OSPF is an open standard, it is a linkstate routing protocol that dynamically chooses the routes based on the cost of the links that the packet will traverse compared to distance vector routing protocols like RIP (Routing information protocol) that choose a path depending on the number of hops a packet has to take in order to reach the destination Network, it is probably one of the most desployed IGP (interior gateway protocol) in existence today, you see it in environments such as data centres, service providers and enterprise. This is because of its robustness and how much you can do with the protocol. In this post, we’ll take a look at how OSPF operates and an overview of its basic concepts.
OSPF Concepts
Hello messages
This is a protocol used to discover OSPF neighbors and confirm reachability, this is also used in the election of a DR.
OSPF path cost
OSPF makes its routing decisions based on the cost associated with the link speed, the cost is a function of that link speed and is calculated by Reference Bandwidth / Interface Bandwidth. A Gigabit link 1000mbps for example is a cost of 1 if the Reference Bandwidth is 1000 mbps, a hundred megabit link 100 mbps is a cost of 10. Routers have become much faster and the default reference bandwidth of 1000 mbps isn’t enough, this reference bandwidth can be changed to fit your environment by executing
Remember to change the reference bandwidth on all routers running OSPF.
1
2
3
4
enable
configure terminal
router ospf <PROCESS NUMBER>
auto-cost reference-bandwidth <BANDWIDTH IN mbps>
You can override the OSPF cost calculation for interfaces by configuring the cost directly on the interface of your choice.
1
2
3
4
enable
configure terminal
interface <INTERFACE>
ip ospf cost <1-65535>
OSPF Router ID (RID)
An OSPF RID is used to distinguish between routers in an OSPF area. When an OSPF process is brought up, the router checks to see if a RID has been configured, if none are configured, it falls back to the 2nd option which is the loopback address, if many loopback addresses exist on the router, it uses the loopback address with the highest IP address. for example, loopback0 with 5.5.5.5/32 will be chosen over loopback1 with 2.2.2.2/32. if both of these aren’t configured, OSPF will use the highest IP address on any active interface as RID of that OSPF process, assigning a RID while an OSPF process is running will result in that new RID to take effect immediately, assigning a higher IP to some active interfaces or creating new loopbacks will not be used on a running OSPF process unless it’s terminated or the router is restarted. You can obtain the router ID of an active OSPF process by executing
1
2
enable
show ip ospf
Neighbors
OSPF Neighbors are routers that reside on the same network segment/subnet, they exchange Hello messages using the multicast address of 224.0.0.5 for ipv4 and FF02::5 for ipv6, OSPF uses multicast and unicast, rather than broadcast, for sending messages. Neighbors are not yet adjacent to each other but they know of their presence. To find the list of OSPF neighbors, execute
1
2
enable
show ip ospf neighbors
Adjacencies
The prerequisite of a successful adjacency formation is that both routers need to be neighbors first. You can’t have an adjacency with a router that you are not neighbors with. Adjacent routers have exchanged Link state updates (LSU) and Database discirption packets (DBD) and are both on a full state with one another. OSPF routers on a broadcast network will only be fully adjacent to the DR and the BDR, the DR and the BDR have full adjacencies to all other routers. To find the adjacent routers, execute
1
2
enable
show ip ospf neighbors
The need for Designated routers (DRs)
OSPF routers forming adjacencies is great but that doesn’t scale well when we have 10, 20 or even 50 routers in a single subnet. say we had 7 routers, the formula to calculate the adjacencies is (n * (n - 1)) / 2, where n is the number of routers, that’s 21 adjacencies for just 7 routers, imagine 20, 30. That’s alot of overhead :( . In these scenarios where we have OSPF broadcast networks, we can elect a Designated router (DR) and a Backup designated router (BDR) incase the DR fails to be operational. All other routers now form adjacency with just the DR and the BDR instead of a full mesh of adjacencies. If a router now wants to send route updates to the DR and BDR, it uses the 224.0.0.6 ipv4 address and FF02::6 for ipv6.
OSPF Area
If you run OSPF in a simple network, the number of routers and links are relatively small, and best paths to all destinations are easily deduced. However, the information necessary to describe larger networks with many routers and links can become quite complex. SPF calculations that compare all possible paths for routes can easily turn into a complex and time-consuming calculation for the router. One of the main methods to reduce this complexity and the size of the link-state information database is to partition the OSPF routing domain into smaller units called areas, This also reduces the time it takes for the SPF algorithm to execute. All OSPF routers within an area must have identical entries within their respective LSDBs. Inside an area, routers exchange detailed link-state information. However, information transmitted from one area into another contains only summary details of the LSDB entries and not topology details about the originating area. These summary LSAs from another area are injected directly into the routing table and without making the router rerun its SPF algorithm.
OSPF uses a two-layer area hierarchy:
Backbone area, transit area or area 0 - Two principal requirements for the backbone area are that it must connect to all other nonbackbone areas and this area must be always contiguous; it is not allowed to have split up the backbone area. Generally, end users are not found within a backbone area.
Nonbackbone area - The primary function of this area is to connect end users and resources. Nonbackbone areas are usually set up according to functional or geographic groupings. Traffic between different nonbackbone areas must always pass through the backbone area which is area 0.
In the multi-area topology there are some special commonly used OSPF terms:
ABR - This router has interfaces connected to at least two different OSPF areas, including the backbone area. ABRs contain LSDB information for each area, make route calculation for each area and advertise routing information between areas.
ASBR - This router has at least one of its interfaces connected to an OSPF area and at least one of its interfaces connected to an external non-OSPF domain like a RIP AS (Autonomous System) or an EIGRP AS.
OSPF states
Down - This is the initial OSPF neighbor state. It means that no information (hello) have been received from a neighbor, but hello packets can be sent.
Attempt - This state is only valid for manually configured neighbors in a Non-BroadcastMultiaccess (NBMA) environment, OSPF neighbors in this network type are manually configured because broadcasts and multicasts are not allowed and because OSPF uses multicast to discover neighbors, it wouldn’t find them unless neighbors are manually configured. The router sends unicast hello packets every poll interval to the neighbor from which hellos have not been received within the dead interval.
INIT - At this stage, the router has recieved hello messages from its neighbors but the receiving router’s ID was not included in the hello message.
2-Way - At this stage, bi-directional communication has been established between two routers. This means that each router has seen the other routers’ hello packet.This state is attained when the router receiving the hello packet sees its own Router ID within the received hello packet’s neighbor field. In this state, a router decides whether to become adjacent to this neighbor. On broadcast media and non-broadcast multiaccess (NBMA) networks, a router becomes fully adjacent only with the designated router (DR) and the backup designated router (BDR) and stays in the 2-way state with all other neighbors, these neighbors are refered to as DROther, The DR and the BDR is elected at the end of this state. On Point-to-Point and Point-to-Multipoint networks, a router becomes fully adjacent with all connected routers, there is no DR or BDR in these network types and no election takes place cause there is no DR, it just goes straight to full.
Exstart - Once the DR and BDR are elected, the actual process of exchanging link state information can start between the routers and their DR and BDR.
Exchange - In the exchange state, OSPF routers exchange database descriptor (DBD) packets. Database descriptors contain link-state advertisement (LSA) headers only and describe the contents of the entire link-state database. Routers also send link-state request packets and link-state update packets (which contain the entire LSA) in this state. The contents of the DBD received are compared to the information contained in the routers link-state database to check if new or more current link-state information is available with the neighbor.
Loading - In this state, the actual exchange of link state information occurs. Based on the information provided by the DBDs, routers send link-state request packets. The neighbor then provides the requested link-state information in link-state update packets. During the adjacency, if a router receives an outdated or missing LSA, it requests that LSA by sending a link-state request packet. All link-state update packets are acknowledged.
Full - In this state, routers are fully adjacent with each other. All the router and network LSAs are exchanged and the routers’ databases are fully synchronized. The full state is the normal state for an OSPF router. If a router is stuck in another state, it is an indication that there are problems in forming adjacencies. If an OSPF router fails to receive hello messages after the time specified by the dead interval, the router goes back to the Down state.
OSPF Timers
There are many timers associated with OSPF but the two main ones to understand are the hello timer and the dead interval. The hello timer controls how often a router sends hello messages to its neighbors to indicate its continued health. If a router doesn’t hear from its neighbor within the dead interval, the router drops its neighbor from the adjacency table because it assumes the neighbor is “dead” and no longer reachable. while you can change the default hello and dead timers from their defaults which are 10 and 40 seconds respectively, you run the risk of having routers declaring their neighbors down too fast if you aggressively increase the hello timer more than the dead interval on the other side or generating more traffic on that link if you set the hello timers low.
LSAs, LSUs, LSRs, LSAcks and the LSDB
LSAs stand for Link state advertisements, this is the information exchanged between routers and it contains details about other networks. This information is used to build the LSDB (Link state database), a common misconception you’ll see is “OSPF routers send LSA packets”, that’s not technically correct. LSAs are NOT packet types, instead they are the information contained in an LSU (Link state update).
If a router attempts to construct its LSDB (Link state database) but its missing some information, it can request that missing information from other routers and that’s called a LSR (Link state request), if a neighbor sends an LSU containing the missing information, the router will send an acknowledgement is the form of a LSAck (Link state acknowledgement)
Ok that was a ton 😆, i love OSPF, maybe it’s because it was the first dynamic routing protocol i’ve learnt, it’s much more intelligent that RIP that’s for sure.
I hope you enjoyed reading this.
Take good care.