Skip to main content

OSPF - Key concepts

 OSPF Overview (RFC 2328)

  • OSPF (v2 & v3): A dynamic link-state routing protocol known for fast convergence through incremental updates (LSAs). OSPF is classless, supports VLSM, route summarization, authentication, and external route tagging. It utilizes a two-tier hierarchical design with a backbone (Area 0) connecting to non-backbone areas.
  • Link-State Database (LSDB): All routers within the same OSPF area maintain identical LSDBs. Each router’s local state is shared by flooding LSAs to its neighbors.

OSPF Hierarchical Architecture

  • Purpose:
    • Reduces routing overhead.
    • Increases scalability.
    • Improves convergence speed.
    • Limits routing instabilities to specific areas.
  • Backbone (Area 0): Connects all other OSPF areas and provides transit connectivity. Non-backbone areas communicate through the backbone.
  • LSDB Differences: When an OSPF routing domain is divided into areas, the LSDBs differ across areas, although routers within the same area maintain identical LSDBs.

OSPF Neighbor and Adjacency

  • Neighbors: Routers on a common OSPF-enabled link discovered via Hello packets.
  • Adjacency: Neighbors with synchronized LSDBs that exchange full routing information.
  • Requirements for adjacency:
    • Matching Hello/Dead timers, area ID, subnet masks, MTUs, authentication type, and credentials.
    • Tip: The OSPF process numbers are locally significant and do not need to match among routers.
  • Hello and Dead Intervals: Default Hello interval is 10 seconds for broadcast and point-to-point networks, 30 seconds for non-broadcast or point-to-multipoint. Dead interval is four times the Hello interval.

OSPF Neighbor States

  1. Down: Initial state; no Hello packets received.
  2. Attempt: Active attempt to contact a neighbor (NBMA networks).
  3. Init: Hello packet received, but no bidirectional communication.
  4. 2-Way: Bidirectional communication established; stable state on multi-access networks.
  5. ExStart: Routers negotiate master/slave status for DD packet exchange.
  6. Exchange: Exchange of DD packets, listing known LSAs.
  7. Loading: Routers request and download LSAs from neighbors.
  8. Full: Adjacency is fully established, LSDBs synchronized.

Technical Tip: MTU mismatches may prevent routers from progressing beyond ExStart/Exchange states.

OSPF LSA Types

  1. Type 1 (Router LSA): Advertised by each router, lists neighbors and interfaces within the same area.
  2. Type 2 (Network LSA): Describes multi-access networks (e.g., Ethernet) and is generated by the DR.
  3. Type 3 (Summary LSA): Generated by ABRs, summarizing routes from other areas.
  4. Type 4 (ASBR Summary LSA): Advertises ASBRs to other areas.
  5. Type 5 (External LSA): Describes routes redistributed from outside the OSPF domain.
  6. Type 7 (NSSA LSA): Used in NSSAs to describe external routes, which are converted to Type 5 LSAs by ABRs.

OSPF Network Types

  • Broadcast: Default for Ethernet, requires DR/BDR election, Hello/Dead timers of 10/40 seconds.
  • Non-broadcast: Requires manual neighbor configuration, no multicast support, and Hello/Dead timers of 30/120 seconds.
  • Point-to-Point: No DR/BDR election, used for serial or GRE tunnels, Hello/Dead timers of 10/40 seconds.
  • Point-to-Multipoint: No DR/BDR election; supports partial mesh.
  • Loopback: Always advertised with a /32 prefix.

Tip: OSPF network type can be overridden using the ip ospf network command.

OSPF Area Types

  • Regular Area: Receives all LSA types.
  • Stub Area: Blocks Type 4 and 5 LSAs, receiving only a default route from the ABR.
  • Totally Stubby Area: Blocks Type 3, 4, and 5 LSAs, receives only a default route.
  • Not-So-Stubby Area (NSSA): Allows external route injection with Type 7 LSAs while blocking Type 5 LSAs. ABRs translate Type 7 LSAs to Type 5 LSAs.

Exam Tip: To configure stub or NSSA areas, all routers within the area must have consistent configurations. Use the area [x] stub or area [x] nssa commands.

OSPF Path Selection and Metrics

  • Path Preference:
    • OSPF prefers intra-area routes over inter-area routes.
    • External Type 1 (E1) routes are preferred over Type 2 (E2) routes, as they consider both external and internal metrics.
  • Equal-Cost Multipath (ECMP): OSPF can install multiple paths with equal cost into the routing table. By default, OSPF supports four ECMP paths, configurable with the maximum-paths command.
  • Metric Calculation: The OSPF cost is calculated as Reference Bandwidth / Interface Bandwidth. Adjust the reference bandwidth using the auto-cost reference-bandwidth command.

Tip: OSPF metrics can be manually set per interface using the ip ospf cost command.

OSPF DR/BDR Election

  • DR and BDR: Elected on broadcast and non-broadcast multi-access networks to reduce adjacencies. The router with the highest priority (or RID if priorities are equal) becomes the DR. The election is non-preemptive.
  • Wait Timer: Ensures all routers can participate in the DR/BDR election, matching the Dead timer.

Tip: To remove a router from the DR/BDR election, set the interface priority to 0 using the ip ospf priority command.

OSPF Operations and Convergence

  • SPF Throttling: OSPF supports SPF tuning with the timers throttle spf command, allowing dynamic SPF calculations based on network stability. This helps delay SPF calculations during instability.
  • LSA Throttling: Controls the rate at which LSAs are generated and received to limit frequent updates during instability. Configure LSA throttling with the timers throttle lsa command.

Tip: Use the max-lsa command to limit the number of LSAs a router can learn, preventing excessive CPU usage.

OSPF Graceful Shutdown

  • Graceful Shutdown: Temporarily shuts down OSPF while notifying neighbors to reroute traffic. Initiated using the shutdown command in OSPF configuration mode. Can also be applied on specific interfaces with the ip ospf shutdown command.

OSPF TTL Security

  • TTL Security: Protects OSPF from DoS attacks by requiring packets to have a TTL of 255. Configure using the ip ospf ttl-security command on both sending and receiving routers.

Tip: Use the TTL security check to limit attacks from remote systems.

OSPF Optimization Techniques

  • Fast Hello: Enables sub-second Hello intervals to detect neighbor failures faster. Configured using the ip ospf dead-interval minimal hello-multiplier command. Ideal for LAN segments with faster convergence requirements.

Tip: Fast Hello is useful, but Bidirectional Forwarding Detection (BFD) is recommended for sub-second detection in OSPF networks.

  • Incremental SPF (iSPF): Reduces CPU load by recalculating only the affected part of the SPF tree after a topology change. Activate iSPF using the ispf command.

Troubleshooting OSPF

  • Common Issues:
    • Mismatched Hello/Dead timers.
    • Duplicate Router IDs.
    • MTU mismatches.
    • Passive interfaces blocking Hello packets.

Useful Commands:

  • show ip ospf neighbor: Displays neighbor status and adjacencies.
  • show ip ospf database: Shows the LSDB.
  • debug ip ospf hello, debug ip ospf adjacencies: Debugs OSPF neighbor formation and adjacencies.

Tip: Use ip ospf mtu-ignore to bypass MTU mismatches.

 


 

Comments

Popular posts from this blog

How to import Putty Saved Connections to mRemoteNG

Just started using mRemoteNG and its being very cool to connect to different remote connection with different protocols e.g Window Remote Desktop, VNC to Linux, SSH, HTTP connection etc. from a single application. As new user I configured some remote desktop connection which was quite easy to figure out. But when I wanted to add SSH connections, it came in my mind to import all of the saved connections in the putty. But I couldn't figure it out how can it be done, though it was quite easy and here are the steps. Open your mRemoteNG Create a folder if you want segregation of multiple networks Create a new connection Enter the IP address of remote server under connection in Config pane Under the config pane, select protocol " SSH version 2 ".  Once you select protocol to SSH version 2 you are given option to import putty sessions, as shown in the snap below. In the above snap, I have imported CSR-AWS session from my saved sessions in Putty.

BGP Local Preference Controlling Outbound Traffic in BGP

In BGP, Local Preference is used to control the outbound traffic path. It helps you decide which egress point (exit point) should be used when you have multiple connections to external networks, such as ISPs. Local Preference is an attribute that is local to your AS and is shared with all iBGP peers but not with eBGP neighbors. Higher Local Preference = More preferred outbound path. Example Scenario : You have two external links: ISP1 (via CE1) and ISP2 (via CE2). You want traffic to prefer ISP1 for all outbound traffic. Network Topology : CE1 (connected to ISP1): 10.0.1.1/30 CE2 (connected to ISP2): 10.0.2.1/30 iBGP Router (Internal) connected to both CE1 (10.0.1.2/30) and CE2 (10.0.2.2/30). Configuration on CE1 (Higher Local Preference) : Create a route map to set the local preference to 200 for routes learned from CE1: route-map SET_LOCAL_PREF permit 10 set local-preference 200 In the BGP configuration for CE1, apply this route map to the neighbor: router bgp 65001 ne...

BGP MED: Managing Inbound Traffic with Multi-Exit Discriminator

The Multi-Exit Discriminator (MED) is used in BGP to control inbound traffic into your AS. It tells a neighboring AS which entry point into your network it should prefer when there are multiple links between your AS and the neighboring AS. The lower the MED value , the more preferred the path. MED is only honored between the same neighboring AS . Example Scenario : You are connected to ISP1 via two routers, CE1 and CE2 , and want to control which router ISP1 uses to send traffic into your AS. Network Topology : CE1 (connected to ISP1): 10.0.1.1/30 CE2 (connected to ISP1): 10.0.2.1/30 iBGP Router (Internal) connected to both CE1 (10.0.1.2/30) and CE2 (10.0.2.2/30). Configuration on CE1 (Lower MED, More Preferred) : Create a route map to set the MED to 50 for CE1: route-map SET_MED permit 10 set metric 50 Apply this route map to the neighbor in the BGP configuration for CE1: router bgp 65001 neighbor 10.0.1.1 remote-as 65000 neighbor 10.0.1.1 route-map SET_MED out Configuratio...