Advanced Routing Suite

Configuring OSPF

June 4, 2009

In This Document
Introduction A Simple OSPF Topology Configuring OSPF References Documentation Feedback page 2 page 4 page 4 page 7 page 7

This document covers basic functionality and monitoring commands used to configure OSPF.

Introduction
Open Shortest Path First (OSPF) is a dynamic routing protocol widely used in Internet Protocol (IP) networks. OSPF is a link-state routing protocol that falls into the group of interior gateway protocols (IGP) operating within an autonomous system (AS). OSPF calculates the best or shortest path between a source and destination address.

Basic Terminology
Link State OSPF is part of the Link State family, which means that every node (router) in the topology knows how all the other nodes are connected. Link-state routing requires each node in the network to send its known information to its neighbors. Using only its local copy of the map, each node independently calculates the best next hop from it to every possible destination in the network. The collection of best next hops forms the routing table for the node. Area To reduce the number of link-state advertisements and overhead traffic on the network, a single AS can be divided into smaller logical groups called areas. An area is a set of networks and hosts within an AS that have been grouped together for administrative purposes. Each area is defined by a 32 bit dotted decimal area identifier (like an IP address). Area 0 (0.0.0.0) also called the backbone area and is mandatory on an OSPF running network. Link State Database (LSDB) The basic database that contains all topology information received through OSPF updates. Designated Router (DR) The DR is the OSPF router with the highest priority. This priority is determined either manually, or using the router ID (if the priority of a number of routers is equal). The DR maintains a complete topology table of the network and sends advertisements/updates to the other routers through multicast transmissions. The Designated Router becomes fully adjacent to all other routers on the network. Because link state databases are synchronized across adjacencies the Designated Router plays a central part in the synchronization process. The selection of the DR is non-preemptive, which means a new DR is selected only during OSPF network initialization.

Copyright 2009 Check Point Software Technologies, Ltd. All rights reserved

Introduction

Backup Designated Router (BDR) The OSPF router with the second highest priority is selected to be the BDR. The BDR backs up the DR, and like the DR updates the link state topology of new routers joining the network. The selection of BDR is non-preemptive, which means a new BDR is selected only during OSPF network initialization or when the DR fails.

Area Border Router (ABR) An ABR is a router running OSPF that connects one area to the main backbone network (area 0), and is considered a member of all areas to which it connects. An ABR keeps multiple copies of the link-state database in memory, one for each area to which it is connected.

Autonomous System Boundary Router (ASBR) An ABR imports routing information learned from other routing protocols into the OSPF routing domain. New routes learned through this mechanism are known as External Routes.

Router ID A router ID is a number which identifies the router in the OSPF network. If a router ID has not been defined (using the ospf router-id command) for the router, then when OSPF starts running it generates a number based on the highest IP address on the active interface. If there is a loopback interface present, then the router ID is generated from the highest IP address of the loopback interface (regardless of the existence of other interfaces). The selection of router ID is non-preemptive (only happens during OPSF network initialization).

Basic Commands
router ospf <instance id>
Enters the local router OSPF sub-menu, enables configuration and modification of OSPF settings on the local peer. Multiple instances of OSPF may run on the same router.

network <network address> <wildcard> area <area id>

Defines which interfaces run and listen to OSPF. Directly connected networks that match the address and wildcard-bits will be assigned with the area id. The OSPF broadcast auto-detection mechanism, automoatically defines all OSPF routers on the same broadcast domain with the same area identifier as OSPF neighbors.

router-id <ip address>

Statically defines the ID the router will use on the OSPF network.

show ip ospf <instance id>

Displays OSPF routing information of a specific OSPF instance.

show ip ospf neighbor

Displays OSPF neighbors information.

show ip route ospf

Displays routes from local routing table that were learned through the OSPF protocol.

A Simple OSPF Topology

A Simple OSPF Topology

Consider the simple BGP topology shown in Figure 1: Figure 1 Simple OSPF Topology

In Figure 1, all the routers in the topology run OSPF processes. Routers A, B, and C are located in the Backbone Area 0, and Routers C and D are located in Area 1. Router C is considered the Area border router (ABR) because it operates in both areas. All routers are configured to run OSPF process 1.

Configuring OSPF
Advanced Routing is only supported on SecurePlatform Pro. Before configuring dynamic routing protocols verify that the Advanced Routing Suite is enabled. If the suite is not enabled, enable it using the cpconfig option Enable Advanced Routing. To enter the Advanced Routing Suite CLI, enter router on the SecurePlaform command line. To enable the configuration shown in Figure 1: 1. On Router A, activate the OSPF process on the interface that is directly connected to network 192.168.7.0/24:
localhost.localdomain#configure terminal localhost.localdomain(config)#router ospf 1 localhost.localdomain(config-router-ospf)#network 192.168.7.0 0.0.0.255 area 0.0.0.0 localhost.localdomain(config-router-ospf)#end

Router B has an interface on the same network (192.168.7.0/24) and another interface on the 192.168.8.0/24 network. Both are associated with an OSPF process in area 0.

Configuring OSPF

2. Configure router B in the following way:

localhost.localdomain#configure terminal localhost.localdomain(config)#router ospf 1 localhost.localdomain(config-router-ospf)#network 192.168.7.0 0.0.0.255 area 0.0.0.0 localhost.localdomain(config-router-ospf)#network 192.168.8.0 0.0.0.255 area 0.0.0.0 localhost.localdomain(config-router-ospf)#end

Router C has an interface on network 192.168.8.0/24 which is associated with an OSPF process in area 0, and another interface on network 192.168.9.0/24 which is associated with an OSPF process in area 1. This makes router C the ABR for this domain router. 3. Configure router C in the following way:
localhost.localdomain#configure terminal localhost.localdomain(config)#router ospf 1 localhost.localdomain(config-router-ospf)#network 192.168.8.0 0.0.0.255 area 0.0.0.0 localhost.localdomain(config-router-ospf)#network 192.168.9.0 0.0.0.255 area 0.0.0.1 localhost.localdomain(config-router-ospf)#end

Router D has one interface on network 192.168.9.0/24 which is associated with an OSPF process in area 1, and another interface on network 172.16.4.0/24 which is also associated with an OSPF process in area 1. This network will be advertised through OSPF updates to all OSPF neighbors making the 172.16.4.0/24 network routable from each router in the OSPF domain. 4. Configure router D in the following way:
localhost.localdomain#configure terminal localhost.localdomain(config)#router ospf 1 localhost.localdomain(config-router-ospf)#network 192.168.9.0 0.0.0.255 area 0.0.0.1 localhost.localdomain(config-router-ospf)#network 172.16.4.0 0.0.0.255 area 0.0.0.1 localhost.localdomain(config-router-ospf)#end

Configuring OSPF

5. On router A, run the show command to verify the existence of OSPF information:
localhost.localdomain#show ip ospf 1 Routing Process "ospf 1" with ID 192.168.7.1 Supports opaque LSA It is an autonomous system boundary router and is not an area border router Hold time between two SPFs is 5 Minimum LSA interval 5. Minimum LSA arrival 1 Number of external LSA 2. Checksum sum 2017893 Number of opaque AS LSA 0, Checksum sum 0 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Area 0.0.0.0 Number of interface in this area is 1 It is a normal area Number of LSA 4 Checksum sum 2017893 Number of opaque LSA 0 Checksum sum 0 Area ranges are localhost.localdomain#show ip route ospf Codes: C - connected, S - static, R - RIP, B - BGP, O - OSPF D - DVMRP, 3 - OSPF3, I - IS-IS, K - Kernel A - Aggregate O 192.168.8.0/24 [10/150] via 192.168.7.2, 13:42:59, eth1 O 192.168.9.0/24 [10/150] via 192.168.7.2, 13:42:59, eth1 O 172.16.4.0/24 [10/150] via 192.168.7.2, 13:42:59, eth1

References

References
For more configuration information see: Check Point SecurePlatformPro and Advanced Routing Suite CLI Guide Advanced Routing Suite - Configuring BGP and OSPF Interoperability Advanced Routing Suite - Configuring BGP Advanced Routing Suite - Dynamic Routing in a ClusterXL Environment Advanced Routing Suite - Configuring PIM

Available at: http://support.checkpoint.com

Documentation Feedback
Check Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments to: cp_techpub_feedback@checkpoint.com