ROUTE Course

OSPF

OSPF FEATURES

OSPF is an open standards routing protocol

This works by using the Dijkstra algorithm

OSPF provides the following features:

Minimizes routing update traffic

Allows scalability (e.g. RIP is limited to 15 hops)

Has unlimited hop count

Supports VLSM/CIDR

Allows multi-vendor deployment (open standard)

OSPF Tables

There are three type of tables

Neighbor

Topology

Routing

Areas Reasons and Features

A larger topology database requires more memory on

each router.

Processing the larger topology database with the SPF

algorithm requires more processing power

A single interface status change, anywhere in the

internetwork forces every router to run SPF again.

A router can be a member of more than one area (ABR)

All routers in the same area have same topology database

When multiple areas exist, there must always be an area 0

(the backbone) to which other areas connect

OSPF Area

Autonomous System Border Router (ASBR)

ROUTER ID The Router ID (RID) is an IP address used to identify the

router

Cisco chooses the Router ID by using the highest IP

address of all configured loopback interfaces

If no loopback interfaces are configured with addresses,

OSPF will choose the highest IP address of all active

physical interfaces.

You can manually assign the router ID.

The RID interface MUST always be up, therefore loopbacks

are preferred

OSPF PACKETS Data Field of the OSPF packet contents depend on the OSPF

packet type:

• Hello packet: Contains a list of known neighbors.

• DBD packet: Contains a summary of the LSDB, which includes all known router IDs and their last sequence number, among several other fields.

• LSR packet: Contains the type of LSU needed and the router ID of the router that has the needed LSU.

• LSU packet: Contains the full LSA entries. Multiple LSA entries can fit in one OSPF update packet.

• LSAck packet: This data field is empty.

OSPF PACKETS

Hello: Discovers neighbors and builds adjacencies between them

Database Description (DBD):

Checks for database synchronization between routers

Link-state request (LSR): Requests specific link-state records from another router

LSU: Sends specifically requested link-state records

LSAck: Acknowledges the other packet types

Hello Packet Information • Router ID: 32-bit

• Hello and dead intervals: must be the same on neighboring routers (must match)

• Neighbors: list of adjacent routers

• Area ID: Contains the full LSA entries. Multiple LSA entries can fit in one OSPF update packet (must match)

• Router Priority: 8-bit

• DR and BDR IP Addresses

• Authentication Password: (must match)

• Stub Area Flag: (must match)

Network Types Point-to-point

Broadcast mutliaccess

Non-Broadcast Multiaccess (NBMA)

The contents of the LSA (excluding the LSA header) have changed

OSPF over L2 and L3 MPLS VPN

DR and BDR have been selected, any router added to the

broadcast network establishes full adjacencies with the DR

and BDR only

Neighbor Adjacency States

Router A send hello on LAN .

All connected routers add A on list of neighbors (init state)

All routers received Hello send unicast reply to A with corresp. Info and list on their neighbors inc. A

A adds the received neighbors IDs on table (2-way state)

Discovering Network Routes in BC domain

After DR and BDR selected:

Master-slave relationship higher RID is the Masters (Exstart state)

Master & slave exchange DBD packets (Exchange state)

DBD is LSA entries header (link-state type, Addr. Of Advertising router, link cost, Seq. No.)

Discovering Network Routes in BC domain

When receive DBD:

Router Ack the DBD using LSAck

Compare received info with its LSDB, send LSR for newest LSA (Loading state)

Other router replies with complete info about requested entry using LSU

Router Ack the received LSU

Router adds new LSAs into LSDB (Full state)

Attempt state for NBMA

Link-State Advertisement “LSA”

LSAs advertised to routers with split-horizon rule

Each LSA entry has aging timer in age field of LSA (def. 30min)

Router originated the entry resends the LSA with higher seq. no. in LSU to verify link still active

LSA discarded when LSA reach its maxage (60 min)

LS entry must be refreshed every 30 min

LINK-STATE UPDATE “LSU” OPERATION

SPF Recalculation

SFP triggered when any of the following happen:

The LSA’s Options field has changed

The LSA’s LS age is set to maxage

The Length field in the LSA header has changed

The contents of the LSA (excluding the LSA header) have changed

An SPF calculation is performed separately for each area

in the topology database.

Adjacency for NBMA Network DR &BDR needs full L2 connectivity with routers in NBMA

Several OSPF configuration choices are available for FR network depending on network topology:

Nonbroadcast: B/DR are elected, neighbors are manually config

Point-to-multipoint: B/DR not req., multicast hello auto neighbors disc.

Point-to-multipoint nonbroadcast: B/DR not req, manual neighbors config

Broadcast: B/DR are elected, multicast hello auto neighbors disc.

Point-to-point: no B/DR, differ. IP subnets

Point-to-point needs less configuration, nonbroadcast less traffic

overhead

R(config-if)#ip ospf network {broadcast | non-broadcast | point-to-

multipoint [non-broadcast] | point-to-point}

NBMA Mode Configuration

Fully meshed topology DR & BDR are elected

Not Fully meshed DR & BDR are manually selected

DR & BDR should have full connectivity with all routers

LSUs are replicated for each PVC

Configure nonbroadcast mode by:

Manually configuring neighbors in DR and BDR

Define OSPF network type as nonbroadcast

neighbor ip-address [priority number] [poll-interval number] [cost

number] [database-filter all]

Point-to-multipoint Mode Configuration

Not full-mesh topology

OSPF treats this mode as several point-to-point links

No static neighbor configuration, multicast hello discover neighbors

Duplicated LSA packets

Hello interval 30 sec, and dead interval 120 sec

One IP subnet

Point-to-multipoint Nonbroadcast Mode Configuration

Used when no broadcast and multicast

OSPF treats this mode as several point-to-point links

No automatic neighbor discovery, so must use static neighbor configuration

Bandwidth for each neighbor can be defined

Hello interval 30 sec, and dead interval 120 sec

One IP subnet

OSPF over Frame Relay Subinterface Configuration

Point-to-point subinterface:

Each VC gets its own subinterface

No DR and BDR, automatic neighbor discovery

Point-to-multipoint subinterface:

Nonbroadcast id the default mode

LSA Types

LSA type 1: Router LSA

LSA type 2: Network LSA

LSA type 3 : Summary LSA

LSA type 4: ASBR

LSA type 5: AS External LSA

LSA type 6: Multicast OSPF LSA (not supported by Cisco)

LSA type 7: LSA for NSSA

LSA type 8: External Attributes for BGP (Not supp. by Cisco)

LSA type 9, 10, 11: Opaque LSA (future upgrades)

LSA Type 1 link type is defined by

(1,2,3, or 4)

Link ID: what is on the other end of the link which depends on link type

Link data: IP address of the link, or subnet mask in case of stub network

Type 1 LSA includes the OSPF cost for each link, and whether the router is an ABR or ASBR

Link ID Field Contents Decription

Link

Type

Neighbor RID Point-point 1

DR’s interface address Transit Network 2

IP network/subnet Stub network 3

Neighbor RID Virtual link 4

LSA Type 2

Transit Network has at least 2 directly attached OSPF routers

LSA type 2 list all attached routers, DR, and subnet mask

DR is responsible for advertising Network LSA

Link-state ID is the IP address of DR

LSA Type 3 Advertises networks for an area to the rest of areas

Type 3 summary LSA is advertised into the backbone area for every subnet defined in the originating area

Manual summarization at ABR should be considered

Receiving type 3 LSA does not cause router to run SPF

To summarize inter-area, IOS a creates summary route to null 0: area area-id range address mask [advertise | not-advertise] [cost

cost]

Link-state ID is destination network number (summary network)

LSA Type 4

Generated by an ABR only when an ASBR exists within an area

It identifies the ASBR and provide a route to it.

ASBR send type 1 LSA with external bit(e bit) is set

ABR generate type 4 LSA and floods it to backbone area and into their area

Link-state ID is ASBR ID

LSA Type 5 Describe a routes networks outside the OSPF AS

To reduce flooding of LSAs for external networks, summarization should be considered at ASBR

Link-state ID is the external network number

To manually summarize external routes:

summary-address ip-address mask [not-advertise] [tag tag]

Types of OSPF Routes

description Route Designator

Networks within the area advertised by

router and network LSAs OSPF intra-area (router

LSA) and network LSA O

Networks from outside area and within

AS advertised by summary LSAs OSPF interarea

(summary LSA) O IA

Networks from outside AS advertised

by way of external LSAs.) Type 1 external routes O E1

Networks from outside AS advertised

by way of external LSAs. Type 2 external routes O E2

E1: adding external cost to internal cost (when multiple ASBRs, E2 the cost in only the external cost

PROPAGATE DEFAULT ROUTE

default-information originate

when configured on a OSPF router it becomes an ASBR, the router already has a default route

When use always keyword to the command it advertise regardless whether the router already has default route

default-information originate [always] [metric metric-value] [metric-type

type-value] [route-map map-name]

The default metric value for type of interfaces is “1”

VIRTUAL LINKS A virtual link allows discontiguous area 0s to be connected, or a

disconnected area to be connected to area 0, via a transit area.

It cannot go through more than one area, nor through stub areas.

LSA on virtual link does not age out (DoNotAge DNA)

To configure virtual link: area area-id virtual-link router-id [authentication [message-digest | null]] [hello

interval seconds] [retransmit-interval seconds] [transmit-delay seconds] [dead-

interval seconds] [[authentication-key key] | [message-digest-key key-id md5 key]]

SPECIAL AREA TYPES

Standard Area: Default area link updates, route summaries, and external routes

Backbone Area: area 0, all other areas connected to this area

Stub Area: don’t accept external routes

Totally Stubby Area: don’t accept external routes but can send a packet to external using a default route, no ASBR. (Cisco proprietary)

Not so-stubby area (NSSA): don’t accept external information but instead use default route, but can allow ASBR and use type 7 LSA

Totally Stubby NSSA: Allows ASBR and does not accept external routes or summary routes

STUB OR TOTALLY STUBBY AREA

There is a single exit point from that area; or if there are multiple exits, one or more ABRs inject a default route into the stub area and suboptimal routing paths are acceptable.

All OSPF routers inside the stub area, incl. ABRs, are configured as stub routers before they become neighbors and exchange routing information. Hello packets contains stub area flag

The area is not used as a transit area for virtual links, no ASBR is inside the area, and not a backbone area (area0)

Type 4 and 5 LSAs not permitted to flood into stub area

Type 3, 4 and 5 LSAs are not permitted to flood into totally stubby area

STUB OR TOTALLY STUBBY AREA

To configure stub area:

area area-id stub

area area-id default-cost cost “to change the default route cost, configured on ABR”

To configure totally stubby area:

area area-id stub [no-summary]

area area-id default-cost cost “to change the default route cost configured on internal routers”

NOT-SO-STUBBY AREA “NSSA”

ASBR exits on area generate type 7 LSA into area with propagate bit (P) to avoid propagation loop between NSSA and BB.

NSSA ABR translates the type 7 LSA to Type 5 LSA

ABR sends default route into NSSA instead of external routes

Routers in NSSA set N-bit to confirm the support for NSSA. This option checked during neighbor discovery

Type 7 LSA described in routing table by “O N1” or “O N2”

To configure the NSSA area

Area area-id stub nssa [no-redistribution] [default-information originate] [metric metric] [metric-type value] [no-summary]

When use keyword [no-summary] totally stubby NSSA is configured

ROUTE FILTERING

No route filtering permitted inside area due to LSDB convergence

Route filtering can be applied for:

Type 3 LSAs on ABR

Type 5 LSAs on ASBR “Route redistribution”

Filtering OSPF routes when adding to IP routing table

TYPE 3 LSA FILTERING

No route filtering permitted inside area due to LSDB convergence

area number filter-list prefix name in | out

ip prefix-list {name | number} {seq number} {deny | permit} netowrk/length [ge value] [le value]

Example:

ip prefix-list filter-into-area-34 seq 5 deny 10.16.3.0/24

ip prefix-list filter-into-area-34 seq 10 permit 0.0.0.0/0 le 32

router ospf 1

area 34 filter-list prefix filter-into-area-34 in

FILTERING OSPF ROUTES ADDED TO ROUTING TABLE

Don’t affect LSAs, LSDB flooding process, and SPF calculation

It is enabled by using “distribute-list in” in OSPF subcommand

It filter the routes from being added to router’s IP routing table

Routes match ACL statement with permit are added to routing table while that match deny are filtered

“interface interfaceNo” can be used to compare parameters to the route’s outgoing interface

Example:

ip prefix-list filter-1 seq 5 deny 10.16.1.0/24

ip prefix-list filter-1 seq 10 permit 0.0.0.0/0 le 32

router ospf 1

distribute-list prefix filter-1 in

OSPF Authentication

By default OSPF do not use authentication

Two methods: simple password, MD5

To configure simple authentication:

Router(config-if)# ip ospf authentication

Router(config-if)# ip ospf authentication-key password

Router(config-router)# area area-id authentication

To configure MD5 authentication:

Router(config-if)# ip ospf authentication [message-digest|null]

Router(config-if)# ip ospf message-digest-key key-id md5 key

You must configure:

service password-encryption

PLANNING FOR OSPF

IP Addressing Plan

IP subnets and addressing plan considering summarization

Network Topology

Detailed network topology include link types, backup links, stub areas, redistribution

OSPF Areas

LSDB table size should be considered when dividing networks into areas, ABR and ASBR routers should be identified

OSPF routing parameters (times, areas, authentication, RID, …) should be determined