OSPF - Link State
WHY OSPF IS BETTER THAN RIP
The following is a list of reasons OSPF is considered a better routing protocol than RIP:
OSPF has no hop count limitations. (RIP has 15 hops only.)
OSPF understands variable-length subnet masks (VLSMs) and allows for summarization.
OSPF uses multicasts (not broadcasts) to send updates.
OSPF converges much faster than RIP, because OSPF propagates changes immediately.
OSPF allows for load balancing with up to six equal-cost paths.
OSPF has authentication available. (RIPv2 does also, but RIPv1 does not.)
OSPF allows for tagging of external routes injected by other autonomous systems.
OSPF configuration, monitoring, and troubleshooting have a far greater IOS tool base than RIP.
OSPF OPEN SHORTEST PATH FIRST
Most popular link state routing protocol.
An open standard so it can be run on routers produced by different vendors
Contrast to EIGRP, a Cisco proprietary protocol that can be run only on Cisco devices.
It is classless, supports VLSM, Manual route summarization, incremental updates, equal cost load balancing, etc.
It uses a single parameter – the interface cost as metric.
It uses multicast addresses of 224.0.0.5 and 224.0.0.6 are for the communication between OSPF-enabled routers.
Default administrative distance for OSFP routes is 110.
OSPF OVERVIEW
OSPF need to establish the neighbor relationship before exchanging routing updates.
OSPF is a link state routing protocol, neighbors don’t exchange eouting tables; instead, they exchange information about network topology.
Each OSFP router runs the SFP algorithm to calculate the best routes and adds those to the routing table.
Each router knows the entire topology of a network, a chance for a routing loop to occur is minimal.
OSPF routers stores routing and topology information in three tables:
Neighbor Table - keeps information about OSPF neighbors.
Topology Table - keeps the topology structure of the network.
Routing Table - keeps the best routes.
OSPF Neighbor Discovery - HELLO PACKET
Routers running OSPF need to establish a neighbor relationship before exchanging routing updates.
OSPF neighbors are dynamically discovered by sending Hello packets out each OSPF-enabled interface on a router.
Hello packets are sent to the multicast IP address of 224.0.0.5. If the two neighbors have compatible OSPF parameters listed in the Hello packets, the neighbor relationship will be formed.
By default, Hello packets are sent out every 10 second on an Ethernet network (this interval is known as the Hello interval).
A Dead interval is four times the value of the Hello interval, so if a router on an Ethernet network doesn’t receive at least one Hello packet from an OSFP neighbor for 40 seconds, the routers will declares that neighbor to be down.
Routers first exchange hellos and become neighbors.
Then they decide to form adjacencies.
An adjacency is a state where two routers agree to exchange LSAs (link state advertisements).
The LSA exchange between any two routers will populate their link state databases.
At this point both routers will have the same copy of the link state database for the particular area.
Then the routers will individually run SPF (Dijkstra Shortest Path First algorithm) against the recently populated link state database to determine the shortest path between the calculating router and all other routers in the network. You can think of the link state database as your input to the Dijkstra SPF algorithm (program).
Because all routers run the same calculation on the same data (same link state database), every router has the same picture of the network, and packets are routed consistently at every hop.
In summary, database is you input to SFP.
LSAs for to a missing neighbor will be removed and SFP will run again against your new database without the old LSAs (possibly with some new replacement LSAs)
Yes ip ospf process will trigger a new calculation.
Fields in the OSPF Hello packets must be agreed on the following parameters (the same on both routers in order for routers to become neighbors):
Same Subnet (must be able to ping both router interface where OSPF will be established)
Area ID
Hello Interval and Dead Interval timers
Authentication (if used)
Area stub flag (Area Type Stub, NSSA)
Router ID must be unique
MTU
OSPF Multicast Address
224.0.0.5 - All OSPF Routers
224.0.0.6 - OSPF DRs
OSPF AREA
OSPF uses areas to simplify administration: optimize traffic and resource utilization.
An area is a logical grouping of contiguous networks and routers.
All routers in the same area have the same topology table and don’t know about routers in the other areas.
The main benefits of using areas in an OSPF network are:
The routing tables on the routers are reduced.
less time is required to run the SFP algorithm, since routers need to recalculate their link-state database only when there’s a topology change within their own area.
routing updates are reduced.
Each area in an OSPF network must be connected to the backbone area (area 0).
All routers inside an area must have the same area ID in order to become OSPF neighbors.
A router that has interfaces in more than one area (area 0 and area 1, for example) is known as an Area Border Router (ABR).
A router that connects an OSPF network to other routing domains (to an EIGRP network, for example) is called an Autonomous System Border Routers (ASBR).
OSPF Router ID (RID)
The router is known to OSPF by the router ID number
The Router ID is used in the LSDBs to differentiate one router from the next
OSPF requires at least one active interface with an IP address
By Default, the Router ID is :
The highest IP address on an active interface at the moment of OSPF process startup
If a loopback interface exists, the highest IP address on any active loopback interface, A loopback interface overrides the OSPF Router ID
The OSPF Router-ID command can be used to override the default OSPF router ID selection process
Using a loopback interface or Router-ID command is recommended for stability
The process ID is the ID of the OSPF process to which the interface belongs.
The process ID is local to the router, and two OSPF neighboring routers can have different OSPF process IDs.
Router Boot process ( POST, Load IOS, Bring up Interfaces, OSPF Process
OSPF can use Physical Interface IP as the Process ID, Loopback IP or Router ID
Physical Interface can be unreliable because it can be down
Highest IP used as a tie breaker in the DR election
Loopback Address Logical Interface, more reliable then physical Interface,
Router ID – hard code process, appears in log messages.
use "config-router# router-id" command
use highest up/up loopback address
use highest up/up non-loopback address
OSPF LSA - Link State Advertisements
The LSAs (Link-State Advertisements) are used by routers running OSPF to exchange topology information.
An LSA contains routing and topology information that describe a part of an OSPF network.
Routers exchange LSAs and learn the complete topology of the network until all routers have the exact same topology database.
When two neighbors decide to exchange routes, they send each other a list of all LSAa in their respective topology database.
Each router then checks its topology database and sends a Link State Request (LSR) requesting all LSAs not found in its topology table.
The other router responds with the Link State Update (LSU) that contains all LSAs requested by the neighbor.
OSPF LSA - Link State Advertisements TYPES
Type 1 LSA aka Router Link Advertisement RLA
Type 1 LSA is sent by every router to other routers in its area.
It contains the router ID RID, interfaces, IP information, and current interface state.
Note that Type 1 LSAs are flooded only across their own area.
Type 2 LSA aka Network Link Advertisement NLA
Type 2 LSA is generated by designated routers DRs to send out information about the state of other routers that are part of the same network.
Type 2 LSAs are flooded across their own area only.
Type 3 LSA aka Summary Link Advertisement SLA
Type 3 LSA is generated by area border routers (ABRs) and sent toward the area external to the one where they were generated.
It contains the IP information and RID of the ABR that is advertising an LSA Type 3.
Type 4 LSA informs the rest of the OSPF domain how to get to the ASBR.
The link-state ID includes the router ID of the described ASBR.
Type 5 LSA aka AS External Link Advertisements,
A Type 5 LSA is sent by autonomous system boundary routers (ASBRs) to advertise routes that are external to the OSPF autonomous system and are flooded everywhere
LSA Types
Router - one per router; listing RID and all interface ip addresses; also represents stub networks
Network - one per transit network; created by DR on subnet; represents the subnet and router interfaces
Net Summary - created by ABRs; represent area's type 1 & 2 LSAs into another area
ASBR summary - like type 3; advertises host route to reach each ASBR
AS external - created by ASBR; for externals routes injected into OSPF
Group membership - defined for MOSPF; not supported by Cisco
Not-so-stubby-area external - created by ASBRs inside NSSA area instead of type 5
External attributes - not implemented in Cisco routers
-11. Opaque - used as generic LSAs for future expansion
MESSAGES
Hello - discover neighbors; heartbeat
Database Description (DD) - exchange brief LSA headers
Link-state Request (LSR) - request full details of LSAs
Link-state Update (LSU) - contains fully detailed LSAs
Link-state Acknowledgement (LSAck) - confirm LSU
OSPF DR / BDR - Designated Router and Back up Designated Router
OSPF router can elect one router to be a designated router (DR) and one router to be a backup designated router (BDR).
On multiaccess broadcast networks (such as LANs) routers defaults to elect a DR and BDR. DR and BDR are elected to minimize the number of adjacencies formed and to serve as the central point for exchanging OSPF routing information.
On point-to-point links, the DR and BDR are not elected since only two routers are directly connected.
Each non-DR or non-BDR router will exchange routing information only with the DR and BDR, instead of exchanging updates with every router on the network segment.
DR will then distribute topology information to every other router inside the same area. The backup designated router (BDR) serves as a hot standby for the DR.
It receives all routing updates from OSPF adjacent routers, but it will not disperse LSA updates.
To send routing information to a DR or BDR, the multicast address of 224.0.0.6 is used.
A DR sends routing updates to the multicast address of 224.0.0.5. If the DR fails, the BDR will take its role of redistributing routing information.
OSPF AREA TYPE
Backbone - Area 0
Stub - Blocks external routes (no LSA type 5; ABR is default gateway)
area <area-id> stub
Totally Stubby - Blocks external routes and routes of other areas (no LSA type 3,5; ABR is default gateway)
area <area-id> nssa no-summary
Not-so-stubby (NSSA) - no LSA type 5; can create type 7
area <area-id> nssa
Totally NSSA - no LSA type 3, 5; can create type 7
area <area-id> stub no-summary.
OSPF Requesting, Getting and Acknowledging LSA
After [Database Description (DD)] - exchange brief LSA headers exchange of LSA headers, router will request full copies of LSAs that it needs
Compares sequence numbers in local LSADB with headers in DD
Sequence numbers start with 0x80000001, wrap around to 0x7FFFFFFF and re-flood at 0x80000000
Acknowledgements
Sends the same packet back
LSAck Message - list of LSA headers that be acknowledged
DR Election
Occurs after routers have become neighbors, before DD packets
If Hello says DR is 0.0.0.0 (means no DR has been elected yet)
Then routers wait a little longer for others to initialize (OSPF wait time; same value as dead timer)
Rules
If priority is set, routers put their own RID in their Hello messages
Others examine Hellos, look at the priority
If a router receives better priority, it replaces the RID in it's Hello messages with the better one
Highest priority is considered better
If a router doesn't want to be a DR but still have a high priority, then it will become a BDR
Late routers don't count
If a DR fails, its replaces by the BDR and a election for a new BDR starts
Network Types
Broadcast - DR & BDR; hello 10; 3+ hosts
Point-to-Point - No DR or BDR, only 224.0.0.5; hello 10
NonBroadcast-MultiAccess (NBMA) - Neighbors configured statically (unicast); hello 30; 3+ hosts
Point-to-Multipoint - No DR or BDR (multicast & broadcast); hello 30; 3+ hosts
Point-to-point Nonbroadcast - hello 30; neighbor command; 3+ ho
OSPF - propagetes LSA rather than Routing table updates
LSA - (Link State Advertisements) Floods All OSPF routers in the Area
OSPF Link State database is pieced together LSA generated by by the OSPF routers
SPF algorithm to calculate the shortest path to destination based by
LINK = router interface
STATE = description of an interface and its relationship to neighboring routers
OSPF Hierarchical routing consist of AREAs and Autonomous systems AS
it minimized routing update traffic
SPF Shortest Path First algorithm places each router at the root of a tree and calculate the shortest path to each destinations based on cumulative cost Cost = 10^8/Bandwidth (bps)
Advertised Loopback interfaces is in routing table, can ping and uses address spaceRouter-ID number by which router is known by OSPFDefault the highest IP address on the active interface at the moment of OSPF process startupoverwritten by loopback interface: highest IP address of any active loopback interface.
Configuring Single Area OSPFRouter(config)#router ospf process-idRouter(config-router)#network address mas area area-ID
Defines OSPF as the IP routing protocolsAssigns networks to a specific OSPF area
Key CharacteristicsType: Link StateAlgorithm: Dijkstra’s (Shortest Path First) AlgorithmStandard: RFC 2328Administrative Distance: 110Metric: CostProtocol/Protocol Number: IP/89Authentication: Yes (MD5 and Plain Text)Supports VLSM and Route SummarizationSupport for IPv6 (RFC 2740)Fast Convergence
Router ID (RID)Router ID must be configured before an OSPF process could be started.Cisco Routers uses the following criteria to select a router ID:1. RID configured with “router-id” command2. If manual RID not configured, select the highest number IP address on any loopback interface in “up/up” state3. If loopback interfaces not configured, select the highest number IP address on any non-loopback interface in “up/up” state
Metric CalculationCost = 100 Mbps / Link SpeedOSPF cost can be modified in three ways:1. (config-if)#ip ospf cost2. (config-if)#bandwidth3. (config-router)#auto-costreference-bandwidth
Router Types
Internal Router: whose (all) interfaces resides within the same area
Backbone Router: A router that resides in the backbone area
Area Border Router: an ABR connect two or more Areas
ASBR: Autonomous System Boundary Router or an
ASBR connects an external routing domain to an OSPF routing domain
OSPF Neighbor States
Down: Previously known neighbor has failed
Init: an interim state in which Hello has been heard from the neighbor but that Hello does not list the local router’s RID
Two-way: the neighbor has sent a Hello that lists the local router’s RID in the list of seen routers
Full: Both routers complete the database exchange process and have identical LSDB. Fully adjacent
Route Types and Preference
Intra-Area Routes: A route to a network in the same
area as the router. Denoted by “O” in the routing table.
Inter-Area Routes: A route to a network in another area as the router. Denoted by “O IA” in the routing table
External Route: A route to network that is external to the OSPF routing domain. Denoted by ‘E1’ or ‘E2’ in therouting table.
Routes Preference:
1. Intra-Area (O) > Inter-Area (O IA)2. Inter-Area (O IA) > External Type-1 (E1)3. External Type-1 (E1) > External Type-2 (E2)
AREA
OSPF runs SPF algorithm and requires a lot of processing power and memory. If the size of network is too large this could cause slower convergence and can lead to following problems:
More memory is required to maintain the link state database
More processing power is required to process the link state database
The links state database grows exponentially with the size of OSPF domain
A single change in network topology (for example: link up/down) would trigger all routers to re-run the SPF (again) to calculate the shortest path
To cope with these problems, areas are configured. There are two basic types:
Backbone Area or Area 0: All other area must be connected to area 0
Non-backbone Area: any other area with area-id other than zero
Timers
Hellos are sent to multicast address: 224.0.0.5 (ALLSPFRouters)
Broadcast Multi-access = 10 seconds
Point-to-Point & NBMA = 30 seconds
Dead Timer = Four Times the hello interval
Broadcast = 40 seconds
NBMA and P2P = 120 seconds
To change hello and dead intervals use the command
‘config-if)# ip ospf hello-interval seconds’ and
‘config-if)# ip ospf dead-interval seconds’
Designated Router (DR) / Backup DR (BDR) Election
There are two problems with multi-access networks:
For “N” routers, it requires “N(N-1)/2” adjacencies
Flooding of this excess LSAs would be chaotic itself for the network. DR/BDR addresses the challenge of adjacency creation and LSA flooding on multi-access networks only No election on P2P and P2MP network type.
The following criteria is used for DR/BDR election:
Router with highest interface priority is elected as DR
Any other router with second highest priority is elected as BDR
If priority is equal, highest RID is used as tie-breaker
The DR/BDR election is held between two or more neighbors who reach the TWO-WAY state
The priority ranges from 0-to-255 and default value is 1
Priority of 0 means that router will not take part in DR and BDR election
DR is never preempted even if a router with better priority is present. Manual reset is required for preemption If a router becomes active and it checks for an active DR and BDR on the network.
If there already is an active DR and BDR on the segment, the new router simply accepts them.
If there is not, then an election is held for DR/BDR selection After the DR/BDR have been elected, the other router known as DROthers establish adjacencies with DR and BDR only Neighbors are still tracked on multicast address: 224.0.0.5 but DROthers multicast updates to AllDRRouters address: 224.0.0.6.
Only DR and BDR listen to this address and DR in-turn flood updates to DROthers on 224.0.0.5
DR/BDR is property of a router’s interface not the router itself
Virtual LinksIt is link through non-backbone area to backbone area. Used to connect:
An area to backbone area through non-backbone area
A partitioned backbone area through non-backbone area
Rules:1. A virtual link can only be configured between ABRs
2. The transit area must have full routing information and it cannot be stub
Configuration
Basic
config# router ospf 1
config-router# log-adjacency-changes detail
config-router# ip ospf priority 255
config-router# router-id 1.1.1.1
config-router# network 172.16.2.0 0.0.0.255 area 0 (any interface that matches the ip address will run ospf)
config-router# area 0 range 172.16.0.0 255.255.0.0 (ABR injects internal router summaries)
config-router# summary-address 172.30.0.0 255.255.0.0 (configured an ABR for external router summaries)
config-router# area 2 stub (configures an ABR and Internal Routers for a stub area)
config-router# area 3 stub no-summary (configures an ABR in a totally stubby area, internal routers should be configured as stub)
Alternative to Network Command
config-if# ip ospf 1 area 3 (ospf AS and area number on each interface)
RIP Redistribute
config# router ospf 1
config-router# network 172.30.0.0
config-router# redistribute rip metric 1000 metric-type [1|2] subnets (1= metric increments; 2 = no increment)
config# router rip
config-router# redistribute ospf 1 metric 10
NonBroadcast MultiAccess Mode
config-subif# ip ospf priority 0...255 (0 = not DR/BDR; 255 = DR/BDR)
config-router# neighbor 170.100.100.2 (need to configure only one direction; used when nonbroadcast)
config-if# frame-relay map ip 170.100.100.3 201 broadcast (need to configure on both ABRs to communicate even though routes have been learned)
Point-to-Multipoint
config-subif# ip ospf network point-to-multipoint (need to configure on both directions)
Timer Configuration
config-subif# ip ospf hello-interval 30
config-subif# ip ospf dead-interval 30
config-subif# ip ospf dead-timer minimal hello-multiplier 4
config-subif# ip ospf retransmit-interval
Virtual Links
for areas not directly connected to backbone
middle router becomes ABR with full copy of area 0's LSDB
config-router# area 1 virtual-link 1.1.1.1 (use router id; links two ABRs)
Redistribution Using Tags and ACLs
config# route-map eigrp2ospf
config-route-map# match ip address 20 (ACL 20 to allow)
config-route-map# set tag 10 (sets a tag of 10 to whatever matches this route map)
config# router ospf 1
config-router# redistribute eigrp 10 metric 100 subnets route-map eigrp2ospf
config# router eigrp 10
config-router# redistribute ospf 1 metric 1500 0 255 1 1500 route-map ospf2eigrp
config# route-map ospf2eigrp
config-route-map# match tag 5
config# route map ospf2eigrp 20 (sequence number 20; start is 10)
config-route-map# match route-type internal
Inject Default Route into OSPF Domain
config-router# default-information originate always (configure this router as the gateway of last resort)
Authentication and VirtualLinks
config-router# area 0 authentication message-digest
config-subif# ip ospf message-digest-key 1 md5 WORD
config-router# area 1 virtual-link 6.6.6.6 message-digest-key 1 md5 WORD
View/Debug Commands
show ip ospf interface
show ip ospf database
show ip ospf database network (lsa type 2)
show ip ospf database router (lsa type 1)
show ip ospf database summary (lsa type 3)
show ip ospf database asbr-summary (lsa type 4)
show ip ospf database external (lsa type 5)
show ip ospf database nssa-external (lsa type 7)
show ip ospf virtual-links
show ip ospf border-routers
show ip ospf statistics
debug ip ospf hello
debug ip ospf adj
Configuration Example
Single Area
Router R1:
interface loopback 0
ip address 10.1.1.1 255.255.255.255
!
interface serial 0/0
ip address 192.168.12.1 255.255.255.0
!
router ospf 100
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
network 10.1.1.1 0.0.0.0 area 0
Router R2:
interface loopback 0
ip address 10.2.2.2 255.255.255.255
!
interface serial 0/0
ip address 192.168.12.2 255.255.255.0
!
router ospf 100
router-id 2.2.2.2
network 192.168.12.0 0.0.0.255 area 0
network 10.2.2.2 0.0.0.0 area 0
R2# show ip route | begin Gateway
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.2.2.0/24 is directly connected, Loopback0
O 10.1.1.1/32 [110/65] via 192.168.12.1, 00:00:02, Serial0/0
Example 2
Multi-Area
Router R1:
interface loopback 0
ip address 10.1.1.1 255.255.255.255
!
interface serial 0/0
ip address 192.168.12.1 255.255.255.0
!
interface serial 0/1
ip address 192.168.13.1 255.255.255.0
!
router ospf 100
router-id 1.1.1.1
network 192.168.12.1 0.0.0.0 area 0
network 192.168.13.1 0.0.0.0 area 1
network 10.1.1.1 0.0.0.0 area 0
Router R2:
interface loopback 0
ip address 10.2.2.2 255.255.255.255
!
interface serial 0/0
ip address 192.168.12.2 255.255.255.0
!
router ospf 100
router-id 2.2.2.2
network 192.168.12.2 0.0.0.0 area 0
network 10.2.2.2 0.0.0.0 area 0
Router R3:
interface serial 0/0
ip address 192.168.13.3 255.255.255.0
!
interface loopback 0
ip address 10.3.3.3 255.255.255.255
!
router ospf 100
router-id 3.3.3.3
network 192.168.13.3 0.0.0.0 area 1
network 10.1.1.3 0.0.0.0 area 1
R2# show ip route | begin Gateway
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
O IA 192.168.13.0/24 [110/128] via 192.168.12.1, 00:00:03, Serial0/0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.3.3.3/32 [110/129] via 192.168.12.1, 00:00:12, Serial0/0
C 10.2.2.0/24 is directly connected, Loopback0
O 10.1.1.1/32 [110/65] via 192.168.12.1, 00:00:12, Serial0/0
OSPF Troubleshooting Command
1. show ip protocols
2. show ip ospf [<process-id>]
3. show ip route [ospf]
4. show ip ospf interface [brief | <interface-id>]
5. show ip ospf neighbor
6. show ip ospf database
7. debug ip ospf [hello | adjacency | events]
Verify and changing the OSFP RID (RID - Router ID)
Topology
R1- Hub
R2 - spoke
R3 - spoke
R1# show ip osfp neighbor
Nighbor ID Pri State Dead Time Address
3.3.3.3 0 Full/Drother 00:01:41 172.12.123.3
200.200.200.2 0 Full/Drother 00:01:30 172.12.123.2
R1#
R2# show ip osfp
Routing Process "ospf 1" with ID 200.200.200.1
R2# show ip osfp neighbor
Nighbor ID Pri State Dead Time Address
172.12.123.1 1 Full/DR 00:01:47 172.12.123.1
To change the "address 172.12.123.1" the router ID (RID)
R1#
R1#conf t
R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
Reload or use "clear ip ospf process" command for this to take effect
Note
RULE 1
If there are no loopback on a router, then
the highest ip address on any interface on the router
will be used as the OSPF RID even if the address is asssigned to an interface
that is not OSPF enabled
RULE 2
if there is a loopback interface on a router, if there is a single one
then that IP is going to be used as the OSPF RID by default.
If you have multiple loopbacks, the highest IP address assigned to the loopback will be
be the OSFP RID. but again, as we see in router 2,
The interface IP address be used as the OSFP RID does not have to be OSFP enabled.
If we have a loopback address as in R3
R2# show run
interface Loopback0
ip address 3.3.3.3 255.255.255.0
