OSPF - salleurl.eduusers.salleurl.edu/~zaballos/CCNP/3.pdf · OSPF does not gather routing table...

1

1© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicBSCI Module 3

OSPF

BSCI Module 3

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicBSCI Module 3 2

Terminology

2


OSPF Overview

� OSPF does not gather routing table information, but routers and the status of their connections, links.

� OSPF routers use this information to build a topological data base (link state database), runs the Shortest Path First (SPF), Dijkstra’s algorithm, and creates a SPF tree. From that SPF tree, a routing table is created.


OSPF is a link state protocol

�� LinkLink: interface on a router

�� Link stateLink state: the status of a link between to routers.

3


Cisco’s OSPF’s metric is based on cost

� Cost is an OSPF metric expressed as an 16bit integer, from 1 to 65.535.

� Cisco uses a default cost of 108/BW, where BW is the configured bandwidth (bandwidth command) of the interface and 108 (100.000.000) as the reference bandwidth.

� Example: A serial link with bandwidth:128K

� cost: 100.000.000/128.000 = 781


� Minimizes routingtable entries

� Localizes impact ofa topology changewithin an area

� Detailed LSAflooding stops atthe area boundary

� Requires ahierarchicalnetwork design

� Transit Area:

� aka Backbone, Area 0

� Regular Area:

� aka Nonbackbone areas

OSPF Areas

Review of OSPF area characteristics:

4


OSPF Areas

� Every OSPF router must belong to at least one area.

� Every OSPF network must have an Area 0 (backbone area).

� All other Areas should “touch” Area 0.

There are exceptions to this rule

� Routers in the same area have the same link-state information.

� Much more on areas at the end of the chapter (OSPF Multiple Areas).


OSPF Database

� OSPF maintains three databases

� Adjacency Database (show ip ospf neighbor)

� Link-state Database (show ip ospf database)

� Forwarding Database (show ip route)

5


Operation


OSPF neighbor relationships

� OSPF uses 5 different types of packets to communicate.

OSPF Type-2 (DBD)

OSPF Type-3 (LSR)

OSPF Type-4 (LSU)

OSPF Type-5 (LSAck)

OSPF Type-1 (Hello)

6


Steps to OSPF Operation

� 1. Establishing router adjacencies

� 2. Electing DR and BDR

� 3. Discovering Routes

� 4. Choosing Routes

� 5. Maintaining Routing Information


OSPF States

� OSPF router interfaces can be in one of seven states:

� Down State

� Init State

� Two-way State

� ExStart State

� Exchange State

� Loading State

� Full Adjacency State

7


Steps to OSPF Operation with OSPF States


Down State

Init State

Two-way State


ExStart State with DR and BDR

Two-way State with all other routers


ExStart State

Exchange State

Loading State

Full State




1. Establishing Adjacencies

� Initially, an OSPF router interface is in the down state.

� RTB perspective and assuming routers are configured correctly.

� Trying to start a relationship and wanting to enter the init state

� RTB begins multicasts OSPF Hello packets (224.0.0.5, AllOSPFRouters), advertising its own Router ID.

8


� Router ID = Highest active IP address (including loopback).

� Loopback address has the advantage of never going down, thus diminishing the possibility of having to re-establish adjacencies. (more in a moment)

� Use private ip addresses for loopbacks, so you do not inadvertently advertise a route to a real network that does not exist on your router.



� RTA and RTC receive Hello packets from RTB and add RTB’s Router ID to the Neighbor ID field of the Hello packet its sends back to RTB, at the same time entering the init state.

� When a router receives its first Hello packet, it enters the init state, meaning the router is ready to take the relationship to the next level.

� From init state to the two-way state


9



� 1. Establishing router adjacenciesDown State

Init State

Two-way State

� 2. Electing DR and BDRExStart State with DR and BDR


� 3. Discovering RoutesExStart State

Exchange State

Loading State

Full State




�� DRDR - Designated Router

�� BDRBDR - Backup Designated Router

� DR’s serve as collection points for LSAs

� A BDR backups the DR.

� On point-to-point links adjacencies (don’t get this confused with being “fully adjacent” or the full state) are established with all neighbors, because there is only one neighbor.

� On multi-access networks, OSPF elects a DR and BDR to limit the number of adjacencies.

Reduce routing update traffic

2. Electing a DR and BDR

10


2. Electing a DR/BDR

� Designated Router

� Router with the highest Router ID is elected the DR.

� But like other elections, this one can be rigged.

� The router’s priority field can be set to either ensure that it becomes the DR or prevent it from being the DR.

� The router can be assigned a priority between 0 and 255, with 0 preventing this router from becoming the DR (or BDR) and 255 ensuring at least a tie. (The highest Router ID would break the tie)


� All other routers, “DRother”, establish adjacencies with only the DR and BDR.

� DRother routers multicast LSAs to only the DR and BDR

(224.0.0.6 - all DR routers)

� DR sends LSA to all adjacent neighbors (224.0.0.5 - all OSPF routers)


11


� Backup Designated Router - BDR

� Listens, but doesn’t act.

� If LSA is sent, BDR sets a timer.

� If timer expires before it sees the reply from the DR, it becomes the DR and takes over the update process.

� The process for a new BDR begins.



� Once a DR is established, a new router that enters the network with a higher priority or router id will NOTbecome the DR or BDR. (Bug in early IOS 12.0)

� If DR fails, BDR takes over as DR and selection process for new BDR begins.

� State of the relationship

� DRothers enter ExStart state with DR and BDR and two-way state with all other routers


12



� 1. Establishing router adjacenciesDown State

Init State

Two-way State

� 2. Electing DR and BDRExStart State with DR and BDR


� 3. Discovering RoutesExStart State

Exchange State

Loading State

Full State




3. Discovering Routes and reaching Full State

“adjacent”

OSPF Type-1 (Hello)

OSPF Type-2 (DBD)

OSPF Type-2 (DBD)

OSPF Type-5 (LSAck)

OSPF Type-3 (LSR)

OSPF Type-4 (LSU)

OSPF Type-5 (LSAck)

OSPF Type-1 (Hello)

13


� ExStart State

� ExStart state - prepare for initial database exchange

� Purpose of ExStart is to establish a master/slave relationship between the two routers decided by the higher router id.

� Once the roles are established they enter the exchange state.

� Exchange State

� Exchange state - routers exchange one or more Type-2 DBDs(Database Description) packets, which is a summary of the link-state database.

� Routers compare these DBDs with information in its own database.

� If the router receives information about a link that is not already in its database, the router requests a complete update from its neighbor.

� Complete routing information is exchanged in the loading state.



� Loading State

� If the other router has more updated information, this router sends a LSR (Link-State Request) packet requesting more information.

� Remote router sends the requested information in a LSA Type-4 packet (more on this packet type(s) in next chapter).

� Router sends LSAck to acknowledge receipt

� Full State

� Full state - after all LSRs have been updated.

� At this point the routers should have identical link-state databases


14




Down State

Init State

Two-way State





ExStart State

Exchange State

Loading State

Full State




4. Choosing Routes

� The router now has a complete link-state database

� Now the router is ready to create a routing table, but first needs to run the Shortest Path First Algorithm on the link state database, which will create the SPF tree.

15




Down State

Init State

Two-way State





ExStart State

Exchange State

Loading State

Full State




Basic OSPF Configuration

16


router ospf process-id [vrf vpn-name]

Router(config)#

� Enable one or more OSPF routing processes.

Configuring Basic OSPF

network ip-address wildcard-mask area area-id

Router(config-router)#

� Define the interfaces that OSPF will run on.

Router(config-if)#

ip ospf process-id area area-id [secondaries none]

� Optional method to enable OSPF explicitly on an

interface.


Configuring OSPF for Multiple Areas

17


router-id ip-address

� This command is configured under the router ospf [process-id] command.

� Any unique arbitrary 32-bit value in an IP address format (dotted decimal) can be used.

� If this command is used on an OSPF process that is already active, then the new router ID takes effect after the next reload or after a manual restarting of the OSPF process using:

OSPF router-id CommandRouter(config-router)#

Router(config)#router ospf 1Router(config-router)#router-id 172.16.1.1

Router#clear ip ospf process

Router#clear ip ospf process


�� Loopback interfaceLoopback interface

� Rtr(config)# interface loopback 0

� Rtr(config-if)# ip add 10.1.1.1 255.255.255.0

� Very useful in setting Router IDs.

�� Configuring OSPF Router Priority (DR/BDR)Configuring OSPF Router Priority (DR/BDR)

� Rtr(config)# interface fastethernet 0

� Rtr(config-if)# ip ospf priority <0-255>

� Higher priority becomes DR/BDR

� Default = 1

� 0 = Ineligible to become DR/BDR

18


Why Does the show ip ospf neighbor Command Reveal Neighbors Stuck in 2-Way State? (This is normal in this situation)

� In the following topology, all routers are running OSPF neighbors over the Ethernet network:

� Following is sample output of the show ip ospf neighbor command on R7:

� router-7#show ip ospf neighbor

� Neighbor ID Pri State Dead Time Address Interface

� 170.170.3.2 1 FULL/BDR 00:00:37 170.170.3.2 Ethernet0

� 170.170.3.3 1 2WAY/DROTHER 00:00:30 170.170.3.3 Ethernet0

� 170.170.10.8 1 FULL/DR 00:00:39 170.170.3.8 Ethernet0

� 170.170.7.4 1 2WAY/DROTHER 00:00:39 170.170.3.4 Ethernet0

� router-7#


NBMA OSPF Configuration

19


OSPF over NBMA Topology Modes of Operation

� RFC 2328-compliant modes are as follows:

Nonbroadcast (NBMA)

Point-to-multipoint

� Additional modes from Cisco are as follows:

Point-to-multipoint nonbroadcast

Broadcast

Point-to-point

ip ospf network [{broadcast | non-broadcast | point-to-multipoint [non-broadcast] | point-to-point}]

� This interface command defines OSPF network type.

Router(config-if)#


NBMA

� Non-Broadcast Multi-access Access Networks.

Frame Relay

X.25

� Without broadcasts and multicasts, DR/BDR election is problematic

20


RFC-compliant Non-broadcast Mode� One IP subnet.

� Neighbors must be manually configured.

� DR and BDR elected.

� DR and BDR need to have full connectivity with all other routers.

� Typically used in a full meshtopology.

RTB(config-if)#ip ospf network non-broadcast--------RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0RTB(config-router)#neighbor 3.1.1.1RTB(config-router)#neighbor 3.1.1.3


RFC-compliant Point-to-Multipoint Mode

� One IP subnet.

� Uses multicast OSPF hello packet to automatically discover neighbors.

� DR and BDR not required. Router sends additional LSAswith more information about neighboring routers.

� Typically used in a partial-mesh or hub-and-spoketopology.

RTB(config-if)#ip ospf network point-to-multipoint--------RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0

21


NBMA Networks and OSPF


Cisco’s Point-to-Multipoint Non-broadcast mode

RTB(config-if)#ip ospf network point-to-multipoint non-broadcast--------RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0RTB(config-router)#neighbor 3.1.1.1 cost 10RTB(config-router)#neighbor 3.1.1.3 cost 20

� Cisco extension to RFC-compliant point-to-multipoint mode

� Must statically define neighbors, like nonbroadcast mode

� Like point-to-multipoint mode, DR/BDR not elected

� Used in special cases where neighbors cannot be automatically discovered

22


Cisco’s Broadcast Mode

� Makes a WAN interface appear to be a LAN

� One IP subnet

� Uses multicast hellos to discover neighbors

� DR and BDR elected

� Requires a full mesh.

RTB(config-if)#ip ospf network broadcast--------RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0


� One IP subnet per subinterface pair

� No DR or BDR election

� Used when only two routers need to form an adjacency on a pair of interfaces

� Same properties as any physical point-to-point physical interface

RTB(config)#interface serial 0/0.1RTB(config-subif)#ip address 3.1.1.2 255.255.255.0RTB(config-subif)#interface serial 0/0.2 RTB(config-subif)#ip address 4.1.1.2 255.255.255.0--------RTB(config-router)#network 3.1.1.0 0.0.0.255 area 0RTB(config-router)#network 4.1.1.0 0.0.0.255 area 0

Cisco’s Point-to-Point mode

23


OSPF over NBMA Topology Summary


OSPF Multi-Area

24


OSPF Multi-Area

� Areas

� LSAs

� Type of areas:

Stub Areas

Totally Stubby Areas

� E1 and E2 routes

� NSSA (Not So Stubby Areas)

� Virtual Links

� Route Summarization


Issues with large OSPF nets

� Frequent SPF calculations

� Large routing table

� Large link-state table

25


OSPF uses “Areas”

� Hierarchical routing enables you to separate large internetworks (autonomous systems) into smaller internetworks that are called areas.

� With this technique, routing still occurs between the areas (called inter-area routing), but many of the smaller internal routing operations, such as recalculating the database, are restricted within an area.


OSPF Router Types

26


OSPF Router Types

� Internal: Routers with all their interfaces within the same area.

� Backbone: Routers with at least one interface connected to area 0.

� ABR: (Area Border Router): Routers with interfaces attached to multiple areas.

� ASBR: (Autonomous System Boundary Router): Routers that have at least one interface connected to an external internetwork (another autonomous system).


LSA types

27


LSA Types


LSA Types

28


LSA Type 1: Router LSA

� One router LSA (type 1) for every router in an area:Includes list of directly attached links

� Identified by the router ID of the originating router

� Floods within its area only; does not cross ABR

� Link-state ID depends on link type


LSA Type 2: Network LSA

� Advertised by the DR of the broadcast network

� Floods within its area only; does not cross ABR

� Link-state ID is the DR

29


LSA Type 3: Summary LSA

� Advertised by the ABR of originating area.

� Regenerated by subsequent ABRs to flood throughout the autonomous system.

� By default, routes are not summarized, and type 3 LSA is advertised for every subnet.

� Link-state ID is the network or subnet advertised in the summary LSA


LSA Type 4: Summary LSA

� Summary (type 4) LSAs are used to advertise an ASBR to all other areas in the autonomous system.

� They are generated by the ABR of the originating area.

� They are regenerated by all subsequent ABRs to flood throughout the autonomous system.

� Link-state ID is the router ID of the ASBR.

30


LSA Type 5: External LSA

� External (type 5) LSAs are used to advertise networks from other autonomous systems.

� Type 5 LSAs are advertised and owned by the originating ASBR.

� The Link-state ID is the external network number.


E1 vs. E2 External Routes

� External routes fall under two categories, external type 1 and external type 2.

� The difference between the two is in the way the cost (metric) of the route is being calculated.

� The cost of a type 2 (E2) route is always the external cost, irrespective of the interior cost to reach that route.

� A type 1 (E1) cost is the addition of the external cost and the internal cost used to reach that route.

� Type 2 (E2) is the default!

31


� router ospf 1

� redistribute routing-protocol metric-type [1|2]

� metric-type 1 - A type 1 cost is the addition of the external cost and the internal cost used to reach that route.

� redistribute rip metric-type 1

� metric-type 2 - The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route.

� redistribute rip metric-type 2

E1 vs. E2 External Routes


Interpreting the OSPF Database

RouterA#show ip ospf databaseOSPF Router with ID (10.0.0.11) (Process ID 1)

Router Link States (Area 0)Link ID ADV Router Age Seq# Checksum Link count10.0.0.11 10.0.0.11 548 0x80000002 0x00401A 110.0.0.12 10.0.0.12 549 0x80000004 0x003A1B 1100.100.100.100 100.100.100.100 548 0x800002D7 0x00EEA9 2

Net Link States (Area 0)Link ID ADV Router Age Seq# Checksum172.31.1.3 100.100.100.100 549 0x80000001 0x004EC9

Summary Net Link States (Area 0)Link ID ADV Router Age Seq# Checksum10.1.0.0 10.0.0.11 654 0x80000001 0x00FB1110.1.0.0 10.0.0.12 601 0x80000001 0x00F516<output omitted>

32


Area Types

� Standard

� Backbone

� Stub

Stub

Totally Stubby Area (TSA)

Not-so-stubby-area (NSSA)


Area Types

33


Stub Areas

� Considerations for both Stub and Totally Stubby Areas

� An area could be qualified a stub when there is a single exit point (a single ABR) from that area or if routing to outside of the area does not have to take an optimal path.

� The area is not needed as a transit area for virtual links (later).

� The ASBR is not within the stub area

� The area is not the backbone area (area 0)

� Stub areas will result in memory and processing savings depending upon the size of the network.


� Stub Areas

� Receives all routes from within A.S.:

� Within the local area - LSA 1s and LSA 2s (if appropriate)

� From other areas (Inter-Area) - LSA 3s and LSA 4s

� Does not receive routes from External A.S. (External Routes).

� ABR:

� LSA 3s and LSA 4s are propagated by the ABR.

� ABR blocks all LSA 5s.

� If LSA 5s are not know inside an area, are LSA 4s are necessary ??

� Default route is injected into stub area by ABR

External Routes: Once the ABR gets a packet headed to a default route, it must have a default route, either static or propagated by the ASBR via default information originate (coming!)

� Configuration:

� All routers in the area must be configured as “stub”

34


Totally Stubby Areas

� Cisco proprietary

� Same considerations as with Stub areas:

� An area could be qualified a stub when there is a single exit point (a single ABR) from that area or if routing to outside of the area does not have to take an optimal path.

� The area is not needed as a transit area for virtual links (later).

� The ASBR is not within the stub area

� The area is not the backbone area (area 0)

� Stub areas will result in memory and processing savings depending upon the size of the network. -This is even more true with Totally Stubby areas


� Totally Stubby Areas

� Receives routes from within A.S.:

� Only from within the local area - LSA 1s and LSA 2s (if appropriate)

� Does not receive routes from other areas (Inter-Area) - LSA 3s and LSA 4s

� Does not receive routes from External A.S. (External Routes)

� ABR:

� ABR blocks all LSA 5s.

� ABR blocks all LSA 3s and LSA 4s, except propagating a default route.

� Default route is injected into totally stubby area by ABR.

� Configuring:

� All routers must be configured as “stub”

� ABR must be configured as “stub no-summary”

35


Multi-area Example

RIP


Multi-area Example

ABR

ASBR

RIP

All routes to all areas including LSA 3s (IA) other areas routes

from ABRs, LSA 4s (IA to ASBR) reachability to ASBR from

ABRs, and LSA 5s (E1/E2) external routes from the ASBR.

36


Stub Example

ABR

ASBR

No Type

LSA 5s

Route to 0.0.0.0/0

via ABR

LSA 3s (IA routes) via ABR


Totally Stubby Example

ABR

ASBR

No Type 3, 4,

or 5 LSAs

Route to 0.0.0.0/0 via

ABR

- No more IA routes

- Only routes within the

area and the default

Totally Stubby Area

no summary

37


Propagating Default Routes in NSSAs


NSSA Example

NSSA

Area 2

Backbone Area

Area 0

ASBR

ABR(Possible

ASBR)

RIP

RTARTB

RTC

RTD

RTE

RTF

RTG

RTH

38


� NSSA allow external routes to be advertised into the OSPF AS while retaining the characteristics of a stub area to the rest of the AS.

� ASBR RTG will originate Type-7 LSAs to advertise the external destinations.

� These LSA 7s are flooded through the NSSA but are blocked by the NSSA ABR.

� The NSSA ABR translates LSA 7s into 5s and flood other areas.

NSSA

Area 2

Backbone Area

Area 0

ASBR

ABR(Possible

ASBR)

RIP

RTARTB

RTC

RTD

RTE

RTF

RTG

RTH

Default route via RTG

LSA 7 LSA 7

LSA 7

LSA 7

LSA 7

LSA 7LSA 5

LSA 7s

Blocked


LSA Types (con’t)

� Type 7 LSA NSSA External Link Entry

� Originated by an ASBR connected to an NSSA.

� Type 7 messages can be flooded throughout NSSAsand translated into LSA Type 5 messages by ABRs.

� Routes learned via Type-7 LSAs are denoted by either a default “N1” or an “N2” in the routing table. (Relative to E1 and E2).

39


� Configuring NSSA Stub Area

� Configured for all routers in Area 2:

� router ospf 1

� network 172.16.2.0 0.0.0.255 area 2

� area 2 nssa

NSSA

Area 2

Backbone Area

Area 0

ASBR

ABR(Possible

ASBR)

RIP

RTARTB

RTC

RTD

RTE

RTF

RTG

RTH

Default route via RTG

LSA 7LSA 7

LSA 7

LSA 7

LSA 7

LSA 7LSA 5

LSA 7s

Blocked

LSA 3s &

0.0.0.0/0


NSSA example

40


Virtual Link Concepts and Configuration


Virtual Links

41


� All areas in an OSPF autonomous system must be physically connected to the backbone area (area 0).

� In some cases where this is not possible, you can use a virtual link to connect to the backbone through a non-backbone area.

� As mentioned above, you can also use virtual links to connect two parts of a partitioned backbone through a non-backbone area.

� The area through which you configure the virtual link, known as a transit area, must have full routing information.

� Must be configured between two ABRs.

� The transit area cannot be a stub area.

Virtual Links


Virtual Links

� A virtual link has the following two requirements:

It must be established between two routers that share a common area and are both ABRs.

One of these two routers must be connected to the backbone.

� Should be used only as a temporary fix to an unavoidable topology problem

42


� The command to configure a virtual link is as follows:

� area <area-id> virtual-link <remote-router-id>

� RTA(config)#router ospf 1

� RTA(config-router)#network 192.168.0.0 0.0.0.255 area 51

� RTA(config-router)#network 192.168.1.0 0.0.0.255 area 3

� RTA(config-router)#area 3 virtual-link 10.0.0.1

� ...

� RTB(config)#router ospf 1

� RTB(config-router)#network 192.168.1.0 0.0.0.255 area 3

� RTB(config-router)#network 192.168.2.0 0.0.0.255 area 0

� RTB(config-router)#area 3 virtual-link 10.0.0.2


Special Treatment for LSAs on Virtual Links

� LSAs usually age out after 30 minutes

� LSAs learned across virtual links have the DoNotAge (DNA) option set

� Required to prevent excessive flooding over virtual links

43


RouterA#sh ip ospf virtual-linksVirtual Link OSPF_VL0 to router 10.2.2.2 is up

Run as demand circuitDoNotAge LSA allowed.Transit area 1, via interface Serial0/0/1, Cost of using 781Transmit Delay is 1 sec, State POINT_TO_POINT,Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:07Adjacency State FULL (Hello suppressed)Index 1/2, retransmission queue length 0, number of retransmission 1First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)Last retransmission scan length is 1, maximum is 1Last retransmission scan time is 0 msec, maximum is 0 msec

Configuring and Verifying a Virtual Link


Route summarization

44


�� InterInter--Area Route Summarization Area Route Summarization -- Area RangeArea Range

� By default ABRs do not summarize routes between areas.

� Route summarization is the consolidation of advertised addresses.

� This feature causes a single summary route to be advertised to other areas by an ABR.

� In OSPF, an ABR will advertise networks in one area into another area.

� If the network numbers in an area are assigned in a way such that they are contiguous, you can configure the ABR to advertise a summary route that covers all the individual networks within the area that fall into the specified range.


� RTB is summarizing the range of subnets from 128.213.64.0 to 128.213.95.0 into one range: 128.213.64.0 255.255.224.0.

� This is achieved by masking the first three left most bits of 64 using a mask of 255.255.224.0.

� In the same way, RTC is generating the summary address 128.213.96.0 255.255.224.0 into the backbone.

� Note that this summarization was successful because we have two distinct ranges of subnets, 64-95 and 96-127.

45


� RTB

� router ospf 100

� area 1 range 128.213.64.0 255.255.224.0

� RTC

� router ospf 100

� area 2 range 128.213.96.0 255.255.224.0


�� External Route Summarization External Route Summarization -- summarysummary--addressaddress

� When redistributing routes from other protocols into OSPF (later), each route is advertised individuallyin an external link state advertisement (LSA).

� However, you can configure the Cisco IOS software to advertise a single route for all the redistributed routes that are covered by a specified network address and mask.

� Doing so helps decrease the size of the OSPF link state database.

� On the ASBR only (Summarizes external routes before injecting them into the OSPF domain).

� Router(config-router)# summary-address network-address subnet-mask

46


� RTA

� router ospf 100

� summary-address 128.213.64.0 255.255.224.0

� redistribute bgp 50 metric 1000 subnets (later)

� RTD

� router ospf 100

� summary-address 128.213.96.0 255.255.224.0

� redistribute bgp 20 metric 1000 subnets (later)


OSPF Authentication

47


• OSPF supports 2 types of authentication:

•Simple password authentication (plain text)

•MD5 authentication

• Router generates and checks each packet and authenticates the source of each update packet it receives

• Configure a “key” (password)

•Note: all participating neighbors must have the same key configured

OSPF Authentication Types


Configuring Simple Password Authentication

ip ospf authentication-key password

Router(config-if)#

• Assign a password to be used with neighboring routers.

Router(config-if)#

ip ospf authentication [message-digest | null]

• Specifies the authentication type for an interface

(since IOS 12.0).


area area-id authentication [message-digest]

• Specifies the authentication type for an area (was in IOS

before 12.0).

48


Example Simple Password Authentication Configuration


R2 Configuration for Simple Password Authentication

<output omitted>interface Loopback0ip address 10.2.2.2 255.255.255.0

<output omitted>interface Serial0/0/1ip address 192.168.1.102 255.255.255.224ip ospf authenticationip ospf authentication-key plainpas

<output omitted>router ospf 10log-adjacency-changesnetwork 10.2.2.2 0.0.0.0 area 0network 192.168.1.0 0.0.0.255 area 0

49


Configuring OSPF MD5 Authentication

• Specifies the authentication type for an area (was in IOS

before 12.0).

area area-id authentication [message-digest]

• Specifies the authentication type for an interface

(since IOS 12.0).

ip ospf authentication [message-digest | null]

ip ospf message-digest-key key-id md5 key

Router(config-if)#

• Assign a key ID and key to be used with neighboring routers.

Router(config-if)#



Example MD5 Authentication Configuration

50


Q and A


OSPF - salleurl.eduusers.salleurl.edu/~zaballos/CCNP/3.pdf · OSPF does not gather routing table...

Documents

Transcript of OSPF - salleurl.eduusers.salleurl.edu/~zaballos/CCNP/3.pdf · OSPF does not gather routing table...