Blog

OSPF

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link-state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.

Troubleshooting Guide

1. Wrong Subnets
      •Point to point interface link must be in the same subnets.
      •best practice to configure  “ip ospf network point to point” command.
      •Note that by default OSPF uses broadcast messages in Fast Ethernet ports.
2. Mismatch Area Type of point to point interface
3. Mismatch Area Number of point to point link interface
4. Mismatch Hello and Dead interval
5. Mismatch authentication
6. Mismatch MTU
7. Router-ID must unique
8. Interface is in passive mode
9. Filtered route (ACL, Distribution-list)

Metric and Path Selection

Lowest Cost is the best path.

Cost = Reference bandwidth / Interface bandwidth
By default reference bandwidth is 100Mbps (Fast Ethernet)

Best Practice, Set the reference bandwidth to 1Tbps to distinguish higher interfaces such as Gig Link.

Configuration;
#Router ospf 100
#Auto-cost reference-bandwidth <1000>

We can also manually change the OSPF interface cost.
configuration;
Router(config)#int e0/0
Router(config-if)#ip os cost 3
or
Router(config-if)#bandwidth 10000 (in kilobit)

OSPF Route Summary

Reduce the size of the routing table. Consolidate networks with common subnets into 1 advertisement.

Two ways to Summary Routes

1.)  On ASBR

Example: R4 network needs to advertise as one summarized network.

R3

Router(config)# router os 100

Router(config-router)# summary-address 40.0.0.0   255.255.0.0

Verify on R7

2)  On ABR

Example: Summarize all the networks on Area 0 as it enter area 2

R1

Router(config) #router os 100

Router(config-router) #area 0 range 10.0.0.0 255.255.252.0

Verify on R7

OSPF Route Filter

Three ways to filter

1.)  On the ASBR Filter LSA Type 5 (e1/e2)

Example: filter/block  40.0.1.0/24 to OSPF Domain

 

Create an ACL or PREFIX LIST

This will be our container of IP addresses that we want to filter.

R3

Router(config)#ip access-list standard RM-ACL

Router(config-std-nacl)#permit 40.0.1.0  0.0.0.255

 

Create a Route-Map

R3

Router(config)#route-map RM-REDIS deny 10

Router(config-route-map)#match ip address RM-ACL

Router(config-route-map)#exit

Router(config)#route-map RM-REDIS permit 20

 

Include the Route-Map during Redistribution

R3      

Router(config)#router os 100

Router(config-router)#redistribute eigrp 100 metric-type 1 subnets route-map RM-REDIS                                          

Verify on R7

2.)  On the ABR Filter LSA Type 3 (IA)

Example: Filter/Deny network 10.0.0.0/24 to enter area 2.

Note: Filtered networks will not appear in the Global routing table and Ospf Rib Table.

Create prefix-list to deny the 10.0.0.0/24 and everything else is allowed

R1

Router(config)#ip prefix-list PREFIXNAME seq 10 deny 10.0.0.0/24

Router(config)#ip prefix-list PREFIXNAME seq 20 permit 0.0.0.0/0 le 32

Router(config)#router os 100

Router(config-router)#area 2 filter-list prefix PREFIXNAME in

3.)  By local router

Example: Filter network 30.0.0.0/24 on R7

R7

Router(config)#ip prefix-list DENY30 se 10 deny 30.0.0.0/24

Router(config)#ip prefix-list DENY30 se 20 permit 0.0.0.0/0 le 32

Router(config)#router os 100

Router(config-router)#distribute-list prefix DENY30 in

Note: filtered networks will not appear in the global routing table but will still present in the OSPF Rib table.

Virtual links

Connect to the backbone through a non-backbone area.

Don’t use stub area or any kind as a transit area

 

#router ospf <process #>

# area <#>  virtual-link <IP ADD>

#Mirror config on both ABR

Verify : Sh ip os Neighbor

OSPF Authentication

Step 1 : Activate OSPF Authentication on all Routers in an AREA

Router(config)#router ospf 100

Router(config-router)#area 0 authentication message-digest

Step 2 : Create a password inside an Interface

Router(config)#int e0/0

Router(config-if)#ip ospf message-digest-key 1 md5 <String>

OSPFv3

Sample configuration.

Router(config)#ipv6 unicast-routing

Router(config)#ipv6 cef

Router(config)#router ospfv3 100

Router(config-router)#router-id 1.1.1.1

Router(config-router)#passive-interface e0/0 #if there’s an interface needed to be passive

Router(config-router)#address-family ipv4 #Activate IPv4 or IPv6 address Family

Router(config-router-af)#exit

Router(config-router)#address-family ipv6 #Activate IPv4 or IPv6 address Family

Router(config-router-af)#int e0/1

Router(config-if)#ipv6 enable

Router(config-if)#ospfv3 100 ipv4 area 0 #This interface is under area 0 for IPV4/IPV6 

Router(config-if)#ospfv3 100 ipv6 area 0 #This interface is under area 0 for IPV4/IPV6

Verify: Sh ospfv3 neighbor / sh ospfv3 int b / sh ospfv3 rib

OSPFv3 Authentication

OSPF Database (sh ip os data)

My sample OSPF LAB

SHOW COMMANDS FOR REFERENCE.

sh ip os int
sh ip os int br
sh ip os nei
sh ip os data
sh ip os data router <id>
sh ip os rib

This Post Has 2 Comments

  1. Marie 21 May 2021 Reply

    Good reference! Nice one!

  2. Mark 5 Sep 2022 Reply

    Thanks for your blog, nice to read. Do not stop.

Leave a Reply