Cisco OSFP

Open Shortest Path First OSPF v2 & v3

OSPF is an old 1989 routing protocol but not as old as some of the routing protocols. it is an open standard and like Batman/Joker keeps getting updated/rebooted.

It is prolific in data centres usual found alongside Multiprotocol Label Switching (MPLS being aged out for VXLan overlay network) and Border Gateway Protocol (BGP usually MP-BGP).

Back to OSPF, I will be talking about how it works, link-state advertisements LSA types and then setting it up also key differences between version 2 RFC 2328 and version 3 RFC2740 not just IPv6 for the latter then how to set it up this could get long we will see.

OSPF is a Link-State routing protocol which means it maintains a full topology map (link-state database) of the area it is in think like a SatNav you have downloaded the maps for the area you are in it will have every street but unlike a sat nav wich calculated the route when you what to get somewhere OSPF will use Dijkstra’s Shortest path first SFP algorithm to build its routing table roots from neighbours to find the SFP to the remote network.

OSPF can discover neighbours this is done by the use of hello packets, sent via multicast IPv4 or IPv6 FF02::5 these hello messages are used to see if the two routers are compatible to creating a Neigbourship establishing adjacency once all the neighbours have identical Link-state Databases the network is converged.

How does it learn the routes by using Link state advertisements LSA’s

What is in a LSA

  • The operational state of each link
  • Cost of the link
  • Other neighbour information

there are 11 LSA’s types are when a router receives an LSA it is flooded out of all OSPF enabled interfaces (if no network changes it refreshes every 30 mins each type of LSA has its own LSA refresh timer) this is a blessing and curse it helps create and keep a fully converged network with all OSFP neighbours having the same information in there link-state databases, but you have guessed it you can Flood the network, LSA are small but as the network grows anding more OSPF routers this becomes more and more inefficient taking up more of your bandwidth, this has been thought about and there is a nice feature to reduce overhead and CPU because of all these LSA’s being sent this is called LSA group pacing which groups messages with similar refresh times to send one update message.

LSA types and changes for OSPFv3

TypeOSPFv2 LSA NameDescriptionOSPFv3 NameDescription
1RouterSent by every router announcing its presence and lists the links to other routers (neighbours) or networks only in the same area and contains the originating router ID when they are received they cause SFP recalculationsRouterSent by all routers containing the state and cost of all links not including prefix information, causes SPF recalculations, this message is flooded to the local area.
2NetworkSent by the designated router DR on a multi-access network listing all routers in the area these cause SFP recalculationsNetworkSent by the designated router DR on a multi-access network listing all routers in the area information these cause SFP recalculation BUT does not contain the prefix
3Network SummarySent by Area Border Routers ABR for exchanging information between areas it takes the information it has learned on one of its attached areas and summarizes it before sending it out on other areas it is connected to include the link cost from the ABR to the local destinationInter-Area Prefixsame as v2 but changed the name for lulz
4ASBR SummarySent by ABR to external areas this only consists of the link cost to the Autonomous System Boundary Router’s (ASBR)Inter-Area Routersame as v2 but changed the name for lulz
5AS externalSent from the ASBR contain information imported into OSPF from other routing processes flooded to all areas (except stub and NSSA areas) there are two types Type1 (E1) cost is composite (the internal cost to ASBR added to the external cost) and Type2 (E2) cost does not change as it populates through the areasAS externalsame as v2
6Group MembershipLSA (Only supported on a few routers) rarely used Multicast extensions to OSPFNAhas been deprecated in OSPFv3
7NSSA externalSent by the ASBR within a not-so-stubby area (NSSA) sent within the local NSSANSSA external
8NALinkLSA sent by every router using link-local this message includes the link-local address and IPv6 prefixes for this link
9OpaqueUsed to extend OSPFInter-Area prefixLSA sent by every router this messaged includes any prefix or link state changes, and are flooded to the local area this message does not trigger an SPF recalculation
10OpaqueUsed for Traffic Engineering DatabaseNA
11OpaqueUsed to extend OSPFGracesent by a restarting OSPF router using the link-local flooding scope used for graceful restart GR of OSPFv3

OSPF Version differences

NotesOSPF v2OSPF v3
supported ip protocalIPv4IPv6
Multicast address for neighbor discovery244.0.0.5FF02::5
LSAs network message formataddress and maskprefic and prefic length
Router ID and area ID32bit number32bit number x.x.x.x like IP
address for nebiour discoveryvalid IPv4 addressLink-local IPv6 address FE80::/10
AuthenticationPSK(cleartext) or MD5 hashIPv6 authentuication trailer RFC6506 or IPSec RFC4552 not supported by NX-OS
LSA types1-7 normal 7-11 enhancments vendor defined causes interoprablity issues offical name Opaqueredefines and changes the use of some of these LSA’s see LSA table
Bidriectional forwarding dectiection BFD supportYesNo

The importance of Area 0 and Area Border Routers ABR

What is an OSPF area it is a logical separation of a group of OSPF router this is usually separated by geographic location but could also be separated by data hall \ rack \ Pod,

why we separate is to limit message flooding and protect/reduce resource need on routers (CPU and memory) this can save money so you don’t have to buy the strongest router just so it can keep up with the rest.

Areas are identified by an Area ID this is in the form or a 32-bit value shown as a dotted-decimal x.x.x.x.

Backbone area if you have configured more then one area on a router one of them has to be area 0 (area-id the backbone area an Area Border Router ABR is a router that connects an area to the Backbone area 0

The ABR send Network summary LSA (Type 3) messages from connected area to the backbone

Autonomous System Boundary Router ASBR and Stub Areas

An ASBR is a router that connects to another Autonomous System AS most common these are seen when you are integrating with another routing protocol like BGP

ASBR routers advertise AS External (Type5) LSA’s and can redistribute routes from another AS into OSPF.

Stub Areas come into play when you want to limit the number of LSA’s messages and administrative overhead.
Stub areas do not allow AS External (Type5) LSA’s this means there are limitations for a stub area:

  • All router in the stub area are set up as stub routers
  • No ASBR router exist in a stub area this is because it does not all Type5 LSA uses by ASBR’s
  • You cannot configure virtual links in the stub area
Stub Areas have default routes to the backbone area 0

Not-so-stubby-Area NSSA

Yes a not-so-stubby-area NSSA is like a Stub Area but not, stub areas don’t allow LSA AS external Type 5 but if you really really really still wanted to distribute external routes into this stub area and not manually configure a default route we have a solution NSSA turn that type 5 to a type 7 NSSA external and your good, where would you use this hum, when connecting to a remote site which is also running another routing protocol and you want to distribute those routes into the OSPF like below

limitations area 0 cannot be an NSSA

DR (designated router) and BDR (Backup designated router)

most of the OSPF network I have come accross when dealing with OSPF in a data center is Point-to-Point which happens to be the network type where we do not require a DR or a BDR because it is connecting two points together there is full adjacency

what are a DR and BDR and why do we need them the main reason is on a broadcast network with multiple routers to have a single point and backup single point (only used in failer event of the DR) where all LSA are controlled for that area reducing the number of messages I try and think of it as a root reflector for BGP (but that’s for another time) the DR uses multicast on or FF02::5 using MAC 0100.5300.0005 to communicate with all neighbours. DR router do not preempt when they stop becoming DR they do not become DR again

Defaults for OSPF on NX-OS

Hello interval10 seconds
Dead interval40 seconds
GR period60 seconds
Stub router announces time600 seconds
Reference bandwidth for links40 Gbps
LSA minimal arrival time 1000 ms
LSA group pacing240 seconds
SPF calculation initial delay time200 ms
SPF calculation maximum wait time5000 ms
SPF minimum hold time1000 ms
OSPF featureDisabled

Next configuration

currently working on will amend when written up

Leave a Reply

Your email address will not be published.