OSPF

Open Shortest Path First

Only Two Link State Routing Protocol are available so for IS-IS and OSPF They maintain 3 tables 1. 2. 3. Neighbor Table Topology Table Routing Table

There is no difference between Neighbor Table of EIGRP and OSPF only difference is Topology Table. In Topology Table in an Area routers keep roadmap every single Network in that area and all possible paths to get there topology table where in Distance Vector EIGRP Topology Table they just keep the track of the neighbors. They only know what the neighbor knows. OSPF uses DIJKSTRAS Algorithms SPF Shortest Path First OSPF is Processor Intensive Protocol OSPF Sends Triggered Updates to announce the change in a Network OSPF Send Periodic Updates (Link State Refresh) on long intervals

OSPF Areas and Designs

All area must connects to area 0 (every area contains group of routers in it) All routers in an Area keep same topology table keeps the same roadmap to reach other router in that area. Every single area is connected to another area by a router sitting at the border between two or more areas is called Area Border Router (ABR) such router will have one or multiple interface in different areas but one interface must be in Area 0. Purpose to Built Network in areas is to keep updates Localize in an area. If some changes occurs in an area that will be updated in that area only. OSPF Network must be design in hierarchy. A subnet used in one area cant be use in other area. Areas operating under your authority and running OSPF will be called collectively as Autonomous System Where Router that is connecting your network to outside world is called ASBR Autonomous System Boundary Router. It could be Internet or RIP or EIGRP Network. Only ABR and ASBR Router in a OSPF Network has the ability to do the Summarization none of other router in OSPF Network can do summarization.

Note: Neighborship Relationship will be establish only between two routers when they are in same area.

Router ID When OSPF will start Routers will defines their own Router ID. Where Router ID is simply the name of Router in OSPF Process Router ID will be the highest active interface ip address of the router when OSPF starts. Normally Loopback Interface IP addresses become Router ID. Router IDs only changes when Router restarts or OSPF Process Restarts so if you change Network address then possibility is that Router ID will not change accordingly the OSPF restarts. To avoid this situation we can hardcode Router ID using command router-id command

Router then add interfaces to the Link State Database (dictated by the network command) When router send Hello messages out to Interface or Interfaces and still waiting for the reply this state is called DOWN STATE

Hello packets are sent every 10 seconds on Broadcast / point-2-point Networks Hello packets are sent every 30 seconds on Non Broadcast Multi Access Networks (Frame Relay, ATM) Hello packets are tune able as per requirement as if we prefer to have bandwidth or to converge more efficiently. Dead Timers are 4 times of Hello Messages before considering any site down it will send 4 hello messages

Hello messages contains all kind of information in them Router ID Neighbors

Hello and Dead Timers* Router Priority Network Mask* Area ID* DR / BDR IP address

Authentication Password* Note: To form Neighborship relationship between two routers the Hello and Dead timers must be set to same value and has to be have same subnet mask like /24 should be on both. Area ID should be same.
When Router 1 sends Hello packet to Router 2 and Router 2 Received that Packets then it becomes in Init State. This state means that I have received the hello but doesnt means that neighbor relationship has been formed. When router R2 Sends Reply Hello packet it is in 2-WAY State

If the router finds that they are already neighbors the process will be end here and they will start exchanging routing information. If they are new neighbors we will go to the next step. In next step two router will form Master-Slave Relationship and Master is will be who sends the Information first and the this state will be EXSTART STATE

Where cliff notes are summary of all the information that router has

OSPF Cost

OSPF uses multicast for its communication for sharing its information. DR and BDR Designated Router and Backup Designated Router are the routers that uses to propagates the any change occurs in an area to the other routers in that area using special multicast address. In this process when a link goes down on one router it will multicast the information to a special multicast address 244.0.0.6 that only DR and BDR listen to and then only DR will again propagate this change to the rest of the all routers using another multicast address 224.0.0.5. This DR and BDR not defined as per area or as per AS in fact in every shared segment OSPF will define on DR and one BDR. Election of DR and BDR In a shared segment who is ever has the higher Router Priority wins as DR where by default Router Priority is 1 and ever Hello packets contains the Router Priority in its Header.

OSPF Packets Types

1. 2. 3. 4. 5. 6.

HELLO Packet Forms the Neighbor Relationship Database Description-DBD Cliff notes of Link-State Database (Router exchange topology Table without giving to much information) Link-State Request-LSR when R1 send R2 its DBD it form Master-Slave Relationship then slave sent LSR for the neighbor information which he doesnt have in its Data Base. And respond came back by LSU Link-State Advertisement-LSA LSU is like an envelop and it carries information about individual routs called LSA. Link-State Update-LSU when R1 send R2 its DBD it form Master-Slave Relationship then slave sent LSR for the neighbor information which he doesnt have in its Data Base. And respond came back by LSU Link-State Acknowledgment-LSACK Every single update is going to require an acknowledgment except Hello packet which makes OSPF Reliable Protocol its Layer 4 Protocol but it didnt rely on TCP/UDP it has its own protocol to make it reliable

Configuring and Implementation of OSPF

Configuring Router 1: We can use any process ID

The very first area we will create in OSPF is 0

Show IP Interface brief output on router 1

Now we will add interface of Router 4 which is point-2-point Link to R1

Configuring Router 4:

Enabling Debug OSPF

Here we can see the established route between R1 and R4 where in neighbor command we can check the neighbor status in this scenario the link is point-2-point so FULL/- in neighbor command output shows there are no DR/BDR/Other DR.

Configuring Router 4:

Here we can see DR/BDR Election in this scenario as these are on shared segment and election based on Router Priority as by default they have the same the it will be decided on Router ID and Router ID is the highest Ip address given on that router to any Interface but if there is a loopback Ip on that Router then Loopback IP always beat any Interface But on changing the IP we must reboot the router or restart the OSPF. Command: clear ip ospf process.

Even if we want to manually define it, it will override

We should advertise this ip to network so that this IP should be ping able.

Configuring Router 2:

Here we can see in ospf neighbor output the DR/BDR has been elected. Configuring Priority of Router Putting Priority of Router to 0 will exempts the router from participating into DR/BDR Election

Using other useful commands

NOTE: Above output Seq# is sequence numbers these numbers are used between neighbors for exchange there latest database. In new model routers we can enable OSPF under Interface.

OSPF Network Types

OSPF Support 3 its Operation on 3 types of Networks 1. 2. Broadcast, Multiaccess Networks Point-2-Point Network Non Broadcast, Multiaccess Networks

3.

Broadcast, Multiaccess Networks Ethernet, Token Ring, All clients on the subnet are accessible to each other Single Operation Mode DR/BDR Election, 10 Sec Hellos, DUAL Multicast Address (224.0.0.5 (reaches to everyone) / 224.0.0.6 (reaches to DR/BDR)) Point-2-Point Network T1 CAS, ISDN BR1/PRI Typically WAN Links or any Network that has P-2-P Link Single Operation Mode NO DR/BDR Election because there only two router involved in this scenario, 10 Sec Hellos, Single Multicast Address (224.0.0.5) Non Broadcast, Multiaccess Networks X25, ATM, Frame Relay these kind of network have clouds and things are connected via PVCs 5 Operation Modes (Means 5 Possible way to implement OSPF in this scenario) 2 are officially by OSPF and introduced by CISCO itself.

NMBA Topology
Full Mesh Topology Every single site has direct connection/PVC with every other single sitehuge amount of redundancy and very little delay, if one router goes down all nodes are reachable by other Direct PVCs to each other. But design is costly.

Partial Mesh Topology Some of the sites are important having dual or multiple PVCs but some sites are based on single approaching PVC to reduce the cost of implementation. Hub and Spoke or Star Topology All the PVCs are on one big router at the central office and all other sites connect to that central office reach other by that central router. This kind of Network suffer no redundancy and high delay.

OSPF over NBMA: Five Modes

1. 2. 3. 4. 5. Non-Broadcast (NBMA)-RFC Standard Point-2-MultiPoint -RFC Standard Point-2-Point CISCO Propriety Broadcast - CISCO Propriety Point-2-MultiPoint, Non-Broadcast - CISCO Propriety

In this mode no broad cast is allowed and no multicast is allowed as OSPF uses multicast addresses, hello messages to discover its neighbors Instead of allowing discover each other they has to be statically configured in this method. Only one subnet is allowed in this method like one router connecting to multiple nodes. Configuring above scenario

Where hello timers are 30sec and dead timers are 120 sec and static configuration of neighbors will be only on one Central router which is communicating with every other router. Since in this topology a DR and BDR must be elected and we know that DR/BDR has the full connectivity and with all other router and they exchange information with DR. So in this case only one Router is communicating with all other routers so the central router must always be DR and we can do that by increasing its Router Priority where none of the other router has full connectivity with other router in this topology so we will make sure that no other router should become BDR and we can do this by setting Priority of all other router setting to 0 and they will not cost vote for being BDR.

Now configuring Central Router

Now setting neighbor router statically We will be setting there priority once again here as we did before on the interfaces before

Here we can see they are set as DROTHERS means they are not DR or BDR

Here we have added networks to each router now when we will show ip route the routes are available in the list on each router but we cant ping them each other not from R2 to R3 or vice versa but we can ping each router from R4. To fix this problem we need a Frame Relay Map to each router.

It fixes all issues with NBMA Network only thing required is to configure the router in a way so that it allows the multicast access and broadcast. Configuring R2

Configuring R4 Remove statically configure neighbor if there are any.

Configuring R3

Once configurations are done do clear the OSPF Process on each router.

NOTE: In this topology the Networks are advertised thats why we can reach or ping next hop.

This topology doesnt allow Network address advertisement.

Instead of neighbor discover automatically they are configured statically this scenario works when administrator doesnt allow broadcast on network.

It treats like LAN, must have one subnet and topology like Hub and Spoke full Mesh.

In this Mode the CISCO Router treats every DLCI or every sub interface you have as a point-2-point links. This mode just made NBMA Mode to act as P2P mode

OSPF Areas and Router Types

All router in an Area connected to area0 will be Internal Router All routers in Area 0 will be called Backbone Router also those are connecting Regular area to Area0.

How to do Summarization in OSPF

Here RI,R3 and R4 (is acting as ASBR)are running OSPF Where R2 is ABR and R5 running RIP. As below given scenario we will configure R2 as ABR. Just configuring R2 the respective interfaces into their areas will make R2 to act as ABR.

SHOW IP ROUTE will confirms if it is working or not as ABR.

To check and verify we can use this command as well

Now setting up Summarization on ABR As per above figure all advertisement from R1 to 2 will be summarized as one Subnet address we will put in while configuring summarization on R2.

Where Null0 Route is used for Loop Prevention.

We can verify the summary route on R3 if it is there or not.

We can either Advertise them to other router (By Default enable) or we just can hide them by using command not advertise.

Configuring R4 (ASBR) for advertising the routes which it is getting from R5 (RIP Routes). As we can see R4 is getting Routes from R5 but not advertising them as they are not OSPF Routes. So be default only OSPF Routes can be advertised.

Setting Summary Route on ASBR Defining summary route on ASBR is little different as in the command of setting summary route there is no Area mention into it as ASBR belong to some other domain (RIP,EIGRP or BGP) which is not OSPF and doesnt recognize areas. NOTE: For ABR its uses Area Range command where ABSR uses summary address command

We can jump to R3 and verify the advertisement from R4 but when we will jump to R3 to check the route summarization we will not found any route from R5 as summary route is 172.168.x.x where there is no such subnet in Area0 so router will not advertise it to R3 to make him advertise to R3 we will use Redistribution.

Now we can jump to R3 and can find route from R5 advertise to R3 as E-External Route.

if we will put manually summary route in R4 it will be advertise and redistribute as single subnet summary address but it if we remove that address from R4 we will find more specific summary route from R5 Router. Down here in output of both we can see the difference.

OSPF LSA Types

NOTE: Above given types are 5 but 11 types of LSA exists We can use Ethereal for Packet sniffing. To better understand LSA of OSPF.

Type1-Router LSA: is advertisement about one Network. It describes all about that one single network that this is the address of network, how far it is and stuff like this. Type2-Network LSA (DR Generated): is a LSA which only can be generated by a DR, and it only advertises all of the router that are plug in to that ethernet segment. Type3-Summary LSA (ABR Summary Route): these are the summary route advertisements which are generated by ABR Router and it generates summary route for that ABR Router. When you have ABR whether you are summarizing or not Type 3 advertisement will be made by the router beyond ABR but if router is having segment into Area 0 it will be advertise as Type 1. Type4-Summary LSA: (this ASBR Location LSA): it just advertises the IP address of ASBR in the network. Type5-External LSA: (ASBR Summary Route): any route that send in from ASBR will be consider Type5 LSA.

OSPF Virtual Links

The Daisy chain Areas are not allowed in OSPF as every single network must have connectivity with Area 0. But virtual Links is an exception to this rule as they are temporarily solution to the problem. For example if a company has network in Area 0 and a branch in Australia and suddenly they take over a new company over there which has its completely different network and you require a urgent access to that network in that case we will create a virtual link between area1 and area 2 (new company) which has no direct connection with Area 0. In below given scenario R4 and R3 are configured already and we will configure R2. which have WAN link between R3 and R2 on serial 1.3 and LAN interface on Serial 0 Interface which is in AREA 2 LAN.

Configuring WAN interface on R2

As we will add Area 2 Network to OSPF which is not directly connected with Area 0 error (some times router reports and some time doesnt) messages will be appeared on R3 which is the gateway for AREA 2 to get into Area 0. But we can see on R3 that there is no Route for Area 2 in R3 or R4 ip route table.

To solve the issue we will create a virtual link between R3 and R2. Where R3 is the router which is connecting the Area 2 to Backbone even if there are multiple routers between R3 and R2 the command will be configure on R3 always and this will be dependent on Router ID.

Now we will configure R2

By configuring this command a tunnel will be created between the two areas to believe that they are connected directly which each other. To verify the tunnel / virtual link we can check here

Note: we can create a virtual between two virtual links. Like creating a virtual link between Area 2 and Area 3 then creating a Virtual Link between Area 2 and Area 0.

Stub Areas and Totally Stubby Areas

The purpose of the areas in OSPF is to keep the Routing tables small and efficient but in the network given below when we see the routing table of the router 1 we can see its showing all the routes which belongs to other areas and doesnt require by the Area 2. Here comes the concept of Stub and Totally Stub Areas. Stubby Areas: Blocks Type 5 (external routes) LSA from entering into the Area. Totally Stubby Areas: Blocks all the LSA from the other areas link Type 3,4 and 5 LSA, from entering into area. For example we want to configure Area 2 as a stub area which doesnt require External Routes from R3. So we will be configuring R2 Area 2 as stubby area.

Same we will be configuring on R1

To verify we can check the routing table of R1.

Note: ABR (R2) will always keep the information of all routes into its routing table but the routing information will be filtered while passing of to R1 and instead a default route will be passed on to R1.

Now we will create Totally Stubby area of Area 1and it blocks all external routes to the R5. Note: Totally Stubby Area is CISCO Proprietary. But even in this case only ABR suppose to be CISCO Router only because filtering will be done always on ABR.

Configuring R4 (ABR)

Configuring R5

Now any external router Type5, any ABR IP Address Type4, and any Intra area router Type3 LSA should be removed from R5 Routing table.

NOT-SO-Stubby Area
In case if the totally stubby area gets connected with external RIP Domain network well in this case its stubby area but not-so stubby area. As we can see in above R5 Ip Route output that it is still configured with a Default Route as Stub are but now as it is ending with another Rip Domain so technically it becomes a ASBR a router connected to an external domain which is not part of OSPF but advertising its routes into OSPF. NOT-SO-STUBBY AREA: Passes External Routes through VIA Type 7 LSA. These LSA converts back to Type 5 LSA when they reach in Backbone area 0.

Configuring R5

Configuring R4

Now as we go back to R5 we can see that R5 is getting a default route from R4 just like as totally stubby area but now R5 will be able to redistribute these routes to R4 and R4 will receive them as Type 7 LSA.

Where on R4 show ip route database will show like this.

Where all other router in the network will not be able to seen the Type 7 LSA. We can check show ip route accordingly.

OSPF Authentication
Enable on a Per-Interface basis (PRE -12.0 IOS Releases it was Per-Area based) OSPF supports two types of Passwords Clear Text and MD5 Hash passwords. Every OSPF Packet keyed with that password Configuring Authentication

Configuring R3 Primary way to debug Authentication issues is to use command Debug ip ospf adj Highlighted Interface will be configure for the Authentication

If we are using Authentication-Key command it will be using Clear Text for authentication If we hit just after typing authentication it will use the clear text method. Where Cisco is the pass code which will be in clear text.

Its a plain text or simple authentication. Now setting up simple Authentication

Where as we put in authentication the neighbor relationship dies as error prompting TYPE MISMATCH As Type 0 means no Authentication and Type 1 Means there is Authentication.

Configuring R2

Digest Authentication or MD5 It has the same method and commands except we will be using option of digest authentication

If we want to do hashed authentication we need to do this way and after putting MD5 we can put our pass key there and hit enter.

OSPF External Routes Types

OSPF supports two classifications of External Routes. Any routes that gets in OSPF from outside world is marked as an external route and they are generated by ASBR and considered Type 5 Routes

Two External Types of Routes E1: Cost of the Route increments as it passes through the Autonomous System E2 (Default): Cost of route remains the same as it passes through the Autonomous System Configuring R3 (as it is working as ASBR) As we can see in below given output there are no External routes in Routing Table and we will configure the Interface as for Redistribution of RIP routes into it with given metric of 100, after that if we hit the enter it will assume the route as default E2, but if we use metric-type option we can mention E1 Type as well as given below.

To verify this we can check routing table on R2

Here we can see we are receiving E1 Route with the metric of 140 and same will be on R1 with metric of 204. Now undo the redistribution type with metric-Type 2 and see routes on R2 are E2 but with low metric of 100 (20 IN OUTPUT BELOW WILL BECOME 100 AFTER REFRESHING) and same can be observed at R1 100. Here we can observed that metric remains the same as we go with Metric-Type 2, means whatever metric is been used on R3 will remains the same whole the way down in the network.

So in normal circumstances E2 is the best as there is no need to calculate all the metric on path down to network as we have very single point of entry for route from RIP domain only in the situation we will use the metric Type 1 when we will be using multiple entry point from outside of the network.

Adjusting the OSPF Cost

There is formula for cost calculating in OSPF which is COST = 100/BW (Mbps), but we require some specific cost to be adjusted we can over ruled this formula by using given below command:

But in case that you have more bandwidth then the fast ethernet as gigabit or above in this case if you are using default calculating method total cost will always be consider as 1 doesnt matter how much bandwidth we have because there is no fraction in this formula to adjust the higher speed of medium. So to fix this problem we will exit the interface and will go under the OSPF and use the following command which is given below:

In this situation the reference-bandwidth is speed of your link if fastethernet then 100, if Giga ethernet then 1000, and so on or we can fix this for all kind of future big speed links by giving a big number fits for all. NOTE: whatever speed is been given on one router must be given on all routers in the network otherwise it will not work.

Preventing Link State Database Overloading

We can limit the maximum numbers of LSA can be received by a router to avoid the overloading of Link State Database. NOTE: We can mention no of LSA that will be per minute if it LSA exceeds this number it will kill all Neighborship with other routers at least for 5min as it will consider Link State Table as Overload.

So before we will use the above command we will tweak this a little so that it works for us. We can use option of percentage that before killing send a warning message as it crosses 20% like given below.

above given options can be helpful as we can use instead a warring only command or ignore time can be use to ignore the LSA and with that we can use ignore count that how many time Ignore Time can be triggered.

Ignore time is option to after how many ignore count this trigger should be reset or disabled

As in above situation R3 is connected with internet and one default route is configured on R3 as R1,2 are dependent on R3 for accessing Internet if we look into routing table we will not found a Default Route in there Routing Table while they are under OSPF Network.

To fix this problem we can use the following command:

Now as long as R3 have the default route it will advertise to other routers in the network if we remove that default route from R3. Other routers will also stop receiving this default route. In case that we want that R3 always generate Default Route to other Routers in this case use this command.