id md5 password MANJU DEVARAJ 79 .) Rtr(config)# interface loopback number (Configure lo as RtrID) Rtr(config)# interface type slot/port Rtr(config-if)# ip ospf priority <0-255> (DR/BDR election) Rtr(config-if)# bandwidth kbps (Modify default bandwdth) RTB(config-if)# ip ospf cost cost (Modify inter.) Rtr(config-router)# area area authentication message-digest (md5 authen.

Review Router# Router# Router# Router# Router# Router# Router# show ip route show ip ospf show ip ospf interface show ip ospf neighbor show ip ospf database debug ip ospf adj debug ip ospf events MANJU DEVARAJ 80 .OSPF Show Commands .

– A flapping link will affect an entire area.Issues with large OSPF nets • Large link-state table – Each router maintains a LSDB for all links in the area – The LSDB requires the use of memory • Frequent SPF calculations – A topology change in an area causes each router to re-run SPF to rebuild the SPF tree and the routing table. • Large routing table – Typically. Solution: Divide the network into multiple areas MANJU DEVARAJ 81 . – A larger routing table requires more memory and takes more time to perform the route look-ups. the larger the area the larger the routing table. – SPF re-calculations are done only for changes within that area.

are restricted within an area. • With this technique. routing still occurs between the areas (called inter-area routing). MANJU DEVARAJ 82 .OSPF uses “Areas” • Hierarchical routing enables you to separate large internetworks (autonomous systems) into smaller internetworks that are called areas. but many of the smaller internal routing operations. such as recalculating the database – re-running the SPF algorithm.

instead. ABRs relay routing information between areas via distance vector technique similar to RIP or IGRP. announcing multiple routes as a single inter-area route. OSPF uses link-state principles only within an area. SPF is not recalculated if the topology change is in another area. MANJU DEVARAJ 83 . Does OSPF recalculate its routing table when their is a topology change in another area? Show ip ospf displays no change in SPF execution. ABRs do not announce topological information between areas. The interesting thing is that OSPF distributes inter-area (between areas) topology information using a distance-vector method. only routing information is injected into other areas. This is why show ip ospf does not show a change in the number of times SPF has been executed when the topology change is in another area.An advantage of Multiple Areas • • • • • Question: I understand the routing table is recalculated every time the router receives an new version of an LSA. Note: It is still a good idea to perform route summarization between areas. This will hide any changes in one area from affecting routing tables in other areas. but show ip ospf database shows a change in the topology? Answer: Good question! OSPF areas are designed to keep issues like flapping links within an area.

OSPF uses “Areas” MANJU DEVARAJ Multi Area OSPF is discussed in CCNP 1 Advanced Routing 84 .

OSPF Router Types MANJU DEVARAJ 85 .

OSPF Router Types Internal: Routers with all their interfaces within the same area Backbone: Routers with at least one interface connected to area 0 ASBR: (Autonomous System Boundary Router): Routers that have at least one interface connected to an external internetwork (another autonomous system) ABR: (Area Border Router): Routers with interfaces attached to multiple areas. MANJU DEVARAJ 86 .

Manju Devaraj 87 .

flooding done per area – Try not to overload the ABRs • Different types of areas do different flooding – – – – Normal areas Stub areas Totally stubby (stub no-summary) Not so stubby areas (NSSA) .OSPF Design • One SPF per area.

OSPF Design • Redundancy – Dual links out of each area – using metrics (cost) for traffic engineering – Too much redundancy … • Dual links to backbone in stub areas must be the same – otherwise sub-optimal routing will result • Too much redundancy in the backbone area without good summarization will affect convergence in the area 0 .

OSPF for ISPs • OSPF features you should consider: – OSPF logging neighbor changes – OSPF reference cost – OSPF router ID command – OSPF Process Clear/Restart .

OSPF – Adding Networks • Redistribute connected subnet – Works for all connected interfaces on the router but sends networks as external types-2s – which are not summarized • router ospf 100 • redistribute connected subnets • Not recommended .

1. Interfaces that should not bet broadcasting Hello packets need a passiveinterface statement • router ospf 100 • network 192.168.1 0.0.0.3 area 51 • network 192.0.3 area 51 • passive interface Serial 1/0 .0.1.5 0.OSPF – Adding Networks • Specific network statements – Each interface requires an OSPF network statement.168.

OSPF – Adding Networks • The key theme when selecting which method to use is to keep the links-state DB as small as possible – Increases stability – Reduces the amount of information in the LSAs – Speeds up convergence time .

255.223 on Ethernet0 from LOADING to FULL. Loading Done .127.OSPF Logging Neighbor Changes • The router will generate a log message whenever an OSPF neighbor changes state • Syntax: • [no] ospf log-adjacency-changes • A typical log message: • %OSPF-5-ADJCHG: Process 1. Nbr 223.

When specified.Number of State Changes • The number of state transitions is available via SNMP (ospfNbrEvents) and the CLI: – show ip ospf neighbor [type number] [neighbor-id] [detail] • Detail—(Optional) Displays all neighbors given in detail (list all neighbors). neighbor state transition counters are displayed per interface or neighbor ID .

State Changes (Cont.) • To reset OSPF related statistics. use the clear ip ospf counters EXEC command. – clear ip ospf counters [neighbor [<type number>] [neighbor-id]] .

OSPF Cost: Reference Bandwidth • Bandwidth used in metric calculation – Cost = 10^8/BW – Not useful for BW > 100 Mbps but can be changed • Syntax: – ospf auto-cost reference-bandwidth <reference-bandwidth> • Default reference bandwidth is still100Mbps for backward compatibility .

the router ID is the highest IP address configured – danger! • Subcommand to manually set the OSPF router ID : – router-id <ip address> . that is used as the router ID in routing protocols stability! • If the loopback interface does not exist.OSPF Router ID • If the loopback interface exists and has an IP address. or has no IP address.

except in cases where a new router-id was configured. If no PID is given. it assumes all OSPF processes. it assumes all OSPF processes • clear ip ospf [pid] counters –This command clear counters based on OPSF routing process ID.OSPF Clear/Restart • clear ip ospf [pid] redistribution –This command can clear redistribution based on OSPF routing process ID. or an old user configured router-id was removed. It attempts to keep the old routerid. It requires user confirmation because it will cause network churn. . If no PID is given. it assumes all OSPF processes • clear ip ospf [pid] process –This command will restart the specified OSPF process. If no PID is given.

Redistributing Routes into OSPF – ROUTER OSPF <pid#x> – REDISTRIBUTE {protocol} <as#y> – <metric> – <metric-type (1 or 2) – <tag> – <subnets> – .

OSPF Router Sub-Commands • • • • • • NETWORK <n.n.. AREA <area-id> RANGE <address mask> ..n.n> <mask> AREA <area-id> AREA <area-id> STUB {no-summary} AREA <area-id> AUTHENTICATION AREA <area-id> DEFAULT_COST <cost> AREA <area-id> VIRTUAL-LINK <router-id>.

Interface Sub-Commands • • • • • IP OSPF COST <cost> IP OSPF PRIORITY <8-bit-number> IP OSPF HELLO-INTERVAL <number-of-seconds> IP OSPF DEAD-INTERVAL <number-of-seconds> IP OSPF AUTHENTICATION-KEY <8-bytes-of-password> .

All routers in an area maintain an identical topological database. or 5. type 5 LSAs are replaced by a default route • Totally stubby area . • Standard area • Stub area .Will not accept external routes (type 5 LSAs).Stub areas which contain one or more ASBRs. 4. Manju Devaraj 103 . Cisco proprietary • Not-so-stubby area (NSSA) . routes are replaced by the ABR with a default route.Will not accept LSAs of type 3. ASBRs in a NSSA generate type 7 LSAs which are then converted to type 5 by the ABR All areas must be attached to area 0 (the backbone area) through either an ABR or a virtual link.OSPF Area Types OSPF Area Types Areas are defined to logically segment a network and reduce routing table size and complexity.

Inter-area Filtering Manju Devaraj 104 .

(Don't forget to re-establish neighbor adjacencies afterward so that the new policy takes effect.0.R3(config)# ip prefix-list Deny_Test_Route deny 192.0.0/0 le 32 R3(config)# ip prefix-list Deny_Test_Route deny 192.0.2.0/24 le 32 R3(config)# ip prefix-list Deny_Test_Route permit 0.0/0 le 32 The area filter-list statement below tells the router to apply our prefix list to routes being distributed out of area 10.0/24 le 32 R3(config)# ip prefix-list Deny_Test_Route permit 0.0.) After filtering Manju Devaraj 105 .2.0.0.

OSPFv2 versus OSPFv3 Manju Devaraj 106 .

you need to consider the delay time for sending LSAs on interfaces. z Configure OSPF authentication to meet high security requirements of some mission-critical networks. z Configure OSPF network management functions. such as binding OSPF MIB with a process. sending trap information and collecting log information.Configuring OSPF Network Optimization You can optimize your OSPF network in the following ways: z Change OSPF packet timers to adjust the OSPF network convergence speed and network load. Manju Devaraj 107 . z Change the interval for SPF calculation to reduce resource consumption caused by frequent network changes. On low speed links.

OSPFv2 versus OSPFv3 Manju Devaraj 108 .

Thank You Experience the power of Knowledge Manju Devaraj 109 .