How OSPF works?

  • OSPF sends to neighboring routers link-state advertisements (LSAs) that contain the link state and link metric.
  • The received LSAs are stored in a local database called the link-state database (LSDB), and they are flooded throughout the OSPF routing domain, just as the advertising router advertised them.
  • All OSPF routers maintain a synchronized identical copy of the LSDB for the same area.
  • The LSDB provides the topology of the network, providing for the router a complete map of the network.
  • All OSPF routers run the Dijkstra shortest path first (SPF) algorithm to construct a loop-free topology of shortest paths.
  • OSPF dynamically detects topology changes within the network and calculates loop-free paths in a short amount of time with minimal routing protocol traffic.
  • Each router sees itself as the root or top of the SPF tree (SPT), and the SPT contains all network destinations within the OSPF domain.
  • The SPT differs for each OSPF router, but the LSDB used to calculate the SPT is identical for all OSPF routers.
  • The SPTs give the illusion that no redundancy exists to the networks, but remember that the SPT shows the shortest path to reach a network and is built from the LSDB, which contains all the links for an area. During a topology change, the SPT is rebuilt and may change.
  • A router can run multiple OSPF processes. Each process maintains its own unique database, and routes learned in one OSPF process are not available to a different OSPF process without redistribution of routes between processes.
  • The OSPF process numbers are locally significant and do not have to match among routers. If OSPF process number 1 is running on one router and OSPF process number 1234 is running on another, the two routers can become neighbors.

OSPF Areas

An OSPF area is a logical grouping of routers or, more specifically, a logical grouping of router interfaces. Area membership is set at the interface level, and the area ID is included in the OSPF hello packet. An interface can belong to only one area. All routers within the same OSPF area maintain an identical copy of the LSDB.

While using a single area simplifies the topology, there are trade-offs:

  • A full SPT calculation runs when a link flaps within the area.
  • With a single area, the LSDB increases in size and becomes unmanageable.
  • The LSDB for the single area grows, consumes more memory, and takes longer during the SPF computation process.
  • With a single area, no summarization of route information occurs.

Proper design addresses each of these issues by segmenting the routers into multiple OSPF areas, thereby keeping the LSDB to a manageable size.

If a router has interfaces in multiple areas, the router has multiple LSDBs (one for each area).

If a topology change occurs (such as a link flap or an additional network added) within an area, all routers in the same OSPF area calculate the SPT again. Routers outside that area do not calculate the full SPT again but do perform a partial SPF calculation if the metrics have changed or a prefix is removed.

OSPF area hides the topology from another area but allows the networks to be visible in other areas within the OSPF domain. Segmenting the OSPF domain into multiple areas reduces the size of the LSDB for each area, making SPT calculations faster and decreasing LSDB flooding between routers when a link flaps.

Area 0 is a special area called the backbone. By design, OSPF uses a two-tier hierarchy in which all areas must connect to the upper tier, Area 0, because OSPF expects all areas to inject routing information into Area 0. Area 0 advertises the routes into other nonbackbone areas. The backbone design is crucial to preventing routing loops.

Just because a router connects to multiple OSPF areas does not mean the routes from one area will be injected into another area.

The area identifier (also known as the area ID) is a 32-bit field and can be formatted in simple decimal (0 through 4294967295) or dotted decimal (0.0.0.0 through 255.255.255.255). When configuring routers in an area, if you use decimal format on one router and dotted-decimal format on a different router, the routers will be able to form an adjacency. OSPF advertises the area ID in the OSPF packets.

ABRs

  • Area border routers (ABRs) are OSPF routers connected to Area 0 and another OSPF area.
  • ABRs are responsible for advertising routes from one area and injecting them into a different OSPF area.
  • Every ABR needs to participate in Area 0 to allow for the advertisement of routes into another area.
  • ABRs compute an SPT for every area that they participate in.
Example:
  • Routes from Area 1 advertise into Area 0.
  • Routes from Area 2 advertise into Area 0.
  • Routes from Area 0 advertise into Areas 1 and 2. This includes the local Area 0 routes, in addition to the routes that were advertised into Area 0 from Area 1 and Area 2.

Inter-Router Communication

  • OSPF runs directly over IPv4, using its own protocol 89.
  • OSPF uses multicast where possible to reduce unnecessary traffic.
    • AllSPFRouters: 224.0.0.5 or MAC address 01:00:5E:00:00:05. All routers running OSPF should be able to receive these packets.
    • AllDRouters: 224.0.0.6 or MAC address 01:00:5E:00:00:06. Communication with designated routers (DRs) uses this address.

OSPF Hello Packets

OSPF hello packets are responsible for discovering and maintaining neighbors. In most instances, a router sends hello packets to the AllSPFRouters address (224.0.0.5).

OSPF Metric

  • OSPF uses a cost value as its metric.
  • The cost is based on the interface bandwidth.
  • Routers assign a cost to each interface that is equal to 100 Mbps divided by the interface bandwidth.

The shortest path metric is based on the cumulative interface cost (that is, metric) from the router to the destination.

Changing the reference bandwidth to a higher value allows for a differentiation of cost between higher-speed interfaces. Making the value too high could cause issues because low-bandwidth interfaces would not be distinguishable. The OSPF LSA metric field is 16 bits, and the interface cost cannot exceed 65,535.

Under the OSPF process, the command auto-cost reference-bandwidth bandwidth-in-mbps changes the reference bandwidth for all OSPF interfaces associated with that process. If the reference bandwidth is changed on one router, the reference bandwidth should be changed on all OSPF routers to ensure that SPF uses the same logic to prevent routing loops.

The cost can also be manually assigned under the interface configuration mode. The cost is a 16-bit number, so it can be any value from 1 to 65,535.

Router(config-if)# ip ospf cost 27

Failure Detection

  • A secondary function of OSPF hello packets is to ensure that adjacent OSPF neighbors are still healthy and available.
  • OSPF sends hello packets at set intervals, according to the hello timer. OSPF uses a second timer called the OSPF dead interval timer, which defaults to four times the hello timer.
  • Upon receipt of the hello packet from a neighboring router, the OSPF dead timer resets to the initial value, and then it starts to decrement again.
  • If a router does not receive a hello before the OSPF dead interval timer reaches 0, the neighbor state is changed to down. The OSPF router immediately sends out the appropriate LSA, reflecting the topology change, and the SPF algorithm processes on all routers within the area.

Hello Timer

Dead Interval Timer

  • The default OSPF hello timer interval varies based on the OSPF network type.
  • OSPF allows modification to the hello timer interval with values between 1 and 65,535 seconds.
  • Changing the hello timer interval modifies the default dead interval, too.
  • The OSPF hello timer is modified with the interface configuration submode command ip ospf hello-interval 1-65,535.
  • You can change the dead interval timer to a value between 1 and 65,535 seconds.
  • You change the OSPF dead interval timer by using the command ip ospf dead-interval 1-65,535 under the interface configuration submode.
R1# show ip ospf interface | i Timer|line
Loopback0 is up, line protocol is up
GigabitEthernet0/2 is up, line protocol is up
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
GigabitEthernet0/1 is up, line protocol is up
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Authentication

OSPF supports two types of authentication:

  • Plaintext
    • Enable plaintext auth for an Area: area area-id authentication
    • Enable plaintext auth for an Interface: ip ospf authentication
    • Set plaintext password by using the interface parameter: ip ospf authentication-key password
  • MD5: This type of authentication uses a hash, so the password is never sent out the wire.
    • Enable MD5 for an Area: area area-id authentication message-digest
    • Enabled MD5 for an interface: ip ospf authentication message-digest
    • Set MD5 password (interface): ip ospf message-digest-key key-number md5 password.

MD5 authentication is a hash of the key number and password combined. If the keys do not match, the hash differs between the nodes.

R1
interface GigabitEthernet0/0
 ip address 10.12.1.1 255.255.255.0
 ip ospf authentication
 ip ospf authentication-key CISCO
!
router ospf 1
 network 10.12.1.0 0.0.0.255 area 12

R3
interface GigabitEthernet0/1
 ip address 10.23.1.3 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 CISCO
!
router ospf 1
 network 10.23.1.0 0.0.0.255 area 0
R2
interface GigabitEthernet0/0
 ip address 10.12.1.2 255.255.255.0
 ip ospf authentication-key CISCO
!
interface GigabitEthernet0/1
 ip address 10.23.1.2 255.255.255.0
 ip ospf message-digest-key 1 md5 CISCO
!
router ospf 1
 area 0 authentication message-digest
 area 12 authentication
 network 10.12.1.0 0.0.0.255 area 12
 network 10.23.1.0 0.0.0.255 area 0
R1# show ip ospf interface | include line|authentication|key
GigabitEthernet0/0 is up, line protocol is up
  Simple password authentication enabled
R2# show ip ospf interface | include line|authentication|key
GigabitEthernet0/1 is up, line protocol is up
  Cryptographic authentication enabled
    Youngest key id is 1
GigabitEthernet0/0 is up, line protocol is up
  Simple password authentication enabled
R3# show ip ospf interface | include line|authentication|key
GigabitEthernet0/1 is up, line protocol is up
  Cryptographic authentication enabled
    Youngest key id is 1

Default Route Advertisement

  • OSPF supports advertising the default route into the OSPF domain.
  • The advertising router must have a default route in its routing table for the default route to be advertised.
  • To advertise the default route, you use the command default-information originate [always] [metric metric-value] [metric-type type-value] underneath the OSPF process.
  • The always optional keyword causes the default route to be advertised even if a default route does not exist in the RIB.
  • In addition, the route metric can be changed with the metric metric-value option, and the metric type can be changed with the metric-type type-value option.
R1
ip route 0.0.0.0 0.0.0.0 100.64.1.2
!
router ospf 1
 network 10.0.0.0 0.255.255.255 area 0
 default-information originate
R2# show ip route | begin Gateway
Gateway of last resort is 10.12.1.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.12.1.1, 00:02:56, GigabitEthernet0/1
      10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C        10.12.1.0/24 is directly connected, GigabitEthernet0/1
C        10.23.1.0/24 is directly connected, GigabitEthernet0/2

R3# show ip route | begin Gateway Gateway of last resort is 10.23.1.2 to network 0.0.0.0 O*E2 0.0.0.0/0 [110/1] via 10.23.1.2, 00:01:47, GigabitEthernet0/1 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks O 10.12.1.0/24 [110/2] via 10.23.1.2, 00:05:20, GigabitEthernet0/1 C 10.23.1.0/24 is directly connected, GigabitEthernet0/1
Tags:

Leave a Reply

Related Post

OSPF LSA TypesOSPF LSA Types

Link-State Announcements When OSPF neighbors become adjacent, the LSDBs synchronize between the OSPF routers. As an OSPF router adds or removes a directly connected network link to or from its