Month: December 2015

OSPF Adjacencies

OSPF adjacencies are formed when OSPF neighbors exchange routing information.

Building the Adjacency

Before OSPF routers distribute the routing information among their neighbors, they will go through the following operational states.

  • Down
  • Attempt
  • Init
  • 2-Way
  • ExStart
  • Exchange
  • Loading
  • Full

OSPF Down State

This state means that no information has been received from the neighbor yet.

OSPF Attempt State

The Attempt state is valid only for neighbors on NBMA networks.  At this point, the router started to send hello packets upon every Hello interval to contact the configured neighbor.

OSPF Init State

The Init state is a one-way Hello. Meaning that a Hello packet has been received but the router does not see its own Router ID in the received hello packet yet.

OSPF 2-Way State

The OSPF router reaches the 2-way state when it has seen its own Router ID in the neighbor’s field hello packet.  At this point, bi-directional communication is established.   At this point, the DR and the BDR are elected.

OSPF Exstart State

The Exstart State is used for initialization of the database synchronization process. The neighbors establish master/slave relationship and determine the initial DBD sequence number, router with highest RID is the master.   The process is as follows:

  1. Both OSPF neighbors claim to me the master forwarding DBD with the following parameters::
    • DBD with MS (Master/Slave) bit set to 1
    • Self-generated DBD sequence number.
  2. Router with lower Router ID will be slave and replay with DBD with the following parameters:
    • MS bit = 0
    • DD sequence number set to elected Master’s sequence number.
    • It’s I (first DBD) bit packet with LSA summaries.
  3. Exstart process is complete.

During this state, the neighbors will check their MTU size.  If MTU does not match DBD exchange might not happen and the process will be stuck in “EXSTART/EXCHANGE” state.

OSPF Exchange State

In Exchange State, the router sends DBD packets describing its entire link-state database.  Each DBD packet is explicitly acknowledged and only one outstanding DBD packet is allowed at a time.  The process is as follows:

  1. DBD Exchange process starts.
  2. If router (Master) receives LSA that is not present in its own database or the neighbor has a more updated copy of known link-state advertisement. The router (Master) place the LSA on the Link State Request List.
  3. The router (Master) sends an LSR (link state request) packet asking for a complete copy of the LSA from the list.
  4. The router (Slave) sends LSU (link-state update) packet and adds the LSA on a Link State Retransmission list.
  5. The Router (Master) sends back an LSAck (link-state acknowledgment) to the router (slave) informing that the LSA that received.
  6. The router (slave) removes acknowledged LSA from the Link State Retransmission list.

In this state, the M bit of the DBD packets set to 1.  The M bit indicates more DBD packets to come.

OSPF Loading State

In the Loading State, the router (master) sends LSR packets, requesting the most recent LSAs that have been discovered in the Exchange state but have not been received.

If Master or Slave routers don’t have more entries in the Link State Request List, then the Master router set the M bit to zero and forward an LSU packet to the slave router.   The slave router responds with an LSAck with the same sync number and M bit Zero.

OSPF Full State

This state indicates full adjacency.  The complete LSDB has been exchanged between the neighbors and are synchronized.

OSPF Router-ID (RID)

The RID is A 32-bit dotted decimal value which is used to uniquely identify a specific OSPF-enabled device in an autonomous system.   Uniquely means that different devices shouldn’t have the same router-id configured.

RID-Single-Area

It is a best practice to hard code the Router-ID but is optional.

OSPF has its own automatic RID election process:

  • The IP Address of the first loopback interface.
  • If there is no Loopback interface, then the Router ID will be the highest IP Address a physical interface.

We have to understand that the Router-ID looks like an IP address in format, but is not.   Is just and ID and is used to represent a Router in the OSPF topology graph.   We can assign something like 0.0.0.1, 0.0.10.10, for example.

With RID election, we are subject to undesired changes or outages when the process is cleared.   Another reason to manually assign the RID is because other technologies such OSPF virtual links.

Configuring RID

Configuring the RID in OSPF is very straight-forward.  It’s done using the command router-id x.x.x.x under the process.

!
router ospf 1
 router-id 1.1.1.1
!

If the OSPF process was previously started or pre-configured, you will receive a notification informing that it will be necessary to clear the process for the change to take effect.

WARNING RGE

Yes, Clear the OSPF process is a Resume Generating Event if done in production, especially during business hours.

Clearing the OSPF process is a DISRUPTIVE command which forces OSPF to reconverge.

To clear the OSPF process use the clear ip ospf process command in exec mode.

It is time to close this post.

Thank you for visiting.

OSPF LSA Types

This post will cover only LSA Types for OSPFv2.  The OSPFv3 LSAs will be covered in further posts.

In order to fully understand how OSPF works is necessary understand of all of the OSPF LSA types.

Type 1 – Router LSA

Type 1 LSA is generated by every router and contains information about directly connected links in the area.

  • Describe the state of all router interfaces and their cost of the link to the neighbor and the IP prefix.
  • The ADV Router will always be the Router ID of the device injecting the LSA into the area.

Type 2 – Network LSA

Type 2 LSAs are present only on multi-access links for Broadcast and Nonbroadcast network types.

  • Generated by the DR and is never flooded outside of the area.
  • Lists all attached routers including the DR.
  • Gives information about the subnet mask on that segment.

Type 3 – Network Summary LSA

Type 3 LSAs describes the routes to neighbors outside the area (inter-area routes) but within the OSPF domain.

  • Generated by ABRs and is flooded between areas.
  • Include cost from ABR to the network.
  • The Link-State ID is the IP address of the subnet that is being advertised.

Type 4 – ASBR Summary LSA

Type 4 LSAs describes the routes to ASBRs.

  • Generated by the ABRs and is flooded between areas except stub areas.
  • The Link-State ID is the Router ID of the ASBR described.

 Type 5 – External LSA

Type 5 LSAs describes the routes to networks that are external to the AS.

  • Generated by ASBR and is flooded between areas.
  • The Link-State ID is network number advertised in the LSA.

Type 6 – Multicast OSPF LSA

This type of LSA is used for multicast applications and is not supported by Cisco.  However, the presence of Type 6 LSAs generates Syslog messages when the router receives the link-state advertisements.   To suppress the Syslog messages use the “ignore lsa mospf” process command.

Type 7 – NSSA External LSA

Type 7 LSAs describes the routes that are external to the AS in the NSSA area.

  • Generated by NSSA ASBR
  • The ABR translate LSA type 7 to LSA type 5 when sends from NSSA into Area Zero.

It is time to close this post. Thank you for visiting.

OSPF Hello Packets

In order for OSPF routers exchange their routing databases; they must be able to discover themselves in the network.  For this discovery phase, OSPF-enabled routers use the Hello Protocol.

Hello Packet

The hello protocol is the responsible for establishing and maintaining an adjacency.

Hello packets ensure bi-directional communications between neighbors.

OSPF Hello packets are also used as a keepalive mechanism.   If the router does not hear the neighbor Hello packets in a given time (DeadInterval), it considers it down.

In Broadcast and Nonbroadcast environments, Hello packets are used to elect the Designated and Backup Designated Routers.   Another key point to remember is that on Broadcast networks, the destination address of the Hello packets is the multicast address 224.0.0.5.  In Nonbroadcast networks, the destination address is unicast.

The hello packets contain parameters that must match for routers to become neighbors:

  1. The routers must be on a common subnet.
  2. The Hello and Dead Interval timers must be identical between the neighbors.
  3. The Area ID.
  4. Options (Specifically the E-bit which denote the type of area. 1=normal, 0=stub).
  5. The type and authentication password.

 

OSPF-ADJ-HELLO-ENCAP

It is time to close this post. Thank you for visiting.

OSPF Notes

OSPF is a Link-State routing protocol.  OSPF compared with other routing protocols is by far the most complex IGP out there.    OSPF is also the most widely used IGP in Enterprise Networks.

Some key points to remember:

  • Defined in RFC 2328 for IPv4 and RFC 2740 for IPv6.
  • Uses the Dijkstra SPF algorithm.
  • Supports only IP routing.
  • Has its own IP Protocol for transport: IP/89
  • OSPF is a classless IP protocol, thus supports VLSM and CIDR addressing.
  • Use hello packets to form adjacencies.
    • Multicast 224.0.0.5 for all Routers
    • Multicast 224.0.0.6 for DR/BDR Routers
    • Supports Unicast neighbors.
  • Supports Authentication.
    • NULL (Type 0) – default
    • Plain-Text (Type 1)
    • MD5 (Type 2)
  • Uses cost as it’s metric and use the link bandwidth to calculate it.
    • Cost = Reference Bandwidth / Link Bandwidth.
  • The Administrative distance of OSPF is 110.
  • OSPF employs a hierarchical network design based on areas.
  • OSPF areas are identified by 32-bit numbers. (i.e. area 1 or area 0.0.0.1)
  • OSPF routers form adjacencies only with directly connected routers and the following must match:
    • Area type
    • Hello/dead timers
    • MTU
    • Network Type
    • Stub
    • Authentication
  • OSPF routers use a link-state database (LSDB) which contains the topology information within the area.
  • The OSPF LSDB is identical for all routers in the same area.
  • The topology of an area is hidden from the rest of the Autonomous System.
  • OSPF advertises the status of its directly connected links using link-state advertisements (LSAs).
  • OSPF LSAs sends triggered updates.
  • OSPF LSAs are refreshed every 30 minutes by default.
  • In OSPF, only Area Border Routers (ABRs) or Autonomous System Border Routers (ASBRs) can summarize routes.

OSPF Router Types

  • Backbone Router – Is a router with an interface configured in area 0.
  • Internal Router – Is a router with all of its interfaces configured within the same area.
  • Area Border Router (ABR) – Is a router with interfaces connected in two or more areas.
  • Autonomous System Boundary Router (ASBR) – Is a router connecting to external routing domains. Typically receiving routes via redistribution.

OSPF Protocol Messages

  • Type 1- Hello packet – It’s used  for dynamic discovery of neighbors and to maintain the neighbor relationship.  OSPF hello packets are also used to elect DR and BDR on broadcast and NBMA networks.
  • Type 2- Database Descriptor packet (DBD or DD) – It’s used for link-state database synchronization. Send summaries of router’s known LSAs to neighbors.
  • Type 3- Link State Request packet (LSR) – Once a neighbor has received a Type 2 (DBD) packet, checks against its database. If the DBD is more up-to-date or it has more info, the router asks for full LSA through an LSR.
  • Type 4- Link State Update packet (LSU) – It’s used to respond to Type 3 (LSR) with the detail information for the requested LSA.
  • Type 5- Link State Acknowledgment packet (LSAck) – It’s used to acknowledge the reception of Type 4 (LSU) packet.

Link-State Advertisements – LSAs

  • Type 1 – Router LSA – It’s originated by all routers, list the link states of the interfaces connected to the area. Flooded to all routers within the area.
  • Type 2 – Network LSA – It’s originated by the DR on multi-access networks. List all routers on adjacent segments. Flooded to all routers within the area.
  • Type 3 – Network LSA – It’s generated by an ABR. Advertise routes to destinations outside the area but within the same Autonomous System.  (allows inter-area communication)
  • Type 4 – Summary LSA – It’s injected by an ABR to advertise routes to AS boundary routers.
  • Type 5 – AS-External LSA – It’s generated by ASBR and flooded throughout the AS to advertise default routes or external networks outside the local AS.
  • Type 7 – NSSA External LSA – It’s generated by ASBR and is used to flood AS external routes through a stub area. Type 7 LSA is converted into Type 5 LSA by the ABR when leaving the area.

DR/BDR Election

DR and BDR election occurs in multi-access Broadcast and Non-Broadcast network types.

The election of the DR and BDR is authoritative and is based on the Router Priority transmitted in the Hello Packets.   By default the priority in OSPF is 1.  If there is a tie, then the Router ID (RID) is used as a tie-breaker.

DR/BDRs cannot be preempted by other routers with a higher priority once they have been elected, therefore, the first router to come up will be the DR and the second will be the BDR.

Manually setting the priority to 0 prevents the router to participate in the election.

OSPF Timers

The HelloInterval and RouterDeadInterval are the two timers that can be manually adjusted to speed up network convergence in an OSPF network.

The hello packets are sent at a configurable interval (in seconds).  The default hello timers are 10 seconds for Broadcast and Point-to-Point network types and 30 seconds for NBMA, Multipoint Broadcast, and Multipoint Nonbroadcast networks.   The dead interval is also a configurable value (in seconds), and defaults to four times (4x) the value of the hello interval.

Interface States

  • Down – The initial state of an interface. No protocol traffic is transmitted or received on the interface.
  • Loopback – The interface is looped back to the network either in hardware or in software.
  • Wait – This state is applicable only to interfaces connected to broadcast and NBMA network types. The router is trying to determine the DR and BDR sending hello packets.
  • Point-to-Point – This state is applicable only to interfaces connected to point-to-point, point-to-multipoint, and virtual link network types.
  • DR – In this state, the router is the DR on the area and will establish adjacencies with the other routers in the multi-access network.
  • DROther– In this state, the router is neither DR nor BDR. It will form adjacencies with DR and BDR.
  • Backup – In this state, the router is the BDR on the area, and will establish adjacencies with the other routers in the multi-access network.

Adjacency States

  • Down – Initial state. No hello packet has been received.
  • Attempt – Only seen on NBMA networks. The router sends unicast hello packets.
  • Init – This state indicates that the router has received a hello packet from its neighbor.
  • 2-way – In this state, bidirectional communication has been established. The router has received a hello packet from its neighbor containing its own Router ID in the network field.
  • ExStart – In this state, the routers and their DR/BDR has established a master-slave relationship. The router with the higher Router ID becomes the master and starts the exchange.
  • Exchange – In this state, routers exchange database descriptor (DBD) packets containing a description of the link-state database. Every DBD packet has a sequence number which can be incremented only by the master router.  The contents of the DBD received are compared to the local link-state database to check if new or more current link-state information is available.
  • Loading – In this state, the actual exchange of link-state information occurs. Based on the result of compare the received DBD and the local link-state database, routers send link-state request packets. If a router receives an outdated or missing LSA, it requests that particular LSA by sending a link-state request packet (Type-3 LSR).
  • Full – In this state the routers are now fully adjacent with each other. The routers databases are fully synchronized.

Area Types

  • Backbone Area – Is essentially a standard area which has been designated as the central point to which all other areas connects.
  • Standard Area – Default OSPF area. Type 1 and 2 LSAs are being flooded between routers sharing a common area.  It can contain LSAs of type 1, 2, 3, 4, and 5, and may contain an ASBR.
  • Stub Area – Instead of propagating individual external routes (type 5 LSAs) into the area, the ABR injects a type 3 LSA containing a default route into the stub area.
  • Totally Stubby Area – Totally stubby areas do not receive type 3, 4 or 5 LSAs from their ABRs. All routing out of the area relies on the single default route injected by the ABR.
  • Not So Stubby Area (NSSA) – Is a stub area containing an ASBR; type 7 LSAs are converted to type 5 by ABRS and then flooded to the rest of the OSPF domain.

OSPF Path Selection

The path selection in OSPF can be achieved by the following methods:

  • Using “bandwidth” interface command. (May affects QoS)
  • “ip ospf cost” interface command.  (Best method)
  • “auto-cost reference-bandwidth” under the OSPF process. (Must be changed in all routers running OSPF)
  • “neighbor x.x.x.x cost” under the OSPF process.

OSPF Route Preference

When there are multiple routes available to the same network with different route types, routers use the following order of preference:

  • O – OSPF (intra-area)
  • IA – OSPF inter area
  • E1 – OSPF external type 1
  • E2 – OSPF external type 2
  • N1 – OSPF NSSA external type 1
  • N2 – OSPF NSSA external type 2

If there are multiple routes to a network with the same route type, the route with the lowest cost is chosen as the best route.

If there are multiple routes to a network with the same route type and cost, it chooses all the routes to be installed in the routing table, then the router does equal cost load balancing.

Virtual-Links

All areas in an OSPF autonomous system must be connected to area 0 (Backbone Area). When this is not possible in terms of direct connectivity, then a virtual link can be used to connect the non-backbone areas to area 0, as long as there is a common area between them.

  • Connects two areas 0 or extends area 0 across a transit area.
  • Uses a transit area in order to connect areas 0 or extend area 0.
  • Configured between ABRs under the OSPF process using the Router ID.

Route Filtering

  • Distribute-list
    • in: filter the routes from entering the RIB
    • out: filter the redistributed routes (E1/E2) entering OSPF on an ASBR
  • Stub Area
    • Stub (filter LSA-5)
    • Totally stub (filter LSA-3/4/5)
    • NSSA (filter LSA-5, allow LSA-7)
    • Totally NSSA (filter LSA-3/4/5, allow LSA-7)
  • LSA-3 prefix filter
    • “area x filter-list prefix <prefix_list_name>

Summarization

OSPF prefix summarization can only be done on ABRs and ASBR.

  • Type-3 summary (ABR)
    • Use the “area x range” OSPF process command.
  • Type-5 summary (ASBR)
    • Use the “summary-address” OSPF process command.

When summarizing on ABR or ASBR, a “discard route” will be automatically added to the RIB by default to prevent routing loops.

It is time to close this post. Thank you for visiting.