OSPF

Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP) networks by the Interior Gateway Protocol (IGP) working group of the Internet Engineering Task Force (IETF).

The working group was formed in 1988 to design an IGP based on the Shortest Path First (SPF) algorithm for use in the Internet.

OSPF was created because in the mid-1980s, the Routing Information Protocol (RIP) was increasingly incapable of serving large, heterogeneous internetworks.

OSPF has two primary characteristics. The first is that the protocol is open, which means that its specification is in the public domain.

The OSPF specification is published as Request For Comments (RFC) 1247.

The second principal characteristic is that OSPF is based on the SPF algorithm, which sometimes is referred to as the Dijkstra algorithm, named for the person credited with its creation.

UPDATE: RFC 2328 !!!

OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs) to all other routers within the same hierarchical area.

Information on attached interfaces, metrics used, and other variables is included in OSPF LSAs.

As OSPF routers accumulate link-state information, they use the SPF algorithm to calculate the shortest path to each node.

OSPF Overview

• Preferred to RIP on larger networks

• Open Standard - IETF RFC 2328 (new RFC)

• Link State routing protocol

• Interior Gateway Protocol for Autonomous systems

• Metric based on bandwidth

• Supports VLSM

• OSFP can use ‘areas’ to allow hierarchical design

Overview of Link-State and Distance Vector Routing

OSPF

•Large OSPF networks use a hierarchical design

•Defining areas reduces routing overhead, speeds up convergence, confines network instability to an area and improves performance

•Backbone: area 0

OSPF has introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, etc.

Large OSPF Network

Link State Update Problem

Flip flop

Hold on

OSPF Overview - Metric

Different routing result comparing to RIP

The formula used to calculate the cost is: cost= 100 000 000/bandwith in bps For example, it will cost 10 EXP8/10 EXP7 = 10 to cross a 10M Ethernet line and will cost 10 EXP8/1544000 = 64 to cross a T1 line. By default, the cost of an interface is calculated based on the bandwidth (not the clock rate !!); you can force the cost of an interface by using the ip ospf cost <value> interface sub- command.

Configuring Cost

R2

R3

R4

R5

R1

56KB

1.544MB

100MB

1.544MB

Cost = 10^8 / bandwidth

Cost 1562

Cost 1

1.544MB

Cost 64.7 Cost 64.7

Cost 64.7

Cost =195.1 Cost =1562

LAN 1

LAN 2

Un premier exemple

RTA#interface Ethernet0ip address 192.213.11.1 255.255.255.0

interface Ethernet1ip address 192.213.12.2 255.255.255.0

interface Ethernet2ip address 128.213.1.1 255.255.255.0

router ospf 100network 192.213.0.0 0.0.255.255 area 0.0.0.0network 128.213.1.0 0.0.0.255 area 23

Advantages and Disadvantages of Link-State Routing

Comparing Distance Vector and Link-State Routing

Identify Distance Vector & Link State Routing Characteristics

Periodic updates

Topology changes trigger updates

Updates sent to neighbours

Updates contain changes only

Updates contain entire routing table

Increased memory & processing requirements

Updates consume significant bandwidth

Rapid convergence

Updates sent to all routers Support CIDR/VLSM

Slow convergence

• OSPF permet d’installer plusieurs routes pour une même destination,

selon critère de débit.

si plusieurs routes vers une même destination sont de coût équivalents, OSPF répartit la charge équitablement parmi ces routes.

• OSPF supporte l’adressage en sous-réseaux (subnets);

• Découpe d’un système autonome en aréas

isolement des informations de routage à l’intérieur de ces aréas

==> limitation des informations de routage dans le système autonome .

• Les liens extérieurs avec d’autres systèmes autonomes (via EGP par exemple) sont pris en compte.

• Echanges entre routeurs authentifiés ==> intégrité des messages.

OSPF : les concepts, areas

• Le problème : dans les systèmes de routage, si le réseau est trop grand

overhead du traffic dans le réseau,calculs trop longs,

dimensionnement mémoire trop grand

• La solution : routage hiérachique

découpage du réseau en parties indépendantes (Areas)

reliées par un BackBone (Area BackBone)

•La fonctionnalité

chaque area constitue un réseau indépendant

la table des liaisons ne contient que les liaisons de l’Area,

le protocole d’inondation s’arrête aux frontières de l’Area,

les routeurs ne calculent que des routes internes à l’Area

certains routeurs (area border routers) appartiennent à plusieurs Areas (en général une Area inférieure et une Area BB) et transmettent les informations récapitulatives des Areas qu’ils relient.

OSPF: Concepts: Areas

A1 AB1

A2 AB4

a1

a2

b3

a3

BC1

BC3

b5

c1

c2

c3

C2

C4b4

BB0 BB2

b2 b6

b1

Area A Area C

BB

Routeurs internes

Routeurs inter-areas

AS

• Chaque routeur du système autonome ou d’une area construit sa propre base d’information décrivant la topologie de l’AS complet ou bien de l’area.

• Au départ les routeurs utilisent des message "Hello" pour découvrir leurs voisins; une "adjacence" est formée lorsque deux routeurs communiquent pour échanger des informations de routage.

• L’information élémentaire échangée entre routeurs décrit l’état (link state) des adjacences; cette information est fournie par un routeur donné puis propagée dans l'area ou l’AS.

• A partir de sa base d’information (collection d’états des routeurs), chaque routeur construit un arbre du plus court chemin (SPF tree) dont il est la racine.

• Cet arbre indique toutes les routes pour toutes les destinations du système autonome, plus les destinations extérieures.

OSPF, la Base topologique

• La base d’information topologique d’un système autonome décrit un graphe orienté. Les noeuds du graphe sont des routeurs tandis que les liens représentent les connexions physiques.

• Les réseaux sont dits de transit si plusieurs routeurs y sont connectés ou terminaux dans le cas contraire.

• A chaque réseau est associé une adresse IP et un masque réseau.

• Une machine seule (host) est considérée comme un réseau terminal avec un masque égal à FFFFFFFF.

RT1

RT2

N3

N1

N2

RT4 RT5

RT3

N12 N13 N14

88

8 8 8

RT6

7

68

131

1

N4

N9

1

H110

RT12N10

2

RT9

N11

1

RT11 N8

1 2N6

1

RT8

RT7

1

N7

4

RT103 1

N12

N16

5

7

6

6AS border Router

2

9

OSPF : exemple

2

3

3

RT1

RT2

N3N1

N2

RT4RT5

RT3

N12 N13 N148 8 8

RT6

6

3

3

N4

N9

H110

RT12

N10

2

RT9

N11

RT11

N8

1

N6

RT8

RT7

4

RT10

3

1 N12

N15

1

62

3

2

9

7

La table de routage de R6

Dest. Next hop Distance

N1 RT3 10N2 RT3 10N3 RT3 7N4 RT3 8N6 RT10 8N7 RT10 12N8 RT10 10N9 RT10 11N10 RT10 13N11 RT10 14H1 RT10 21RT5 RT5 6RT7 RT10 8N12 RT10 10N13 RT5 14N14 RT5 14N15 RT10 17

N7

Area 1

Area 2

RT1

RT2

N3

N1

N2

RT4 RT5

RT3

N12 N13 N14

88

8 8 8

RT6

7

68

131

1

N4

N9

1

H110

RT12

N10 2

RT9N11 1

RT11 N8

1 2N6

1

RT8

RT7

1

N7

4

RT103 1

N12

N16

5

7

6

6AS border Router

2

9OSPF : Configuration en areas

2

3

3 Area 3

internes

Area border

AS border

Area 1

RT1

RT2

N3

N1

N2

RT4

RT3

131

1

N4

OSPF : Annonces de l’area 1 vers le BackBone

2

3

N1 4

N2 4

N3 1

N4 3

N1 4

N2 4

N3 1

N4 2

1

OSPF : les annonces du Backbone vers l’area 1

Destinations annoncées dans l’area 1 par RT3, RT4Dest RT3 RT4

N6 16 (1+7+8) 15N7 20 19N8 18 18N9 19 26

A l’inverse :

Link-State Routing Features

1. Using Hello and LSA to build DB2. Using SPF to calculate shortest

route3. Store this route info in routing table

How Routing Information Is Maintained

How Routing Information Is Maintained

• Link-state advertisements (LSAs) • A topological database • The shortest path first (SPF) algorithm • The resulting SPF tree • A routing table of paths and ports to each

network to determine the best paths for packets

•If a link failure occurs, the flooding mechanism with LSA is used!

Link State Operation

• Routers are aware of directly connected networks known as ‘links’

• Routers send ‘hellos’ to discover neighbours

• Routers send Link State Advertisements to other routers informing them of their links

• All routers add Link State Advertisements to their topological database

• Shortest Path algorithm calculates best route to each network

• When link states change, LSA update sent to all routers which recalculate their routes

OSPF Key WordsAdjacencies database

• Directly connected routers (with exchange)

Topological Database

• Routes to every network

Routing table

Best path to each network

Designated Router

• a router elected by all others to represent the network area

Area 0

• backbone

Topological Database

• Every router advertises directly connected networks via Link State Advertisements

• Every router has it’s own view of the network – it builds a ‘topological database’

• Router A is aware of 2 paths to 192.168.157.0 – this provides redundancy should one of the routers fail (cf slide suivante)

Link-State Routing Protocol Algorithms

OSPF Terminology

Forming Adjacencies

• Init state

• Establish bi-directional communication

• Exstart

• Loading state

• Full state

Router Adjacencies Without Designated Routers

R3

R1

R5

R2

R4

R6

15 Router adjacencies (N*(N-1)/2)

Echange de Link State

Router Designation

• Election process

Hello Packet

Priority

• Designated router (DR)

• Backup DR (BDR)

• DR other

Router Adjacencies With Designated Routers

R3

R1

R5

R2

R4

R6

DR

BDR9 Router adjacencies

Adjacencies The fact that routers are neighbors is not sufficient to guarantee an exchange of link-state updates; they must form adjacencies to exchange link-state updates.

Adjacency is an advanced form of neighborship formed by routers that are willing to exchange routing information after negotiating parameters of such an exchange.

Routers reach a FULL state of adjacency when they have synchronized views on a link-state database.

Once a router decides to form an adjacency with a neighbor, it starts by exchanging a full copy of its link-state database.

The neighbor, in turn, exchanges a full copy of its link-state database with the router.

After passing through several neighbor states, the routers become fully adjacent.

Neighbor in init State The init state indicates that a router sees HELLO packets from the neighbor, but two-way communication has not been established. A Cisco router includes the Router IDs of all neighbors in the init (or higher) state in the Neighbor field of its HELLO packets. For two-way communication to be established with a neighbor, a router also must see its own Router ID in the Neighbor field of the neighbor’s HELLO packets.

Neighbor in 2-way State The 2-way state indicates that the router has seen its own Router ID in the Neighbor field of the neighbor’s HELLO packet.

Neighbor in exstart State OSPF neighbors that are in exstart or exchange state are trying to exchange DBD packets. The router and its neighbor form a master and slave relationship.

The adjacency should continue past this state.

If it does not, there is a problem with the DBD exchange, such as a maximum transmission unit (MTU) mismatch or the receipt of an unexpected DBD sequence number.

DBD= Database descriptors

Exchange StateIn the exchange state, OSPF routers exchange database descriptor (DBD) packets. Database descriptors contain link-state advertisement (LSA) headers only and describe the contents of the entire link-state database. Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by slave. Routers also send link-state request packets and link-state update packets (which contain the entire LSA) in this state. The contents of the DBD received are compared to the information contained in the routers link-state database to check if new or more current link-state information is available with the neighbor.

Neighbor in loading State In the loading state, routers send link-state request packets.

Full State Routers reach a FULL state of adjacency when they have synchronized views on a link-state database.

Exemple

RTA#hostname RTA interface Loopback0 ip address 203.250.13.41 255.255.255.0interface Ethernet0 ip address 203.250.14.1 255.255.255.0router ospf 10 network 203.250.13.41 0.0.0.0 area 1 network 203.250.0.0 0.0.255.255 area 0.0.0.0

RTF#hostname RTFinterface Ethernet0 ip address 203.250.14.2 255.255.255.0router ospf 10 network 203.250.0.0 0.0.255.255 area 0.0.0.0

The sequence in which the OSPF network commands are listed is very important.

In RTA's configuration, if the "network 203.250.0.0 0.0.255.255 area 0.0.0.0" statement was put before the "network 203.250.13.41 0.0.0.0 area 1" statement, all of the interfaces would be in area 0, which is incorrect because the loopback is in area 1

RTA#show ip ospf interface e0Ethernet0 is up, line protocol is up Internet Address 203.250.14.1 255.255.255.0, Area 0.0.0.0 Process ID 10, Router ID 203.250.13.41, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State BDR, Priority 1 Designated Router (ID) 203.250.15.1, Interface address 203.250.14.2 Backup Designated router (ID) 203.250.13.41, Interface address 203.250.14.1 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:02 Neighbor Count is 3, Adjacent neighbor count is 3

RTD#show ip ospf interface e0Ethernet0 is up, line protocol is up Internet Address 203.250.14.4 255.255.255.0, Area 0.0.0.0

Process ID 10, Router ID 192.208.10.174, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DROTHER, Priority 1 Designated Router (ID) 203.250.15.1, Interface address 203.250.14.2 Backup Designated router (ID) 203.250.13.41, Interface address 203.250.14.1 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:03 Neighbor Count is 3, Adjacent neighbor count is 2 Adjacent with neighbor 203.250.15.1 (Designated Router) Adjacent with neighbor 203.250.13.41 (Backup Designated Router)

RTD#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 203.250.12.1 1 2WAY/DROTHER 0:00:37 203.250.14.3 Ethernet0203.250.15.1 1 FULL/DR 0:00:36 203.250.14.2 Ethernet0203.250.13.41 1 FULL/BDR 0:00:34 203.250.14.1 Ethernet0

The show ip ospf neighbor command shows the state of all the neighbors on a particular segment.

Do not be alarmed if the "Neighbor ID" does not belong to the segment you are looking at. In our case 203.250.12.1 and 203.250.15.1 are not on Ethernet0.

This is "OK" because the "Neighbor ID" is actually the RID which could be any IP address on the box.

RTD and RTB are just neighbors, that is why the state is 2WAY/DROTHER.

RTD is adjacent to RTA and RTF and the state is FULL/DR and FULL/BDR.

OSPF : Le calcul des routes

• La base de données permet de calculer les tables de routages

• Le calcul est effectué après tout changement de topologie

• Selon l’algorithme «link state» qui détermine les chemins les plus courts

Shortest Path Algorithm

(Cost)

Shortest Path Algorithm (ex. To reach B)

The best path is the lowest-cost path.

Retirer ce lien

Link-State Algorithm

OSPF uses a link-state algorithm in order to build and calculate the shortest path to all known destinations.

1.Upon initialization or due to any change in routing information, a router will generate a link-state advertisement. This advertisement will represent the collection of all link-states on that router.

2.All routers will exchange link-states by means of flooding. Each router that receives a link-state update should store a copy in its link-state database and then propagate the update to other routers via DR.

3. After the database of each router is completed, the router will calculate a Shortest Path Tree to all destinations. The router uses the Dijkstra algorithm to calculate the shortest path tree. The destinations, the associated cost and the next hop to reach those destinations will form the IP routing table.

4. In case no changes in the OSPF network occur, such as cost of a link or a network being added or deleted, OSPF should be very quiet. Any changes that occur are communicated via link-state packets, and the Dijkstra algorithm is recalculated to find the shortest path.

In order to build the shortest path tree for RTA, we would have to make RTA the root of the tree and calculate the smallest cost for each destination.

Egalité !

The above is the view of the network as seen from RTA. Note the direction of the arrows in calculating the cost.

For example, the cost of RTB's interface to network 128.213.0.0 is not relevant when calculating the cost to 192.213.11.0. RTA can reach 192.213.11.0 via RTB with a cost of 15 (10+5).

RTA can also reach 222.211.10.0 via RTC with a cost of 20 (10+10) or via RTB with a cost of 20 (10+5+5). In case equal cost paths exist to the same destination, Cisco's implementation of OSPF will keep track of up to six next hops to the same destination.

After the router builds the shortest path tree, it will start building the routing table accordingly.

Directly connected networks will be reached via a metric (cost) of 0 and other networks will be reached according to the cost calculated in the tree.

OSPF Network Types

Cela peut être aussi du FRSelon config.

Selecting Interface Network Types

The command used to set the network type of an OSPF interface is:

ip ospf network {broadcast | non-broadcast | point-to-multipoint}

FR: point to multipoint

Que représentent les adresses @ ?

RTA#interface Loopback0 ip address 200.200.10.1 255.255.255.0interface Serial0 ip address 128.213.10.1 255.255.255.0 encapsulation frame-relay ip ospf network point-to-multipointrouter ospf 10network 128.213.0.0 0.0.255.255 area 1

RTB#interface Serial0 ip address 128.213.10.2 255.255.255.0 encapsulation frame-relay ip ospf network point-to-multipoint

interface Serial1 ip address 123.212.1.1 255.255.255.0

router ospf 10network 128.213.0.0 0.0.255.255 area 1network 123.212.0.0 0.0.255.255 area 0

OSPF Hello Protocol

commonheader

Hellopacket

Version number—Identifies the OSPF version used.

• Type—Identifies the OSPF packet type as one of the following:

– Hello—Establishes and maintains neighbor relationships.

– Database description—Describes the contents of the topological database. These messages are exchanged when an adjacency is initialized.

– Link-state request—Requests pieces of the topological database from neighbor routers. These messages are exchanged after a router discovers (by examining database-description packets) that parts of its topological database are outdated (périmé).

– Link-state update—Responds to a link-state request packet. These messages also are used for the regular dispersal of LSAs. Several LSAs can be included within a single link-state update packet.

– Link-state acknowledgment—Acknowledges link-state update packets.

• Packet length—Specifies the packet length, including the OSPF header, in bytes.

• Router ID—Identifies the source of the packet.

• Area ID—Identifies the area to which the packet belongs. All OSPF packets are associated with a single area.

• Checksum—Checks the entire packet contents for any damage suffered in transit.

• Authentication type—Contains the authentication type. All OSPF protocol exchanges areauthenticated. The authentication type is configurable on per-area basis.

• Authentication—Contains authentication information.

• Data—Contains encapsulated upper-layer information.

OSPF Hello Protocol• The hello packets are addressed to the multicast

address 224.0.0.5, referring to all OSPF routers

• Hellos are sent every 10 seconds by default on broadcast multi-access and point-to-point networks

• On interfaces that connect to NBMA networks, such as Frame Relay, the default time is 30 seconds

• On multi-access networks the Hello protocol elects a designated router (DR) and a backup designated router (BDR).

Hello packets consist of the OSPF header plus the following fields:

•Network mask—Network mask associated with the interface. •Hello interval—How often the router sends hello packets. All routers on a shared network must use the same hello interval. You configure this interval with the hello-interval statement. •Options—Optional capabilities of the router.•Router priority—The router's priority to become the designated router. You can configure this value with the priority statement.

•Router dead interval—How long the router waits without receiving any OSPF packets from a router before declaring that router to be down. All routers on a shared network must use the same router dead interval. You can configure this value with the dead-interval statement.

•Designated router—IP address of the designated router.

•Backup designated router—IP address of the backup designated router.

•Neighbor—IP addresses of the routers from which valid hello packets have been received within the time specified by the router dead interval.

Steps in the Operation of OSPF

Discover neighbors

Highest IP address


Elect DR and BDR on Multi Access Network

La priorité est un nombre sur 8 bits fixé par défaut à 1 sur tous les routeurs (en fait leurs interfaces: priorité par interface). Pour départager les routeurs ayant la même priorité, est élu celui qui a la plus grande adresse IP sur une interface de boucle locale (loopback interface) ou sur un autre type d'interface active. Le BDR sera le routeur avec la deuxième plus grande priorité.

DR and BDR Receive LSAs

Designated Router/Backup DR

• All LSA sent to DR/BDR instead of to every single router

• Reduces overhead of LSA updates

• Standard on multi-access networks

• DR is single point of failure – solution is BDR

DR/BDR selection

• To suit the topology used the network administrator will want to choose DR/BDR

• DR/BDR election based on OSPF priority

• Lowest priority=DR

• 2nd lowest priority=BDR

Router(config-if)#ip ospf priority number

Router#show ip ospf interface type number

A priority value of zero indicates an interface which is not to be elected as DR or BDR.

The state of the interface with priority zero will be DROTHER.

Exemple


Selecting the Best Route

Basic OSPF Configuration

Basic OSPF Configuration

Ou 0.0.0.0 ce qui revient au même

OSPF Loopback Address

• For OSPF to function there must always be an active interface

• Physical interfaces e.g. serial/Ethernet may not always be active – routing would fail

• Configure virtual “loopback” interface as solution

• Subnet mask will always be 255.255.255.255

Router(config)#interface loopback number

Router(config-if)#ip address ip-address subnet-mask

Configuring OSPF Loopback Address and Router Priority

Setting OSPF Priority

The priorities can be set to any value from 0 to 255. A value of 0 prevents that router from being elected. A router with the highest OSPF priority will win the election for DR.

Modifying OSPF Cost Metric

Modifier la BW sur les liens série !!!

OSPF Authentication It is possible to authenticate the OSPF packets such that routers can participate in routing domains based on predefined passwords.

By default, a router uses a Null authentication which means that routing exchanges over a network are not authenticated.

Two other authentication methods exist: Simple password authentication and Message Digest authentication (MD-5).

Simple Password Authentication Simple password authentication allows a password (key) to be configured per area.

Routers in the same area that want to participate in the routing domain will have to be configured with the same key.

The drawback of this method is that it is vulnerable to attacks. Anybody with a link analyzer could easily get the password off the wire.

To enable password authentication use the following commands:

ip ospf authentication-key key

(this goes under the specific interface)

area area-id authentication

(this goes under "router ospf <process-id>")

Here's an example:

interface Ethernet0 ip address 10.10.10.10 255.255.255.0 ip ospf authentication-key mypassword

router ospf 10 network 10.10.0.0 0.0.255.255 area 0 area 0 authentication

Message Digest Authentication Message Digest authentication is a cryptographic authentication. A key (password) and key-id are configured on each router.

The router uses an algorithm based on the OSPF packet, the key, and the key-id to generate a "message digest" that gets appended to the packet.

Unlike the simple authentication, the key is not exchanged over the wire.

A non-decreasing sequence number is also included in each OSPF packet to protect against replay attacks.

For administrators who wish to change the OSPF password without disrupting communication: If an interface is configured with a new key, the router will send multiple copies of the same packet, each authenticated by different keys. The router will stop sending duplicate packets once it detects that all of its neighbors have adopted the new key.

Following are the commands used for message digest authentication:

ip ospf message-digest-key keyid md5 key

(used under the interface)

area area-id authentication message-digest

(used under "router ospf <process-id>")

Here's an example:

interface Ethernet0 ip address 10.10.10.10 255.255.255.0 ip ospf message-digest-key 10 md5 mypassword

router ospf 10 network 10.10.0.0 0.0.255.255 area 0 area 0 authentication message-digest

Configuring OSPF Authentication

• The key-id is an identifier and takes the value in the range of 1 through 255

• The key is an alphanumeric password up to sixteen characters.

• Neighbor routers must use the same key identifier with the same key value

OSPF Hello Interval and Dead Interval

OSPF hello packets are packets that an OSPF process sends to its OSPF neighbors to maintain connectivity with those neighbors.

The hello packets are sent at a configurable interval (in seconds).

The defaults are 10 seconds for an Ethernet link and 30 seconds for a non broadcast link.

Hello packets include a list of all neighbors for which a hello packet has been received within the dead interval.

The dead interval is also a configurable interval (in seconds), and defaults to four times the value of the hello interval.

The value of all hello intervals must be the same within a network.

Likewise, the value of all dead intervals must be the same within a network.

These two intervals work together to maintain connectivity by indicating that the link is operational.

If a router does not receive a hello packet from a neighbor within the dead interval, it will declare that neighbor to be down.

Hello and Dead Intervals: OSPF exchanges Hello packets on each segment. This is a form of keepalive used by routers in order to acknowledge their existence on a segment and in order to elect a designated router (DR) on multiaccess segments.The Hello interval specifies the length of time, in seconds, between the hello packets that a router sends on an OSPF interface. The dead interval is the number of seconds that a router's Hello packets have not been seen before its neighbors declare the OSPF router down.

OSPF requires these intervals to be exactly the same between two neighbors.

If any of these intervals are different, these routers will not become neighbors on a particular segment.

The router interface commands used to set these timers are: ip ospf hello-interval seconds ip ospf dead-interval seconds .

Configuring OSPF Timers

Stub area flag: Two routers have to also agree on the stub area flag in the Hello packets in order to become neighbors.

Stub areas will be discussed in a later section.

Keep in mind for now that defining stub areas will affect the neighbor election process.

Maintaining Routing Information - I

Maintaining Routing Information - II

Maintaining Routing Information - III

Maintaining Routing Information - IV

Common OSPF Configuration Issues

Network type: point to point, multi-access, …

Verifying OSPF Configuration

• show ip protocol

• show ip route

• show ip ospf interface

• shop ip ospf

• show ip ospf neighbor detail

• show ip ospf database

Verifying OSPF Configuration

The debug and clear Commands for OSPF Verification

Summary

Multi-area OSPF

Configuring Multi-area OSPF

• Why use multi-area OSPF ?

• Advantages

Smaller routing tables

Less routing update overhead

Faster synchronization

• Disadvantages

Complex to implement

OSPF Router Types

• Internal

• Area border router (ABR)

• Autonomous systems border router (ASBR)

• Backbone router

Multiple OSPF Areas:WHY ?

• Three issues can overwhelm an OSPF router in a heavily populated OSPF network: high demand for router processing and memory resources, large routing tables, and large topology tables.

• Fortunately, OSPF allows large areas to be separated into smaller, more manageable areas that can exchange summaries of routing information rather than exchange every detail.

Multiple OSPF Areas

• Just how many routers can an OSPF area support? Field studies have shown that a single OSPF area should not stretch beyond 50 routers, although there is no concrete limit.

• OSPF's capability to separate a large internetwork into multiple areas is referred to as hierarchical routing. Hierarchical routing enables you to separate large internetworks into smaller internetworks that are called areas.

Multiple OSPF Areas

• Interarea routing is the process of exchanging routing information between OSPF areas.

• The hierarchical topology possibilities of OSPF have several important advantages:

• Reduced frequency of SPF calculations.

• Smaller routing tables.

• Reduced link-state update (LSU) overhead.

Multiple OSPF Areas

• Hierarchical routing increases routing efficiency because it allows you to control the type of routing information that flows into and out of an area.

OSPF Routing Types

• Four different types of OSPF routers exist,

• Internal router- routers that have all their interfaces within the same area are called internal routers. Internal routers in the same area have identical link-state databases and run a single copy of the routing algorithm.

OSPF Routing Types

• Backbone router- Routers that are attached to the backbone area of the OSPF network are called backbone routers. They have at least one interface connected to Area 0 (the backbone area). These routers maintain OSPF routing information using the same procedures and algorithms as internal routers.

OSPF Routing Types

• Area Border Router (ABR) - ABRs are routers with interfaces attached to multiple areas.

• They maintain separate link-state databases for each area to which they are connected, and they route traffic destined to or arriving from other areas.

• ABRs are exit points for the area, which means that routing information destined for another area can travel there only via the local area's ABR.

OSPF Routing Types

• ABRs summarize information about the attached areas from their link-state databases and distribute the information into the backbone. The backbone ABRs then forward the information to all other connected areas. An area can have one or more ABRs.

OSPF Routing Types

• Autonomous System Boundary Router (ASBR) - ASBRs are routers that have at least one interface connected to an external internetwork (another autonomous system), such as a non-OSPF network. These routers can import non-OSPF network information to the OSPF network, and vice versa (this is referred to as redistribution).

The backbone has to be at the center of all other areas, i.e. all areas have to be physically connected to the backbone (normally ...).

The reasoning behind this is that OSPF expects all areas to inject routing information into the backbone and in turn the backbone will disseminate that information into other areas.

The following diagram will illustrate the flow of information in an OSPF network:

Routes that are generated from within an area (the destination belongs to the area) are called intra-area routes.

These routes are normally represented by the letter O in the IP routing table.

Routes that originate from other areas are called inter-area or Summary routes.

The notation for these routes is O IA in the IP routing table.

Routes that originate from other routing protocols (or different OSPF processes) and that are injected into OSPF via redistribution are called external routes.

These routes are represented by O E2 or O E1 in the IP routing table.

Multiple routes to the same destination are preferred in the following order: intra-area, inter-area, external E1, external E2.

External types E1 and E2 will be explained later.

BGP and AS

Type 1

Type 2

Type 3

Type 4 et 5

LSA types

OSPF : les sous-protocoles• Le protocole Hello

vérifie que les liaisons sont opérationnelles

permet l’élection du routeur désigné ainsi que le routeur back-up

établit une connexion bilatérale entre 2 routeurs

En-tête OSPF : hello

Masque de reseau ou sous-réseau

Intervalle Hello Options Priorité

Intervalle de Mort (tempo.)

Routeur désigné (IP)

Back-up (IP)

Voisin

Voisin

. . .

Intervalle entrepaquets

0 si processusnon terminé

0 si processusnon terminé

permet la sélection du «désigné» et «backup»

OSPF : les sous-protocoles• Le protocole d’échange (LS)

consiste en l’échange des tables «link state» entre 2 routeurs

activé si la connexion bilatérale a réussit

se situe entre routeur désigné et les autres routeurs sur les liaisons réseaux et entre backup et autres routeurs

initie les premiers échanges

suppléé ensuite par le protocole d’inondation

Fonctionne en Maitre/Esclave

Echanges avec acquittements

options

Type d’EL

Identifieur d’état de liaison

Routeur annonçant (IP)

No de séquence d’EL

Checksum d’El age d’EL

. . .

0 0

En tete OSPF Type = 2

No Seq dans la base

Informations de synchronisation de protocole

OSPF : les sous-protocoles• Le protocole d’inondation

Activé lorsque l’etat d’une liaison change et que cet état était préalablement enregistré.

Peut aussi être activé sur demande d’état apres connexion bilatérale

protocole avec acquittement

si nouvelle valeur : l’annonce est réémises sur tous les interfaces

Acquittement vers l’émetteur

initialType d’EL




Checksum d’El age d’EL

. . .

En tete OSPF Type = 4

Nombre d’annonce1

OSPF : La base de données• Les états des liaisons sont enregistrés selon 5 types :

routeur,

réseau,

récapitulation de réseau IP,

récapitulation de réseau externe,

externe

• L’identifiant de la liaison est choisi par le routeur annonçant

• Format d’un enregistrement :

Age de l’EL options Type d’EL




Checksum d’El longueur

. . .Data Depend du type d’enregistrement

sur 32 bits, identifie l’antériorité

Adresse IP

The link-ID is an identification of the link itself.

This is different for each link type.

A transit link is identified by the IP address of the DR on that link.

A point-to-point link is identified by the RID of the neighbor router on the point-to-point link.

Données de liaison

OSPF : La base de données• Les liaisons de routeurs (type EL = 1)

récapitulent les liaisons attachées à ce routeur

type de la liaison :

point à point vers un autre routeur (type 1)

reliant le routeur vers un réseau de transit (type 2)

reliant le routeur à un réseau terminal (type 3)

Identifieur de liaisonLIAISON point à point vers un autre routeur

RID du voisinAdresse IP de l’interface routeur

LIAISON routeur ->réseau de transit

Adresse IP du routeur désignéAdresse IP de l’interface locale

LIAISON routeur ->réseau terminal

Adresse IP du réseau ou sous-réseauMasque réseau ou sous réseau

EL: Etat de lien

OSPF : La base de données

• Les liaisons de réseau (type EL = 2)

annoncées par les routeurs désignés sur les réseaux de transit

Annonce des routeurs directement attachés à ce réseau

L’Identifieur de liaison correspond à l’adresse IP du routeur désigné vers ce réseau

• Les liaisons récapitulatives de réseaux IP (type EL=3)

annoncées par les routeurs inter-area

un message par annonce (pas de groupage)

Identifieur de liaison = adresse IP de réseau

OSPF : La base de données Les liaisons récapitulatives de routeurs externes (type EL=4) annoncées par les routeurs externes un message par annonce (pas de groupage) Identifieur de liaison = adresse IP du routeur externe

Les liaisons externes (type EL=5) annoncées par les routeurs externes (Cf EGP, BGP) un message par annonce (pas de groupage) Identifieur de liaison = adresse IP du réseau ou sous-

réseau destinataire

LS type = 1 ; signifie router link

LS ID = 192.1.1.3 ; Router ID de RT3

Advertising router = 192.1.1.3 ; annonceur

#links=2

link ID = 192.1.1.4 ; adr. IP du Des. Rout. RT4

Link Data = 192.1.1.3 ; RT3 interface

Type = 2 ; connecté a un réseau transit

metric = 1 ; coût

link ID = 192.1.4.0 ; adresse IP du réseau N4

Link Data = 0Xffffff00 ; masque du réseau

Type = 3 ;connecté a unréseau term.

metric = 2 ; coût

RT1RT2

N3

N1

N2

RT4

RT3 RT68

1

1

N4

72

3

11

192.1.4

192.1.2.

192.1.3

192.1.1

192.1.3.

618.10.0.6

1

Annonce de RT3 vers RT6

LS type = 1 ; signifie router link



bit E = 0 ; pas un ASBR

#links=1

link ID = 18.10.0.6 ; adr. IP du voisin RT6

Type = 1 ; connecté a un routeur

metric = 8 ; coût

RT1RT2

N3

N1

N2

RT4

RT3 RT68

1

1

N4

72

3

11

192.1.4

192.1.2.

192.1.3

192.1.1

192.1.3.

6

118.10.0.6

Annonce de RT3 (suite)vers N3

LS age = 0 ; valeur à l'init

LS type = 2 ; signifie network link



Network mask = 0Xffffff00 ; masque réseau

Attached Router = 191.1.1.4 ; Routeur RT4




RT1RT2

N3

N1

N2

RT4

RT3 RT68

1

1

N4

72

3

11

192.1.4

192.1.2.

192.1.3

192.1.1

192.1.3.

618.10.0.6

1

Annonces de RT4 (DR) pour N3

un network link par l’intermediaire du DR annonce tous les routeurs attachés à ce réseau

Attention: EL: external links

LS TypeAdvertisement Description1Router Link advertisements. Generated by each router for each area it belongs to. They describe the states of the router's link to the area. These are only flooded within a particular area.2Network Link advertisements. Generated by Designated Routers. They describe the set of routers attached to a particular network. Flooded in the area that contains the network.3 or 4Summary Link advertisements. Generated by Area Border routers. They describe inter-area (between areas) routes. Type 3 describes routes to networks, also used for aggregating routes. Type 4 describes routes to ASBR.5AS external link advertisements. Originated by ASBR. They describe routes to destinations external to the AS. Flooded all over except stub areas.

Link-state advertisements are broken into five types.

type 1. Router Links (RL) are generated by all routers. These links describe the state of the router interfaces inside a particular area. These links are only flooded inside the router's area.

type 2.Network Links (NL) are generated by a DR of a particular segment; these are an indication of the routers connected to that segment.

Type 3. Summary Links (SL) are the inter-area links These links will list the networks inside other areas but still belonging to the autonomous system. Summary links are injected by the ABR from the backbone into other areas and from other areas into the backbone. These links are used for aggregation between areas. Other types of summary links are the asbr-summary links. These are type 4 links that point to the ASBR. This is to make sure that all routers know the way to exit the autonomous system. The last type is type 5, External Links (EL), these are injected by the ASBR into the domain.

The above diagram illustrates the different link types. RTA generates a router link (RL) into area 1, and it also generates a network link (NL) since it happens the be the DR on that particular segment. RTB is an ABR, and it generates RL into area 1 and area 0. RTB also generates summary links into area 1 and area 0. These links are the list of networks that are interchanged between the two areas. An ASBR summary link (type 4) is also injected by RTB into area 1. This is an indication of the existence of RTD, the autonomous system boundary router (ASBR).

Similarly RTC, which is another ABR, generates RL for area 0 and area 2, and a SL (3) into area 2 and a SL (3,4) into area 0 announcing RTD.

RTD generates a RL for area 2 and generates an EL (type 5) for external routes learned via BGP. The external routers will be flooded all over the domain.

OSPF Routing Types

• A router can be more than one router type. For example, if a router interconnects to Area 0 and Area 1, as well as to a non-OSPF network, it would be both an ABR and an ASBR.

OSPF Area Types

• Multiarea OSPF is scalable because a router's link-state database can include multiple types of LSAs. DRs (Designated Routers) and routers that reside in multiple areas or autonomous systems use special LSAs to send or summarize routing information.

• The characteristics that you assign to an area control the type of route information that it can receive.

Scalable: évolutif

OSPF Area Types

• For example, you may want to minimize the size of routing tables in an OSPF area, in which case you can configure the routers to operate in an area that does not accept external routing information (Type 5 LSAs).

OSPF Area Types

• Standard area - A standard area can accept link updates and route summaries.

• Backbone area (transit area) - When interconnecting multiple areas, the backbone area is the central entity to which all other areas connect. The backbone area is always Area 0. All other areas must connect to this area to exchange route information. The OSPF backbone has all the properties of a standard OSPF area.

OSPF Area Types

• Stub area - A stub area is an area that does not accept information about routes external to the autonomous system (the OSPF internetwork), such as routes from non-OSPF sources. If routers need to reach networks outside the autonomous system, they use a default route.

• (A default route is noted as 0.0.0.0/0).

Stub Areas External networks, such as those redistributed from other protocols into OSPF, are not allowed to be flooded into a stub area. Routing from these areas to the outside world is based on a default route. Configuring a stub area reduces the topological database size inside an area and reduces the memory requirements of routers inside that area.

Other stub area restrictions are that a stub area cannot be used as a transit area for virtual links.

Also, an ASBR cannot be internal to a stub area.

These restrictions are made because a stub area is mainly configured not to carry external routes and any of the above situations cause external links to be injected in that area. The backbone, of course, cannot be configured as stub.

All OSPF routers inside a stub area have to be configured as stub routers. This is because whenever an area is configured as stub, all interfaces that belong to that area will start exchanging Hello packets with a flag that indicates that the interface is stub. Actually this is just a bit in the Hello packet (E bit) that gets set to 0. All routers that have a common segment have to agree on that flag. If they don't, then they will not become neighbors and routing will not take effect.

OSPF Area Types

• Totally stubby area - A totally stubby area is an area that does not accept external autonomous system (AS) routes and summary routes from other areas internal to the autonomous system. Instead, if the router needs to send a packet to a network external to the area, it sends it using a default route. Totally stubby areas are a Cisco proprietary feature.

An extension to stub areas is what is called "totally stubby areas". Cisco indicates this by adding a "no-summary" keyword to the stub area configuration. A totally stubby area is one that blocks external routes and summary routes (inter-area routes) from going into the area. This way, intra-area routes and the default of 0.0.0.0 are the only routes injected into that area.

OSPF Area Types

• Not-so-stubby area (NSSA) - An NSSA is an area that is similar to a stub area but allows for importing external routes as Type 7 LSAs (new type dedicated for NSSA...) and translation of specific Type 7 LSA routes into Type 5 LSAs.

Type 7 explained later …

Refus (cela vient d’un ABR)

OK (car cela vient d’un ASBR)

In the network diagram, let suppose that Area 1 is defined as a stub area.

IGRP routes cannot be propagated into the OSPF domain because redistribution is not allowed in the stub area.

However, if we define area 1 as NSSA, we can inject IGRP routes into the OSPF NSSA domain by creating type 7 LSAs.

Redistributed RIP routes will not be allowed in area 1 because NSSA is an extension to the stub area.

The stub area characteristics still exist, including no type 5 LSAs allowed.

Type 5 LSAs are not allowed in NSSA areas, so the NSSA ASBR generates a type 7 LSA instead, which remains within the NSSA.

This type 7 LSA gets translated back into a type 5 by the NSSA ABR.

Defining a Not-So-Stubby Area To make a stub area into an NSSA, use the following command under the OSPF configuration:router ospf 1 area 1 nssa

This command must be configured on every single router in area 1.

After defining area 1 as an NSSA, it will have the following characteristics:

•No Type 5 LSAs are allowed in area 1. This means no RIP routes are allowed in area 1.

•All IGRP routes are redistributed as type 7. This type 7 can only exist within NSSA.

•All type 7 LSAs are translated into type 5 LSAs by the NSSA ABR and are leaked* into the OSPF domain as type 5 LSAs.

*Leak: s’écouler

Pour rire ….

Defining an NSSA Totally Stub Area !!

To configure an NSSA totally stub area, use the following command under the OSPF configuration:router ospf 1 area 1 nssa no-summary Configure this command on NSSA ABRs only. After defining the NSSA totally stub area, area 1 has the following characteristics (in addition to the above NSSA characteristics): •No type 3 or 4 summary LSAs are allowed in area 1. This means no inter-area routes are allowed in area 1.•A default route is injected into the NSSA totally stub area as a type 3 summary LSA.

OSPF Area Types

• A key difference among these OSPF area types is the way they handle external routes. External routes are injected into OSPF by an ASBR. The ASBR may learn these routes from RIP or some other routing protocol.You can configure an ASBR to send out two types of external routes into OSPF: Type E1 (denoted in the routing table as E1) and Type E2.

OSPF Area Types

• Depending on the type, OSPF calculates the cost of external routes differently, as follows:

• E1 - If a packet is an E1, then the metric is calculated by adding the external cost to the internal cost of each link that the packet crosses. You use this packet type when you have multiple ASBRs advertising a route to the same autonomous system.

OSPF Area Types

• E2 - If a packet is an E2, then the packet will always have the external cost assigned, no matter where in the area it crosses (this is the default setting on ASBRs). You use this packet type if only one router is advertising a route to the autonomous system. Type E2 routes are preferred over Type E1 routes.

N: network

Un exemple

Un petit exercice (for experienced cisco engineers only …)

Suppose we added two static routes pointing to E0 on RTC: 16.16.16.0 255.255.255.0 (the /24 notation indicates a 24 bit mask starting from the far left) –subnet- and 128.213.0.0 255.255.0.0. Définir les config. de base des 2 routeursUn indice: il faudra donc redistribuer les routes statiques dans l’ospfLa commande « redistribute static metric 50 subnets » le permet en affectant un cost de 50 et en autorisant les subnets

Voir aide sur next slide

RTC# interface Ethernet0 ip address 203.250.14.2 255.255.255.0


router ospf 10 redistribute network network

ip route ip route

RTE#


router ospf 10 network



router ospf 10 redistribute static network 203.250.15.0 0.0.0.255 area 2 network 203.250.14.0 0.0.0.255 area 0

ip route 16.16.16.0 255.255.255.0 Ethernet0 ip route 128.213.0.0 255.255.0.0 Ethernet0

RTE#


router ospf 10 network 203.250.15.0 0.0.0.255 area 2

C’était la partie facile !

quel résultat à un sh ip route ?quels réseaux voit-on ?

RTE#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

Gateway of last resort is not set

203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:02:31, Serial0 O E2 128.213.0.0 [110/20] via 203.250.15.1, 00:02:32, Serial0

Note that the only external route that has appeared is 128.213.0.0, because we did not use the subnet keyword.

Remember that if the subnet keyword is not used, only routes that are not subnetted will be redistributed.

In our case 16.16.16.0 is a class A route that is subnetted and it did not get redistributed.

Since the metric keyword was not used (or a default-metric statement under router OSPF), the cost allocated to the external route is 20 (default for external)

If we use the following:

redistribute static metric 50 subnets pour RTC

RTE#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M- mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default


16.0.0.0 255.255.255.0 is subnetted, 1 subnets O E2 16.16.16.0 [110/50] via 203.250.15.1, 00:00:02, Serial0 203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:00:02, Serial0 O E2 128.213.0.0 [110/50] via 203.250.15.1, 00:00:02, Serial0

Pourquoi 50 ?

Note that 16.16.16.0 has shown up now and the cost to external routes is 50. Since the external routes are of type 2 (E2), the internal cost has not been added. Suppose now, we change the type to E1: redistribute static metric 50 metric-type 1 subnets



16.0.0.0 255.255.255.0 is subnetted, 1 subnets O E1 16.16.16.0 [110/XXX] via 203.250.15.1, 00:04:20, Serial0 203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:09:41, Serial0 O E1 128.213.0.0 [110/YYY] via 203.250.15.1, 00:04:21, Serial0



16.0.0.0 255.255.255.0 is subnetted, 1 subnets O E1 16.16.16.0 [110/114] via 203.250.15.1, 00:04:20, Serial0 203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:09:41, Serial0 O E1 128.213.0.0 [110/114] via 203.250.15.1, 00:04:21, Serial0

Note that the type has changed to E1 and the cost has been incremented by the internal cost of S0 which is 64, the total cost is 64+50=114.

Et si on ne voulait que annoncer l’une des 2 routes et pas l’autre:



router ospf 10 redistribute static metric 50 metric-type 1 subnets route-map STOPUPDATE network 203.250.15.0 0.0.0.255 area 2 network 203.250.14.0 0.0.0.255 area 0

ip route 16.16.16.0 255.255.255.0 Ethernet0 ip route 128.213.0.0 255.255.0.0 Ethernet0

access-list 1 permit 128.213.0.0 0.0.255.255

route-map STOPUPDATE permit 10 match ip address 1



203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:00:04, Serial0 O E1 128.213.0.0 [110/114] via 203.250.15.1, 00:00:05, Serial0

Distribuer OSPF dans d’autres Protocoles

Use of a Valid Metric Whenever you redistribute OSPF into other protocols, you have to respect the rules of those protocols. In particular, the metric applied should match the metric used by that protocol. For example, the RIP metric is a hop count ranging between 1 and 16, where 1 indicates that a network is one hop away and 16 indicates that the network is unreachable. On the other hand IGRP and EIGRP require a metric of the form: default-metric bandwidth delay reliability loading mtu

Redistribution mutuelle Mutual redistribution between protocols should be done very carefully and in a controlled manner. Incorrect configuration could lead to potential looping of routing information. A rule of thumb for mutual redistribution is not to allow information learned from a protocol to be injected back into the same protocol. Passive interfaces and distribute lists should be applied on the redistributing routers.

Distribute-list out works on the ASBR to filter redistributed routes into other protocols. Distribute-list in works on any router to prevent routes from being put in the routing table,

203.250.15.128

203.250.15.64

203.250.15.192

To illustrate, suppose RTA, RTC, and RTE are running RIP.

RTC and RTA are also running OSPF. Both RTC and RTA are doing redistribution between RIP and OSPF.

Let us assume that you do not want the RIP coming from RTE to be injected into the OSPF domain so you put a passive interface for RIP on E0 of RTC.

However, you have allowed the RIP coming from RTA to be injected into OSPF.

Bonne Chance !

RTE# interface Ethernet0 ip address 203.250.15.130 255.255.255.192 interface Serial0 ip address 203.250.15.2 255.255.255.192 router rip network 203.250.15.0 RTC# interface Ethernet0 ip address 203.250.15.67 255.255.255.192 interface Serial1 ip address 203.250.15.1 255.255.255.192 router ospf 10 redistribute rip metric 10 subnets network 203.250.15.0 0.0.0.255 area 0 router rip redistribute ospf 10 metric 2 passive-interface Ethernet0 network 203.250.15.0

RTA#interface Ethernet0 ip address 203.250.15.68 255.255.255.192 router ospf 10 redistribute rip metric 10 subnets network 203.250.15.0 0.0.0.255 area 0

router rip redistribute ospf 10 metric 1 network 203.250.15.0

Quel (mauvais) résultat selon vous ?

RTC#show ip route 203.250.15.0 255.255.255.192 is subnetted, 4 subnets C 203.250.15.0 is directly connected, Serial1 C 203.250.15.64 is directly connected, Ethernet0 R 203.250.15.128 [120/1] via 203.250.15.68, 00:01:08, Ethernet0 [120/1] via 203.250.15.2, 00:00:11, Serial1 O 203.250.15.192 [110/20] via 203.250.15.68, 00:21:41, Ethernet0

RTC has two paths to reach 203.250.15.128 subnet: Serial 1 and Ethernet 0 (E0 is obviously the wrong path).

Pourquoi ce résultat ?

This happened because RTC gave that entry to RTA via OSPF and RTA gave it back via RIP because RTA did not learn it via RIP pourquoi d’ailleurs ? (but via OSPF)

This example is a very small scale of loops that can occur because of an incorrect configuration. In large networks this situation gets even more aggravated.

In order to fix the situation in our example, you could allow RTC to send RIP on the Ethernet; this way RTA will not send it back on the wire because of split horizon. Split horizon does not allow updates to be sent back on the same interface they were learned from (via the same protocol). Best method is to apply distribute-lists on RTA to deny subnets learned via OSPF from being put back into RIP.

RTA# interface Ethernet0 ip address 203.250.15.68 255.255.255.192 router ospf 10 redistribute rip metric 10 subnets network 203.250.15.0 0.0.0.255 area 0 router rip redistribute ospf 10 metric 1 network 203.250.15.0 distribute-list 1 out ospf 10

access-list 1 deny 203.250.15.128 0.0.0.63

OSPF Design

Number of Neighbors The number of routers connected to the same LAN is also important. Each LAN has a DR and BDR that build adjacencies with all other routers. The fewer neighbors that exist on the LAN, the smaller the number of adjacencies a DR or BDR have to build. That depends on how much power your router has. You could always change the OSPF priority to select your DR. Also if possible, try to avoid having the same router be the DR on more than one segment. If DR selection is based on the highest RID, then one router could accidently become a DR over all segments it is connected to. This router would be doing extra effort while other routers are idle.

Configuring OSPF Across Multiple Areas

• This section summarizes how the different types of OSPF routers flood information and how they build their routing tables when operating within a multiarea environment.


• However, what if a packet must traverse multiple areas?

• For the OSPF routers to make routing decisions, they must build sufficient routing tables by exchanging LSUs. The LSU exchange process within a single OSPF area relies on just two LSA types-Type 1 and Type 2. To distribute routing information to multiple areas efficiently, Type 3 and Type 4 LSAs must be used by ABRs.

Flooding LSU’s to Multiple Areas

• An ABR is responsible for:

• generating routing information about each area to which it is connected

• and flooding the information through the backbone area to the other areas to which the backbone is connected. The general process for flooding follows these steps:


1. The routing processes occur within the area. The entire area must be synchronized before the ABR can begin sending summary LSAs to other areas.


2. The ABR reviews the resulting link-state database and generates summary LSAs (Type 3 or Type 4). By default, the ABR sends summary LSAs for each network that it knows about. To reduce the number of summary LSA entries, you can configure route summarization so that a single IP address can represent multiple networks. To use route summarization, your areas need to use contiguous IP addressing.


3. The summary LSAs are placed in an LSU and distributed through all ABR interfaces, with the following exceptions:

If the interface is connected to a neighboring router that is in a state below the exchange state, then the summary LSA is not forwarded.


If the interface is connected to a totally stubby area, then the summary LSA is not forwarded.

If the summary LSA includes a Type 5 (external) route and the interface is connected to a stub or totally stubby area, then the LSA is not sent to that area.


4. After an ABR or ASBR receives summary LSAs, it adds them to its link-state databases and floods them to the local area. The internal routers then assimilate the information into their databases.


• Remember that OSPF enables you to configure different area types so that you can reduce the number of route entries that internal routers maintain. To minimize routing information, you can define the area as a stub area, a totally stubby area, or an NSSA.

Updating the Routing Tables

• The order in which paths are calculated is as follows:

1. All routers first calculate the paths to destinations within their area and add these entries into the routing table. These are learned via Type 1 and Type 2 LSAs.


2. All routers then calculate the paths to the other areas within the internetwork. These paths are learned via interarea route entries, or Type 3 and Type 4 LSAs. If a router has an interarea route to a destination and an intra-area route to the same destination, the intra-area route is kept.


3. All routers, except those that are in any of the stub area types, then calculate the paths to the AS external (Type 5) destinations.

Configuring OSPF Components

• Configuring an ABRThere are no special commands to make a router an ABR or an ASBR. The router becomes an ABR as soon as you configure two of its interfaces to operate in different areas.

Configuring OSPF Components

• Configuring an ASBRASBRs are created when you configure OSPF to import, or redistribute, external routes into OSPF. Ex. Redistribute Rip, This command tells OSPF to import RIP routing information.

OSPF Route Summarization

• Recall that summarization is the consolidation of multiple routes into one single, supernet advertisement.

• Proper summarization requires contiguous (sequential) addressing (for example, 200.10.0.0, 200.10.1.0, 200.10.2.0, and so on). OSPF routers can be manually configured to advertise a supernet route, which is different from an LSA summary route.


• OSPF supports two types of summarization:

• Interarea route summarization - Interarea route summarization is done on ABRs and applies to routes from within each area. It does not apply to external routes injected into OSPF via redistribution. To take advantage of summarization, network numbers within areas should be contiguous.


• External route summarization - External route summarization is specific to external routes that are injected into OSPF via redistribution. Here again, it is important to ensure that external address ranges that are being summarized are contiguous (et disjoints). Summarization of overlapping ranges from two different routers could cause packets to be sent to the wrong destination. Only ASBRs can summarize external routes.


• To configure an ABR to summarize routes for a specific area before injecting them into a different area, you use the following syntax:

• Router(config-router)# area area-id range address mask.

• To perform interarea summarization:


• RTB(config)# router ospf 1RTB(config-router)# area 1 range 192.168.16.0 255.255.252.0.

• Note that the area 1 range command in this example specifies the area containing the range to be summarized before being injected into Area 0.


• OSPF Route Summarization

• To configure an ASBR to summarize external routes before injecting them into the OSPF domain, you use the following syntax:

• Router(config-router)# summary-address address mask


• RTA(config)# router ospf 1RTA(config-router)# summary-address 200.9.0.0 255.255.0.0


• Also, note that, depending on your network topology, you may not want to summarize area 0 networks. If you have more than one ABR between an area and the backbone area, for example, sending a summary LSA with the explicit network information will ensure that the shortest path is selected. If you summarize the addresses, a suboptimal path selection may occur.

In the above diagram, RTA and RTD are injecting external routes into OSPF by redistribution. RTA is injecting subnets in the range 128.213.64-95 and RTD is injecting subnets in the range 128.213.96-127.

RTA# router ospf 100

summary-address address IP mask: replace by correct value

redistribute bgp metric 1000 subnets : que signifie 1000

RTD# router ospf 100

summary-address address IP mask: replace by correct value

redistribute bgp metric 1000 subnets

RTA# router ospf 100 summary-address 128.213.64.0 255.255.224.0 redistribute bgp metric 1000 subnets

RTD# router ospf 100 summary-address 128.213.96.0 255.255.224.0 redistribute bgp metric 1000 subnets

This will cause RTA to generate one external route 128.213.64.0 255.255.224.0 and will cause RTD to generate 128.213.96.0 255.255.224.0.

Using Stub and Totally Stubby Areas

• You can configure an OSPF router interface to either operate in a stub area (does not accept information about routes external to the AS) or as a totally stubby area (does not accept external AS routes and summary routes from other areas internal to the AS).


• By configuring an area as stub, you can greatly reduce the size of the link-state database inside that area and, as a result, reduce the memory requirements of area routers. Remember that stub areas do not accept Type 5 (that is, external) LSAs.


• Because OSPF routers internal to a stub area will not learn about external networks, routing to the outside world is based on a default route.

• When you configure a stub area, the stub's ABR automatically propagates a default route within the area.


• Stub areas are typically created when you have a hub-and-spoke topology, with the spokes (such as branch offices) configured as stub areas.


• To further reduce the number of routes in a table, you can create a totally stubby area, which is a Cisco-specific feature. A totally stubby area is a stub area that blocks external Type 5 LSAs and summary (that is, Type 3 and Type 4) LSAs from entering the area. This way, intra-area routes and the default route are the only routes known to the stub area. ABRs inject the default summary link (default route) into the totally stubby area.


• Totally STUB: This is typically a better solution than creating stub areas, unless the target area uses a mix of Cisco and non-Cisco routers.

Stub and Totally Stub Criteria

• An area can be qualified as a stub or totally stubby when it meets the following criteria:

• There is a single exit point from that area.

• The area is not needed as a transit area for virtual links. (Virtual links are discussed at the end of this chapter.).


• No ASBR is internal to the stub area.

• The area is not the backbone area (Area 0).

• These criteria are important because a stub/totally stubby area is configured primarily to exclude external routes.


• To configure an area as a stub or totally stubby area, use the following syntax on all router interfaces that are configured to belong to that area:

• Router(config-router)#area area-id stub


• The optional no-summary keyword is used only on ABRs. This keyword configures the ABR to block interarea summaries (Type 3 and Type 4 LSAs). The no-summary keyword creates a totally stubby area.


• The area stub command is configured on each router in the stub location, which is essential for the routers to become neighbors and exchange routing information. When this command is configured, the stub routers exchange hello packets with the E bit set to 0. The E bit is in the Options field of the hello packet. It indicates that the area is a stub area.


• On ABRs only, you also have the option of defining the cost of the default route that is automatically injected in the stub/totally stubby area. You use the following syntax to configure the default route's cost:


• Router(config-router)#area area-id default-cost cost

Exemple de STUB

Assume that area 2 is to be configured as a stub area. The following example will show the routing table of RTE before and after configuring area 2 as stub.

RTC#

interface Ethernet 0 ip address 203.250.14.1 255.255.255.0


router ospf 10 network 203.250.15.0 0.0.0.255 area 2 network 203.250.14.0 0.0.0.255 area 0

RTE: sh ip route ??


203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:06:31, Serial0 WHY 74? 128.213.0.0 is variably subnetted, 2 subnets, 2 masks O E2 128.213.64.0 255.255.224.0 [110/10] via 203.250.15.1, 00:00:29, Serial0 O IA 128.213.63.0 255.255.255.252 [110/84] via 203.250.15.1, 00:03:57, Serial0 131.108.0.0 255.255.255.240 is subnetted, 1 subnets O 131.108.79.208 [110/74] via 203.250.15.1, 00:00:10, Serial0

RTE has learned the inter-area routes (O IA) 203.250.14.0 and 128.213.63.0 and it has learned the intra-area route (O) 131.108.79.208 and the external route (O E2) 128.213.64.0.

If we configure area 2 as stub, we need to do the following:

RTC#



router ospf 10 network 203.250.15.0 0.0.0.255 area 2 network 203.250.14.0 0.0.0.255 area 0 area 2 stub

RTE#

interface Serial1 ip address 203.250.15.2 255.255.255.252 router ospf 10 network 203.250.15.0 0.0.0.255 area 2 area 2 stub (pourquoi cette ligne ?)

The stub command is configured on RTE also, otherwise RTE will never become a neighbor to RTC.

The default cost was not set, so RTC will advertise 0.0.0.0 to RTE with a metric of 1.


Gateway of last resort is 203.250.15.1 to network 0.0.0.0

203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:26:58, Serial0 128.213.0.0 255.255.255.252 is subnetted, 1 subnets O IA 128.213.63.0 [110/84] via 203.250.15.1, 00:26:59, Serial0 131.108.0.0 255.255.255.240 is subnetted, 1 subnets O 131.108.79.208 [110/74] via 203.250.15.1, 00:26:59, Serial0 O*IA 0.0.0.0 0.0.0.0 [110/65] via 203.250.15.1, 00:26:59, Serial0

WHY 65 ??

Note that all the routes show up except the external routes which were replaced by a default route of 0.0.0.0.

The cost of the route happened to be 65

(64 for a T1 line + 1 advertised by RTC).

We will now configure area 2 to be totally stubby, and change the default cost of 0.0.0.0 (i.e. 1) to 10.

RTC#



router ospf 10 network 203.250.15.0 0.0.0.255 area 2 network 203.250.14.0 0.0.0.255 area 0 area 2 stub no-summary area 2 default cost 10

RTE#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default


203.250.15.0 255.255.255.252 is subnetted, 1 subnets C 203.250.15.0 is directly connected, Serial0 131.108.0.0 255.255.255.240 is subnetted, 1 subnets O 131.108.79.208 [110/74] via 203.250.15.1, 00:31:27, Serial0 O*IA 0.0.0.0 0.0.0.0 [110/74] via 203.250.15.1, 00:00:00, Serial0

Note that the only routes that show up are the intra-area routes (O) and the default-route 0.0.0.0.

The external and inter-area routes have been blocked. The cost of the default route is now 74 (64 for a T1 line + 10 advertised by RTC).

No configuration is needed on RTE in this case.

The area is already stub, and the no-summary command does not affect the Hello packet at all as the stub command does.

Meeting the Backbone Requirements

• OSPF has certain restrictions when multiple areas are configured. One area must be defined as Area 0, the backbone area. It is called the backbone because all inter-area communication must go through it.

Meeting the Backbone Requirements

• Thus, all areas should be physically connected to Area 0 so that the routing information injected into this backbone can be disseminated to other areas. The backbone area must always be configured as Area 0. You cannot make any other area ID function as the backbone.

Virtual Links

• There are situations, however, when a new area is added after the OSPF internetwork has been designed, and it is not possible to provide that new area with direct access to the backbone. In these cases, a virtual link can be defined to provide the needed connectivity to the backbone area.

Virtual Links

• The virtual link provides the disconnected area a logical path to the backbone. All areas must connect directly to the backbone area or through a transit area.

• The virtual link has the following two requirements:

Virtual Links

• It must be established between two routers that share a common area.

• One of these two routers must be connected to the backbone.

• Virtual links serve the following purposes:

• They can link an area that does not have a physical connection to the backbone. This linking could occur, for example, when two organizations merge.

Multi-area OSPF Layout

Router 1

Switch

Router 3

Router 4

Router 2

Area 0

Area 2

Area 1 E0E0

S0

S0

S1

S1131.108.33.1/24

141.108.10.4/38

131.108.1.1/24 131.108.1.2/24

131.108.26.1/24E0E0

141.108.10.0/30

Une exception !

Router 1 configuration


Virtual link avec les Router ID (la loopback est la plus haute adresse) !!

Router 3 Configuration

Virtual Links

• They can patch the backbone if discontinuity in Area 0 occurs. Discontinuity of the backbone might occur, for example, if two companies merge their two separate OSPF networks into a single one with a common Area 0.

• The only alternative for the companies is to redesign the entire OSPF network and create a unified backbone.

Virtual Links

• Another reason for creating a virtual link is to add redundancy in cases when router failure might cause the backbone to be split into two.

Virtual Links

• To configure a virtual link, perform the following steps:

• router(config-router)#area area-id virtual-link router-id

• If you do not know the neighbor's Router ID, you can Telnet to it and type the show ip ospf command.

Virtual Links

• Area 2 does not have a direct physical connection to the backbone (Area 0), which is an OSPF requirement because the backbone is a collection point for LSAs. ABRs forward summary LSAs to the backbone, which in turn forwards the traffic to all areas. All interarea traffic transits the backbone.

Virtual Links

• To provide connectivity to the backbone, a virtual link must be configured between R2 and R1. Area 1 will be the transit area and R1 will be the entry point into area 0. R2 will have a logical connection to the backbone through the transit area.

Virtual Links

• Both sides of the virtual link must be configured, as follows:

• R2(config-router)#area 1 virtual-link 10.3.10.5 --- With this command, area 1 is defined to be the transit area and the router ID of the other side of the virtual link is configured

Virtual Links

R1(config-router)#area 1 virtual-link 10.7.20.123 --- With this command, area 1 is defined to be the transit area and the router ID of the other side of the virtual link is configured.

RTA#router ospf 10area 2 virtual-link 2.2.2.2

RTB#router ospf 10area 2 virtual-link 1.1.1.1

Partitioning the Backbone OSPF allows for linking discontinuous parts of the backbone using a virtual link. In some cases, different area 0s need to be linked together. This can occur if, for example, a company is trying to merge two separate OSPF networks into one network with a common area 0. In other instances, virtual-links are added for redundancy in case some router failure causes the backbone to be split into two. Whatever the reason may be, a virtual link can be configured between separate ABRs that touch area 0 from each side and having a common area. This is illustrated in the following example:

OSPF

Documents

Transcript of OSPF