CCNP v6 Route: Implementing IP Routing Chapter 3

© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
ROUTE v6 Chapter 3
1
Chapter 3:
Configuring the Open
Shortest Path First Protocol
CCNP ROUTE: Implementing IP Routing

Chapter 3
2© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 3 Objectives
 Describe OSPF terminology and operation within various
enterprise environments.
 Describe the function and operation of packets in OSPF
routing.
 Configure and verify basic OSPF.
 Describe and configure OSPF in various WAN network
types.
 Describe each common LSA types and how they form the
layout of the OSPF LSDB.
 Explain the relationship between and how to interpret the
OSPF LSDB and routing table.
 Configure and verify advanced OSPF features.
 Configure and verify OSPF authentication.

Chapter 3
Understanding
OSPF
Terminology and
Operation

Chapter 3
Open Shortest Path First (OSPF)
 OSPF is a standards-based link-state IP routing protocol
described in RFC 2328.
• It was developed to meet RIP’s inability to scale beyond 15 routers.
• Proposed by IETF in 1988 and formalized in 1991.
• There are 2 versions; OSPFv2 is for IPv4 and OSPFv3 is for IPv6.

Chapter 3
OSPF Features
 OSPF features include:
• Fast convergence
• Supports VLSM
• Efficient use of bandwidth - Routing changes trigger routing updates
(no periodic updates)
• Supports large network size
• Routing based on best path selection
• Grouping of members into Areas

Chapter 3
Link-State Protocol Characteristics
 With link-state routing protocols, each router has the full
picture of the network topology, and can independently
make a decision based on an accurate picture of the
network topology.
 To do so, each link-state router keeps a record of:
• Its immediate neighbor routers.
• All the other routers in the network, or in its area of the network, and
their attached networks.
• The best paths to each destination.

Chapter 3
Link-State Protocol Advantages
 Respond quickly to network changes.
 Send triggered updates when a network change occurs.
 Send periodic updates (link-state refresh), at long intervals,
such as every 30 minutes.
• Uses LSAs to confirm topology information before the information
ages out of the link-state database.

Chapter 3
OSPF Terminology
 OSPF databases / tables:
• OSPF adjacency database = Neighbor table
• OSPF link-state database = Topology table
• OSPF forwarding database = Routing table
 Link-state advertisements (LSAs)
 Link-State Database (LSDB)
 Shortest-Path First (SPF) Routing Algorithm
• Dijkstra algorithm
 SPF Tree
 OSPF Areas
• Backbone (transit) and standard areas.
 Types of OSPF routers:
• Internal router, backbone router, Area Border Router (ABR), Autonomous
System Boundary Router (ASBR)
• Designated Router (DR) and Backup Designated Router (BDR)

Chapter 3
OSPF Router Tables / Databases
 OSPF maintains three databases which are used to create
three tables.
Database Table Description
Adjacency
Database
Neighbor
Table
• List of all neighbors routers to which a router has established
bidirectional communication.
• This table is unique for each router.
• Can be viewed using the show ip ospf neighbor command.
Link-state
Database
Topology
Table
• List of information about all other routers in the network.
• The database shows the network topology.
• All routers within an area have identical link-state databases.
• Can be viewed using the show ip ospf database command.
Forwarding
Database
Routing
Table
• List of routes generated when an algorithm is run on the link-
state database.
• Each router’s routing table is unique and contains
information on how and where to send packets to other
routers.
• Can be viewed using the show ip route command.

Chapter 3
Link-State Advertisements (LSAs)
 When a change occurs in
the network topology, the
router experiencing the
change creates a link-state
advertisement (LSA)
concerning that link.
• LSAs are also called link-state
protocol data units (PDUs).
 The LSA is multicasted to
all neighboring devices
using either 224.0.0.5 or
224.0.0.6.
 Routers receiving the LSA
immediately forward it to
all neighboring routers.

Chapter 3
Link-State Database (LSDB)
 Routers receiving add the
LSA to their link-state
database (LSDB).
 The LSDB is used to
calculate the best paths
through the network.
 OSPF best route
calculation is based on
Edsger Dijkstra's shortest
path first (SPF) algorithm.

Chapter 3
SPF Routing Algorithm
 The SPF algorithm
accumulates costs along
each path, from source to
destination.
• The accumulated costs is then
used by the router to build a
topology table.

Chapter 3
SPF Tree and Routing Table
 The topology table is
essentially an SPF tree
which contains a listing of
all OSPF networks and the
costs to reach them.
 The resulting best routes
are then considered to be
added to the routing table.

Chapter 3
OSPF Areas
 To minimize processing and memory requirements, OSPF
can divide the routing topology into a two-layer hierarchy
called areas.
 Characteristics of OSPF areas include:
• Minimizes routing table entries.
• Localizes impact of a topology change within an area.
• Detailed LSA flooding stops at the area boundary.
• Requires a hierarchical network design.

Chapter 3
OSPF Two-Layer Hierarchy
 Backbone Area
• Referred to as Area 0
• Also known as the Transit Area.
 Regular (Standard) Areas
• Also known as a nonbackbone areas.
• All regular areas must connect to the
backbone area.
• Standard areas can be further
defined as stub areas, totally stubby
areas, and Not-so-stubby areas
(NSSAs).
 The optimal number of routers per area varies based on factors such
as network stability, but Cisco recommends:
• An area should have no more than 50 routers.
• A router should not be in more than 3 areas.

Chapter 3
OSPF Router Types
 How OSPF routers exchange information is based on:
• The function of the router.
• The type of LSAs it can forward.
• The type of area it resides in.
 OSPF routers may function as either:
• Internal router
• Backbone router
• Area Border Router (ABR)
• Autonomous System Boundary Router (ASBR)
 Note:
• A router can exist as more than one router type.

Chapter 3
OSPF Router Types
Internal
Router
Internal
Routers
Internal
Router
All
Backbone
Routers
ABR and
Backbone
Router
ABR and
Backbone
Router
ASBR and
Backbone
Router

Chapter 3
Internal Router
 Routers that have all their interfaces within the same area.
 Internal routers in the same area:
• Have identical LSDBs.
• Run a single copy of the routing algorithm.

Chapter 3
Backbone Router
 OSPF design rules require that all areas be connected to a
single backbone area (Area 0).
• Area 0 is also known as Area 0.0.0.0
 An Area 0 router is referred to as a backbone router.
• Depending on where it resides in Area 0, it may also be called an
Internal router, an ABR, or an ASBR.

Chapter 3
Area Border Router (ABR)
 Routers with interfaces attached to multiple areas and
responsible for:
• Joining areas together.
• Maintaining separate link-state databases for each area.
• Routing traffic destined to/arriving from other areas.
• Summarizing information about each area connected and flooding the
information through area 0 to the other areas connected.
• An area can have one or more ABR.
 ABR cannot send LSU’s to other areas until the entire intra-
area is synchronized.

Chapter 3
Autonomous System Boundary Router (ASBR)
 Routers that have at least one interface connected to
another AS, such as a non-OSPF network.
 Routers support redistribution.
• They can import non-OSPF network information to the OSPF network.
 Should reside in the backbone area.

Chapter 3
OSPF Router Types
 Routers A, B, C, D and E are backbone routers.
• Backbone routers make up Area 0.
 Routers C, D and E are area border routers (ABRs).
• ABRs attach all other areas to Area 0.
 Routers A, B, F, G, and H are internal routers.
• Internal routers are completely within an area and do not interconnect
to any other area or autonomous system (AS).

Chapter 3
DR and BDR Routers
 To reduce the amount of OSPF traffic on multiaccess
broadcast networks such as Ethernet, OSPF elects:
• A Designated Router (DR)
• A Backup Designated Router (BDR)
 The DR is responsible for updating all other OSPF routers
(called DROTHERs) when a change occurs in the
multiaccess network.
• The BDR monitors the DR and takes over should the DR fail.
 A router connected to multiple broadcast networks can be a
DR on one segment and a regular (DROTHER) router on
another segment.

Chapter 3
OSPF Metric Calculation
 The OSPF metric calculation is
based on cost.
 Cost is an indication of the overhead
required to send packets across a
certain interface.
 The cost of an interface is inversely
proportional to the bandwidth of that
interface.
• A higher bandwidth is attributed a lower
cost.
• A lower bandwidth is attributed a higher
cost.
Bandwidth
High
Low
Lower Cost
Higher Cost

Chapter 3
OSPF Cost Formula
 Cost = 100,000,000 / Bandwidth (bps)
 For example:
• 10BaseT = 100,000,000 / 10,000,000 = 10
• T1 = 100,000,000 / 1,544,000 = 64

Chapter 3
OSPF Packets

Chapter 3
OSPF Packet
 OSPF packets are used to perform several functions,
including:
• Neighbor discovery, to form adjacencies.
• Flooding link-state information, to facilitate LSDBs being built in each
router.
• Running SPF to calculate the shortest path to all known destinations.
• Populating the routing table with the best routes to all known
destinations.

Chapter 3
OSPF Packet
Frame Header
Frame Payload
CRC
IP
Header
Protocol Number
(OSPF = 89)
OSPF
Header
OSPF
Message
On a LAN, the OSPF
packet is encapsulated
in an Ethernet frame
with a destination
multicast MAC address
of either:
• 01-00-5E-00-00-05
• 01-00-5E-00-00-06
The destination multicast IP
address is set to either:
• 224.0.0.5 (All OSPF routers
listen to this address.)
• 224.0.0.6 (All DR and BDR
routers listen to this address.
The OSPF protocol field is 89.
The OSPF header
identifies the type
of OSPF packet,
the router ID and
the area number.
The OSPF
message
contains the
packet type
specific
message
information.

Chapter 3
OSPF Header

Chapter 3
OSPF Packet Types

Chapter 3
OSPF Packet Types
 Five packet types make OSPF capable of sophisticated and
complex communications.
Type Packet Name Description
1 Hello
Discovers neighbors and builds
adjacencies between them.
2 DBD
Database description
Checks for database synchronization
between routers.
3 LSR
Link-state request
Requests specific link-state records
from another router.
4 LSU
Link-state update
Sends specifically requested link-state
records.
5 LSAck
Link-State Acknowledgment
Acknowledges the other packet types.

Chapter 3
OSPF Message
Frame
Header
Frame Payload
CRC
IP
Header
Protocol
Number
(OSPF = 89)
OSPF Header OSPF MessageOSPF Message
The OSPF message contains different information, depending on the packet type:
Packet Type Contains
Type 1 - Hello Contains a list of known neighbors.
Type 2 - DBD
Contains a summary of the LSDB, which includes all known router IDs and their last sequence
number, among a number of other fields.
Type 3 - LSR Contains the type of LSU needed and the router ID of the router that has the needed LSU.
Type 4 - LSU Contains the full LSA entries. Multiple LSA entries can fit in one OSPF update packet.
Type 5 - LSAck Data field is empty.

Chapter 3
Type 1 - OSPF Hello Packet
 Hello packets are used to:
• Discover directly connected OSPF neighbors.
• Establish and maintain neighbor adjacencies with these directly
connected neighbors.
• Advertise parameters on which two routers must agree to become
neighbors.
• Elect the Designated Router (DR) and Backup Designated Router
(BDR) on multi-access networks like Ethernet and Frame Relay.

Chapter 3

Chapter 3
 Hello packet fields must match on neighboring routers for them to
establish an adjacency:
• Hello interval
• Dead interval
• Network type.
• Area id
• Authentication password
• Stub area flag
 Two routers on the same network segment may not form an OSPF
adjacency if:
• They are not in the same area
• The subnet masks do not match, causing the routers to be on separate networks.
• The OSPF Hello or Dead Timers do not match.
• The OSPF network types do not match.
• The OSPF network command is missing or incorrect.

Chapter 3
 By default, OSPF Hello packets are transmitted to 224.0.0.5
(all OSPF routers) every:
• 10 seconds (Default on multiaccess and point-to-point networks).
• 30 seconds (Default on NBMA networks – Frame Relay).
 The Dead interval is the period, expressed in seconds, that
the router will wait to receive a Hello packet before
declaring the neighbor "down."
• If the Dead interval expires before the routers receive a Hello packet,
OSPF will remove that neighbor from its link-state database.
• The router floods the link-state information about the "down" neighbor
out all OSPF enabled interfaces.
 Cisco uses a default of 4 times the Hello interval.
• 40 seconds (Default on multiaccess and point-to-point networks).
• 120 seconds (Default on NBMA networks – Frame Relay).

Chapter 3
Type 2 - OSPF DBD Packet
 The Database Description (DBD) packets contain an
abbreviated list of the sending router's link-state database
and is used by receiving routers to check against the local
link-state database.
 The link-state database must be identical on all link-state
routers within an area to construct an accurate SPF tree.

Chapter 3
Type 3 - OSPF LSR Packet
 The Link State Request (LSR) packet is used by the
receiving routers to request more information about any
entry in the DBD.

Chapter 3
Type 4 - OSPF LSU Packet
 The Link-State Update (LSU) packets are used for OSPF
routing updates.
• They reply to LSRs as well as to announce new information.
 LSUs contain seven different types of Link-State
Advertisements (LSAs).
 LSUs contains the full LSA entries.
• Multiple LSA entries can fit in one OSPF update packet.

Chapter 3
Type 5 - OSPF LSAck Packet
 LSAck - Link-State Acknowledgement Packet:
• When an LSU is received, the router sends a LSAck to confirm receipt
of the LSU.
• The LSAck data field is empty.

Chapter 3
OSPF States
 When an OSPF router
is initially connected to
a network it attempts to
create adjacencies
with neighbors.
 To do so, it progresses
through these various
states using the 5
OSPF packet types.
Down State
Init State
Two-Way State
ExStart State
Exchange State
Loading State
Full State
No Hello packets received = Down
Send Hello Packets
Transit to Init state
Neighbor Discovery – Hello Protocol
Hello packets received from the neighbor and it
contains the initial router’s router ID.
Transit to two-way state
(Optional) DR and BDR election
Transit to ExStart state
Database Synchronization
Negotiate master / slave relationship and DBD
packet sequence number
DBD exchanged as LSAs are requested and sent
Transit to either Loading or Full state after
completing the database description
Newly learned routes are asked for and current
database is being processed
Route Calculations
Router is synchronized with the neighbor and
route calculations using the SPF algorithm begins
More LSAs
required
Yes
No

Chapter 3
Neighbor Discovery – Hello Protocol
R1 R2
172.16.5.0 /24
Fa0/0
.1 .2
Fa0/1
Down State
Init State 
Hello! I’m router ID 172.16.5.1. Is there anyone else on this link?
Hello
Hello! I’m router ID 172.16.5.2 and I see 172.16.5.1.
Hello
R2 neighbor list:
172.16.5.1, int Fa0/1
Unicast to R1
R1 neighbor list:
172.16.5.2, int Fa0/0
Two-Way State
Attempt State

Chapter 3
Database Synchronization & Route Calc
R1 R2
172.16.5.0 /24
Fa0/0
.1 .2
Fa0/1
ExStart State 
I will start the exchange because I have router ID 172.16.5.1.
Hello
No, I will start the exchange because I have a higher router ID.
Hello
Here is a summary of my link-state database.
DBD

Here is a summary of my link-state database.
DBD
Exchange State
 Thanks for the information!
LSAck
LSAck
Loading State

I need more information on the 172.16.6.0 network.
LSR
Here is the entry for 172.16.6.0/24.
LSU
 Thanks for the information!
LSAck
Full State

Chapter 3
Adjacent OSPF Neighbors
 Once neighbors adjacencies have been established, the
Hello packet continues to be transmitted every 10 seconds
(default) between neighbors.
• As long as the other routers keep receiving the Hello packets, the
transmitting router and its networks reside in the topology database.
 After the topological databases are synchronized, updates
(LSUs) are sent only to neighbors when:
• A change is perceived (Incremental updates)
• Every 30 minutes (Condensed version is forwarded).

Chapter 3
Link-State Data Structures
 Each LSA entry has its own aging timer, which the link-state
age field carries.
 The default aging timer value for OSPF is 30 minutes (1800
seconds).
 After an LSA entry ages, the router that originated the entry
sends the LSA, with a higher sequence number, in a link-
state update (LSU), to verify that the link is still active.
• The LSU can contain one or more LSAs.
• This LSA validation method saves on bandwidth compared to
distance-vector routers, which send their entire routing table at short,
periodic intervals.

Chapter 3
Link-State Data Structures

Chapter 3
OSPF Administrative Distance
Route Source Administrative Distance
Connected 0
Static 1
EIGRP Summary 5
External BGP 20
Internal EIGRP 90
IGRP 100
OSPF 110
IS IS 115
RIP 120
External EIGRP 170
Internal BGP 200

Chapter 3
Planning OSPF
Routing
Implementations

Chapter 3
Planning to Deploy OSPF
 Prior to deploying an OSPF routing solution, the following
should be considered:
• IP addressing plan
• Network topology
• OSPF areas
 Once the requirements have been assessed, the
implementation plan can be created.

Chapter 3
Implementing OSPF
 The information necessary to implement OSPF routing includes
the following:
• The IP addresses to be configured on individual router interfaces.
• A list of routers on which OSPF is to be enabled, along with the OSPF
process number to use and the connected networks that are to run OSPF
and that need to be advertised (per individual router).
• The area in which each interface is to be configured.
• Metrics that need to be applied to specific interfaces, or OSPF traffic
engineering.
 In the implementation plan, OSPF tasks include the following:
• Enabling the OSPF routing protocol, directly on an interface or by using
the correct network command under the OSPF routing process
configuration mode.
• Assigning the correct area id to the interface, via the OSPF configuration
on the interface or under the OSPF routing process configuration mode.
• Optionally configuring the metric to appropriate interfaces.

Chapter 3
Verifying OSPF
 After implementing OSPF, verification should confirm
proper deployment on each router.
 Verification tasks include verifying:
• Verifying that the appropriate OSPF neighbor relationships and
adjacencies are established
• Verifying that the OSPF LSDB is populated with the necessary
information.
• Verifying that IP routing table is populated with the necessary
information.
• Verifying that there is connectivity in the network between routers and
to other devices.
• Verifying that OSPF behaves as expected in a case of a topology
change, by testing link failure and router failure events.

Chapter 3
Documenting
 After a successful OSPF deployment, the solution and
verification process and results should be documented for
future reference.
 Documentation should include:
• A topology map
• The IP addressing plan
• The area hierarchy
• The networks and interfaces included in OSPF on each router
• The default and any special metrics configured
• The verification results.

Chapter 3
Configuring and
Verifying Basic
OSPF

Chapter 3
Enable OSPF Routing
 Define OSPF as the IP routing protocol.
Router(config)#
router ospf process-id
 The process-id is an internally used number that identifies the
OSPF routing process.
 The process-id does not need to match process IDs on other
routers
 It can be any positive integer in the range from 1 to 65535.

Chapter 3
Identify OSPF Networks
 Define OSPF networks to advertise to OSPF neighbors.
Router(config-router)#
network ip-address [wildcard-mask] area area-id
 The ip-address parameter can be a network, a subnet, or the
address of a directly connected interface.
 The wildcard-mask is an inverse mask used to determine how to
interpret the address.
• The mask has wildcard bits, where 0 is a match and 1 is “don’t
care.”
• For example, 0.0.255.255 indicates a match in the first 2 octets.
• The area-id parameter specifies the OSPF area to be associated
with the address.

Chapter 3
The Wildcard Mask
 Recall that a wildcard mask is the inverse of a subnet mask.
 An easy way to calculate the inverse of the subnet mask, is
to subtract the subnet mask from 255.255.255.255.
 For example, the inverse of subnet mask
255.255.255.252 is 0.0.0.3.
255.255.255.255
– 255.255.255.252
0. 0. 0. 3

Chapter 3
Identify OSPF Networks
 Optional method to enable OSPF explicitly on an interface.
Router(config-if)#
ip ospf process-id area area-id
 The process-id parameter can be a network, a subnet, or the
address of a directly connected interface.
• The area-id parameter specifies the OSPF area to be associated
with the address.
• Because this command is configured explicitly for the interface, it takes
precedence over the network area command.

Chapter 3
Define the Interface Bandwidth
 Defines the interface’s bandwidth (optional).
Router(config-if)#
bandwidth kilobits
 The kilobits parameter indicates the intended bandwidth in kbps.
 For example, to set the bandwidth to 512,000 bps, use the
bandwidth 512 command.
 The configured bandwidth is used by routing protocols in the metric
calculation.
 The command does not actually change the speed of the interface.

Chapter 3
Configuring Single-Area OSPF Example
R2 R3
OSPF Area 0
S0/0/1
S0/0/1
64 kbps
10.2.1.0 /24
.2
.1
R1 Fa0/0
.1
Fa0/0
.2
10.64.0.0 /24
R2(config)# interface Fa0/0
R2(config-if)# ip address 10.64.0.2 255.255.255.0
R2(config-if)# no shut
R2(config-if)# interface S0/0/1
R2(config-if)# bandwidth 64
R2(config-if)# exit
R2(config)#
R1(config)# interface Fa0/0
R1(config-if)# exit
R1(config)#
R3(config)# interface S0/0/1
R3(config-if)# bandwidth 64
R3(config-if)# exit
R3(config)#

Chapter 3
Configuring Single-Area OSPF Example
R2 R3
OSPF Area 0
S0/0/1
S0/0/1
64 kbps
10.2.1.0 /24
.2
.1
R1 Fa0/0
.1
Fa0/0
.2
10.64.0.0 /24
R1(config)# router ospf 1
R1(config-router)# network 10.0.0.0 0.255.255.255 area 0
R1(config-router)#
R2(config-router)#
R3(config-router)#

Chapter 3
Configuring Multi-Area OSPF Example
R2 R3
OSPF Area 0
S0/0/1
S0/0/1
64 kbps
10.2.1.0 /24
.2
.1
R1 Fa0/0
.1
Fa0/0
.2
10.64.0.0 /24
OSPF Area 1
R1(config-router)#
R2(config-router)#
R3(config-router)#

Chapter 3
Alternate Multi-Area OSPF Configuration
R2 R3
OSPF Area 0
S0/0/1
S0/0/1
64 kbps
10.2.1.0 /24
.2
.1
R1 Fa0/0
.1
Fa0/0
.2
10.64.0.0 /24
OSPF Area 1
R1(config-router)#
R2(config-if)# ip ospf 50 area 1
R2(config-if)# exit
R2(config)#
R2(config-router)#
R3(config-router)#

Chapter 3
OSPF Router ID
 A router is known to OSPF by the OSPF router ID number.
• LSDBs use the OSPF router ID to differentiate one router from the
next.
 By default, the router ID is the highest IP address on an
active interface at the moment of OSPF process startup.
• However, for stability reason, it is recommended that the router-
id command or a loopback interface be configured.

Chapter 3
OSPF Router ID
Router ID
explicitly
configured?
Use that as
the Router-ID
Yes
No
Loopback
interface
configured?
Yes
No
Use the highest active
configured IP address
Use the highest
configured loopback IP
address

Chapter 3
Define the Router ID
 Assign a specific router ID to the router.
router-id ip-address
 Any unique arbitrary 32-bit value in an IP address format (dotted
decimal) can be used.
 If this command is used on an OSPF process that is already active,
then the new router ID takes effect:
 After the next router reload.
 After a manual restarting of the OSPF process using the clear
ip ospf process privileged EXEC command.

Chapter 3
Verifying the Router-ID
R2 R3
OSPF Area 0
S0/0/1
S0/0/1
64 kbps
10.2.1.0 /24
.2
.1
R1 Fa0/0
.1
Fa0/0
.2
10.64.0.0 /24
OSPF Area 1
R2# show ip ospf
Routing Process “ospf 50” with ID 10.64.0.2
<output omitted>

Chapter 3
Verifying OSPF
Command Description
show ip protocols Displays OSPF process ID, router ID, networks
router is advertising & administrative distance
show ip ospf neighbors Displays OSPF neighbor relationships.
show ip route Displays the routing table.
show ip ospf interface Displays hello interval and dead interval
show ip ospf
Displays OSPF process ID, router ID, OSPF
area information & the last time SPF algorithm
calculated

Chapter 3
Verifying OSPF: show ip protocols
R1# show ip protocols
Routing Protocol is “ospf 1”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 10.64.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.0.0.0 0.255.255.255 area 0
Reference bandwidth unit is 100 mbps
<output omitted>
Verify routing protocol information on the router.

Chapter 3
Verifying OSPF: show ip ospf neighbors
R2# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.64.0.1 1 FULL/DROTHER 00:00:30 10.64.0.1 FastEthernet0/0
10.2.1.1 1 FULL/ - 00:00:34 10.2.1.1 Serial0/0/1
Display OSPF neighbors.
Lists the neighbors
in the order they
were learned.
The OSPF priority
of the interface.
The OSPF state of the interface.
FULL state means that the router
and its neighbor have identical
OSPF link-state databases.
The amount of time remaining that
the router will wait to receive an
OSPF Hello packet from the
neighbor before declaring the
neighbor down.
The IP address of the neighbor's
interface to which this router is
directly connected.
The interface on which
this router has formed
adjacency with the
neighbor.

Chapter 3
Verifying OSPF: show ip route ospf
R1# show ip route ospf
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.2.1.0/24 [110/782] via 10.64.0.2, 00:03:05, FastEthernet0/0
R1#
Verify that the router recognizes OSPF routes.

Chapter 3
Clearing the OSPF Routing Table
 To clear all routes from the IP routing table, use:
Router# clear ip route *
 To clear a specific route from the IP routing table, use:
Router# clear ip route A.B.C.D

Chapter 3
Verifying OSPF: show ip ospf interface
R1# show ip ospf interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
Internet Address 10.64.0.1/24, Area 0
Process ID 1, Router ID 10.64.0.1, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DROTHER, Priority 0
Designated Router (ID) 10.64.0.2, Interface address 10.64.0.2
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:04
Supports Link-local Signaling (LLS)
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 4
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.64.0.2 (Designated Router)
Suppress hello for 0 neighbor(s)
Verify OSPF configured interfaces.

Chapter 3
Verifying OSPF: show ip ospf
R2# show ip ospf
Routing Process “ospf 50” with ID 10.64.0.2
<output omitted>
Area BACKBONE(0)
Area has no authentication
SPF algorithm last executed 00:01:25.028 ago
SPF algorithm executed 7 times
<output omitted>
Area 1
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:54.636 ago
SPF algorithm executed 3 times
<output omitted>
R2#
Verify general OSPF information.

Chapter 3
Understanding
OSPF Network
Types

Chapter 3
OSPF Network Types
 OSPF defines three types of network:
Network Type Description Example
Broadcast
• A multiaccess broadcast network.
• DR / BDR required.
All Ethernet networks
Point-to-point
• A network that joins a single pair of routers.
• No DR / BDR required.
Serial link using PPP /
HDLC
Nonbroadcast
multiaccess
(NBMA)
• A network that interconnects more than two routers
but that has no broadcast capability.
• DR / BDR may or may not be required.
• There are five modes of OSPF operation available for
NBMA networks:
• RFC-compliant modes:
• non-broadcast
• point-to-multipoint
• Cisco proprietary modes:
• broadcast
• point-to-multipoint non-broadcast
• point-to-point
• The choice of mode depends on the topology of the
NBMA network.
Frame Relay
ATM
X.25

Chapter 3
Broadcast
 DR /BDR election required since there could be many devices.
• Establishing adjacencies with all routers in a broadcast network would easily
overload a router due to the overhead of maintaining those adjacencies.
• Instead, OSPF routers form full adjacencies with the DR and BDR only.
 Packets to all OSPF routers are forwarded to 224.0.0.5.
 Packets to the DR / BDR are forwarded to 224.0.0.6.

Chapter 3
Broadcast Challenge: Multiple Adjacencies
 A challenge of broadcast network is the number of
adjacencies that would be required.
• One adjacency for every pair of routers.
• This would increase network traffic and load on each router to
manage each individual adjacency.

Chapter 3
Broadcast Challenge: Extensive LSAs
 Another challenge is the increase in network LSAs.
• Every LSA sent out also requires an acknowledgement.
 Consequence:
• Lots of bandwidth consumed
• Chaotic traffic

Chapter 3
Solution: Designated Router
 A designated router (DR) and backup designated router
(BDR) solve these challenges because they:
• Reduce routing update traffic
• Manage link-state synchronization

Chapter 3
Designated Router (DR)
 The DR is elected and becomes responsible for maintaining
the topology table for the segment.
 This DR has two main functions:
• To become adjacent to all other routers on the network segment.
• To act as a spokesperson for the network.
 As spokesperson the DR becomes the focal point for
collecting and sending routing information (LSAs).

Chapter 3
Backup Designated Router (BDR)
 For fault tolerance, a second router is elected as the BDR.
• The BDR must also become adjacent to all routers on the network
and must serve as a second focal point for LSAs.
• However, the BDR is not responsible for updating the other routers or
sending network LSAs.
 The BDR keeps a timer on the DR's update activity to
ensure that it is operational.
• If the BDR does not detect activity from the DR after the timer expires,
the BDR immediately becomes the DR and a new BDR is elected.

Chapter 3
DR/BDR
 DRs and BDRs are elected on a per-network basis and
therefore each network segment has its own DR and BDR.
• For example, a router connected to multiple multiaccess broadcast
networks can be a DR on one segment and a regular (DROTHER)
router on another segment.
 The election process is accomplished dynamically using the
Hello protocol.
• However, the election can be manually manipulated the ip ospf
priority number interface configuration command.
 After a DR and BDR have been selected, any router added
to the broadcast network establishes full adjacencies with
the DR and BDR only.

Chapter 3
Assigning Router Priority
 Assign a specific OSPF priority to the router.
Router(config-if)#
ip ospf priority number
 A router interface can have a priority number between 0 - 255:
 0 = DROTHER - Router cannot be a DR
 1 = Favorable - Default for all routers
 255 = Very favorable - Ensures at least of a tie.
 The priority must be configured before the election takes place to figure
into the election.
 To display an interface's priority value and other key information use the
show ip ospf interface command.

Chapter 3
The Election of the DR
1. All neighbors with a priority > 0 are listed.
2. The router with highest priority is elected BDR.
If there is a tie, the highest router IDs are used.
3. If there is no DR, the BDR is promoted as DR.
4. The neighbor with the next highest priority is elected BDR.

Chapter 3
Manipulating the Election Process
 The DR / BDR maintain these roles until they fail even when
more routers with higher priorities show up on the network.
 To influence the election of DR & BDR, do one of the
following:
• Boot up the DR first, followed by the BDR, and then boot all other
routers.
OR
• Shut down the interface on all routers, followed by a no shutdown
on the DR, then the BDR, and then all other routers.

Chapter 3
Point-to-Point
 Both routers become fully adjacent to each another.
 Usually a serial interface running either PPP or HDLC.
• May also be a point-to-point subinterface running Frame Relay or ATM.
 No DR /BDR election required since there are only two devices.
 OSPF autodetects this type of network.
 Packets are sent to 224.0.0.5.

Chapter 3
OSPF over MPLS
 Multi-Protocol Label Switching (MPLS) is an Internet
Engineering Task Force (IETF) standard architecture that
combines the advantages of Layer 3 routing with the
benefits of Layer 2 switching.
 A unique feature of MPLS is its capability to perform label
stacking, in which multiple labels can be carried in a packet.
 The top label, which is the last one in, is always processed
first.
• Label stacking enables multiple LSPs to be aggregated, thereby
creating tunnels through multiple levels of an MPLS network.

Chapter 3
OSPF over Layer 3 MPLS VPN
 The customer and provider edge routers are running OSPF.
• However the internal provider routers do not.
 The customer has to agree upon OSPF parameters with the
service provider (SP) to ensure connectivity.
• These parameters are often governed by the SP.

Chapter 3
OSPF over Layer 2 MPLS VPN
 The Layer 2 MPLS VPN backbone and the provider routers
are not visible to the customer routers.
• A neighbor relationship is established directly between OSPF enabled
routers over the MPLS backbone, and behaves in the same way as
on an Ethernet broadcast network therefore DR and BDR routers are
elected.

Chapter 3
Nonbroadcast Multiaccess (NBMA)
 Frame Relay, ATM, and X.25 are examples of NBMA
networks.
 The default OSPF hello and dead intervals on NBMA
interfaces are 30 seconds and 120 seconds, respectively.
 Although NBMA networks can support more than two
routers, they have no inherent broadcast capability.
• This can create reachability issues.
 To implement broadcasting or multicasting, the router
replicates the packets to be broadcast or multicast and
sends them individually on each permanent virtual circuit
(PVC) to all destinations.
• This process is CPU and bandwidth intensive.

Chapter 3
DR Election in an NBMA Topology
 By default, OSPF cannot automatically build adjacencies
with neighbor routers over NBMA interfaces.
 OSPF considers the NBMA environment to function
similarly to other multiaccess media such as Ethernet.
• However, NBMA networks are usually hub-and-spoke (star)
topologies using PVCs or switched virtual circuits (SVCs).
• In these cases, the physical topology does not provide the
multiaccess capability on which OSPF relies.
 The election of the DR becomes an issue in NBMA
topologies because the DR and BDR need to have full
Layer 2 connectivity with all routers in the NBMA network.
 The DR and BDR also need to have a list of all the other
routers so that they can establish adjacencies.

Chapter 3
OSPF over NBMA Topology
 Depending on the network topology, several OSPF
configuration choices are available for a Frame Relay
network.

Chapter 3
OSPF over NBMA Topology
 There are five NBMA topology modes of operation:
• Two official OSPF modes described in RFCs
• Three customized Cisco modes.
 RFC 2328-compliant modes are as follows:
• Nonbroadcast (NBMA)
• Point-to-multipoint
 Cisco modes are as follows:
• Point-to-multipoint nonbroadcast
• Broadcast
• Point-to-point
 OSPF NBMA topology modes are configured using the ip
ospf network interface configuration command.
• Some modes require that a neighbor be manually configured using
the neighbor router configuration command.

Chapter 3
Assign an NBMA Topology Mode
 Define an OSPF network type on an interface.
Router(config-if)#
ip ospf network [{non-broadcast | point-to-multipoint [non-
broadcast] | broadcast | point-to-point}]
 The choice of mode depends on the NBMA topology.
 The default OSPF mode on a Frame Relay:
• Interface is non-broadcast mode.
• Point-to-point subinterface is point-to-point mode.
• Multipoint subinterface is non-broadcast mode.

Chapter 3
NBMA Topology Modes of Operation
NBMA Modes Description
non-broadcast
(RFC-compliant)
• One IP subnet.
• Neighbors must be manually configured.
• DR and BDR are elected.
• DR and BDR need to have full connectivity with all other routers.
• Typically used in a full- or partial-mesh topology.
point-to-multipoint
(RFC-compliant)
• One IP subnet.
• Uses a multicast OSPF hello packet to automatically discover the neighbors.
• DR and BDR are not required. The router sends additional LSAs with more information about
neighboring routers.
• Typically used in a partial-mesh or star topology.
point-to-multipoint
nonbroadcast
(Cisco proprietary)
• If multicast and broadcast are not enabled on the VCs, the RFC-compliant point-to-multipoint
mode cannot be used, because the router cannot dynamically discover its neighboring
routers using the hello multicast packets; this Cisco mode should be used instead.
• Neighbors must be manually configured.
• DR and BDR election is not required.
broadcast
(Cisco proprietary)
• Makes the WAN interface appear to be a LAN.
• One IP subnet.
• Uses a multicast OSPF hello packet to automatically discover the neighbors.
• DR and BDR are elected.
• Full- or partial-mesh topology.
point-to-point
(Cisco proprietary)
• Different IP subnet on each subinterface.
• No DR or BDR election.
• Used when only two routers need to form an adjacency on a pair of interfaces.
• Interfaces can be either LAN or WAN.

Chapter 3
Identify a Neighboring Router
 Statically define adjacent relationships in NBMA networks.
neighbor ip-address [priority number] [poll-interval
number] [cost number] [database-filter all]
Parameter Description
ip-address • Specifies the IP address of the neighboring router.
priority number
• (Optional) Specifies priority of neighbor. The default is 0, which
means that the neighboring router does not become the DR or BDR.
poll-interval number
• (Optional) Specifies how long an NBMA interface waits before
sending hellos to the neighbors even if the neighbor is inactive. The
poll interval is defined in seconds.
cost number
• (Optional) Assigns a cost to the neighbor in the form of an integer
from 1 to 65535. Neighbors with no specific cost configured assume
the cost of the interface based on the ip ospf cost command.
• For point-to-multipoint interfaces, the cost keyword and the
number argument are the only options that are applicable. This
keyword does not apply to nonbroadcast mode.
database-filter all • (Optional) Filters outgoing LSAs to an OSPF neighbor.

Chapter 3
Non-Broadcast Mode Example (Full-Mesh)
 Characteristics of the RFC-
compliant non-broadcast
parameter include:
• A full-mesh topology is typically
used therefore the DR and BDR
are dynamically elected.
• DR / BDR require full connectivity
with all other routers.
• One IP subnet.
• OSPF neighbors must be
manually configured.
R1(config-if)# ip ospf network non-broadcast
R1(config-if)# exit
R1(config-router)# neighbor 192.168.1.2
R1(config-router)# neighbor 192.168.1.3

Chapter 3
Non-Broadcast Mode Example (Partial-Mesh)
compliant non-broadcast
parameter include:
• If a partial-mesh topology is used
then the DR and BDR are elected
manually using the priority
parameter on the hub router.
• One IP subnet.
R1(config-if)# ip ospf network non-broadcast
R1(config-if)# exit
R1(config-router)# neighbor 192.168.1.2 priority 0

Chapter 3
Point-to-multipoint Mode Example
compliant point-to-
multipoint parameter
include:
• Used with partial-mesh or hub-
and-spoke (star) topology.
• One IP subnet.
• DR and BDR not required.
• Uses multicast OSPF hello
packets to dynamically discover
neighbors.
R1(config-if)# ip ospf network point-to-multipoint
R1(config-if)# exit
R1(config-router)#

Chapter 3
Point-to-multipoint non-broadcast Mode
 Characteristics of Cisco’s
point-to-multipoint non-
broadcast parameter include:
• Used in special cases where
neighbors cannot be automatically
discovered.
R1(config-if)# ip ospf network point-to-multipoint non-broadcast
R1(config-if)# exit
R1(config-router)# neighbor 192.168.1.2 cost 10
R1(config-router)# neighbor 192.168.1.3 cost 20

Chapter 3
Broadcast Mode Example
broadcast parameter include:
• DR and BDR are elected and
require full connectivity with all
other routers.
• Can be configured for a full-mesh
topology or a static election of the
DR based on the interface priority.
• One IP subnet.
• Uses multicast OSPF hello
packets to dynamically discover
neighbors.
R1(config-if)# ip ospf network broadcast
R1(config-if)# exit
R1(config-router)#

Chapter 3
Point-to-point Mode Example
point-to-point parameter
include:
• Partial mesh or star topology.
• Only IP subnet.
R1(config-if)# encapsulation frame-relay
R1(config-if)# ip ospf network point-to-point
R1(config-if)# exit
R1(config-router)#

Chapter 3
Subinterfaces
 OSPF can also be run over subinterfaces.
• A subinterface is a physical interface that can be split into multiple
logical interfaces.
• Each subinterface requires an IP subnet.
 Subinterfaces can be defined as either a point-to-point or
multipoint interface.
• A point-to-point subinterface has similar properties to a physical point-
to-point interface.
 Note:
 The ip ospf network command is not required.

Chapter 3
Define a Subinterface
 Define a subinterface.
Router(config)#
interface serial number.subinterface-number {multipoint
| point-to-point}
number.subinterface-
number
Specifies the interface number and subinterface number.
The subinterface number is in the range of 1 to
4294967293.
The interface number that precedes the period (.) is the
interface number to which this subinterface belongs.
multipoint
Specifies that the subinterface is multipoint; on multipoint
subinterfaces routing IP, all routers are in the same subnet.
point-to-point
Specifies that the subinterface is point-to-point; on point-to-
point subinterfaces routing IP, each pair of point-to-point
routers is in its own subnet.

Chapter 3
Using Point-to-point Subinterfaces
 Characteristics:
• Same properties as any physical
point-to-point physical interface
• One IP subnet per subinterface
pair.
• Used when only 2 routers need to
form an adjacency on a pair of
interfaces.}
R1(config-if)# interface S0/0/0.1 point-to-point
R1(config-subif)# ip address 10.1.1.1 255.255.255.0
R1(config-subif)# interface S0/0/0.2 point-to-point
R1(config-subif)# router ospf 1

Chapter 3
Using Multipoint Subinterfaces
 The example has one point-to-point
subinterface and one multipoint
subinterface.
• The multipoint subinterface supports two
other routers in a single
 Multipoint Frame Relay
subinterfaces default to OSPF
nonbroadcast mode, which requires
neighbors to be statically configured
and a DR and BDR election.
R1(config-if)# interface S0/0/0.1 point-to-point
R1(config-subif)# interface S0/0/0.2 multipoint
R1(config-subif)# router ospf 1

Chapter 3
OSPF over NBMA Topology Summary
OSPF Mode
NBMA
Preferred
Topology
Subnet
Address Hello Timer Adjacency RFC or
Cisco Example
Non-broadcast
Full or partial
mesh
Same 30 sec
Manual
configuration
DR/BDR elected
RFC
Frame Relay
configured on a
serial interface
Point-to-
multipoint
Partial mesh or
star
Same 30 sec
Automatic
No DR/BDR
RFC
OSPF over Frame
Relay mode that
eliminates the need
for a DR; used when
VCs support
multicast and
broadcast
Point-to-
multipoint
nonbroadcast
Partial mesh or
star
Same 30 sec
Manual
configuration
No DR/BDR
Cisco
OSPF over Frame
Relay mode that
eliminates the need
for a DR; used when
VCs do not support
multicast and
broadcast
Broadcast
Full or partial
mesh
Same 10 sec
Automatic
DR/BDR elected
Cisco
LAN interface such
as Ethernet
Point-to-point
Partial mesh or
star, using
subinterfaces
Different for
each
subinterface
10 sec
Automatic
No DR/BDR
Cisco
Serial interface with
point-to-point
subinterfaces

Chapter 3
Understanding
OSPF LSAs

Chapter 3
LSAs
 LSAs are the building blocks of the OSPF LSDB.
• Individually, LSAs act as database records.
• When combined, they describe the entire topology of an OSPF area.
 There are several types of OSPF network LSAs
• Not all are in use.
LSA Type Description
1 Router LSA
2 Network LSA
3 and 4 Summary LSAs
5 AS external LSA
6 Multicast OSPF LSA
7 Defined for NSSAs
8 External attributes LSA for Border Gateway Protocol (BGP)
9, 10, or 11 Opaque LSAs

Chapter 3
LSA Type 1: Router LSA
 Generated by all routers in an area to describe their directly
attached links (Intra-area routes).
• Floods within its area only and cannot cross an ABR.
• LSA includes list of directly attached links and is identified by the router
ID of the originating router
• Routing Table Entry = O

Chapter 3
LSA Type 1: Link Types
Link Type Description Link-state ID
1
Point-to-point connection to another
router
Neighboring router ID
2 Connection to a transit network IP address of DR
3 Connection to a stub network IP network/subnet number
4 Virtual link Neighboring router ID

Chapter 3
LSA Type 2: Network LSA
 Advertised by the DR of the broadcast network.
• Floods within its area only; does not cross ABR.
• Link-state ID is the DR.
• Routing Table Entry = O

Chapter 3
LSA Type 3: Summary LSA
 Advertised by the ABR of originating area.
• Regenerated by subsequent ABRs to flood throughout the autonomous
system.
• By default, routes are not summarized, and type 3 LSA is advertised for
every subnet.
• Link-state ID is the network or subnet advertised in the summary LSA
• Routing Table Entry = O IA

Chapter 3
LSA Type 4: Summary LSA
 Generated by the ABR of the originating area to advertise
an ASBR to all other areas in the autonomous system.
• They are regenerated by all subsequent ABRs to flood throughout the
autonomous system.
• Link-state ID is the router ID of the ASBR.
• Routing Table Entry = O IA

Chapter 3
LSA Type 5: External LSA
 Used by the ASBR to advertise networks from other
autonomous systems.
• Type 5 LSAs are advertised and owned by the originating ASBR.
• The Link-state ID is the external network number.
• Routing Table Entry = O E1 or O E2

Chapter 3
LSA Type 7: NSSA LSA
 Generated by an ASBR inside a Not-so-stubby area
(NSSA) to describe routes redistributed into the NSSA.
• LSA 7 is translated into LSA 5 as it leaves the NSSA.
• Routing Table Entry = O N1 or O N2
• Much like LSA 5, N2 is a static cost while N1 is a cumulative cost that
includes the cost up to the ASBR.
ABR

Chapter 3
Interpreting the
OSPF LSDB
and Routing
Table

Chapter 3
Interpreting the OSPF Database
R1# show ip ospf database
OSPF Router with ID (10.0.0.11) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.0.0.11 10.0.0.11 548 0x80000002 0x00401A 1
10.0.0.12 10.0.0.12 549 0x80000004 0x003A1B 1
100.100.100.100 100.100.100.100 548 0x800002D7 0x00EEA9 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.31.1.3 100.100.100.100 549 0x80000001 0x004EC9
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.0.0 10.0.0.11 654 0x80000001 0x00FB11
10.1.0.0 10.0.0.12 601 0x80000001 0x00F516
<output omitted>
Use the show ip ospf database command to gather link
state information.

Chapter 3
LSA Sequence Numbering
 Each LSA in the LSDB maintains a sequence number.
• The sequence numbering scheme is a 4-byte number that begins with
0x80000001 and ends with 0x7FFFFFFF.
 OSPF floods each LSA every 30 minutes to maintain proper
database synchronization.
• Each time the LSA is flooded, the sequence number is incremented by
one.
 Ultimately, an LSA sequence number will wrap around to
0x80000001.
• When this occurs, the existing LSA is prematurely aged to maxage (one
hour) and flushed.
 When a router encounters two instances of an LSA, it must
determine which is more recent.
• The LSA having the newer (higher) LS sequence number is more recent.

Chapter 3
Route Designator in Routing Table
Route Designator Description
O OSPF intra-area (router LSA) and network LSA
• Networks from within the router’s
area. Advertised by way of router
LSAs and network LSAs.
O IA OSPF interarea (summary LSA)
• Networks from outside the router’s
area but within the OSPF AS.
Advertised by way of summary LSAs.
O E1 Type 1 external routes
AS, advertised by way of external
LSAs.
O E2 Type 2 external routes
AS, advertised by way of external
LSAs.
R1# show ip route
<output omitted>
Gateway of last resort is not set
172.31.0.0/24 is subnetted, 2 subnets
O IA 172.31.2.0 [110/1563] via 10.1.1.1, 00:12:35, FastEthernet0/0
O IA 172.31.1.0 [110/782] via 10.1.1.1, 00:12:35, FastEthernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
C 10.200.200.13/32 is directly connected, Loopback0
C 10.1.3.0/24 is directly connected, Serial0/0/0
O 10.1.2.0/24 [110/782] via 10.1.3.4, 00:12:35, Serial0/0/0
C 10.1.1.0/24 is directly connected, FastEthernet0/0
O 10.1.0.0/24 [110/782] via 10.1.1.1, 00:12:37, FastEthernet0/0
O E2 10.254.0.0/24 [110/50] via 10.1.1.1, 00:12:37, FastEthernet0/0

Chapter 3
Best Path Calculation
1. All routers calculate the best paths to destinations within
their area (intra-area) and add these entries to the routing
table.
• Includes type 1 and 2 LSAs, noted with a designator of O.
2. All routers calculate the best paths to the other areas.
• Includes type 3 and 4 LSAs, noted with a designator of O IA.
3. All routers (except stub areas) calculate the best paths to
the external autonomous system (type 5) destinations.
• Includes either external type 1 (E1), indicated with an O E1 or
external type 2 (E2), indicated with an O E2.

Chapter 3
ASBR – Type 1 and 2 Routes
 The cost of an external route varies, depending on the
external type configured on the ASBR.
 An ASBR can be configured to send out two types of
external routes into OSPF.
• Denoted in the routing table as E1 for Type 1
• Denoted in the routing table as E2 for Type 2.
 Depending on the type, OSPF calculates the cost of
external routes differently.

Chapter 3
ASBR – Type 1 and 2 Routes
 O E1 Routes
• The metric is calculated by adding the external cost to the internal
cost of each link that the packet crosses.
• Use this packet type when there are multiple ASBRs advertising a route to
the same autonomous system.
 O E2 Routes
• The packet will always have the external cost assigned, no matter
where in the area it crosses.
• Default setting on ASBRs.
• Use this packet type if only one router is advertising a route to the
autonomous system.
• Type 2 routes are preferred over Type 1 routes unless two equal cost
routes exist to the destination.

Chapter 3
E2 Routes
 By default, RTA uses a Type 2 metrics to send external routing
information.
 RTB will receive the external RIP routes, including 9.0.0.0/8 from RTA.
 When RTB forwards this route, the metric for the external route remains
the same (in this case, 20).

Chapter 3
E1 Routes
 If RTA is configured to use a Type 1 metric with external
routes, OSPF will increment the metric value of the external
route according to its standard cost algorithm.

Chapter 3
Configuring OSPF LSDB Overload Protection
 Limit the processing of LSAs for a defined OSPF process.
max-lsa maximum-number [threshold-percentage] [warning-only]
[ignore-time minutes] [ignore-count count-number] [reset-
time minutes]
maximum-number Maximum number of LSAs that the OSPF process can keep in the OSPF LSDB.
threshold-percentage
(Optional) The percentage of the maximum LSA number, as specified by the
maximum-number argument, at which a warning message is logged. The
default is 75 percent.
warning-only
(Optional) Specifies that only a warning message is sent when the maximum
limit for LSAs is exceeded; the OSPF process never enters ignore state.
Disabled by default.
ignore-time minutes
(Optional) Specifies the time, in minutes, to ignore all neighbors after the
maximum limit of LSAs has been exceeded. The default is 5 minutes.
ignore-count count-
number
(Optional) Specifies the number of times that the OSPF process can
consecutively be placed into the ignore state. The default is five times.
reset-time minutes
(Optional) Specifies the time, in minutes, after which the ignore count is reset to
0. The default is 10 minutes.

Chapter 3
Configuring and
Verifying
Advanced OSPF
Features

Chapter 3
OSPF Passive-Interface
 Prevent OSPF updates out a specified router interface.
passive-interface type number [default]
 Set a particular interface or all router interfaces to passive.
 The default option sets all router interfaces to passive.
 For OSPF, the command:
 The specified interface appears as a stub network in the OSPF
domain
 The OSPF routing information is neither sent nor received through
the specified router interface.
 Prevents neighbor relationships from being established.

Chapter 3
Passive-Interface Example
R1(config-router)# passive-interface fa0/0
R1(config-router)#
R2(config-router)# passive-interface fa0/0
R2(config-router)#
Alternate configuration:
R1(config-router)# passive-interface default
R1(config-router)# no passive-interface S0/0/0
R2(config-router)# passive-interface default
Fa0/0Fa0/0
R1 R2
172.16.1.0 /24
Internet
192.168.1.0 /27
172.17.2.0 /24
64 kbps
192.168.1.96 /27
.101
.102
S0/0/1
S0/0/0
S0/0/0
.1
.1.1

Chapter 3
Propagating a Default Route
 To propagate a default route in OSPF, use the default-
information originate router configuration
command.
• A default static rote also needs to be configured on the originating
router
 Once configured, the default route has to be propagated
into the OSPF domain.

Chapter 3
default-information originate Command
 Configures a router to generate a default external route into an OSPF
routing domain.
default-information originate [always] [metric metric-value]
[metric-type type-value] [route-map map-name]
always
(Optional) Specifies that OSPF always advertises the default route
regardless of whether the router has a default route in the routing table.
metric
metric-value
(Optional) A metric used for generating the default route. If you omit a value
and do not specify a value using the default-metric router configuration
command, the default metric value is 1. Cisco IOS Software documentation
indicates that the default metric value is 10; testing shows that it is actually
1.
metric-type
type-value
(Optional) The external link type that is associated with the default route
that is advertised into the OSPF routing domain. It can be one of the
following values: 1—Type 1 external route 2—Type 2 external route. The
default is type 2 external route (indicated by O*E2 in the routing table).
route-map
map-name
(Optional) Specifies that the routing process generates the default route if
the route map is satisfied.

Chapter 3
default-information originate Example
R1(config-router)# default-information originate metric 10
R1(config-router)# exit
R1(config)# ip route 0.0.0.0 0.0.0.0 172.16.1.2
R1(config)#
R1
R2
OSPF Domain
ISP A.1
172.16.1.0 /24
.2
ISP B
10.1.1.1
10.2.1.1
.1
172.17.1.0 /24
.2
0.0.0.0 Cost 10
0.0.0.0 Cost 100
R2(config-router)# default-information originate metric 100
R2(config-router)# exit
R2(config)# ip route 0.0.0.0 0.0.0.0 172.17.1.2
R2(config)#

Chapter 3
Route Summarization
 Route summarization involves consolidating multiple routes
into a single advertisement.
 Proper route summarization directly affects the bandwidth,
memory and CPU, that are consumed by the OSPF
process.
• If a network link fails or flaps, the topology change will not be
propagated into the backbone or other areas.
• It protects routers from needless routing table recalculations.
• Because the SPF calculation places a significant demand on the
router's CPU, proper summarization is an imperative part of OSPF
configuration.

Chapter 3
Using Route Summarization
IA 172.16.16.0 255.255.252.0
IA 172.16.8.0 255.255.248.0

Chapter 3
Types of Route Summarization
 Inter-area summarization
• Performed at the ABR and creates Type 3 LSAs.
 External summarization
• Performed at the ASBR and creates Type 5 LSAs.
 Both have the same fundamental requirement of contiguous
addressing.
 If summarization is not configured correctly and there are
multiple ASBRs, or multiple ABRs in an area, suboptimal
routing is possible.
• For example, summarizing overlapping ranges from two different
routers can cause packets to be sent to the wrong destination.

Chapter 3
Intra-Area Summarization
 Configure an ABR to summarize routes for a specific area.
area area-id range address mask [advertise | not-advertise]
[cost cost]
area area-id Identifies the area subject to route summarization.
address The summary address designated for a range of addresses.
mask The IP subnet mask used for the summary route.
advertise
(Optional) Sets the address range status to advertise and generates a
type 3 summary LSA.
not-advertise
(Optional) Sets the address range status to DoNotAdvertise. The type
3 summary LSA is suppressed, and the component networks remain
hidden from other networks.
cost cost
(Optional) Metric or cost for this summary route, which is used during
the OSPF SPF calculation to determine the shortest paths to the
destination. The value can be 0 to 16777215.

Chapter 3
Intra-Area Summarization Example
R1(config-router)# area 0 range 172.16.96.0 255.255.224.0
R1(config-router)#
R2(config-router)#
Area 0
172.16.96.0 /24 - 172.16.127.0 /24
Area 1
172.16.32.0 /24 - 172.16.63.0 /24
Area 2
172.16.64.0 /24 - 172.16.95.0 /24
R1 R2

Chapter 3
External Summarization
 Configure an ASBR to summarize external routes.
summary-address ip-address mask [not-advertise] [tag tag]
ip-address The summary address designated for a range of addresses.
mask The IP subnet mask used for the summary route.
not-advertise (Optional) Used to suppress routes that match the address/mask pair.
tag tag
(Optional) A tag value that can be used as a “match” value to control
redistribution via route maps.

Chapter 3
External Summarization
R1(config-router)# summary-address 172.16.32.0 255.255.224.0
R1(config-router)#
External AS – RIPv2
172.16.32.0 /24 – 172.16.63.0 /24
OSPF Area 1
172.16.64.0 /24
OSPF Area 0
R1 R2
ABR
.1

Chapter 3
Virtual Links
 Virtual links are used to connect a discontiguous area to
area 0.
 A logical connection is built between router A and router B.
 Virtual links are recommended for backup or temporary
connections.

Chapter 3
LSAs on Virtual Links
 LSAs usually age out after 30 minutes.
• However, LSAs learned across virtual links have the DoNotAge (DNA)
option set.
• Required to prevent excessive flooding over virtual links.
 To identify an area as a virtual link, use the area area-id
virtual-link router configuration command.

Chapter 3
Configuring Virtual Links
 Define an OSPF virtual link.
area area-id virtual-link router-id [authentication [message-
digest | null]] [hello-interval seconds] [retransmit-
interval seconds] [transmit-delay seconds] [dead-interval
seconds] [[authentication-key key] | [message-digest-key
key-id md5 key]]
area-id Specifies the area ID of the transit area for the virtual link.
router-id Specifies the router ID of the virtual link neighbor.
authentication (Optional) Specifies an authentication type.
message-digest (Optional) Specifies the use of MD5 authentication.
null (Optional) Overrides authentication if configured.
hello-interval seconds (Optional) Specifies the time between the hello packets (default 10).
retransmit-interval seconds (Optional) Specifies the time between LSA retransmissions (default 5).
transmit-delay seconds (Optional) Specifies the time to send an LSU packet (default 1).
dead-interval seconds (Optional) Specifies the dead-interval time (default 40).
authentication-key key (Optional) Specifies the password for simple password authentication.
message-digest-key key-id md5 key (Optional) Identifies the key ID and key for MD5 authentication.

Chapter 3
Virtual-Link Example
R1(config-router)# area 1 virtual-link 10.2.2.2
R1(config-router)#
Area 0
10.0.0.0
Area 1
172.16.0.0
Area 0
10.0.0.0
R1 R2
Router-ID
10.1.1.1
Router-ID
10.2.2.2
R2(config-router)# area 1 virtual-link 10.1.1.1
R2(config-router)#

Chapter 3
Verifying a Virtual-Link Example
Area 0
10.0.0.0
Area 1
172.16.0.0
Area 0
10.0.0.0
R1 R2
Router-ID
10.1.1.1
Router-ID
10.2.2.2
R1# show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 10.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface Serial0/0/1, Cost of using 781
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
R1#

Chapter 3
Changing the Reference Bandwidth
 The reference bandwidth defaults to 108 (100,000,000 bps
or 100 Mbps).
• This can be a problem when using interfaces faster than 100 Mbps
and higher since they would all have the same OSPF cost of 1.
 The reference bandwidth can be modified using the auto-
cost reference-bandwidth router configuration
command.

Chapter 3
Changing the Reference Bandwidth
 Change the reference bandwidth for faster interfaces.
auto-cost reference-bandwidth ref-bw
 The rf-bw parameter is the reference bandwidth in megabits per
second.
 The range is from 1 to 4,294,967.
 The default is 100.
 Use this command if interfaces are faster than 100 Mbps.
 The command must be configured on all OSPF routers to ensure accurate
route calculations.

Chapter 3
Modifying the Cost of a Link
 The cost of a link can be modified using either the:
• bandwidth interface command
• ip ospf cost interface command
 The configured bandwidth value is used by the SPF
algorithm to calculate the cost.
• For example, configuring the bandwidth 128 command on a serial
interface would generate a cost of 1,562.
• Cost = 100,000,000 / 128,000 = 1,562.
 Using the ip ospf cost interface command achieves
the same result without the calculation.
• For example, the interface cost could be statically configured using
the ip ospf cost 1562 command.

Chapter 3
Override the Default Interface Cost
 Manually define the cost of an interface.
Router(config-if)#
ip ospf cost interface-cost
 The interface-cost is an integer from 1 to 65,535.
 The lower the number, the better (and more preferred) the link.
 Can be used as an alternative to the bandwidth command.

Chapter 3
OSPF Two-Layer Hierarchy - Review
 Backbone Area
• Referred to as Area 0
• Also known as the Transit Area.
 Regular (Standard) Areas
• Also known as a nonbackbone areas.
• All regular areas must connect to the backbone area.

Chapter 3
OSPF Special Area Types
 The OSPF standard area can be further divided into four
types of stub areas:
• Stub area
• Totally stubby area
• NSSA
• Totally stubby NSSA

Chapter 3
OSPF Area Types
Area Type
Accepts
routes within
area
(O)
Accepts
routes from
other areas
(O IA)
Accepts
external
routes
(O E1 and O E2)
Allows ASBR
Cisco
proprietary
Standard Yes Yes Yes Yes No
Backbone Yes Yes Yes Yes No
Stub Yes Yes
No
(uses default
route)
No No
Totally stubby Yes
No
(uses default
route)
No
(uses default
route)
No Yes
NSSA Yes Yes
No
(uses default
route)
Yes No
Totally stubby
NSSA
Yes
No
(uses default
route)
No
(uses default
route)
Yes Yes

Chapter 3
Stub and Totally Stub Area Characteristics
 An area qualifies as stub or totally stubby area if it has the
following characteristics:
• The area is not the backbone area (area 0).
• There is a single exit point from that area.
• If there are multiple exits, one or more ABRs should inject a default route
into the stub area however suboptimal routing paths might occur.
• There is no ASBR inside the area.
• The area is not used as a transit area for virtual links.

Chapter 3
Stub and Totally Stub Area Characteristics
 All OSPF routers inside the stub area, including ABRs, are
configured as stub routers using the area area-id
stub router configuration command.
 By default, the ABR of a stubby or totally stubby area
advertises a default route with a cost of 1.
• To change the cost of the default route, use the area area-id
default-cost cost router configuration command.

Chapter 3
Configure a Stub Area
 Identify an area as a stub network.
area area-id stub
 The area-id parameter is the identifier for the stub area and can be
either a decimal value or a value in dotted-decimal format, like an IP
address.

Chapter 3
Change the Default Cost
 Define the cost of the default route injected into the stub stubby area.
area area-id default-cost cost
 The cost parameter is for the default summary route.
 The acceptable values are 0 through 16777215.
 The default is 1.
 If this command has not been configured, the ABR will advertise 0.0.0.0
with a default cost metric of 1 plus any internal costs.

Chapter 3
Stub Area
 Typically used in a hub-and-spoke network.
 Area does not accept external summary routes from non-OSPF
sources (e.g., RIP, EIGRP).
• Specifically, it does not accept Types 4 and 5 LSAs.
• A default route (0.0.0.0) is propagated throughout the area to send a
packet to an external network.

Chapter 3
Configuring a Stub Area
R3(config)# interface FastEthernet0/0
R3(config-if)# interface Serial 0/0/0
R3(config-if)# router ospf 100
R3(config-router)# network 192.168.14.0.0 0.0.0.255 area 0
R3(config-router)# area 2 stub
R3(config-router)#
External AS
R3
ABR
.1
R4
.1 .2
Fa0/0 S0/0/0 S0/0/0
192.168.15.0 /30192.168.14.0 /24
OSPF Area 0 Stub Area 2
R4(config-router)#

Chapter 3
Totally Stubby Area
 Cisco proprietary solution that is better than stub area.
 Area does not accept external AS routes or inter-area routes.
• Specifically, it does not accept Types 3, 4 and 5 LSAs.
• It recognizes only intra-area routes and the default route 0.0.0.0.
• A default route (0.0.0.0) is propagated throughout the area.

Chapter 3
Configure a Totally Stubby Area
 Identify an ABR as a totally stubby network.
area area-id stub no-summary
 Command is only configured on the ABR.
 All other routers in the totally stubby area are configured as stub routers.
 The area-id parameter is the identifier for the stub area and can be
either a decimal value or a value in dotted-decimal format, like an IP
address.
 The no-summary parameter stops summary LSAs, in addition to
external LSAs, from flooding into the totally stubby area.

Chapter 3
Configuring a Totally Stubby Area
R3(config)# interface FastEthernet0/0
R3(config-router)# area 2 stub no-summary
R3(config-router)#
External AS
R3
ABR
.1
R4
.1 .2
Fa0/0 S0/0/0 S0/0/0
192.168.15.0 /30192.168.14.0 /24
OSPF Area 0 Totally Stubby Area 2
R4(config-router)#

Chapter 3
Not-So-Stubby Area (NSSA)
 Similar to a Stub Area, except that it is primarily used to
connect to ISPs, or when redistribution is required.
• Specifically, it does not accept Types 4 and 5 LSAs.
• Allows the importing of external routes as Type 7 LSAs and converts
them to Type 5 LSAs on the ABR.
• Better than creating stub areas and also useful for spokes.
RIP AS
172.16.20.0 /24
R2
ABR
R3
192.168.15.0 /30
NSSA Area 1 Area 0
R1
RIP Type 7 LSA : 172.16.20.0/24 Type 5 LSA : 172.16.0.0/16

Chapter 3
Configure an NSSA
 Define an NSSA area.
area area-id nssa no-redistribution] [default-information-
originate] [metric metric-value] [metric-type type-value] [no-
summary]
area-id The identifier for the NSSA.
no-redistribution
(Optional) Used when the router is an NSSA ABR and you want the
redistribute command to import routes only into the standard areas, but not
into the NSSA area.
default-information-
originate
(Optional) Used to generate a type 7 default LSA into the NSSA area. This
keyword takes effect only on an NSSA ABR or an NSSA ASBR.
metric metric-value
(Optional) Metric that is used for generating the default route. Acceptable
values are 0 through 16777214.
metric-type type-
value
(Optional) OSPF metric type for default routes. It can be one of the following
values: type 1 external route or 2: type 2 external route
no-summary
(Optional) Allows an area to be a totally stubby NSSA, which is like an
NSSA but does not have summary routes injected into it.

Chapter 3
Configuring a NSSA Area
R1(config-router)# redistribute rip subnets
R1(config-router)# default metric 150
R1(config-router)# area 1 nssa
R1(config-router)#
R2(config-router)# area 1 nssa default-information-originate
R2(config-router)#
RIP AS
172.16.10.0
172.16.11.0 R2
ABR
.2
Fa0/0
172.17.0.0172.17.20.0 /24
NSSA Area 1 Area 0
R1
.1
Fa0/0
0.0.0.0 Default Route

Chapter 3
Totally Stubby NSSA
 Cisco proprietary solution to NSSA.
 Area does not accept external AS routes or inter-area
routes.
• Specifically, it does not accept Types 3, 4 and 5 LSAs.
• It recognizes only intra-area routes and the default route 0.0.0.0.
• A default route (0.0.0.0) is propagated throughout the area.
 The ABR of a totally stubby NSSA must be configured with
the no-summary keyword to prevent the flooding of
summary routes for other areas into the NSSA area.

Chapter 3
Configuring a Totally Stubby NSSA Area
R1(config-router)# redistribute rip subnets
R1(config-router)# default metric 150
R1(config-router)# area 1 nssa
R1(config-router)#
R2(config-router)# area 1 nssa no-summary
R2(config-router)#
RIP AS
172.16.10.0
172.16.11.0 R2
ABR
.2
Fa0/0
172.17.0.0172.17.20.0 /24
NSSA Area 1 Area 0
R1
.1
Fa0/0
0.0.0.0 Default Route

Chapter 3
How Does OSPF Generate Default Routes?
 Depends on the type of area.
 In a standard area:
• Routers do not automatically generate default routes.
• The default-information originate command must be used.
 In a stub and totally stubby area:
• The ABR automatically generates a summary LSA with the link-state
ID 0.0.0.0.
• The default-information originate command is not required.
• This is true even if the ABR does not have a default route.
 In an NSSA area:
• The ABR generates the default route, but not by default.
• To force the ABR to generate the default route, use the area area-id
nssa default-information-originate command.
 In a totally stubby NSSA:
• The ABR automatically generates a default route.

Chapter 3
Example OSPF Area Types in a Network

Chapter 3
Configuring and
Verifying
Advanced OSPF
Authentication

Chapter 3
OSPF Authentication
 Purpose is to authenticate routing information.
• This is an interface specific configuration.
• Routers will only accept routing information from other routers that
have been configured with the same authentication information.

Chapter 3
OSPF Authentication Types
 Router generates and checks each packet and
authenticates the source of each update packet it receives
 Requires a pre-defined “key” (password)
• Note: All participating neighbors must have the same key configured
 OSPF supports 2 types of authentication:
• Simple password authentication (plain text)
• Less secure
• MD5 authentication
• More secure and recommended

Chapter 3
Planning for OSPF
 The following key parameters must be defined in enough
detail before configuring OSPF authentication:
• The authentication mode (simple password versus MD5)
• The definition of one or more keys to authenticate OSPF packets,
according to the network security plan.
 Once defined, the following steps may be implemented:
1. Assign a password (key) to be used.
• The actual command varies depending on the authentication mode used.
2. Specify the authentication mode (simple password or MD5).

Chapter 3
Configure A Key for Simple Authentication
 Define a password to use for simple password authentication.
Router(config-if)#
ip ospf authentication-key password
 The password parameter can be entered up to 8 bytes in length.
 This command is used in conjunction with the ip ospf
authentication command.

Chapter 3
Configure the MD5 Key-ID and Key
 Define a password to use for MD5 authentication.
Router(config-if)#
ip ospf message-digest-key key-id md5 key
 The key-id parameter is an identifier in the range from 1 to 255.
 The key parameter can be entered up to 16 bytes in length.
 All neighboring routers on the same network must have the same
key-id and the same key value.
 This command is used in conjunction with the ip ospf
authentication message-digest command.

Chapter 3
Configure the Authentication Mode for OSPF
 Specify the authentication type.
Router(config-if)#
ip ospf authentication [message-digest | null]
 Before using this command, configure a password.
 The command without any parameters specifies that simple password
authentication will be used.
 The message-digest parameter specifies that MD5 authentication
will be used.
 The null parameter specifies that no authentication is used.
 This can be useful for overriding simple password or MD5
authentication.

Chapter 3
Configuring Simple Password Authentication
R1# show running-config
!
<output omitted>
!
interface Fa0/0
ip address 10.1.1.1 255.255.255.0
!
<output omitted>
!
interface Serial0/0/1
ip address 192.168.1.101 255.255.255.224
ip ospf authentication
ip ospf authentication-key PLAINPAS
!
<output omitted>
!
router ospf 10
log-adjacency-changes
network 10.1.1.1 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
<output omitted>
Fa0/0Fa0/0
R1 R2
10.1.1.0 /24
Area 0
10.2.2.0 /24
S0/0/1
S0/0/1
192.168.1.96 /27
.101
.102
.1.1

Chapter 3
Configuring Simple Password Authentication
!
<output omitted>
!
interface Fa0/0
ip address 10.2.2.1 255.255.255.0
!
<output omitted>
!
ip address 192.168.1.102 255.255.255.224
ip ospf authentication
ip ospf authentication-key PLAINPAS
!
<output omitted>
!
router ospf 10
network 10.2.2.1 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
<output omitted>
Fa0/0Fa0/0
R1 R2
10.1.1.0 /24
Area 0
10.2.2.0 /24
S0/0/1
S0/0/1
192.168.1.96 /27
.101
.102
.1.1

Chapter 3
Verifying Simple Password Authentication
R1# debug ip ospf adj
OSPF adjacency events debugging is on
R1#
<output omitted>
*Feb 17 18:42:01.250: OSPF: 2 Way Communication to 10.2.2.1 on Serial0/0/1,
state 2WAY
*Feb 17 18:42:01.250: OSPF: Send DBD to 10.2.2.1 on Serial0/0/1 seq 0x9B6 opt
0x52 flag 0x7 len 32
*Feb 17 18:42:01.262: OSPF: Rcv DBD from 10.2.2.1 on Serial0/0/1 seq 0x23ED
opt0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Feb 17 18:42:01.262: OSPF: NBR Negotiation Done. We are the SLAVE
*Feb 17 18:42:01.262: OSPF: Send DBD to 10.2.2.1 on Serial0/0/1 seq 0x23ED opt
<output omitted>
10.2.2.1 0 FULL/ - 00:00:34 192.168.1.102 Serial0/0/1
Displays adjacency-related events of a successful connection.

Chapter 3
Troubleshooting Simple Password Problems
 Simple authentication on R1, no authentication on R2:
R1#
*Feb 17 18:51:31.242: OSPF: Rcv pkt from 192.168.1.102, Serial0/0/1
: Mismatch Authentication type. Input packet specified type 0, we
use type 1
R2#
: Mismatch Authentication type. Input packet specified type 1, we
use type 0

Chapter 3
Troubleshooting Simple Password Problems
 Simple authentication on R1 and R2, but different
passwords.
R1#
: Mismatch Authentication Key - Clear Text
R2#
: Mismatch Authentication Key - Clear Text

Chapter 3
Configuring MD5 Authentication
!
<output omitted>
!
interface Fa0/0
ip address 10.1.1.1 255.255.255.0
!
<output omitted>
!
ip address 192.168.1.101 255.255.255.224
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 SECRETPASS
!
<output omitted>
!
router ospf 10
network 10.1.1.1 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
<output omitted>
Fa0/0Fa0/0
R1 R2
10.1.1.0 /24
Area 0
10.2.2.0 /24
S0/0/1
S0/0/1
192.168.1.96 /27
.101
.102
.1.1

Chapter 3
Configuring MD5 Authentication
!
<output omitted>
!
interface Fa0/0
ip address 10.2.2.1 255.255.255.0
!
<output omitted>
!
ip address 192.168.1.102 255.255.255.224
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 SECRETPASS
!
<output omitted>
!
router ospf 10
network 10.2.2.1 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
!
<output omitted>
Fa0/0Fa0/0
R1 R2
10.1.1.0 /24
Area 0
10.2.2.0 /24
S0/0/1
S0/0/1
192.168.1.96 /27
.101
.102
.1.1

Chapter 3
Verifying MD5 Authentication
R1# show ip ospf interface
Serial0/0/1 is up, line protocol is up
Internet Address 192.168.1.101/27, Area 0
Process ID 10, Router ID 10.1.1.1, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT
<output omitted>
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.2.2.1
Suppress hello for 0 neighbor(s)
Message digest authentication enabled
Youngest key id is 1
<output omitted>
R1#
10.2.2.1 0 FULL/ - 00:00:31 192.168.1.102 Serial0/0/1
R1#

Chapter 3
Verifying MD5 Authentication
R1# debug ip ospf adj
OSPF adjacency events debugging is on
<output omitted>
*Feb 17 17:14:06.530: OSPF: Send with youngest Key 1
*Feb 17 17:14:06.546: OSPF: 2 Way Communication to 10.2.2.2 on Serial0/0/1,
state 2WAY
*Feb 17 17:14:06.546: OSPF: Send DBD to 10.2.2.2 on Serial0/0/1 seq 0xB37 opt
*Feb 17 17:14:06.562: OSPF: Rcv DBD from 10.2.2.2 on Serial0/0/1 seq 0x32F
opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Feb 17 17:14:06.562: OSPF: NBR Negotiation Done. We are the SLAVE
*Feb 17 17:14:06.562: OSPF: Send DBD to 10.2.2.2 on Serial0/0/1 seq 0x32F opt
<output omitted>
10.2.2.2 0 FULL/ - 00:00:35 192.168.1.102 Serial0/0/1

Chapter 3
Troubleshooting MD5 Authentication
R1#
*Feb 17 17:56:26.502: OSPF: Rcv pkt from 192.168.1.102, Serial0/0/1 : Mismatch
Authentication Key - No message digest key 2 on interface
R2#
*Feb 17 17:55:28.286: OSPF: Rcv pkt from 192.168.1.101, Serial0/0/1 : Mismatch
Authentication Key - No message digest key 1 on interface
MD5 authentication on both R1 and R2, but R1 has key 1 and R2
has key 2, both with the same passwords:

Chapter 3
Chapter 3 Summary
The chapter focused on the following topics:
 Characteristics of link-state routing protocols.
 OSPF's two-tier hierarchical area structure, with a backbone area 0 and
regular areas.
 How OSPF routers use the Hello protocol to build adjacencies.
 The OSPF metric calculation, which is based on the link bandwidth.
 The five types of OSPF packets—hello, DBD, LSR, LSU, and LSAck.
 The neighbor states that OSPF interfaces may pass through: down, init,
two-way, exstart, exchange, loading, and full.

Chapter 3
Chapter 3 Summary (cont.)
 The five fields in the hello packet must match on neighboring routers:
hello interval, dead interval, area id, authentication password, and stub
area flag.
 Planning OSPF implementations, including the IP addressing, network
topology, and OSPF areas.
 Basic OSPF configuration commands including:
• router ospf process-id global configuration command
• network ip-address wildcard-mask area area-id
interface configuration command
• ip ospf process-id area area-id [secondaries none]
interface configuration command
• bandwidth kilobits interface configuration command
• router-id ip-address router configuration command

Chapter 3
 Commands for verifying OSPF operation:
• show ip protocols
• show ip ospf neighbor
• show ip route
• show ip route ospf
• show ip ospf interface
• show ip ospf
• debug ip ospf events
• debug ip ospf adj
• debug ip ospf packet

Chapter 3
 How the OSPF router ID is selected with the router-id ip-address router
configuration command, the highest IP address on any active loopback
interface, or the highest IP address of any active physical interface when OSPF
starts.
 The three types of networks defined by OSPF: point-to-point, broadcast, and
NBMA.
 How a DR and BDR are selected.
 The five modes of OSPF operation available for NBMA networks: nonbroadcast
and point-to-multipoint RFC modes; and broadcast, point-to-multipoint
nonbroadcast, and point-to-point Cisco modes.
 The different types of OSPF routers: internal routers, backbone routers, ABRs,
and ASBRs.
 The 11 different OSPF LSA types.
 The three kinds of OSPF routes: intra-area (O), interarea (O IA), and external
(either O E1 or O E2).
 Configuring OSPF LSDB overload protection using the max-lsa router
configuration command.

Chapter 3
 Using the passive-interface type number [default] router
configuration command.
 Propagate an OSPF default route using the default-information
originate [always] router configuration command.
 OSPF summarization can be configured on an ABR using the area
area-id range address mask [advertise | not-
advertise] [cost cost] router configuration command, and on
an ASBR using the summary-address ip-address mask [not-
advertise] [tag tag] router configuration command.
 Virtual links are configured with the area area-id virtual-link
router-id router configuration command, and verified with the show
ip ospf virtual-links command.
 The several area types defined in OSPF: standard areas, backbone
(transit) areas, stub areas, totally stubby areas, NSSAs, and totally
stubby NSSAs.

Chapter 3
 The types of OSPF authentication: null, simple password authentication
(also called plain-text authentication), and MD5 authentication.
 The commands to configure OSPF simple password authentication:
• ip ospf authentication-key password interface
configuration command
• ip ospf authentication interface configuration command or
the area area-id authentication router configuration
command
 The commands to configure OSPF MD5 authentication:
• ip ospf message-digest-key key-id md5 key interface
configuration command
• ip ospf authentication message-digest interface
configuration command or the area area-id authentication
message-digest router configuration command

Chapter 3
Resources
 OSPF Deisgn Guide
• http://www.cisco.com/en/US/tech/tk365/technologies_white_paper091
86a0080094e9e.shtml
 Configuring OSPF
• http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1c
ospf.html
 OSPF Technology Page
• http://www.cisco.com/en/US/tech/tk365/tk480/tsd_technology_support
_sub-protocol_home.html
 OSPF Authentication
• http://www.cisco.com/en/US/tech/tk365/technologies_configuration_e
xample09186a0080094069.shtml

Chapter 3
 Lab 3-1 Single-Area OSPF Link Costs and Interface
Priorities
 Lab 3-2 Multi-Area OSPF with Stub Areas and
Authentication
 Lab 3-3 OSPF Virtual Links and Area Summarization
 Lab 3-4 OSPF over Relay Switch
 Lab 3-5 OSPF Challenge Lab
 Lab 3-6 Troubleshooting OSPF
 Lab 3-7 OSPF Case Study
Chapter 3 Labs

Chapter 3

CCNP v6 Route: Implementing IP Routing Chapter 3

More Related Content

What's hot (20)

Similar to CCNP v6 Route: Implementing IP Routing Chapter 3 (20)

More from Andy Juan Sarango Veliz (20)

Recently uploaded (20)

CCNP v6 Route: Implementing IP Routing Chapter 3