Relentless Coding

A Developer’s Blog

OSPF

What follows is basically a summary of what I have learned about OSPF during my CCNA studies.

Routing Protocols and OSPF

OSPF is a routing protocol. Version 2 is only concerned with IPv4, whereas version 3 added IPv6 support.

OSPF is an Interior Gateway Protocol (IGP).1 Its task as a routing protocol is to make sure all routers in an autonomous system (AS; network under single administrative control) can route packets to all networks inside that AS and possibly to the internet. This is contrasted to an Exterior Gateway Protocol (EGP) such as BGP (Border Gateway Protocol) that is concerned with advertising routes between ASs.

OSPF is a link-state protocol. It calculates the cost of an outgoing link2 and uses that information to determine the best route from source to destination. This is opposed a distance-vector protocol such as RIP. (“Distance vector” is fancy-talk for counting the number of routers [hops] between a source and a destination network.) RIP does not take into account the throughput of links; if you have a 1-hop connection to the destination subnet over a very slow link or a 2-hop connection over gigabit links, the RIP process will put the very slow link in forwarding table (FIB)3.

Enabling OSPF

When you start an OSPF process on a router with router ospf <pid> in global configuration mode, it will dynamically discover any OSPF neighbors. It does this by sending out OSPF Hello packets. If the settings of the first Hello matches the OSPF settings in the neighboring router that is also running OSPF, it will send back an OSPF Hello. After this handshake, a 2-way state is reached.4

Each router has a router ID (RID). The RID is either

  1. explicitly configured in router OSPF submode with router-id <rid>; or
  2. the router selects the highest/greatest IPv4 address on an up/up loopback interface (int loopback <n> from global configuration mode and then ip address <address> <mask>); or
  3. the highest/greatest IPv4 address on another up/up non-loopback interface.

If the RID is not configured explicitly, and there aren’t any interfaces, you cannot start an OSPF process.

Exchanging Routing Information Databases

Once the router has a neighbor relationship with another router, they will start exchanging routing information. Each router contains a link-state database (LSDB) containing link-state advertisements (LSAs) of several types, 3 of which we are currently concerned with for the CCNA exam:

  1. Type 1 LSAs contain information about neighboring routers and the cost of the outgoing interface to reach those neighbors and the type of connection (broadcast, point-to-point).
  2. Type 2 LSAs are only created on broadcast links by the DR and contain the DR’s IP address and a list of all the other routers on the segment.
  3. Type 3 LSAs are generated by Area Border Routers (ABRs) that are part of 2 or more areas and summarize networks in another area. (ABRs are discussed later on in this post.)

On a point-to-point link (having only 2 routers ever on the same link), a master and a slave are chosen. The master initiates the exchange of database information by sending a database description (DBD) message to the slave. The DBD contains only header information, not the actual data structures containing all information. The slave looks at the DBD and, if it finds it misses some route information, sends link-state requests (LSRs) to the master. The master responds with link-state update packets containing the actual LSAs. The slave also sends the headers of its database to the master, and the same process repeats in the other direction.

During this exchange, the routers will transition from the 2-way state to ExStart, Exchange, Loading and finally the Full state.

Network Types

In the most simple case, on a serial link, there is just a point-to-point link between 2 routers. The routers become neighbors and exchange BDBs.

On Ethernet links, however, by default the broadcast network type is used.5 Because more than 2 routers can connect to the same subnet, the number of database exchanges grows exponentially if each router has to exchange its database information with every other router. This mesh will have n * (n-1) / 2 connections. To combat this exploding overhead, on a broadcast medium such as Ethernet, a Designated Router (DR) and a Backup DR (BDR) are elected6. Each router still forms neighbor relationships with every other router, but will only exchange database information with the DR and BDR. This reduces the number of exchanges to 2n - 3. If you have 48 routers segment, a full mesh requires 48 * (48-1) / 2 = 1128 exchanges, whereas with a DR and BDR you would need only 2 * 48 - 3 = 93 exchanged. Huge savings.

What happens when you set one interface to a point-to-point network and leave the other to broadcast? Confusingly, they will still form a full adjacency and exchange their LSDB, but the routes will not show up under show ip route ospf.7

Also, if an interface is known to never encounter another OSPF-enabled router on its link, you can set the interface to passive mode with passive-interface <type> <number> in router OSPF submode. It will still advertise this subnet to other routers over other interfaces, but it will not bother to send Hellos out.

Configure OSPF

Enable OSPF on the router:

R1#router ospf 1

The PID is locally significant: it does not need to be the same on another router to form a neighbor relationship.

There are 2 ways to configure OSPF on an interface: an interface subcommand and a router OSPF subcommand. The first method more intuitive:

R1(config)#interface gig 0/0/1
R1(config-if)#ip ospf 1 area 0

The 1 refers to the locally-significant process ID of OSPF. It could be anything between 1-65535 as long as it matches the router ospf <pid>. I have yet to understand why you would want to have multiple OSPF processes running, but know that you can.

area 0 indicates which area this interface belongs to. Multi-area OSPF becomes interesting as a way to reduce the time needed to run Dijkstra’s Algorithm. An (old) recommendation is to start using multiple areas once you have more than 50 routers in a single area. If you have multiple areas, then one area needs to be area 0 and all other areas need to connect to it. Routers on the border of areas are called Area Border Routers (ABRs). They send route aggregation (Type 3) messages advertising that all traffic to specific subnets need to go through them. Instead of learning the topology of those other areas, routers just need to learn those aggregated routes.

The old way to specify which interfaces should be included in OSPF is the network <network> <wildcard-mask> area <area-number> router OSPF subcommand. For example, if we have interface g0/1 and g0/2 with IPv4 addresses 192.1.0.1/24 and 192.2.0.1/24, respectively, we would include these interfaces with the following network commands:

R1(config)#router ospf 1
R1(config-router)#network 192.1.0.0 0.0.0.255 area 0
R1(config-router)#network 192.2.0.0 0.0.0.255 area 0

Crucially, the network command does not advertise these routes. It just says: “if there are any interfaces that match this network and wildcard mask, advertise their networks”. This becomes more clear if we use a wildcard mask of all zeroes:

R1(config-router)#network 192.2.0.1 0.0.0.0 area 0

This would only enable OSPF on the interface that matches the given IPv4 address exactly. (Conversely, to include all interfaces, use network 0.0.0.0 255.255.255.255 area <n>.) Again, the router will not just advertise 192.2.0.1/32 in this case, but whatever the subnet happens to be configured on the matching interface (for example 192.2/16).

Related this this, an interface needs to have OSPF enabled before its subnet is advertised over other links. If we forget to enable OSPF on a link, the subnet is not included. Other routers in the area will not know how to send traffic that way. So, if we have a subnet with no other routers on it and therefore trying to form neighbor relationships does not make sense, we still need to enable OSPF on the interface. To prevent the overhead of OSPF Hellos, we can configure the interface to be “passive” with passive-interface <type> <number> in router OSPF mode.

By the way, a wildcard mask (also used with ACLs), is the inverse of a subnet mask. To quickly calculate a wildcard mask, take the dotted-quad broadcast address of 255.255.255.255 and subtract the subnet mask. In our case, the subnet mask is 255.255.255.0:

  255.255.255.255
- 255.255.255.0
-----------------
    0.  0.  0.255

A previous post has more details on how to interpret wildcard masks.

Verify

Show the OSPF neighbors:

R1#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
172.16.12.2       1   FULL/BDR        00:00:37    172.16.12.2     GigabitEthernet0/0/0
172.16.13.3       1   FULL/BDR        00:00:37    172.16.13.3     GigabitEthernet0/1/0
172.16.14.4       1   FULL/DR         00:00:37    172.16.14.4     GigabitEthernet0/2/0

This shows the RID, the priority, the state and function of the OSPF neighbors, respectively, as well as the interface off of which the neighbor lives. Here, the neighbors use the numerically highest IPv4 address as their RID. A state of DR or BDR means the neighbor has that role, not the current router. For example, the neighbor with RID 172.16.12.2 is a BDR.

To see which interfaces on the router have OSPF enable and what role those interfaces have:

R1#show ip ospf interface brief
Interface     PID   Area      IP Address/Mask          Cost  State  Nbrs F/C
Gig0/2/0        1   0       172.16.14.1/255.255.255.0   1      BDR  1/1
Gig0/1/0        1   0       172.16.13.1/255.255.255.0   1       DR  1/1
Gig0/0/0        1   0       172.16.12.1/255.255.255.0   1       DR  1/1
Gig0/0          1   0        172.16.1.1/255.255.255.0   1       DR  0/0

R1 is the DR on Gig0/1/0, for example.

Show router learned through OSPF:

R1#show ip route ospf
     172.16.0.0/16 is variably subnetted, 10 subnets, 2 masks
O       172.16.2.0 [110/2] via 172.16.12.2, 00:06:57, GigabitEthernet0/0/0
O       172.16.4.0 [110/5] via 172.16.12.2, 00:06:57, GigabitEthernet0/0/0

An administrative distance (AD) of 110 is the default believability used by Cisco gear for routes learned through OSPF (some other ADs are 0 for directly connected routes, 1 for statically configured routes, 90 for EIGRP). The value after the forward slash / indicates the routing-protocol specific metric. This is the cost OSPF calculated to take us to this subnet.

Troubleshooting

Routers do not become neighbors

  • The routers are in different areas. An Area Border Router is the border, meaning it is in 2 or more areas, but still needs to be in the same area as another router to form neighbor relationships. See area settings with show running-config | section ospf, show ip ospf interface [brief] or show ip protocols.
  • The RIDs are not unique; 2 or more routers have the same RID.

No OSPF Routes Show Up in the FIB

  • The MTU might be configured differently. List the MTU with show interfaces <type> <number>.
  • One router has network type broadcast, whereas the other has point-to-point configured. show ip ospf neighbor lists the state of the neighbor.

  1. “Gateway” is another word for “router”. ↩︎

  2. Influence that cost with the ip ospf cost <1-65535> or the bandwidth <1-10000000> interface subcommand, or the auto-cost reference-bandwidth <bandwidth-in-mbps> command in router OSPF mode. The last method is preferred over setting the bandwidth on individual interfaces. The reference bandwidth is used in the formula ref_bandwidth / int_bandwidth. Setting it to 100,000 Mbps will result in a cost of 100 for Gigabit Ethernet interfaces. On modern hardware, this makes sense. It is not recommended to change the bandwidth setting on individual interfaces. Although this has no effect on the actual speed of the interface, it might be used by more than just OSPF. ↩︎

  3. A router contains both a routing information base (RIB) and a forwarding information base (FIB). The RIB contains all the routes learned by the router. These could be directly connected routes, statically configured routes and dynamically learned routes. The router then selects the best routes to a destination, ignoring worse, duplicate routes. ↩︎

  4. 2 routers become neighbors if:

    1. Their interfaces are up/up
    2. ACLs do not filter routing protocol messages
    3. Interfaces are in the same subnet
    4. They can authenticate to each other
    5. Hello and hold/dead timers match
    6. RIDs are unique
    7. Interfaces are in the same area
    8. OSPF process is running (not shutdown)
    9. Interfaces have the same MTU
    10. Interfaces have same OSPF network type (broadcast, point-to-point)
     ↩︎

  5. Change with ip ospf network {broadcast | point-to-point} in interface mode. ↩︎

  6. Influence the election by changing the RID to a numerically higher number or setting the priority of the router with ip ospf priority <0-255> in interface mode. That number defaults to 1. A higher number means higher priority (contrast that with STP where a lower number means higher priority). Setting the value to 0 means “do not participate in election”. ↩︎

  7. There are more network types (non-broadcast multi-access [NBMA], point-to-multipoint, point-to-multipoint non-broadcast), but that is outside the scope of the CCNA exam, so we are not interested at this point. ↩︎