Overview

  • Link-state protocol.
  • Uses Dijkstra which calculates the shortest path tree in each area.
  • OSPF v2 for IPv4 and OSPFv3 for IPv6.
  • LSDB = link-state database.
  • Area 0 = backbone, all inter-area traffic goes via area 0.
  • Directly attached routers (i.e. in the same broadcast domain) form adjacencies using hello packets:
    • DR and BDR controls traffic between neighbours
    • 224.0.0.5 = all SPF/link-state routers
    • 224.0.0.6 = all DR routers
  • Does not use TCP/UDP, but IP protocol 0x89.

Area Types

  • Backbone: all other areas connect to it, so it must be (logically) contiguous.
  • Stub: contains intra-, inter-area and default routes, but no external routes.
  • Totally stubby: contains intra-area and default routes only.
  • NSSA: contains intra-, default and external routes:
    • within NSSA, ASBR sends type 7 LSAs.
    • at ABR, sends type 5 LSAs to rest of domain.

Router Types

  • ABR: connects one or more areas to area 0.
  • ASBR: connected to more than one AS, and typically runs BGP as well.
  • IR: internal router (inside an area).
  • BR: backbone router (inside area 0).

Path Preference

  • Path cost/metric is usually associated with link speed
  • 4 metric types:
    • intra-area
    • inter-area
    • external type 1 = external + internal path cost
    • external type 2 = external path cost

DR/BDR

  • If priority = 0 then never DR/BDR.
  • Highest priority wins, then highest logical IP address, then highest active interface IP address.
  • When DR fails, BDR becomes new DR and another BDR is elected.
  • New routers with higher priority do not take over DR/BDR unless there is a DR/BDR failure.

LSA Types

 Type  LSA  Description
 1  Router  Intra-area (generated by all routers)
 2  Network  Intra-area (generated by DR on NBMA networks)
 3  Summary  Routes to networks (generated by ABR for intra-AS routes)
 4  Summary  Routes to ASBRs (generated by ABR for intra-AS routes)
 5  AS external  Routes to external destinations (generated by ASBR)
7
 NSSA external link state
8    External attributes for BGP
9,10,11    Opaque LSA

OSPF-TE
  • Extension to OSPF.
  • Additional properties:
    • max reservable bandwidth
    • unreserved bandwidth
    • available bandwidth

IOS Configuration Example

router ospf
  router-id x.x.x.x
  auto-cost reference-bandwidth <...>
  area 0.0.0.0 authentication message-digest
  passive-interface default
  no passive-interface <...>
  network x.x.x.x y.y.y.y area z.z.z.z

JUNOS Configuration Example

protocol
  ospf
    reference-bandwidth <x>
    area 0.0.0.0
      authentication type md5
      interface <i/f>
        metric
        authentication
          md5 <...>
        passive

policy-options
  prefix-list <name>
    <...>

policy-statement <name>
  term <name>
    from <...>
    then [accept|reject]

firewall
  filter <name>
    term <name>
      from [src/dst address|src/dst port]
      then
        count <name>
        [accept|reject|discard]


Useful Articles

  • Five functional facts about OSPF.  [Packet Mischief]
  • The unintended consequences of NSSA kludges.  [ipSpace]
  • OSPF TLVs: taking advantage of improvements in computing power.  [Russ White]
  • OSPF forwarding address: yet another kludge.  [ipSpace]
  • OSPF areas and summarisation: theory and reality.  [ipSpace]
  • Do we still need OSPF areas and summarisation?  [ipSpace]  [Russ White]
  • The new strange behavior for OSPF ‘redistribute subnets’.  [PacketU]
  • Don't run OSPF with your customers.  [ipSpace]
  • OSPF path selection challenge.  [INE]
  • OSPF design considerations.  [Lost In Transit]
  • OSPF enhancements in recent IOS versions.  [MellowD]
  • Demystifying the OSPFv3 database.  [MellowD: part 1, part 2, part 3, part 4]
  • SPF delay -- CCDE.  [Mellowd]
  • OSPF data center design.  [StackExchange]
  • How does OSPF decide that a network is a stub network?  [StackExchange]
  • OSPF manual neighbor configuration requirement on NBMA network.  [StackExchange]
  • Hub & spoke OSPF DR and BDR.  [StackExchange]
  • How bad is the OSPF vulnerability exposed by Black Hat?  [EtherealMind]  [Routing Freak]
  • Redistribute command in an all OSPF network.  [Reddit]
  • Dual stack OSPF redistribution in MP-BGP.  [StackExchange]
  • Network not participating in OSPF. Does not appear in the routing table.  [StackExchange]
  • OSPF: inconsistent mask for area range?  [StackExchange]
  • Summarised OSPF routes advertised?  [StackExchange]
  • What is the advantage of an “area” in OSPF configuration?  [StackExchange]
  • T2 LSA's in OSPF, why are they necessary?  [StackExchange]
  • Juniper: why is OSPF adjacency breaking when I enable FBF on an OSPF interface?  [StackExchange]
  • 3 subnets, 2 OSPF areas - will this work?  [StackExchange]
  • Using latency to calculate OSPF metrics.  [StackExchange]
  • Inter-process OSPF route selection rules.  [ipSpace]
  • OSPF -- setting MTU values for Cisco and Juniper.  [Network Sherpa]
  • OSPF -- sequence numbers are so negative.  [Network Sherpa]
  • OSPF -- immediate hellos.  [Network Sherpa]
  • OSPF -- broadcast interfaces and Type-2 LSAs.  [Network Sherpa]
  • OSPF -- lingering LSAs from unreachable routers.  [Network Sherpa]
  • OSPF -- routing bit set on this LSA.  [Network Sherpa]
  • OSPF Type-5 E1 path cost calculation.  [Network Sherpa]
  • Change in OSPF DR creates extra network LSAs.  [ipSpace]
  • OSPF -- what really triggers Type-4 LSA origination?  [Network Sherpa]
  • OSPF -- why have a Type-4 LSA?  [Network Sherpa]
  • OSPF LSInfinity != LSInfinity.  [Network Sherpa]
  • How OSPF max-metric works.  [Network Sherpa]
  • Loop-free alternate: OSPF meets EIGRP.  [ipSpace]
  • Black hat OSPF vulnerabilities.  [Juniper]  [Network World]
  • OSPF designated router election.  [PacketLife]
  • OSPF and connected networks: to redistribute or not?  [IOS Hints]
  • Understanding OSPF external route path selection.  [CCIE Blog]
  • OSPF virtual links.  [PacketLife]
  • OSPF and MTU mismatch.  [CCIE Blog]
  • OSPF route selection rules.  [IOS Hints]
  • Understanding inter-area loop prevention caveats in OSPF.  [CCIE Blog]  [PDF attached below]
  • OSPF on the move?  Include a forwarding address.  [CCIE Blog]
  • Cycling OSPF authentication without adjacency downtime.  [PacketLife]
  • OSPF fast convergence.  [CCIE Blog]
  • OSPFv2 authentication confusion.  [PacketLife]
  • Conditional OSPF default route origination based on classless IP prefixes.  [NIL Wiki]  [IOS Hints]
  • OSPF sham links.  [CCIE Blog]
  • OSPFv2 vs OSPFv3.  [PacketLife]
  • OSPF filtering -- inter-area vs. intra-area.  [PacketLife]

Ċ
Robert Larsen,
4 Jan 2011, 01:05