Вы находитесь на странице: 1из 72

Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.

10F NET3008 David Bray


OSPF Multi-area
14F NET3008 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925)
bi t degr ee.c a
CCNP ROUTE Chapter 3
Multi-area OSPF
David Bray
brayd@algonquincollege.com
with contributions obtained from Rick Graziani & Cisco
222 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF version 2
This chapter covers OSPF v2 for IPv4.
I STRONGLY advise you to review
NET1005 Ch 11 lecture notes on OSPF.
OSPF v3 compliant with IPv6 (Ch 8), is
significantly different - changes in
operational philosophy, LSA types, data
formats, etc.
Reference RFC2740 and Cisco document,
"Implementing OSPF for IPv6.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
333 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Things You Must Know
Within the context of Single-area OSPF
OSPF Concepts
terminology, states, link costs,
OSPF Operation
network types, adjacencies, timers, LSUs,
OSPF Configuration
router ID, router priority (DR, BDR, etc), networks,
authentication, default routes,
OSPF Verification, Monitoring, Troubleshooting
444 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Review How OSPF Chooses Router ID
The order in which OSPF chooses its router ID is:
1. the value given by the OSPF router-id command
2. the highest active loopback address on the router
3. the highest IP address on all active interfaces at the
moment the OSPF process starts up
If OSPF is not able to determine its router ID at
startup, an error message results, such as:
p5r 2( conf i g) #router ospf 1
2w1d: %OSPF- 4- NORTRI D: OSPF pr ocess 1 cannot st ar t .
Using a router-id command (or 2
nd
-best, a loopback
interface) is recommended to make your network
predictable, consistent & stable.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
555 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Router(config-router)#router-id 32-bit-value
Any unique 32-bit value can be used, though it is often entered
in a dotted-decimal format like an IPv4 address.
If this command is entered in an OSPF process whose existing
ID was based on a prior router-id command, a manual restart
of the OSPF process via a clear command at global
configuration mode (see below) will be necessary to adopt the
new ID value.
However, if the existing ID was based on the IP of a loopback or
a physical interface, OSPF may need to be removed first (via a
no router ospf command or a complete IOS reload).
OSPF router-id Command
Router(config)#router ospf 1
Router(config-router)#router-id 172.16.1.1
Router#clear ip ospf process
666 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
show commands
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
777 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
show ip route
Router# show ip route
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O IA 172.16.51.1/32 [110/783] via 172.16.1.2, 00:11:44, FastEthernet0
O 172.16.20.0/24 [110/782] via 172.16.10.6, 00:12:29, Serial0
C 172.16.10.4/30 is directly connected, Serial0
C 172.16.1.0/24 is directly connected, FastEthernet0
O E2 11.0.0.0/8 [110/20] via 172.16.1.1, 00:11:44, FastEthernet0
O E1 12.0.0.0/8 [110/782] via 172.16.1.1, 00:11:44, FastEthernet0
O = OSPF routes within the same area (intra-area routes)
110/number = Administrative Distance/metric (cumulative 10
8
/bandwidth)
E2 = Routes outside of the OSPF routing domain, redistributed into OSPF.
Default E2 metric is 20 and does not get modified within OSPF
CCNP
O IA = OSPF routes from another area (inter-area routes)
E1 = Routes outside of the OSPF routing domain that get additional cumulative
costs added on by each router, just like other OSPF routes.
888 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
show ip ospf
Router#show ip ospf
Routing Process "ospf 1" with ID 192.168.3.1
Supports only single TOS(TOS0) routes
It is an area border router
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
Number of external LSA 3. Checksum Sum 0x97E3
Number of DCbitless external LSA 0
Number of DoNotAge external LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm executed 8 times
<output omitted>
Area 1
<output omitted>
Blue is CCNP
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
999 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
show ip ospf interface
Router# show i p ospf i nt er f ace
Ethernet0 i s up, l i ne pr ot ocol i s up
I nt er net Addr ess 206. 202. 2. 1/ 24, Area 1
Process ID 1, Router ID 1.2.202.206, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 2.2.202.206, Interface address 206.202.2.2
Backup Designated router (ID) 1.2.202.206, Interface address 206.202.2.1
Ti mer i nt er val s conf i gur ed, Hello 10, Dead 40, Wai t 40, Ret r ansmi t 5
Hel l o due i n 00: 00: 00
Nei ghbor Count i s 1, Adj acent nei ghbor count i s 1
Adj acent wi t h nei ghbor 2. 2. 202. 206 ( Desi gnat ed Rout er )
Suppr ess hel l o f or 0 nei ghbor ( s)
Serial0 i s up, l i ne pr ot ocol i s up
I nt er net Addr ess 206. 202. 1. 2/ 24, Ar ea 1
Pr ocess I D 1, Rout er I D 1. 2. 202. 206, Network Type POINT_TO_POINT, Cost: 64
Tr ansmi t Del ay i s 1 sec, St at e POI NT_TO_POI NT,
Ti mer i nt er val s conf i gur ed, Hel l o 10, Dead 40, Wai t 40, Ret r ansmi t 5
Hel l o due i n 00: 00: 04
Nei ghbor Count i s 1, Adj acent nei ghbor count i s 1
Adj acent wi t h nei ghbor 2. 0. 202. 206
Suppr ess hel l o f or 0 nei ghbor ( s)
10 10 10 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Neighbours
Before two routers
can become OSPF
neighbours, they
must agree on
Hello/Dead intervals
Network IP & Type, including an identical subnet mask
Area ID
Options (aspects such as stub type & capabilities)
Authentication (if any)
for Full State (adjacency), IP MTU must also match
unless -if)# ip ospf mtu-ignore has been configured
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
11 11 11 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
show ip ospf neighbor
RouterB#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.5.202.206 1 FULL/DROTHER 00:00:33 206.202.0.3 Ethernet0
1.10.202.206 1 FULL/BDR 00:00:32 206.202.0.4 Ethernet0
1.0.202.206 1 2WAY/DROTHER 00:00:30 206.202.0.1 Ethernet0
1.2.202.206 1 FULL/ - 00:00:32 206.202.1.2 Serial0
Should know answers to these questions (review):
What is RouterB's role on network 206.202.0.0/24?
What does this output tell you about the Router with ID
1.0.202.206?
Can you explain the output showing Router ID 1.2.202.206?
Drill down using command: show ip ospf neighbor detail
12 12 12 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
debug commands
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
13 13 13 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recognized OSPF Network Types
Network Type Elect DR/BDR OSPF Traffic
Broadcast (multi-access) Yes multicast
Point-to-point No multicast
NBMA (assumes full-mesh) Yes unicast
Point-to-multipoint No multicast
14 14 14 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
A
C B
OSPF Requires the SPF Algorithm
OSPF relies on the Shortest Path First (SPF) algorithm to
calculate best paths.
What other protocol also uses SPF to calculate best path?
(Hint: Think of Layer 2.)
In order for SPF to be usable, the topology must be represented
as a tree, comprised of nodes and edges ONLY a collection of
devices and the point-to-point links interconnecting them. In
particular, multi-access segments such as Ethernet do NOT
satisfy this model.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
15 15 15 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
A
C B
Concept of Pseudonode
To emulate a tree topology, multi-access segments in OSPF are
represented using a Designated Router (DR). The DR acts as a
pseudonode logically connected to each device on that
segment, via a dedicated point-to-point link.
A
C B
DR
For the purpose of SPF calculations, any traffic traversing the
multi-access segment is imputed to be routed
to the DR at full link cost, then
to its intended destination at zero cost.
16 16 16 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Problems with OSPF Over NBMA
Non-Broadcast, because a broadcast
packet sent onto the subnet may not
be propagated to all nodes. (Why?)
Multi-Access, so OSPF must hold
DR/BDR elections but, neighbours
may not automatically discover all
others on the subnet & choice of
DR/BDR are critical. (Why?)
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
17 17 17 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF over NBMA Topology Modes of
Operation
RFC 2328-compliant modes are as follows:
Nonbroadcast (NBMA)
Point-to-multipoint (with broadcast support)
Additional modes from Cisco are as follows:
Point-to-multipoint non-broadcast
Broadcast
Point-to-point
ip ospf network [{broadcast | non-broadcast | point-to-
multipoint [non-broadcast] | point-to-point}]
This interface command defines OSPF network type.
Router(config-if)#
18 18 18 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
1. RFC-compliant NBMA Mode
for flooding, unicast LSU's are
replicated for each PVC
less overhead than point-to-
multipoint
one IP subnet
reachable neighbours must be
manually configured
DR (and BDR) are elected
full-mesh is assumed; if NOT,
force DR/BDR elections using
priority settings (How?)
RTB(config-if)#ip ospf network non-broadcast
--------
RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0
RTB(config-router)#neighbor 3.1.1.1
RTB(config-router)#neighbor 3.1.1.3
Configure similarly at each router:
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
19 19 19 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The neighbor command options
Option Description
pr i or i t y number
Specifies the neighbors priority. Default is zero,
which means neighbor can never be DR.
pol l - i nt er val
number
Neighbor-specific Hello interval in seconds.
cost number
Assigns a cost to the neighbor from 1 to 65535.
Neighbors with no specific cost configured will
assume the cost of the interface, based on the ip
ospf cost command. (Not used with NBMA mode)
dat abase- f i l t er al l Stops LSAs from being sent to this neighbor.
neighbor ip-address [priority number] [poll-interval
number] [cost number] [database-filter all]
Router(config-router)#
20 20 20 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
2. RFC-compliant Point-to-Multipoint Mode
applicable to partial-mesh
topologies, where media
supports broadcasts
any frame relay map command
must specify "broadcast" opt.
one IP subnet
automatic neighbour discovery
via multicast OSPF hellos
DR and BDR not required
each router-to-router
connection is treated as a
point-to-point link
RTB(config-if)#ip ospf network point-to-multipoint
--------
RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0
Configure similarly at each router:
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
21 21 21 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
3. Ciscos Point-to-Multipoint Non-broadcast Mode
RTB(config-if)#ip ospf network point-to-multipoint non-broadcast
--------
RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0
RTB(config-router)#neighbor 3.1.1.1 cost 10
RTB(config-router)#neighbor 3.1.1.3 cost 20
Cisco extension to RFC, applicable
to partial-mesh topologies over
media with no broadcast support
one IP subnet
must statically define reachable
neighbours
no broadcasts, so no automatic
neighbour discovery
DR and BDR are not elected
modify link metric to different
neighbours, as needed
Configure similarly at each router:
22 22 22 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
4. Ciscos Broadcast Mode
Cisco extension, applicable to
media with broadcast support
any frame relay map
command must specify
"broadcast" option
One IP subnet
automatic neighbour
discovery via multicast OSPF
hellos
DR and BDR are elected
if topology is NOT full-mesh,
force DR/BDR elections
using priority settings
RTB(config-if)#ip ospf network broadcast
--------
RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0
Configure similarly at each router:
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
23 23 23 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
useful for full- or partial-mesh
each subinterface pair is a
separate IP subnet
same properties as any
physical point-to-point
interface
no DR or BDR election
point-to-point, so no need to set
ip ospf network type
RTB(config)#interface serial 0/0.1 point-to-point
RTB(config-subif)#ip address 3.1.1.2 255.255.255.0
RTB(config-subif)#interface serial 0/0.2 point-to-point
RTB(config-subif)#ip address 4.1.1.2 255.255.255.0
--------
RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0
RTB(config-router)#network 4.1.1.0 0.0.0.255 area 0
5. Ciscos Point-to-Point mode
No special configuration at spoke routers
24 24 24 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Summary - OSPF over NBMA Topologies
4.
1.
2.
3.
5.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
25 25 25 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Packet Types
OSPF Type-2 (DBD)
OSPF Type-3 (LSR)
OSPF Type-4 (LSU)
OSPF Type-5 (LSAck)
26 26 26 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Packets
IP Header
(protocol 89)
IP Payload
OSPF Packet (types 1 to 5)
OSPF Header
(24 octets)
OSPF Payload (specific to packet type)
LSA LSA LSA LSA
Packet Type 4
LSU Payload
LSA Header
(20 octets)
LSA Data
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
14F NET3008 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925)
bi t degr ee.c a
Multi-area OSPF
28 28 28 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Creating Multiple OSPF Areas
Rough rule: no more than 50
routers in a single OSPF area.
Each area is represented by
a 32-bit integer value.
There must be an Area 0
(backbone or transit area).
Backbone area summarizes
topography of each regular
area to every other area.
All areas must connect
"directly" to Area 0. Regular
(i.e. non-zero) areas do NOT
exchange updates directly.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
29 29 29 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Multi-area
Router Types
Internal: Routers with all their interfaces within the same area
Backbone: Routers with at least one interface in area 0
ABR: (Area Border Router): Routers with interfaces attached to multiple
areas.
ASBR: (Autonomous System Boundary Router): Routers that have at
least one interface connected to an external internetwork (where
external means anything outside this OSPF routing domain)
ABR
router ospf 1
network 11.1.1.0 0.0.0.3 area 0
network 11.1.1.4 0.0.0.3 area 0
network 10.1.1.0 0.0.0.3 area 1
n.b. Area numbers can also
be represented in the form of
four dotted-decimal values,
visually like an IP address.
30 30 30 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
These LSAs are confined to the area of the router that originated them.
Flapping routes or other instabilities can cause routers to constantly
recalculate SPF algorithm (n.b. timers below default to 5 and 10 secs).
- r out er ) #timers spf spf-delay spf-holdtime
Routers in other areas do not have to perform an SPF recalculation
when a router or network is added or deleted in another area.
More Scalable!
LSU Traffic & SPF Recalc'ns
LSUs containing LSA types
1 & 2 are flooded
throughout an area to
maintain link-state
databases and routing
tables. Having multiple
areas localizes this traffic.
(more on LSA types later)
Why Separate
Areas?
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
31 31 31 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ABR( - r out er ) #area from-area-id range network-address subnet-mask
router ospf 1
network 11.1.1.0 0.0.0.3 area 0
network 11.1.1.4 0.0.0.3 area 0
network 10.1.1.0 0.0.0.3 area 1
area 1 range 10.0.0.0 255.0.0.0
Higher Efficiency
Hierarchy using special areas
means smaller tables.
Route summarization at ABRs
keep routing tables smaller.
(no automatic summarization)
Assume Area 1 has several
10.x.x.0/24 subnets and we
want to summarize them
before advertising into Area 0.
10.x.x.0/24
subnets
10.0.0.0/8
summary
Why Separate
Areas? (cont'd)
More Scalable!
32 32 32 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
router ospf process-id [vrf vpn-name]
Router(config)#
Enable one or more OSPF routing processes.
To Configure Basic OSPF
network ip-address wildcard-mask area area-id
Router(config-router)#
Define the interfaces that OSPF will run on.
Router(config-if)#
ip ospf process-id area area-id [secondaries none]
Optional method to enable OSPF explicitly on an
interface deployed on IOS 12.3(11)T.
takes precedence over any network command
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
33 33 33 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Configured at an Interface
<Out put Omi t t ed>
interface FastEthernet0/0
ip address 10.64.0.2 255.255.255.0
interface Serial0/0/1
ip address 10.2.1.2 255.255.255.0
ip ospf 50 area 1
<Out put Omi t t ed>
router ospf 50
network 10.64.0.2. 0.0.0.0 area 0
<Out put Omi t t ed>
interface FastEthernet0/0
ip address 10.64.0.1 255.255.255.0
<Out put Omi t t ed>
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
34 34 34 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
passive-interface type number [default] router configuration command
OSPF is prevented from sending any payloads out a passive interface.
In particular, no Hellos will be sent and consequently, no neighbours will be
recognized through any passive interface, meaning OSPF routing information
will neither be sent nor received through it.
If the configured IP on a passive interface is included in a network statement, it
will be advertised to OSPF neighbours as a stub network. (Not a stub area!)
OSPF Passive
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
35 35 35 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Router R1 has three passive interfaces acting as stub networks.
No Hellos are sourced/received through interfaces E0, E1 & E2 and
therefore, no neighbouring can occur via these interfaces.
However, since their IPs are included in an OSPF network statement, they
will be advertised by R1 into Area 1 as stub networks.
Serial0/0/1 on R1 is excluded from being passive and therefore eligible to
form an adjacency with R2 sending/receiving LSAs, etc.
For Router R2, Ethernet0 is explicitly configured passive.
Again, its IP is included in an OSPF network statement and so, will be
advertised by R2 into Area 1 as a stub network.
Passive Example
36 36 36 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Sequence Numbering
OSPF floods each LSA every 30 minutes (LSRefreshTime) to
maintain proper database synchronization. Each time the
LSA is flooded, its sequence number is incremented.
OSPF uses 32-bit signed sequence values, with a "lollipop"
numbering scheme, such that:
the value 0x80000000 (-2,147,483,648) is not used
each sequence number begins at 0x80000001 (-2,147,483,647),
continues through zero, and ends with 0x7FFFFFFF (2,147,483,647)
Once a sequence number reaches its wraparound value,
0x7FFFFFFF, the LSA is prematurely aged to MaxAge (3600
seconds, or 1 hour) and flushed.
this is necessary because a router encountering two instances of an
LSA, will always interpret the LSA having the higher sequence
number to be the most up-to-date
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
37 37 37 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
RTC#show ip ospf database
OSPF Router with ID (192.168.1.253) (Process ID 3)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
192.168.1.249 192.168.1.249 106 0x80000006 0x00D3B1 5
192.168.1.253 192.168.1.253 58 0x80000007 0x009D92 5
RTC#show ip ospf database
OSPF Router with ID (192.168.1.253) (Process ID 3)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
192.168.1.249 192.168.1.249 1705 0x80000005 0x00D5B0 5
192.168.1.253 192.168.1.253 1578 0x80000006 0x009F91 5
Verifying LSA Age and Sequence Number
In the first output below, notice the age timer will expire
sometime after 1800 seconds or 30 minutes.
A few minutes later, the router has received an LSU for both
links. Note the refreshed age timer and incremented
sequence number.
38 38 38 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Packet Types
OSPF LSUs transport different LSA types:
OSPF LSA Types
** A single LSU may
be used to transport
multiple LSAs
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
39 39 39 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Link-State Data Structures: LSA Operation
40 40 40 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF LSDB Overload Protection
Excessive LSAs generated by other routers can
drain local router resources.
Generally available with IOS 12.3(7)T, this feature
can limit the processing of non-self-generated
LSAs for a defined OSPF process.
max-lsa maximum-number [threshold-percentage] [warning-
only] [ignore-time mi nut es] [ignore-count count-number]
[reset-time minutes]
Router(config-router)#
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
41 41 41 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The max-lsa Parameters
Parameter Description
maximum-number
Maximum number of non-self-generated LSAs that the OSPF process can keep
in the OSPF LSDB.
threshold-
percentage
(Optional) The percentage of the maximum LSA number, as specified by the
maximum-number argument, at which a warning message is logged. The
default is 75 percent.
warning-only
(Optional) Specifies that only a warning message is sent when the maximum
limit for LSAs is exceeded; the OSPF process never enters ignore state.
Disabled by default.
i gnor e- t i me
minutes
(Optional) Specifies the time to ignore all neighbors after the maximum limit of
LSAs has been exceeded. The default is 5 minutes.
i gnor e- count
count-number
(Optional) Specifies the number of consecutive times that the OSPF process
can be placed into the ignore state. The default is five times.
r eset - t i me
minutes
(Optional) Specifies the time, in minutes, after which the ignore count is reset
to 0. The default is 10 minutes.
max-lsa maximum-number [threshold-percentage] [warning-only] [ignore-time
mi nut es] [ignore-count count-number] [reset-time minutes]
Router(config-router)#
42 42 42 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 1
Router LSA, giving:
the router's links (interfaces)
detailed info on each link including cost, network prefix
and length, OSPF neighbour (if any), etc (next slide)
Note: each host route is advertised as a stub network
(OSPF treats loopbacks as host routes)
Originated from each router and flooded only
within its native area
contributes to routes marked "O" or "C"
an ABR will have a set of type 1 LSAs for each
area to which it belongs
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
43 43 43 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 1 - Packet Contents
LSA Header
(20 octets)
LSA Data
Age Options Type=1
Link State ID (same as Advertising Router)
Advertising Router
Sequence Number
Checksum Length
00000 V E B 0x00 Number of Link Descriptors
one per link, or
2 descriptors for
each serial link
Link ID
Link Data
Link Type 0x00 (No. of TOS) Metric
4-byte info
header
specific to
LSA type 1
12-byte link
descriptor
(for non-Cisco implementations, based on a non-zero No. of TOS value,
up to four 32-bit TOS metric fields may follow each 12-byte descriptor)
44 44 44 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 1 Payload
Link
Type
Description Link ID Link Data
1
Point-to-point connection to
another router
Neighbouring router ID IP addr of originating router
2
Connection to a transit
network
IP address of DR IP addr of originating router
3
Connection to a stub
network
IP network/subnet addr
Network IP addr or subnet
mask
4
Virtual link Neighbouring router ID
SNMP MIB-II ifIndex value of
originating router
The data specific to an LSA type 1 consists of a 4-byte
information header, followed by one* descriptor for each link
directly attached to the advertising router.
*two for each serial link a link type 1 and type 3
Every link descriptor (one of 4 types as shown), includes the
Link ID and Link Data given in the table below:
(NOT the Link State ID)
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
45 45 45 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 1 Header Flags
The three flag bits in the 4-byte LSA Type 1 information
header are interpreted as follows:
V bit is set when originator is an endpoint of a
Virtual Link
E bit is set when originator connects to an External
network (is an ASBR)
B bit is set when originator is a Border router (is an
ABR)
46 46 46 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
LSA 1s being
originated within
Area 1
LSA 1
LSA 1
LSA 1*
LSA 1 - Origination
* if an OSPF neighbour existed
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
47 47 47 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
LSA 1
originated
LSA 1s are flooded out
other interfaces within
the same area.
LSA 1*
flooded
LSA 1 - Flooding
* if an OSPF neighbour existed
48 48 48 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
For Router Links (LSA1s):
The Link ID is always the same as the Advertising Router
Advertising Router is the Router ID of the router that created this LSA 1
show ip ospf database command should display one entry for each
router (Router ID) in that area (including its own)
Link count Note that each serial link counts as 2 (pt-to-pt link type 1
+ stub network link type 3); all others count as 1
Internal#show i p ospf dat a
OSPF Router with ID (192.168.4.1) (Process ID 1)
Rout er Li nk St at es ( Ar ea 1) <- Note the Area!
( LSA 1 - Links in the area to which this router belongs.)
Link ID ADV Router Age Seq# Checksum Link count
192.168.3.1 192.168.3.1 898 0x80000003 0xCE56 2
192.168.4.1 192.168.4.1 937 0x80000003 0xFD44 3
sh ip ospf database router [router_id]
LSA 1 - sh ip ospf database
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
49 49 49 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Detail of LSA 1 for Serial Link
Type 1
Type 3
In the LSA 1, a single serial
link is represented by two
Link Descriptors
50 50 50 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 2
Network LSA, giving:
IP address of originating DR
network mask
router IDs of all routers adjacent to the DR,
including itself
Describes each multi-access network as a
"pseudonode"
Originated from the DR on each multi-access
network and flooded only within its native area
contributes to routes marked "O" or "C"
an ABR will have a set of type 2 LSAs for each
area to which it belongs
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
51 51 51 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
LSA 2 originated
No LSA 2s originated on multi-access
segments by ABR-1 in Area 51, or
Internal in Area 1 because lack of a
neighbour makes them stub networks
(no DR role required).
(DR)
DR
LSA 2*
LSA 2 Example (in Area 0)
LSA 2*
(DR)
LSA 2*
* if multi-access segment was not a Stub network
52 52 52 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR#show i p ospf dat a
OSPF Rout er wi t h I D ( 192. 168. 1. 1) ( Pr ocess I D 1)
<out put omi t t ed>
Net Link States (Area 0)
(LSA 2 - Generated by the DR)
Li nk I D ADV Rout er Age Seq# Checksum
172. 16. 1. 2 192. 168. 2. 1 201 0x8000000D 0xCFE8
Link ID 172.16.1.2 = IP address of DR on MultiAccess Network
ADV Router 192.168.2.1 = Router ID of DR
show ip ospf database command should display one entry for
each multi-access segment in that area, listing the DR and its IP
address.
sh ip ospf database network [DR_ip_addr]
LSA 2 - sh ip ospf database
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
53 53 53 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 3
Network Summary LSA, giving:
network address, mask & path cost
Originated from an ABR
into the backbone: advertising a network in its area
into its own area: advertising a network within another area
(learned from Area 0), to its internal routers (TSA is an
exception more later); this includes default routes
contributes to routes marked "IA"
when an ABR has multiple routes to a destination network,
the single lowest cost path is advertised in an LSA 3
recipient of an LSA 3 simply adopts the route, adding its
own cost to the LSA originator No SPF calculation is done!
an ABR will have a set of type 3 LSAs for each area to
which it belongs, for reachability to inter-area destinations
(those native to OSPF, but outside that specific area)
54 54 54 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
LSA 1s are sent as
LSA 3s into other
areas by the ABRs.
LSA 1
LSA 1
LSA 1*
LSA 3
LSA 3
LSA 3
LSA 3*
LSA 1*
LSA 3
LSA 3
LSA 3 - Example
LSA 3
* if an OSPF neighbour existed
LSA 3*
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
55 55 55 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The Role of the Backbone
ABRs calculate intra-area routes for directly attached
areas (from LSA types 1 & 2) and announce them to all
other areas as inter-area routes, using LSA 3s.
ABRs will only inject inter-area routes into a regular area
if they were learned from area 0 (the backbone).
The backbone area serves as a repository for inter-area
routes.
This is why every area must be directly connected to the
backbone area.
This guards against routing loops in OSPF.
56 56 56 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR# show i p ospf dat abase
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
(Area 1 networks - Advertising Router ABR-2)
172.16.10.4 192.168.3.1 278 0x80000001 0xD126
172.16.20.0 192.168.3.1 278 0x80000001 0xA746
(Area 51 networks - Advertising Router ABR-1)
172.16.51.1 192.168.2.1 206 0x80000005 0xA832
Link ID = IP network address of a network in another OSPF area
ADV Router = ABR Router ID sending the LSA-3
Should see networks in other areas and the ABR advertising that route.
sh ip ospf database summary [network_address]
LSA 3 - sh ip ospf database
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
57 57 57 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR# show i p r out e
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O I A 172. 16. 51. 1/ 32 [ 110/ 2] vi a 172. 16. 1. 2, 00: 02: 54, Fast Et her net 0/ 0
O I A 172. 16. 20. 0/ 24 [ 110/ 783] vi a 172. 16. 1. 3, 00: 02: 54, Fast Et her net 0/ 0
O I A 172. 16. 10. 4/ 30 [ 110/ 782] vi a 172. 16. 1. 3, 00: 02: 54, Fast Et her net 0/ 0
C 172.16.1.0/24 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.0.0 is directly connected, FastEthernet0/1
S 11.0.0.0/8 is directly connected, Null0
S 12.0.0.0/8 is directly connected, Null0
192.168.1.0/32 is subnetted, 1 subnets
C 192.168.1.1 is directly connected, Loopback0
S 13.0.0.0/8 is directly connected, Null0
Routes learned via LSA type 3s are denoted by an IA (Inter-Area
Routes) in the routing table.
LSA 3 Routing Table
58 58 58 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA 3 View at Non-Area 0 Router
I nt er nal # show i p ospf dat abase
(Area 51 networks - Advertising Router ABR-2)
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.1.0 192.168.3.1 848 0x80000005 0xD339
172.16.51.1 192.168.3.1 843 0x80000001 0xB329
I nt er nal # show i p r out e
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O I A 172. 16. 51. 1/ 32 [ 110/ 783] vi a 172. 16. 10. 5, 00: 13: 48, Ser i al 0
C 172.16.20.0/24 is directly connected, FastEthernet0
C 172.16.10.4/30 is directly connected, Serial0
O I A 172. 16. 1. 0/ 24 [ 110/ 782] vi a 172. 16. 10. 5, 00: 13: 53, Ser i al 0
192.168.4.0/32 is subnetted, 1 subnets
C 192.168.4.1 is directly connected, Loopback0
O E2 11.0.0.0/8 [110/20] via 172.16.10.5, 00:14:41, Serial0
O E2 12.0.0.0/8 [110/20] via 172.16.10.5, 00:14:41, Serial0
O E2 13.0.0.0/8 [110/20] via 172.16.10.5, 00:14:42, Serial0
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
59 59 59 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Redistribution at an ASBR
routes from other sources can be redistributed
(i.e. imported) into an OSPF process
such routes are classified external: E1 or E2
E1 cost to destination network from any router R is
deemed to be that advertised by the ASBR, plus the
cost from R to the ASBR
E2 (is the default) cost to destination network from
any router R is deemed to be that originally
advertised by the ASBR, irrespective of where R is
located within the OSPF routing domain
For multiple OSPF routes of the same specificity,
regardless of metric, selection preference is:
Intra-area (O), Inter-area (IA), Type 1 (E1/N1), Type 2 (E2/N2)
60 60 60 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 4
ASBR Summary LSA, giving:
Router ID of ASBR & path cost
identical to LSA 3s, except that mask value is 0
from an E-flagged Type 1 flooded by an ASBR in its
own area, an ABR originates this into the backbone
to advertise reachability to that ASBR
all other ABRs learn this as it is flooded
throughout the backbone
ABRs of normal areas will propagate this to their
internal routers (more on this later)
informs an internal router about an ASBR outside
its native area
contributes to routes marked "E1" and "E2"
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
61 61 61 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA 4 - sh ip ospf database
ABR-2# show ip ospf database
Summary ASB Link States (Area 1)
(LSA 4 - Reachability to ASBR. )
Link ID ADV Router Age Seq# Checksum
192.168.1.1 192.168.3.1 801 0x80000003 0x93CC
Link ID 192.168.1.1 = Router ID of ASBR
ADV Router 192.168.3.1 = Router ID ABR advertising route
Routers not in ASBR's area, should see Router ID of ASBR and its
ABR to get there. What about routers native to the ASBRs area?
sh ip ospf database asbr-summary [router_id]
62 62 62 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA Type 5
(AS) External LSA, giving:
network address, mask & path cost
external route tag (not used by OSPF, but can be
referenced in a route map later in CCNP1)
forwarding address (or 0.0.0.0 if ASBR should be
the forwarding target)
Originated from an ASBR advertising reachability
to a destination (or default route) external to OSPF
flooded throughout the backbone to all ABRs
ABRs of normal areas will propagate this to their
internal routers (more on this later)
contributes to routes marked "E1" and "E2"
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
63 63 63 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
LSA 5 - sh ip ospf database
ABR- 2# show i p ospf dat abase
AS External Link States <- Note, NO Area!
(LSA 5 - External Networks originated by the ASBR,
Flooded throughout A.S. except to Stub and Totally Stubby)
Li nk I D ADV Rout er Age Seq# ChecksumTag
11. 0. 0. 0 192. 168. 1. 1 1191 0x80000001 0x3FEA 0
12. 0. 0. 0 192. 168. 1. 1 1191 0x80000001 0x32F6 0
13. 0. 0. 0 192. 168. 1. 1 1191 0x80000001 0x2503 0
Link ID = External Network
ADV Router = Router ID of ASBR
Note: Display only shows one set of AS External Link States, not one per
area.
All Routers should see External networks and the Router ID of ASBR to get
there.
sh ip ospf database external [network_address]
64 64 64 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
LSA 4 & 5*
LSA 4 & 5
LSA 4 & 5
LSA 4 & 5*
LSA 1e (EX flagged) & 5s flooded
LSA 1e & 5
The ASBR is the redistribution point of non-OSPF routes into OSPF.
LSA 5's are originated by the ASBR to advertise External reachability.
LSA 4s (from EX flagged LSA 1s) give the ASBR IA reachability.
LSA 4 & 5 - Example
* if an OSPF neighbour existed
LSA 1e & 5
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
65 65 65 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR Redistribution Example
ASBR( conf i g) # i p r out e 11. 0. 0. 0 255. 0. 0. 0 10. 1. 0. 2
ASBR( conf i g) # i p r out e 12. 0. 0. 0 255. 0. 0. 0 10. 1. 0. 2
ASBR( conf i g) # i p r out e 13. 0. 0. 0 255. 0. 0. 0 10. 1. 0. 2
ASBR( conf i g) # r out er ospf 1
ASBR( conf i g- r out er ) # net wor k 172. 16. 1. 0 0. 0. 0. 255 ar ea 0
ASBR( conf i g- r out er ) # r edi st r i but e st at i c
default metric is 20 for OSPF if none is otherwise specified
metric-type is 2 by default, resulting in an E2 route
Internal# show ip route
172. 16. 0. 0/ 16 i s var i abl y subnet t ed, 4 subnet s, 3 masks
O I A 172. 16. 51. 1/ 32 [ 110/ 783] vi a 172. 16. 10. 5, 00: 13: 48, Ser i al 0
C 172. 16. 20. 0/ 24 i s di r ect l y connect ed, Fast Et her net 0
C 172. 16. 10. 4/ 30 i s di r ect l y connect ed, Ser i al 0
O I A 172. 16. 1. 0/ 24 [ 110/ 782] vi a 172. 16. 10. 5, 00: 13: 53, Ser i al 0
192. 168. 4. 0/ 32 i s subnet t ed, 1 subnet s
C 192. 168. 4. 1 i s di r ect l y connect ed, Loopback0
O E2 11.0.0.0/8 [110/20] via 172.16.10.5, 00:14:41, Serial0
O E2 12.0.0.0/8 [110/20] via 172.16.10.5, 00:14:41, Serial0
O E2 13.0.0.0/8 [110/20] via 172.16.10.5, 00:14:42, Serial0
66 66 66 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Memory Aid for LSA Types
Type 1 Router LSA
"Me" (lookin' out for #1)
Type 2 Network LSA
from DR (2 letters)
Type 3 Network Summary LSA
from ABR (3 letters)
Type 4 ASBR Summary LSA
from ASBR (4 letters)
Type 5 AS External LSA
network beyond ASBR (1 past 4)
Type 7 NSSA AS External LSA
ext network in NSSA (NSSA-EXT, 7 letters)
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
67 67 67 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recap - LSA Type 1: Router LSA
One router LSA (type 1) for every router in an area:
Includes list of directly attached links
Identified by the router ID of the originating router
Floods within its area only; does not cross ABR
68 68 68 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recap - LSA Type 2: Network LSA
Advertised by the DR of the broadcast network
Floods within its area only; does not cross
ABR
Link-state ID is the DR
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
69 69 69 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recap - LSA Type 3: Summary LSA
Advertised by the ABR of originating area.
Regenerated by subsequent ABRs to flood throughout
the autonomous system.
By default, routes are not summarized, and type 3 LSA
is individually advertised for every network.
Link-state ID is the network or subnet advertised in the
summary LSA
70 70 70 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recap - LSA Type 4: Summary LSA
Summary (type 4) LSAs are used to advertise a gateway to an
external network (i.e. an ASBR), throughout the AS.
They are generated by the ABR of the originating area.
They are regenerated by all subsequent ABRs to flood
throughout the autonomous system.
Link-state ID is the router ID of the ASBR.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
71 71 71 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Recap - LSA Type 5: External LSA
External (type 5) LSAs are used to advertise
networks from other autonomous systems.
Type 5 LSAs are advertised and owned by the
originating ASBR.
The Link-state ID is the external network number.
72 72 72 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Additional LSA Types
6: Group Membership LSA used by Multicast
OSPF; not supported by Cisco
7: NSSA External LSA (coming)
8: External Attributes LSA proposed for running
BGP across an OSPF domain
(not implemented by Cisco)
The remainder are called Opaque LSAs and
provide for extensibility (to carry new link-state
information, or to deliver other data throughout
the OSPF domain):
9: link-local scope
10: area-local scope
11: propagated to entire OSPF domain (AS scope)
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
73 73 73 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Inter-area Summarization
Auto summary does NOT apply to OSPF!!
Manual route summarization can be used to consolidate
advertised addresses, but ONLY at ABRs.
If the network numbers in an area are assigned appropriately,
you can advertise a small number of summary routes (perhaps
as few as one) into the backbone that provide full reachability to
all networks within that area.
To create a summary route from an area before it is injected
into the backbone, configure the ABR as follows:
Router(config-router)#
area from-area-id range network-prefix subnet-mask
Prior to IOS 12.1(6), no summary discard was generated
Emulate this behaviour in later IOS versions using:
-router)# no discard route {internal | external}
74 74 74 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
When redistributing routes from other protocols into
OSPF, each route is advertised in a separate type 5 LSA.
However, you can configure the Cisco IOS software to
advertise a single route for all the redistributed routes
that are covered by a specified network address and
mask.
Doing so helps decrease the size of the OSPF link state
database.
To summarize external routes before injecting them into the
OSPF domain, configure the following on the ASBR only:
. . . - r out er ) # summary-address network-prefix subnet-mask
External Route Summarization
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
75 75 75 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Special OSPF
Area Types
Stub Area:
Only sees routes in its own AS (does not accept type 4 or 5 - external LSAs).
A default route pointing to the ABR is automatically propagated in the area.
Totally Stubby Area (Cisco enhancement):
Only sees routes in its own area (does not accept type 3, 4 or 5 LSAs).
A default route pointing to the ABR is automatically propagated in the area.
BUT, must still handle default traffic at ABR. That is, internal
routers have a default route drawing traffic to ABR, but still
need a default route at the ABR, pointing somewhere!!
Smaller Tables:
Non-zero areas can be
defined as stub and totally
stubby to achieve
condensed link-state DBs
and routing tables.
ABR ABR
76 76 76 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Stub Areas
Considerations for both Stub and Totally Stubby Areas
An area could be qualified a stub when:
There is a single exit point (a single ABR) from that area.
More than one ABR can be used, but be ready to accept
non-optimal routing paths.
If routing to outside of the area does not have to take an
optimal path.
The area is not needed as a transit area for virtual links
(later).
The ASBR is not within the stub area
The area is not the backbone area (area 0)
Stub areas will result in memory and processing savings
depending upon the size of the network.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
77 77 77 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Stub Area
78 78 78 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Receives all routes from within AS:
Within the local area - LSA 1s and LSA 2s (if appropriate)
From other areas (Inter-Area) - LSA 3s
Does not receive routes from External AS (External Routes).
ABR:
ABR blocks all LSA 4s and LSA 5s.
If LSA 5s are not known inside an area, LSA 4s are not necessary.
LSA 3s are propagated by the ABR.
Note: Default route is automatically injected into stub area by ABR
That is, the ABR draws default traffic to itself. Therefore, the ABR
must have a default route to direct that traffic, either statically set, or
propagated via default-information-originate.
Configuration:
All routers in the area must be configured as stub
Stub Areas
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
79 79 79 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ABR- 2
r out er ospf 1
net wor k 172. 16. 1. 0 0. 0. 0. 255 ar ea 0
net wor k 172. 16. 10. 4 0. 0. 0. 3 ar ea 1
ar ea 1 st ub << Command: ar ea area-id st ub
I nt er nal
r out er ospf 1
net wor k 172. 16. 0. 0 0. 0. 255. 255 ar ea 1
ar ea 1 st ub << Command: ar ea area-id st ub
Stub Areas
All routers in the area must be configured as stub
including the ABR
80 80 80 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Stub Area
LSA 4
LSA 4
X Blocked
LSA 5
Blocked X
LSA 5
LSA 3
LSA 3
Area 1
LSA 3s (Inter-Area routes) are propagated by the ABR.
ABR blocks all LSA 4s (reachability to ASBR) and LSA 5s (External routes)
The ABR injects a default route into the stub area, pointing to the ABR. (This
does not mean the ABR has a default route of its own.)
Essentially, internal routers in a Stub Area only see Inter-Area OSPF routes
and the default route to the ABR No External routes.
Default
route to
ABR
injected
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
81 81 81 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Stub Area
LSA 4
LSA 4
X Blocked
LSA 5
Blocked X
LSA 5
LSA 3
LSA 3
Default
route to
ABR
injected
Changes in External routes no longer affect Stub Area routing tables.
82 82 82 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
I nt er nal # show i p ospf dat abase
Summary Net Link States (Area 1)
(LSA 3 - Generated by the ABR.
Describes links between ABR and Internal Routers of the Local Area)
Link ID ADV Router Age Seq# Checksum
Default Route Advertised by ABR-1
0.0.0.0 192.168.3.1 243 0x80000001 0x8A46
Area 0 networks - Advertised by ABR-1
172.16.1.0 192.168.3.1 243 0x80000006 0xEF1E
Area 51 networks - Advertised by ABR-1
172.16.51.1 192.168.3.1 243 0x80000002 0xCF0E
Notice that there are no LSA 4s or LSA 5s for stub area routers.
Default Route injected by ABR (LSA 3)
Stub Areas
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
83 83 83 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
I nt er nal # show i p r out e
Gat eway of l ast r esor t i s 172. 16. 10. 5 t o net wor k 0. 0. 0. 0
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O IA 172.16.51.1/32 [110/783] via 172.16.10.5, 00:03:08, Serial0
C 172.16.20.0/24 is directly connected, FastEthernet0
C 172.16.10.4/30 is directly connected, Serial0
O IA 172.16.1.0/24 [110/782] via 172.16.10.5, 00:03:08, Serial0
192.168.4.0/32 is subnetted, 1 subnets
C 192.168.4.1 is directly connected, Loopback0
O*I A 0. 0. 0. 0/ 0 [ 110/ 782] vi a 172. 16. 10. 5, 00: 03: 08, Ser i al 0
Stub Areas
Cost on default route: -router)# area area-id stub [default-cost cost]
ABR will advertise the default route with a default cost of 1
Using bandwidth of 128K, cost is: 782 = (100,000,000/128,000) + 1
If cost is 65 = 1 + 64 (that of a full T1 serial link)
84 84 84 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ABR- 2# show i p r out e
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O IA 172.16.51.1/32 [110/2] via 172.16.1.2, 00:01:59,FastEthernet0
O 172.16.20.0/24 [110/782] via 172.16.10.6, 00:01:59, Serial0
C 172.16.10.4/30 is directly connected, Serial0
C 172.16.1.0/24 is directly connected, FastEthernet0
O E2 11.0.0.0/8 [110/20] via 172.16.1.1, 00:01:59, FastEthernet0
O E2 12.0.0.0/8 [110/20] via 172.16.1.1, 00:01:59, FastEthernet0
O E2 13.0.0.0/8 [110/20] via 172.16.1.1, 00:01:59, FastEthernet0
192.168.3.0/32 is subnetted, 1 subnets
C 192.168.3.1 is directly connected, Loopback1
Stub Areas
Notice, there is no automatic default route on the ABR, even though it
propagates a default to the internal routers inside the stub area.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
85 85 85 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Totally Stubby Areas
Cisco proprietary, however the RFC does make provision for
this as an optional feature.
Same considerations as with Stub areas:
An area could be qualified a stub when there is a single exit
point (a single ABR) from that area or if routing to outside of
the area does not have to take an optimal path.
The area is not needed as a transit area for virtual links
(later).
There is no ASBR within the stub area.
The area is not the backbone (i.e. NOT Area 0).
Whereas Stub areas will result in memory and processing
savings depending upon the size of the network, this is even
more true with Totally Stubby areas.
86 86 86 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Totally Stubby Area
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
87 87 87 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Receives routes from within A.S.:
Only from within the local area - LSA 1s and LSA 2s (if appropriate)
Does not receive routes from other areas (Inter-Area) - LSA 3s
Does not receive routes from External A.S. (External Routes)
ABR:
ABR blocks all LSA 4s and LSA 5s.
ABR blocks all LSA 3s, except propagating a default route.
Default route is injected into totally stubby area by ABR.
Configuring:
All area routers must be configured as stub
ABR must be configured as stub no-summary
Totally Stubby Areas
88 88 88 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ABR- 2
r out er ospf 1
net wor k 172. 16. 1. 0 0. 0. 0. 255 ar ea 0
net wor k 172. 16. 10. 4 0. 0. 0. 3 ar ea 1
ar ea 1 st ub no- summar y
^^ Command: ar ea area-id st ub no-summary
I nt er nal
r out er ospf 1
net wor k 172. 16. 0. 0 0. 0. 255. 255 ar ea 1
ar ea 1 st ub
^^ Command: ar ea area-id st ub
Totally Stubby Areas
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
89 89 89 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Totally Stubby Area
LSA 4
LSA 4
X Blocked
LSA 5
Blocked X
LSA 5
LSA 3
LSA 3
Default
route to
ABR
injected
Area 1
X
LSA 3s (Inter-Area routes) are blocked by the ABR.
ABR blocks all LSA 4s (reachability to ASBR) and LSA 5s (External routes)
The ABR injects a default route (LSA 3) into the stub area, pointing to the ABR.
(This does not mean the ABR has a default route of its own.)
Internal routers in a Totally Stubby Area will only see a single IA route, the
default route to the ABR.
90 90 90 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR
ABR-1 ABR-2
Internal
Area 51
Area 1
Area 0
172.16.0.0/16
172.16.1.0/24
172.16.51.0/24
172.16.10.4/30
172.16.20.0/24
10.1.0.0/24
11.0.0.0/8
12.0.0.0/8
13.0.0.0/8
.1
.1
.2 .3
.5
.6
.1
Lo - RouterID
192.168.2.1/32
Lo - RouterID
192.168.1.1/32
Lo - RouterID
192.168.3.1/32
Pri 100 Pri 200
Lo - RouterID
192.168.4.1/32
Totally Stubby Area
LSA 4
LSA 4
X Blocked
LSA 5
Blocked X
LSA 5
LSA 3
LSA 3
Default
route to
ABR
injected
Area 1
X
Changes in any networks outside the Totally Stubby Area, no longer
affects the routing tables for the TSA.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
91 91 91 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
I nt er nal # show i p ospf dat abase
Summary Net Link States (Area 1)
(LSA 3 - Generated by the ABR.
Describes links between ABR and Internal Routers of the Local Area)
Link ID ADV Router Age Seq# Checksum
Default Route Advertised by ABR-2
0.0.0.0 192.168.3.1 205 0x80000003 0x8648
Default Route injected by ABR (LSA 3)
Totally Stubby Areas
Default route is injected into totally stubby area by ABR for all other networks
(inter-area and external routes)
Does not receive routes from other areas (Inter-Area)
Does not receive routes from External A.S. (External Routes)
92 92 92 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
I nt er nal # show i p r out e
Gat eway of l ast r esor t i s 172. 16. 10. 5 t o net wor k 0. 0. 0. 0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.20.0/24 is directly connected, FastEthernet0
C 172.16.10.4/30 is directly connected, Serial0
192.168.4.0/32 is subnetted, 1 subnets
C 192.168.4.1 is directly connected, Loopback0
O*I A 0. 0. 0. 0/ 0 [ 110/ 782] vi a 172. 16. 10. 5, 00: 03: 09, Ser i al 0
Default route is injected into totally stubby area by ABR for reachability to all
other networks (no inter-area and external routes)
Does not receive routes from other areas (Inter-Area)
Does not receive routes from External A.S. (External Routes)
Totally Stubby Areas
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
93 93 93 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ABR- 2# show i p r out e
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks
O IA 172.16.51.1/32 [110/2] via 172.16.1.2, 00:02:35,FastEthernet0
O 172.16.20.0/24 [110/782] via 172.16.10.6, 00:02:35, Serial0
C 172.16.10.4/30 is directly connected, Serial0
C 172.16.1.0/24 is directly connected, FastEthernet0
O E2 11.0.0.0/8 [110/20] via 172.16.1.1, 00:02:35, FastEthernet0
O E2 12.0.0.0/8 [110/20] via 172.16.1.1, 00:02:35, FastEthernet0
O E2 13.0.0.0/8 [110/20] via 172.16.1.1, 00:02:35, FastEthernet0
192.168.3.0/32 is subnetted, 1 subnets
C 192.168.3.1 is directly connected, Loopback1
Totally Stubby Areas
ABR will forward Intra-Area routes (to other areas within AS)
Notice, there is no automatic default route in the ABRs routing table
like there is with the internal area routers.
94 94 94 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The Case for NSSA (Not So Stubby Area)
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
95 95 95 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Relatively new, standards-based OSPF enhancement, RFC 1587.
NSSA allows an area to remain a stub area, but carry external
routing information (Type 7 LSAs) from its stubby end back
towards the OSPF backbone.
ASBR in NSSA injects external routing information into the
backbone and the NSSA area, but rejects external routing
information coming from the ABR.
RFC 1587: A default route must not be injected into the NSSA as
a summary (type-3) LSA as in the stub area case. That is, the
ABR does not inject a default route into the NSSA.
This allows for the possibility that default traffic will flow towards an
external route injected by the NSSA ASBR (rather than towards the
ABR, and into the OSPF routing domain).
The following scenario is only an example of how NSSA works.
For the purposes of learning about NSSAs, dont get hung up on
the whys and what ifs.
NSSA (Not So Stubby Area)
96 96 96 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
Default route via RTG
NSSA Stub Area
We would like Area 2 to be a stub network.
RTH only supports RIP, so RTG will run RIP and redistribute those routes into OSPF.
Unfortunately, this makes RTG an ASBR, and so area 2 is no longer eligible to be a
stub area.
RTH does not need to learn routes from OSPF; a default route to RTG is all it needs.
But, all OSPF routers must know about the networks behind RTH, in order to route
packets to the RIP routing domain.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
97 97 97 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA Stub Area (cont.)
A NSSA allows external routes to be advertised into the OSPF AS while
retaining the characteristics of a stub area to the rest of the OSPF domain.
The ASBR RTG will originate Type-7 LSAs to advertise the external
destinations.
These LSA 7s are flooded through the NSSA but blocked by the NSSA ABR.
The NSSA ABR translates LSA 7s into 5s, then floods them to other areas.
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
98 98 98 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Type 7 LSA NSSA External Link Entry
Originated by an ASBR connected to an NSSA.
Type 7 messages flooded throughout the NSSA are translated
into Type 5 LSAs by the ABR before being injected into Area 0.
Routes learned via Type-7 LSAs are denoted by either N1 or
N2 (default) in the routing table. (recall E1 and E2 routes?).
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
99 99 99 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA Stub Configuration
NSSA stub areas:
NSSAs that block type 4 and 5, but allow type 3.
To make a stub area into an NSSA, use the
following command under the OSPF
configuration.
This command must be configured on all routers
in area 2.
router ospf 1
ar ea 2 nssa
100 100 100 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Configured for all routers in Area 2:
r out er ospf 1
net wor k 172. 16. 2. 0 0. 0. 0. 255 ar ea 2
ar ea 2 nssa
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
NSSA Example
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
101 101 101 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
0.0.0.0/0
LSA 3s
X
RTH
routes:
E1/E2
RTH routes:N1/N2
LSA 4s & LSA 5s
X
NSSA Stub Area Routing Tables:
RTG: Area 2 routes, Area 0 routes (IA), RTH RIP routes
No 0.0.0.0/0 (IA) route from RTB (ABR)
Area 2 Internal Routers: Area 2 routes, RTH routes (N1/N2), Area 0 routes (IA)
No 0.0.0.0/0 (IA) route from RTB (ABR)
RTB: Area 2 routes, Area 0 routes, RTH routes (N1/N2), External routes if redistributed from RTA
ASBR (E1/E2)
RTA: Area 0 routes, Area 2 routes, RTH routes (E1/E2), External routes if redistributed from RTA
ASBR (E1/E2)
NSSA LSAs & Routes
102 102 102 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
There are two variants of NSSA:
Stub (NSSA)
Totally Stubby (NSSA-TSA)
Area 2 routers may or may not receive Inter-area
routes from RTA, depending upon NSSA
configuration.
NSSA areas take on the same characteristics as stub
and totally stubby areas, along with the
characteristics of NSSA areas.
NSSA Variants
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
103 103 103 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA Totally Stubby Area
NSSA totally stub areas: Allow only summary default routes and
filters everything else.
To configure an NSSA totally stub area, use the following command
under the OSPF configuration on the NSSA ABR:
router ospf 1
ar ea 2 nssa no- summar y
Configure this command on NSSA ABRs only.
All other routers in area 2 (internal area 2 routers):
router ospf 1
ar ea 2 nssa
After defining the NSSA totally stub area, area 2 has the following
characteristics (in addition to the above NSSA characteristics):
No type 3 or 4 summary LSAs are allowed in area 2. This means
no inter-area routes are allowed in area 2.
A default route is injected into the NSSA totally stub area as a
type 3 summary LSA by the ABR.
NSSA Totally Stubby
104 104 104 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
NSSA Totally Stubby Areas
0.0.0.0/0
LSA 3s
X
RTH
routes:
E1/E2
RTH routes: N1/N2
LSA 4s & LSA 5s
X
RTB ( ABR) :
r out er ospf 1
net wor k 172. 16. 1. 0 0. 0. 0. 255 ar ea 0
net wor k 172. 16. 2. 0 0. 0. 0. 255 ar ea 2 . . .
ar ea 2 nssa no- summar y
Ot her Ar ea 2 r out er s:
r out er ospf 1
net wor k 172. 16. 2. 0 0. 0. 0. 255 ar ea 2
ar ea 2 nssa
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
105 105 105 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA
Area 2
Backbone Area
Area 0
ASBR
ABR
(Possible
ASBR)
RIP
RTA RTB
RTC
RTD
RTE
RTF
RTG
RTH
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 7
LSA 5
LSA 7s
Blocked
NSSA Totally Stubby Areas
0.0.0.0/0
LSA 3s
X
RTH
routes:
E1/E2
RTH routes: N1/N2
LSA 4s & LSA 5s
X
NSSA Totally Stubby Area Routing Tables:
RTG: Area 2 routes, RTH RIP routes, 0.0.0.0/0 (IA) route from RTB (ABR)
Totally Stubby: No Area 0 routes or external routes from RTA
Area 2 Internal Routers: Area 2 routes, RTH routes (N1/N2), 0.0.0.0/0 (IA) route from RTB (ABR)
Totally Stubby: No Area 0 routes or external routes from RTA
RTB: Area 2 routes, Area 0 routes, RTH routes (N1/N2), External routes from RTA ASBR
(E1/E2) if redistributed
RTA: Area 0 routes, Area 2 routes, RTH routes (E1/E2), other External routes (E1/E2)
106 106 106 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
NSSA-related Commands
To block a portion of an external route from
being advertised into the backbone,
configure the following on the ASBR, or the
ABR of the NSSA:
-router)# summary-address prefix mask not-advertise
To display LSA type 7 entries:
show ip ospf database nssa-external [link_id]
External network address
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
107 107 107 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Virtual Links
Because Area 51 is NOT adjacent to Area 0 (the backbone), a virtual link
(shown in red) can be created as a "Band-Aid" solution.
108 108 108 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
All areas in an OSPF autonomous system must be physically
connected to the backbone area (area 0).
In cases where this is not so, you can use a virtual link to
provide backbone connectivity through a non-backbone area.
A Virtual Link must be configured between two ABRs.
The area through which you configure the Virtual Link, known
as a transit area, must have full routing information.
That is, the transit area cannot be any sort of stub area.
As an emergency fix, you may use a virtual link to connect two
parts of a partitioned backbone i.e. when Area 0 is left
discontiguous due to a failure.
Virtual Links
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
109 109 109 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
A virtual link has the following two requirements:
It must be established between two routers that share a
common area and are both ABRs.
One of these two routers must be connected to the
backbone. (both can be see slides in later examples)
Doyle, should be used only as a temporary fix to an
unavoidable topology problem.
Virtual Links
110 110 110 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Virtual Link is a Logical Connection
a virtual link forms a logical connection between
the endpoint routers, along which OSPF packets
can flow to Area 0, or from Area 0
this transit link can be secured by configuring
authentication on the "area x virtual-link" command
at both ends
the virtual link endpoints become OSPF
neighbours
the virtual link endpoints require IP connectivity
only they need not be directly-connected to
one another
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
111 111 111 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Configuring Virtual Links
Creates a virtual link configure this command
on both routers, at each end of the transit area.
Optional parameters are used in place of
interface ip ospf commands, to configure
aspects such as:
a) custom timer values, and/or
b) authentication, etc
on the virtual link, between endpoints.
area transit-area-id virtual-link remote-router-id
[authentication [message-digest | null]] [hello-interval
seconds] [retransmit-interval seconds] [transmit-delay
seconds] [dead-interval seconds] [[authentication-key key]
| [message-digest-key key-id md5 key]]
Router(config-router)#
112 112 112 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The command to configure a virtual link is as follows:
area transit-area-id virtual-link remote-router-id
RTA(config)#r out er ospf 1
RTA(config-router)#net wor k 192. 168. 0. 0 0. 0. 0. 255 ar ea 51
RTA(config-router)#net wor k 192. 168. 1. 0 0. 0. 0. 255 ar ea 3
RTA(config-router)#ar ea 3 vi r t ual - l i nk 10. 0. 0. 1
...
RTB(config)#r out er ospf 1
RTB(config-router)#net wor k 192. 168. 1. 0 0. 0. 0. 255 ar ea 3
RTB(config-router)#net wor k 192. 168. 2. 0 0. 0. 0. 255 ar ea 0
RTB(config-router)#ar ea 3 vi r t ual - l i nk 10. 0. 0. 2
Virtual Link Example 1
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
113 113 113 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Virtual Link Example 2
114 114 114 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF allows for linking discontiguous parts of the backbone
using a virtual link.
In some cases, different area 0s need to be linked together.
This can occur if, for example, a company is trying to merge
two separate OSPF networks into one network with a common
area 0.
In other instances, virtual-links are added for redundancy in
case some router failure causes the backbone to be split into
two. (CCO)
Whatever the reason may be, a virtual link can be configured
between separate ABRs that touch area 0 from each side and
having a common area.
Virtual Links
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
115 115 115 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
RouterA#sh ip ospf virtual-links
Virtual Link OSPF_VL0 to router 10.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface Serial0/0/1, Cost of using 781
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
Verifying VL Fix to Partitioned Backbone
116 116 116 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Special Treatment for LSAs on Virtual Links
LSAs usually age out after 30 minutes
LSAs learned across virtual links have the
DoNotAge (DNA) option set
Recall: options must match for neighbouring to occur
Required to prevent excessive flooding over virtual
links
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
117 117 117 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Additional "show" Commands
show ip ospf virtual-links
Displays parameters about the current state
of OSPF virtual links.
show ip ospf border-routers
Displays the OSPF routes available to reach
ABRs and ASBRs.
show ip ospf database database-summary
Displays a summary, totalling the LSA types
in the database.
118 118 118 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
1. Configure the password to be used on that interface.
Rtr(config-if)# ip ospf authentication-key password
password value will be shown in clear text within the router configuration
unless service password-encryption is configured
Maximum 8 characters
Passwords do not have to be the same throughout an area, but of course, they
must match between neighbours.
2. Impose the requirement for authentication at that OSPF interface.
The ip ospf authentication command is given with no
parameters for simple password authentication.
Rtr(config-if)# ip ospf authentication
Plain Text Authentication
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
119 119 119 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Example: Plain Text Authentication
120 120 120 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Verify Plain Text Authentication
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
121 121 121 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
The debug ip ospf adj command is used to display OSPF adjacency-
related events and is useful when troubleshooting authentication.
Will display authentication failure information (such as authentication
type).
debug ip ospf adj
Troubleshooting Authentication
debug ip ospf adj
122 122 122 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Use of MD5 ensures not only Authenticity but also message Integrity
(because the hash is derived from the key-id, password & the payload).
1. Assign a key ID and password to be used between neighbouring routers:
Rtr(config-if)# ip ospf message-digest-key key-id md5 password
key-id = 1 to 255, must match between authenticating routers
If multiple keys are configured, say for rollover purposes, OSPF packets will
be duplicated for each key-id.
md5 = Encryption-type
password value will be shown in clear text within the router configuration
unless service password-encryption is configured
Maximum 16 characters
Passwords do not have to be the same throughout an area, but of course,
must match between neighbours.
2. Impose the requirement for MD5 authentication at that OSPF interface.
Rtr(config-if)# ip ospf authentication message-digest
Configuring MD5 Authentication
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
123 123 123 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Example: MD5 Authentication
124 124 124 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Verify MD5 Authentication
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
125 125 125 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Debug Dialog: MD5 Success
126 126 126 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Debug Dialog: MD5 Failure
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
127 127 127 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
1. Unlike EIGRP, use of key chains is not supported in OSPF.
2. Authentication type configured at the interface is the preferred way but
was only introduced at IOS 12.x. This current method is backwards
compatible with the traditional means of doing so by OSPF area
(supported since IOS 10.x).
3. To specify authentication type for an entire area, use the OSPF router
command: -router)# area area-id authentication [message-digest]
without this command, area authentication type defaults to 0 (none)
if the message-digest option is omitted, type is 1 (plain text)
else, with the message-digest option specified, type is 2 (MD5)
4. Authentication type configured at an interface (via ip ospf
authentication) always takes precedence. In the absence of this, the
area-wide authentication type in effect, will apply.
5. The actual authentication key (whether plain text or MD5) is always
configured at the interface.
OSPF Authentication - Extra
128 128 128 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF over MPLS
As discussed previously, there are two predominant MPLS service
models:
1. Layer 2 MPLS VPN provides a Layer 2 service across the backbone
The MPLS cloud behaves like one giant switch and is completely transparent to
OSPF.
R1 and R2, configured to be on the same IP subnet, are OSPF neighbours.
2. Layer 3 MPLS VPN provides a Layer 3 service across the backbone
The MPLS cloud behaves like one giant router.
R1 and R2 are connected to ISP edge routers; on each side, a separate IP subnet
is used.
R1 and R2 are OSPF neighbours with their respective ISP edge routers, as if the
MPLS cloud was an extension of their private corporate network.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
129 129 129 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
When deploying OSPF over EoMPLS or VPLS, there are no changes to
the OSPF configuration from the customers perspective.
The PE1 and PE2 routers are not visible.
A neighbor relationship is established directly between routers
R1 and R2 (just like any Ethernet broadcast network).
The OSPF network type is a multi-access broadcast network so
DR / BDR elections occur as expected.
Adjacency over Layer 2 MPLS VPN
OSPF Adjacency
130 130 130 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Adjacency over Layer 3 MPLS VPN
To the customer routers running OSPF (routers R1 and R2), the Layer 3
MPLS VPN backbone appears to be a standard corporate network.
The CE routers (R1 and R2) form adjacencies with the PE routers.
The OSPF network type of the CE-PE link can be point-to-point,
broadcast or NBMA.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
131 131 131 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Design Tips
Different people have different approaches
to designing OSPF networks.
The important thing to remember is that any
protocol can fail under pressure.
The idea is not to challenge the protocol
but rather, to work with it in order to get the
best behavior. CCO
OSPF Design
132 132 132 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Number of Routers per Area
The maximum number of routers per area depends on
several factors, including the following:
What kind of area do you have?
What kind of CPU power do you have in that area?
What kind of media?
Will you be running OSPF in NBMA mode?
Is your NBMA network meshed?
Do you have a lot of external LSAs in the network?
Are other areas well summarized?
For these reasons, it's difficult to specify a maximum
number of routers per area.
OSPF Design: Area Size
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
133 133 133 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Stub and Totally Stubby Areas:
An area could qualify as a stub when there is a single
exit point (a single ABR) from that area or if routing
outside that area does not have to take an optimal path.
The area is not needed as a transit area for virtual links.
The ASBR is not within the stub area.
The area is not the backbone area (area 0).
Stub areas will result in memory and processing savings
depending upon the size of the network. - This is even
more true with Totally Stubby areas
Totally Stubby areas is a Cisco enhancement.
NSSA behaviour may be desirable if external routes are
required adjacent to a stub or totally stubby area.
OSPF Design: Stub Type
134 134 134 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
More on Default Routing
for a normal area, use this command:
-router)# default-information originate [always][metric
<metric-value|1>] [metric-type <1|2>] [route-map map-name]
for Stub, TSA, NSSA-TSA ABR automatically
originates a default route into the area, with cost 1
when you have multiple sources of default routes,
(e.g. multiple ABRs) alter the default cost injected
into a specified area, by configuring at each ABR:
-router)# area area-num default-cost cost
to force default route origination at NSSA ABR:
-router)# area area-num nssa default-information-originate
[metric <metric-value|1>] [metric-type <1|2>]
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
135 135 135 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
RIP
Area 0
Area 2
NSSA
Area 7
D
A
C B
F
E
ASBR is also NSSA ABR
Router B is an ASBR and the ABR for the NSSA.
Without special configuration, IGRP routes
redistributed into OSPF will be advertised as Type 7's
into the NSSA. To prevent this:
RouterB(config-router)# area 2 nssa no-redist
IGRP
136 136 136 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
"Network" Statement Ordering
Interfaces are placed into OSPF areas as follows:
All active interfaces explicitly configured for
OSPF (at config-if mode) are placed into their
chosen area.
OSPF then matches all remaining active
interfaces against each network statement in
order, placing each interface in the proper area.
The above continues until all interfaces are
assigned or no network statements remain.
Therefore, the sequence of these can have side
effects, particularly if you make a mistake and an
overlap occurs.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
137 137 137 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Network Config 1
Normal OSPF multi-area configuration:
RouterE(router)# network 192.168.1.0 0.0.0.255 area 0
RouterE(router)# network 192.168.3.0 0.0.0.3 area 7
Area 0
Area 7
D
F
E
.0.1/24
.1.1/24
.2.1/24
192.168.x.x
.1.2/24
.3.2/30
.3.1/30
.4.1/24
138 138 138 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Network Config 2
Configure each interface individually into a
chosen OSPF area specify each interface IP
address with a quad-zero wildcard mask:
RouterF(router)# network 192.168.3.3 0.0.0.0 area 7
Area 0
Area 7
D
F
E
.0.1/24
.1.1/24
.2.1/24
192.168.x.x
.1.2/24
.3.2/30
.3.3/30
.4.1/24
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
139 139 139 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Network Config 3
Place all active interfaces for this router into
a single OSPF area a single network
statement is used with a wildcard mask
having all bits set:
RouterD(router)# network 0.0.0.0 255.255.255.255 area 0
Area 0
Area 7
D
F
E
.0.1/24
.1.1/24
.2.1/24
192.168.x.x
.1.2/24
.3.2/30
.3.3/30
.4.1/24
140 140 140 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
Use of Secondary Addresses
No OSPF adjacencies are formed on secondary addresses
each secondary address is considered a stub network
stub networks are only advertised if primary is also advertised
recall "secondaries none" option when enabling OSPF
directly on an interface
D
E
fa0/0
.5.1/24
.0.2/24
HostA
192.168.0.100
HostB
192.168.1.100
HostC
192.168.2.100
RouterD(config)# int fa0/0
-if)# ip address 192.168.0.1 255.255.255.0
-if)# ip address 192.168.1.1 255.255.255.0 secondary
-if)# ip address 192.168.2.1 255.255.255.0 secondary
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
141 141 141 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF Load Balancing
By default, up to four same-metric routes to the
same destination can be kept in the routing table
for equal-cost load balancing.
This can be increased up to sixteen or more
(depending upon IOS ver) with the command:
RouterB(config-router)# maximum-paths <1..max>
The bandwidth and/or ip ospf cost commands (or in
the case of non-T1 serial links, the lack of), can be
used to make unequal-cost links look like equal-
cost links, to allow OSPF load balancing.
This should be done with caution, as it may burden
slower links and/or make inefficient use of faster links.
142 142 142 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
OSPF and DNS Lookups
Loopback interfaces or manually-assigned router
IDs simplify the management and
troubleshooting of OSPF routing domains by
providing predictable Router ID values.
This can be taken one step further by recording
the Router IDs in a Domain Name System (DNS)
database.
The router can then be configured to consult the
DNS server (via Reverse DNS lookups), so that
command output will show meaningful names,
where Router ID would otherwise appear.
Copyright 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 David Bray
OSPF Multi-area
143 143 143 2010-14, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. (140925) 14F NET3008
bi t degr ee.c a
ASBR was configured to perform DNS lookups as follows:
( conf i g) # i p name- ser ver 172. 16. 1. 100
( conf i g) # i p ospf name- l ookup
The first command specifies the DNS server.
The second command enables the OSPF process to perform DNS lookups.
If the router ID addresses are entered into the DNS database, the corresponding
DNS name will be shown in place of numeric router IDs.
OSPF DNS Lookup Example
ASBR#show ip ospf data
OSPF Router with ID (192.168.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
172.16.10.5 ABR-1 412 0x8000000F 0x6F9C 1
192.168.1.1 ABR-2 201 0x80000012 0x8D3D 1
192.168.2.1 ABR-2 205 0x80000016 0x7E46 1
192.168.3.1 ABR-2 205 0x80000005 0x9C36 1