Open Shortest Path First (OSPF)

The Open Shortest Path First (OSPF) is an Interior Gateway Protocol used to distribute routing information within a single Autonomous System. OSPF is a Link State routing protocol and has following features.
  • Fast convergence
  • VLSM support
  • Scalable to large networks
  • Stub capabilities
  • Authenticaion
  • Efficiency (Sends only hello messages to maintain neighbor relationship)
  • Route tagging capabilities
  • Uses multicast for routing updates.

Specifications
                             Protocol type           Link-state
              Administrative Distance           110 
                                       Metric           Cost
                            Authentication           None, Clear-text, MD5
                               Seed metric           20 for all redistributed routes and 1 for BGP routes.
     Multicast address used by All           224.0.0.5
  Multicast add. used by DR/BDR           225.0.0.6 
                                          RFC           RFC2328



Timer Intervals
These are the values of the OSPF timers:
  • Hello—Interval time in seconds that a router sends an OSPF hello packet. On broadcast and point-to-point links, the default is 10 seconds. On NBMA, the default is 30 seconds.
  • Dead—Time in seconds to wait before declaring a neighbor dead. By default, the dead timer interval is four times the hello timer interval.
  • Wait—Timer interval that causes the interface to exit out of the wait period and select a DR on the network. This timer is always equal to the dead timer interval.
  • Retransmit—Time to wait before retransmitting a database description (DBD) packet when it has not been acknowledged.
Default Timers:
On Broadcast and point-to-point links
          Hello        10 seconds
          Dead        40 seconds
On Non-Broadcast links 
          Hello         30 seconds
          Dead         120 seconds



 Packet Types 
  • Hello - Used to establish and maintain neighbor relationships.
  • Database Descriptor (DBD) - Database descriptors contain link-state advertisement (LSA) headers only and describe the contents of the entire link-state database.
  • Link State Request (LSR) - Request for an LSA
  • Link State Update (LSU) - Reply to an LSR with the requested information.
  • Link State Acknowledgment (LSAck) - Used to confirm receipt of link-state information.



LSA Types
OSPF uses different types of LSAs to describe different types of routes. To understand OSPF Link-state Advertisement, visit Understanding OSPF Link-state Advertisement.

LSA type 1 (Router LSA)
Generated by all routers in an area to describe their directly attached links (Intra-area routes). These LSAs do not leave the area.

LSA type 2 (Network LSA)
Generated by the DR of a segment to describe the neighbors connected to the segment. These LSAs do not leave the area.

LSA type 3 (Summary LSA)
Generated by ABR to describe a route outside the area (Inter-area routes).

LSA type 4 (ASBR Summary LSA)
Generated by ABR to describe a route to an ASBR to neighbors outside the area.

LSA type 5 (AS External LSA)
Generated by ASBR to describe external routes (routes external to OSPF domain).

LSA type 7 (NSSA External LSA)
Generated by an ASBR inside a NSSA to describe routes redistributed into NSSA. These LSAs are converted back to type 5 LSA by ABR of that area before advertising to other areas. 



Neighbor States
When OSPF adjacency is formed, a router goes through several state changes before it becomes fully adjacent with its neighbor. To understand each of the state, visit OSPF Neighbor States.
  • Down
  • Attempt
  • Init
  • 2-Way
  • Extart
  • Exchange
  • Loading
  • Full


OSPF Hello Packet
OSPF Hello packet is responsible for establishing and maintaining neighbor relationship. An OSPF Hello packet contains the following information.
  • Router ID                                  --included in OSPF Header and sent with all packet types
  • Area ID*                                   --included in OSPF Header and sent with all packet types
  • Authentication information*       --included in OSPF Header and sent with all packet types
  • Network mask*  
  • Router Priority  
  • Neighbors' list  
  • Hello and dead intervals*  
  • DR and BDR address  
  • Stub Area Flag* 
Fields indicated with asterisk (*) must have to match while adjacency  formation. If any of these fields does not match, adjacency will not be formed.



Router ID Selection
By default, when the OSPF process initializes, it selects the highest IP address on a router as the router ID for the OSPF process. The router ID uniquely identifies a router within an OSPF domain.
OSPF automatically prefers a loopback interface over any other kind, and it chooses the highest IP address among all loopback interfaces. If there are no loopback interfaces present, the highest IP address configured on the physical interface of the router is chosen.  The OSPF cannot be directed to use any particular interface. Once the router ID is elected, it does not change unless the OSPF process restarts or the router is reloaded.

The default behavior of the selection of the highest IP address on a router as the router ID can be changed with the use of the router-id OSPF command.
R1(config-router)#router-id A.B.C.D



DR/BDR Election
In order to minimize the amount of information exchange on a particular segment, OSPF elects one router to be a designated router (DR), and one router to be a backup designated router (BDR), on each multi-access segment. The idea behind this is that routers have a central point of contact for information exchange. Instead of each router exchanging updates with every other router on the segment, every router exchanges information with the DR and BDR. The DR and BDR relay the information to everybody else. DR and BDR listen on multicast address of 225.0.0.6 while all other OSPF routers listen at address of 225.0.0.5
DRs are chosen based on priority (0 - 255). 1 is default; routers with 0 priority will never be elected. Priority ties are broken by choosing the higher router ID.
To change the OSPF priority on a link, use the following command under interface configuration mode.
R1(config-if)#ip ospf priority x



OSPF Area types
All routers in an area maintain an identical topology. Areas helps in reducing the size of routing table. All areas must be attached to area 0 (the backbone area) through either an ABR or a virtual link. For more information on OSPF area types, visit OSPF Special Areas. Depending upon the type of LSAs contained, areas can be categorized as follow
  • Normal Area
  • Stub Area: can contain LSA type 1, 2 and 3.
  • Totally Stubby Area: can only contain LSA type 1 and 2.
  • Not-So-Stubby Area: can contain LSA type 1, 2, 3 and 7.
  • NSSA Totally Stubby Area: can only contain LSA type 1, 2 and 7.



Router Roles
  • Internal - Routers which have all interfaces in a single area.
  • Backbone routers - Routers with at least one interface in area 0.
  • Area Border Routers (ABRs) - Routers with at least two interfaces in different areas.
  • Autonomous System Boundary Routers (ASBR) - Routers which redistribute information from an external source.
Routers can serve multiple roles simultaneously (e.g. act as both a backbone router and an area border router).
  



Vitual Links
All OSPF areas must be connected to the backbone area (area 0) through an ABR. Virtual links must be implemented when an area cannot be directly connected to the backbone.

Virtual links are not encouraged and should be used only as a temporary fix. Following Example shows the Virtual Link configuration.
RTA#
router ospf 10
area 2 virtual-link 2.2.2.2
RTB#
router ospf 10
area 2 virtual-link 1.1.1.1



OSPF Metric (Cost) Calculation
OSPF uses a reference bandwidth of 100 Mbps for cost calculation. The formula to calculate the cost is reference bandwidth divided by interface bandwidth. For example, in the case of Ethernet, it is 100 Mbps / 10 Mbps = 10.
                             100           
Cost = ──────────────────
           Interface Bandwidth in Mbps
where, 100 is the reference bandwidth.

By default, the cost of an interface is calculated based on the bandwidth; you can force the cost of an interface with the ip ospf cost interface subconfiguration mode command. 
Router(config-if)#ip ospf cost x

The default reference bandwidth for OSPF is 100Mbit. Increasing the reference-bandwidth allows a more granular OSPF design. If changed it should be changed on all routers in the OSPF domain. To change the reference-bandwidth of OSPF,  following command can be used under router configuration mode:
Router#
router ospf 10
auto-cost reference-bandwidth 10000

The reason you would change the reference-bandwidth is that you may have link faster than 100M in your network. If you have Gigabit networks but are using the default reference-bandwidth, then Gigabit links are equal in cost to fast Ethernet i.e. the cost of 1.




Quick Commands
This section provides command for configuring various parameters with a brief description.

Advertise Default Route

OSPF generates a default only if it is configured using the command default-information originate and if there is a default route in the routing table.
Router#
router ospf 10
default-information originate
If you want an OSPF-enabled router to generate a default route even if it does not have a default route itself, use the following command under router configuration mode,
Router#
router ospf 10
default-information originate always



Configure Hello and Dead Interval
 To configure the Hello and Dead interval in seconds, use the following command under interface configuration mode.
R1(config-if)#ip ospf hello-interval x
R1(config-if)#ip ospf dead-interval x
If you only configure the hello-interval without configuring the dead-interval, OSPF will automatically set the dead-interval to four times of the configured hello-interval.



Change OSPF Network Type
OSPF will automatically choose the network type based on the the type of link. But we can also manually change the network type of OSPF. To do so, use either of the following command from the interface configuration mode.
RTR(config-if)#ip ospf network broadcast
RTR(config-if)#ip ospf network non-broadcast
RTR(config-if)#ip ospf network point-to-multipoint
RTR(config-if)#ip ospf network point-to-multipoint non-broadcast
RTR(config-if)#ip ospf network point-to-point



♦ OSPF MD5 Authentication
To enable authentication for all the routers in an area, use following command in the router configuration mode.
RTR(config-router)#area x authentication message-digest
If you want to enable authentication only on specific interfaces, you can enable  authentication on per interface basis. To do so, use the following command under interface configuration mode.
RTR(config-if)#ip ospf authentication message-digest
Following command is used to specify authentication key. This key will work with either of the above mentioned methods.
RTR(config-if)#ip ospf message-digest-key 1 md5 *****
NOTE: The key ID and the corresponding key must match among the candidate routers for authentication.

Authentication can also be disabled on specific interface by using the following command.
RTR(config-if)#ip ospf authentication null



♦ OSPF Clear-text Authentication
To enable authentication for all the routers in an area, use following command in the router configuration mode.
RTR(config-router)#area x authentication
If you want to enable authentication only on specific interfaces, you can enable  authentication on per interface basis. To do so, use the following command under interface configuration mode.
RTR(config-if)#ip ospf authentication
Following command is used to specify authentication key. This key will work with either of the above mentioned methods.
RTR(config-if)#ip ospf authentication-key *****
Authentication can also be disabled on specific interface by using the following command.
RTR(config-if)#ip ospf authentication null




♦ Passive Interface
Configuring an interface as Passive interface, prevents that interface from sending out Hello messages and form adjacencies. To configure an interface as a Passive interface, following command can be used under the router configuration mode.
RTR(config-router)#passive-interface fastEthernet 0/0
There may be a situation when you have a router with large number of interfaces and you don't want to form adjacencies on most of interfaces except some chosen interfaces. In such condition, passive-interface default command can be used which will make all the interfaces passive and then you can manually enable OSPF on the desired interfaces using the no passive-interface command.
RTR(config-router)#passive-interface default
RTR(config-router)#no passive-interface fastEthernet 0/0



Comments

Popular posts from this blog

Anyconnect SSL-Client VPN with Self-signed Certificate on Cisco ASA

Filtering Routes in BGP using Route-maps and Prefix-list

IKEv2 IPsec Site-to-Site VPN configuration on Cisco ASA 8.4(x)

IPsec VPN as a Backup for Point-to-Point Link using IP SLA

Border Gateway Protocol (BGP)

Cisco ASA Active/Active Failover Configuration

Bypassing Proxy Server in Google Chrome

Cisco ASA Active/Standby Failover Configuration