OSPF Overview
Link-State Protocol
- OSPF builds and maintains a complete map (link-state database) of the network topology.
- Uses the Dijkstra (Shortest Path First) algorithm to determine the best paths.
- Routers flood Link-State Advertisements (LSAs) throughout an area to ensure consistent topology information.
Hierarchical Design
- Area 0 (Backbone): Central point for inter-area traffic. All other areas must connect to Area 0 (directly or via virtual links).
- Area Border Routers (ABRs): Routers connecting Area 0 to other areas. They hold separate LSDBs for each area.
- Autonomous System Boundary Routers (ASBRs): Routers that redistribute external routes from other protocols (e.g., BGP, EIGRP).
Neighbor Discovery
- Routers on the same link (broadcast or non-broadcast) exchange Hello packets.
- Hello/Dead timers must match, and area/authentication must match for adjacency to form.
- On multi-access networks, a Designated Router (DR) and Backup DR (BDR) are elected to reduce LSA flooding.
Path Selection
- Uses a cost-based metric: Cost = Reference Bandwidth / Interface Bandwidth (default reference bandwidth = 100 Mbps on many platforms; can be changed).
- Dijkstra Algorithm: Builds a shortest-path tree from the router's perspective to all destinations.
Route Summarization
- Inter-area Summarization: Configured on the ABR to reduce LSDB size by advertising summarized addresses into the backbone.
- External Summarization: Configured on the ASBR to summarize external routes injected into OSPF.
- Helps in large-scale networks by reducing the number of routes within the LSDB and routing tables.
Authentication
- Plaintext or MD5 authentication (MD5 strongly preferred for security).
- All neighbors on the same segment must share the same authentication method and keys.
Virtual Links
- Used to connect an area to the backbone when a direct physical or logical connection to Area 0 is not possible.
- Essentially treats the transit area as if it were part of Area 0 to carry the backbone traffic.
OSPF Area Types
- Normal Area: Supports all LSAs.
- Stub Area: Blocks Type 5 LSAs (external routes), relies on a default route from the ABR.
- Totally Stubby Area (Cisco-specific): Blocks both Type 3 (inter-area) and Type 5 LSAs; ABR injects a default route.
- Not-So-Stubby Area (NSSA): Similar to a stub area but allows external routes to be injected as Type 7 LSAs, converted to Type 5 by the ABR.
- Totally NSSA: Combination of NSSA and totally stubby functionality.
OSPF LSA Types (Common)
- Type 1: Router LSA -- Generated by each router for each area it belongs to; describes the router's interfaces and costs.
- Type 2: Network LSA -- Generated by the DR on a broadcast or NBMA network; lists all routers on that segment.
- Type 3: Summary LSA -- Generated by ABRs; describes inter-area routes.
- Type 4: ASBR Summary LSA -- Generated by ABRs; provides reachability to an ASBR.
- Type 5: AS External LSA -- Generated by ASBRs to advertise external routes into OSPF.
- Type 7: NSSA External LSA -- Generated by ASBRs inside an NSSA; converted to Type 5 at the ABR.
Link-State Database (LSDB)
- Each router maintains a separate LSDB for every area it participates in.
- All routers in the same area share the same LSDB contents (LSA-level synchronization).
OSPF Hello Packets
- Used for neighbor discovery and keepalives.
- Defaults: Hello interval = 10 seconds (broadcast links), Dead interval = 40 seconds.
- Must match among neighbors or adjacency will fail.
OSPF Neighbor States
- Down: No Hellos received.
- Attempt: (NBMA only) Actively trying to contact neighbor.
- Init: Received a Hello, but not in the neighbor list.
- 2-Way: Bi-directional communication established; DR/BDR election might occur on multi-access segments.
- ExStart: Master/slave relationships formed, DB description exchange begins.
- Exchange: Routers exchange link-state database descriptors.
- Loading: Routers request missing LSAs.
- Full: Routers are fully adjacent, LSDBs synchronized.
DR/BDR Election
- Occurs on multi-access networks (e.g., Ethernet).
- The router with the highest OSPF interface priority becomes the DR. The next highest becomes BDR.
- If priorities are equal, the highest Router ID wins.
- Reduces flooding overhead by having all routers form adjacency only with the DR and BDR.
OSPF Metrics
- By default: Cost=Reference Bandwidth (100 Mbps)Interface Bandwidth (in Mbps)\text{Cost} = \frac{\text{Reference Bandwidth (100 Mbps)}}{\text{Interface Bandwidth (in Mbps)}}Cost=Interface Bandwidth (in Mbps)Reference Bandwidth (100 Mbps)
- Modify via auto-cost reference-bandwidth in router configuration or set manually using ip ospf cost on an interface.
- By default: Cost=Reference Bandwidth (100 Mbps)Interface Bandwidth (in Mbps)\text{Cost} = \frac{\text{Reference Bandwidth (100 Mbps)}}{\text{Interface Bandwidth (in Mbps)}}Cost=Interface Bandwidth (in Mbps)Reference Bandwidth (100 Mbps)
External Routes
- E1 routes: The cost is the external metric plus the internal OSPF cost to the ASBR.
- E2 routes (default): The metric stays constant throughout the OSPF domain (only external metric added by ASBR).
OSPF Configuration (Cisco IOS Example)
`# Step 1: Enable OSPF with a process ID (local significance only) Router(config)# router ospf 1
Step 2: (Optional) Set a unique router ID
Router(config-router)# router-id 1.1.1.1
Step 3: Define networks and area assignments
Router(config-router)# network 10.0.0.0 0.255.255.255 area 0 Router(config-router)# network 172.16.10.0 0.0.0.255 area 1
Step 4: (Optional) Configure authentication on an interface
Router(config)# interface GigabitEthernet0/0 Router(config-if)# ip ospf authentication message-digest Router(config-if)# ip ospf message-digest-key 1 md5 cisco123
Step 5: Adjust OSPF cost or reference bandwidth as needed
Router(config-router)# auto-cost reference-bandwidth 1000`
Verify adjacency and LSDB:
Router# show ip ospf neighbor Router# show ip ospf database Router# show ip route ospf
- Advanced OSPF Features
- OSPF Fast Convergence: Tuning hello and dead intervals, LSA throttling, SPF timers.
- Stub, Totally Stubby, NSSA: Reducing external LSAs in smaller areas to optimize performance.
- OSPF on NBMA: Requires manual neighbor configuration and possibly DR elections (e.g., Frame Relay, DMVPN).
- Route Redistribution: Exchange routes between OSPF and other routing protocols; watch out for routing loops, use route-maps and careful filtering.
- Real-World Considerations
- In large enterprise designs, multiple areas reduce CPU overhead on routers. Summaries at ABRs keep LSDB smaller in non-backbone areas.
- Using ip ospf cost on interfaces is common for controlling path selection over links of the same bandwidth (e.g., adjusting cost in a Metro Ethernet environment).
- Authentication is critical in multi-tenant or provider environments to prevent rogue routers from joining.
- Monitoring with show ip ospf interface is crucial to ensure timers and costs are correct on each interface.
- Backup and disaster recovery scenarios often use virtual links or GRE tunnels to maintain an Area 0 connection.
- OSPF Troubleshooting
- Common Show Commands:
show ip ospf neighbor [detail]-- Verify neighbor states and issues with adjacency.show ip ospf interface [brief]-- Check timers, authentication, network type, DR/BDR assignments.show ip ospf database [router | network | summary | nssa-external | external]-- Validate LSA presence.show ip route ospf-- Confirm route installation in the RIB.
- Debug Commands (use caution in production):
debug ip ospf eventsdebug ip ospf adjdebug ip ospf hello
- Check:
- Mismatched Area IDs, Hello/Dead timers, authentication keys, network types, or MTU can prevent adjacency.
- DR/BDR flapping on multi-access networks if priorities/Router IDs are incorrectly set.
Additional Examples & Real-World Scenarios
Route Summarization on an ABR
`Router(config)# router ospf 1Router(config-router)# area 1 range 172.16.0.0 255.255.0.0`
- Summarizes all 172.16.x.x subnets into a single route injected into Area 0.Redistributing from BGP into OSPF (ASBR)
`Router(config)# router ospf 1 Router(config-router)# redistribute bgp 65001 subnets metric-type 1 metric 10
E1 routes will increment OSPF cost along the path.`
- Useful when you receive Internet routes in BGP and need to advertise select prefixes internally.
Stub Area Configuration
`# On the ABR and internal routers for area 5 Router(config)# router ospf 1 Router(config-router)# area 5 stub
or area 5 stub no-summary for totally stubby (on the ABR only)`
- Prevents Type 5 LSAs from flooding into the area, reducing resource usage for small remote sites.
NSSA Configuration
`Router(config)# router ospf 1 Router(config-router)# area 10 nssa
or area 10 nssa no-summary on ABR for totally NSSA`
- Allows external routes inside a stub-like area, converting Type 7 LSAs to Type 5 at the ABR.
Adjusting Interface Cost
`Router(config)# interface GigabitEthernet0/1Router(config-if)# ip ospf cost 50`
- Force a higher cost on an interface to manipulate path selection if you want traffic to take another preferred route.DR/BDR Priority
`Router(config)# interface GigabitEthernet0/1Router(config-if)# ip ospf priority 200`
- Ensures this router wins the DR election on a multi-access network.
Key Takeaways
- Designing with Areas: Always remember the hierarchy -- reduce complexity by containing LSDB size in smaller areas.
- Care with Summaries: Summaries can help, but if done improperly, can lead to black-hole routes if specifics are hidden from the rest of the network.
- Authentication & Security: Always enable MD5 or higher forms of authentication in production to mitigate risks.
- Redistribution Loops: When redistributing routes between OSPF and other protocols, use route-maps and tagging to avoid looping.
- Stable Convergence: Tuning SPF, LSA throttling, and hello/dead timers can make OSPF converge faster but watch out for CPU spikes.
- Scalability: For large networks, advanced area types (stub, NSSA), route summarization, and thoughtful ABR placement are essential for stable scale.