OSPF is an old 1989 routing protocol but not as old as some of the routing protocols. it is an open standard and like Batman/Joker keeps getting updated/rebooted.
It is prolific in data centres usual found alongside Multiprotocol Label Switching (MPLS being aged out for VXLan overlay network) and Border Gateway Protocol (BGP usually MP-BGP).
Back to OSPF, I will be talking about how it works, link-state advertisements LSA types and then setting it up also key differences between version 2 RFC 2328 and version 3 RFC2740 not just IPv6 for the latter then how to set it up this could get long we will see.
OSPF is a Link-State routing protocol which means it maintains a full topology map (link-state database) of the area it is in think like a SatNav you have downloaded the maps for the area you are in it will have every street but unlike a sat nav wich calculated the route when you what to get somewhere OSPF will use Dijkstra’s Shortest path first SFP algorithm to build its routing table roots from neighbours to find the SFP to the remote network.
OSPF can discover neighbours this is done by the use of hello packets, sent via multicast IPv4 244.0.0.0 or IPv6 FF02::5 these hello messages are used to see if the two routers are compatible to creating a Neigbourship establishing adjacency once all the neighbours have identical Link-state Databases the network is converged.
How does it learn the routes by using Link state advertisements LSA’s
What is in a LSA
- The operational state of each link
- Cost of the link
- Other neighbour information
there are 11 LSA’s types are when a router receives an LSA it is flooded out of all OSPF enabled interfaces (if no network changes it refreshes every 30 mins each type of LSA has its own LSA refresh timer) this is a blessing and curse it helps create and keep a fully converged network with all OSFP neighbours having the same information in there link-state databases, but you have guessed it you can Flood the network, LSA are small but as the network grows anding more OSPF routers this becomes more and more inefficient taking up more of your bandwidth, this has been thought about and there is a nice feature to reduce overhead and CPU because of all these LSA’s being sent this is called LSA group pacing which groups messages with similar refresh times to send one update message.
LSA types and changes for OSPFv3
|Type||OSPFv2 LSA Name||Description||OSPFv3 Name||Description|
|1||Router||Sent by every router announcing its presence and lists the links to other routers (neighbours) or networks only in the same area and contains the originating router ID when they are received they cause SFP recalculations||Router||Sent by all routers containing the state and cost of all links not including prefix information, causes SPF recalculations, this message is flooded to the local area.|
|2||Network||Sent by the designated router DR on a multi-access network listing all routers in the area these cause SFP recalculations||Network||Sent by the designated router DR on a multi-access network listing all routers in the area information these cause SFP recalculation BUT does not contain the prefix|
|3||Network Summary||Sent by Area Border Routers ABR for exchanging information between areas it takes the information it has learned on one of its attached areas and summarizes it before sending it out on other areas it is connected to include the link cost from the ABR to the local destination||Inter-Area Prefix||same as v2 but changed the name for lulz|
|4||ASBR Summary||Sent by ABR to external areas this only consists of the link cost to the Autonomous System Boundary Router’s (ASBR)||Inter-Area Router||same as v2 but changed the name for lulz|
|5||AS external||Sent from the ASBR contain information imported into OSPF from other routing processes flooded to all areas (except stub and NSSA areas) there are two types Type1 (E1) cost is composite (the internal cost to ASBR added to the external cost) and Type2 (E2) cost does not change as it populates through the areas||AS external||same as v2|
|6||Group Membership||LSA (Only supported on a few routers) rarely used Multicast extensions to OSPF||NA||has been deprecated in OSPFv3|
|7||NSSA external||Sent by the ASBR within a not-so-stubby area (NSSA) sent within the local NSSA||NSSA external|
|8||NA||Link||LSA sent by every router using link-local this message includes the link-local address and IPv6 prefixes for this link|
|9||Opaque||Used to extend OSPF||Inter-Area prefix||LSA sent by every router this messaged includes any prefix or link state changes, and are flooded to the local area this message does not trigger an SPF recalculation|
|10||Opaque||Used for Traffic Engineering Database||NA|
|11||Opaque||Used to extend OSPF||Grace||sent by a restarting OSPF router using the link-local flooding scope used for graceful restart GR of OSPFv3|
OSPF Version differences
|Notes||OSPF v2||OSPF v3|
|supported ip protocal||IPv4||IPv6|
|Multicast address for neighbor discovery||244.0.0.5||FF02::5|
|LSAs network message format||address and mask||prefic and prefic length|
|Router ID and area ID||32bit number||32bit number x.x.x.x like IP|
|address for nebiour discovery||valid IPv4 address||Link-local IPv6 address FE80::/10|
|Authentication||PSK(cleartext) or MD5 hash||IPv6 authentuication trailer RFC6506 or IPSec RFC4552 not supported by NX-OS|
|LSA types||1-7 normal 7-11 enhancments vendor defined causes interoprablity issues offical name Opaque||redefines and changes the use of some of these LSA’s see LSA table|
|Bidriectional forwarding dectiection BFD support||Yes||No|
The importance of Area 0 and Area Border Routers ABR
What is an OSPF area it is a logical separation of a group of OSPF router this is usually separated by geographic location but could also be separated by data hall \ rack \ Pod,
why we separate is to limit message flooding and protect/reduce resource need on routers (CPU and memory) this can save money so you don’t have to buy the strongest router just so it can keep up with the rest.
Areas are identified by an Area ID this is in the form or a 32-bit value shown as a dotted-decimal x.x.x.x.
Backbone area if you have configured more then one area on a router one of them has to be area 0 (area-id 0.0.0.0) the backbone area an Area Border Router ABR is a router that connects an area to the Backbone area 0
The ABR send Network summary LSA (Type 3) messages from connected area to the backbone
Autonomous System Boundary Router ASBR and Stub Areas
An ASBR is a router that connects to another Autonomous System AS most common these are seen when you are integrating with another routing protocol like BGP
ASBR routers advertise AS External (Type5) LSA’s and can redistribute routes from another AS into OSPF.
Stub Areas come into play when you want to limit the number of LSA’s messages and administrative overhead.
Stub areas do not allow AS External (Type5) LSA’s this means there are limitations for a stub area:
- All router in the stub area are set up as stub routers
- No ASBR router exist in a stub area this is because it does not all Type5 LSA uses by ASBR’s
- You cannot configure virtual links in the stub area
Yes a not-so-stubby-area NSSA is like a Stub Area but not, stub areas don’t allow LSA AS external Type 5 but if you really really really still wanted to distribute external routes into this stub area and not manually configure a default route we have a solution NSSA turn that type 5 to a type 7 NSSA external and your good, where would you use this hum, when connecting to a remote site which is also running another routing protocol and you want to distribute those routes into the OSPF like below
limitations area 0 cannot be an NSSA
DR (designated router) and BDR (Backup designated router)
most of the OSPF network I have come accross when dealing with OSPF in a data center is Point-to-Point which happens to be the network type where we do not require a DR or a BDR because it is connecting two points together there is full adjacency
what are a DR and BDR and why do we need them the main reason is on a broadcast network with multiple routers to have a single point and backup single point (only used in failer event of the DR) where all LSA are controlled for that area reducing the number of messages I try and think of it as a root reflector for BGP (but that’s for another time) the DR uses multicast on 184.108.40.206 or FF02::5 using MAC 0100.5300.0005 to communicate with all neighbours. DR router do not preempt when they stop becoming DR they do not become DR again
Defaults for OSPF on NX-OS
|Hello interval||10 seconds|
|Dead interval||40 seconds|
|GR period||60 seconds|
|Stub router announces time||600 seconds|
|Reference bandwidth for links||40 Gbps|
|LSA minimal arrival time||1000 ms|
|LSA group pacing||240 seconds|
|SPF calculation initial delay time||200 ms|
|SPF calculation maximum wait time||5000 ms|
|SPF minimum hold time||1000 ms|
currently working on will amend when written up