Lessons learned:
OSPF –
Open standards Based
-RFC -23238 “OSPF Version 2”
Classless Link-State protocol
-Uses the Dijkstra SPF algorithm
-Maintains active adjacencies
-Supports VLSM
-Support both topology and NLRI summarization
============================================
OSPF is a Core topic in the CCIE R&S Exam.
OSPF Is open standards protocol – the RFC will explain all ,
packet formats, path selection, etc.
OSPF is a link state as well as a classless protocol, this
can have effects on your implementation – as compared to RIP and EIGRP – OSPF
forms active adjacencies and runs the SPF Algorithm. There is limitation as to
the type of filtering and the logic of the path selection. Some things are set
in stone based on how the RFC says the protocol works.
Since OSPF is a classless protocol by default there’s no
such thing as auto-summary like in RIP and EIGRP.
It supports topology summarization and network layer
reach-ability – NLRI.
NLRI summarization is most like how RIP and EIGRP
summarizes, where we take multiple subnets and combine them in an aggregate. EX
– multiple /24 routed and combining them into a /23 or /22.
Topology summarization has to do with the logic of how OSPF
does intra-area look-ups different that inter-area look-ups, and external
look-ups.
Note: the SPF is only used to do lookups on Intra-area
destinations.
Enabling OSPF:
Enable the global process
-router ospf (process id)
-- process-id is locally significant
-Must be and up/up interface running IP
Note: Within in OSPF you can have multiple processes within
the global routing table, determined by the process number. Technically you can
have multiple OSPF processes that are unrelated running on the same router.
Typically you use the same ospf process # throughout the
domain. The process # is not included in the any of the hello packets or LSA
information.
Enable the interface process
-network (address) (wildcard ) area (area)
- ip ospf (process-id) area (Area)
Note: Once you initialize the process you must have at least
one interface that is in the UP/UP state. This will be the interface that is
used to generate the OSPF Router ID.
By Default the OSPF Router ID will prefer the highest
loopback address – If there are no up loopback interfaces is the up state, it
will prefer the next highest IP interfaces. Physical or logical interface OSPF
will always prefer the loopback first.
OSPF Router-ID must be unique – it will be used throughout
the domain and in the LSA’s. If there is duplicate Router-ID’s there will be
issues when flooding the domain and eventually running the SPF process.
Once you define the global OSPF process, then you’ll need to
choose what interfaces you want the process to run on and what their area
identifies will be.
With the OSPF Area’s – that will be the boundary of the
flooding domain, also where SPF will be run.
From a database perspective devices in Area 0 would not run
the SPF for devices in Area 2, etc. Area 1 would also be separate from area 2
and other non-backbone areas.
You can issue the process under the interface or process
level. They’re essentially going to have the same affect.
The command under the process is easier to read in the
config.
OSPF Network Statement:
Enables OSPF on the interface
--wildcard mask does not relate to the subnet mask.
Most specific match
wins.
Network 0.0.0. 255.255.255.255 are 0
Network 1.0.0.0 0.255.255.255 area 1
Network 1.2.0.0 0.0.255.255 area 2
Network 1.2.3.0. 0.0.0.255 area 3
Network 1.2.3.4 0.0.0.0 area 4
This config would actually work
Note: the network statement in EIGRP differs from OSPF
because OSPF can have multiple network statements that overlap with each other.
When the overlapping process does occur the – the network statement with the
most specific match towards an interfaces IP address, will ultimately determine
what area that link will run in.
Also, like EIGRP – the network statement does not relate to
the subnet mask of the link. It’s simply used to match the address that is
assigned to the interface.
The only time there would be a different between using the
process or interface level command is if the link was unnumbered or not have an
address at all.
We can verify OSPF is enabled:
-sh ip ospf
-ship ospf interface (brief)
Neighbor and topology discovery:
Like EIGRP, OSPF uses “hello” packets to discover neighbors
-transport via ip protocol 89 (OSPF)
-sent as multicast to 224.0.0.5 or 224.0.0.6, or unicast.
Hello packets contain
attributes that neighbors must agree on to from adjacency
Once adjacency is negotiated, LSDB is exchanged. (link state
database)
Once neighbors discover each other, they can form
adjacencies.
Neighbors that are adjacent should exchange the link state
database. Which means they can use it as an input to the SPF algorithm and come
out with the SPF.
In certain cases, not all neighbors actually form an
adjacency under normal configurations. Also under mis-configurations. This will
ultimately mean that we cannot exchange the link state database and cannot use
The prefix’s for routing.
Negotiating OSPF
adjacencies.
Neighbors must agree on attributes to form adjacency
-not all OSPF neighbors actually form adjacency
-most OSPF configuration problems happen at this stage.
Unique attributes
include……
-local Router-ID - used to identify inside the LSA
database.
The SPF algorithm builds a graph of the network, where the routers are considered the nodes.
And the links are the growth of the network – the links that are connecting the
nodes. The router id is used to identify the nodes.
-Local interface IP
address
Common Attributes
include….
-interface area-ID -- Defines the flooding domain for OSPF>
ex: All routers in Area 0 are in the same flooding domain.
-Hello interval &
dead interval -- Timers that determine
how often we’re sending hello’s and how long to wait to declare a remote
neighbor down. This is the opposite of EIGRP – where EIGRP’s Hellos’ timer
tells the remote neighbor how long to wait before declaring the local neighbor
down. For OSPF they are locally significant – how long does the local routers
wait to declare a neighbor down. Not the neighbor telling the local router.
-interface network
address – Basically the subnet. Has to be on the same local subnet.
-Interface MTU -- This is a protection against problems in the data
plane. EX: if the local MTU is 1000 and the remote is 1200 – all devices should
be sharing the same MTU on the same segment
-Network Type – This
is going to control how OSPF updates are sent across the link. How the next-hop
value is calculated. Also what particular LSA’s are in the database do a
calculation about the graph of the network. Doesn't necessarily have to match
but it must be a compatible value. Basically mean that it is possible for LSA with
the type Broadcast to form with non-broadcast LSA’s.
-Authentication – OSPF supports Null, Clear text and MD5
auth. Null or type 0 is the default.
-Stub Flags – Controls what LSA types the router will accept
in the database for the particular area. Ex: If area 1 is a Stub area – all routers
in that area need to agree on that flag. Same for a NSSA Area.
-Other optional
capabilities
- Opaque LSA’s –
used for extensiblity of other applications, for example MPLS traffic; Traffic
engineering.
- NSF ex: Graceful restart – Normally for SUP redundancy
example on a 6500 with Dual SUP’s
Once OSPF is establishes:
We need to go through a basic verification –
Is OSPF enabled on the interfaces and is it in the correct
areas.
Verificaiton:
#sh ip ospf
# sh ip ospf interface
#Sh ip ospf interface brief - Quick verification that the routers is
running the right process, OSPF is enabled on the correct interfaces, and interfaces,
and the correct area –ID.
Once we know that OSPF is running we can verify the adjacencies.
Verifications:
# Sh ip ospf neighbors - if there’s issues between neighbors.
#debug ip ospf adj --
shows actual hello exchange to help TS neighbors.
Once ADJ is established –
# sh ip ospf database
- The database from any devices in the area – Shows how anyone’s path selection
in the network should occur because devices in the same area should have
identical copies of the database.
No comments:
Post a Comment