This Daily Drill Down will introduce you to OSPF and how to configure basic OSPF in an internetwork. OSPF is a true Link State routing algorithm that uses only bandwidth of a link to determine the best path through an internetwork. If you have a large internetwork with a variety of routers from multiple manufacturers, then OSPF is probably your best option as a routing protocol since OSPF is an open standard that all routing manufacturing companies support.
If you have a small to very large network that runs only Cisco routers, then Cisco recommends Enhanced IGRP (EIGRP) as a routing protocol, and I am inclined to agree with them. EIGRP is much easier to configure and maintain in a large internetwork than OSPF is. Unfortunately, you may not have a choice of which routing protocol you must implement. OSPF was designed and developed by the IETF to provide a scalable, quickly converging, and efficient routing protocol that could be used by all routing equipment. Complete details for OSPF are found in RFC2178.
OSPF: The basics
A Link State routing algorithm, like OSPF, is more advanced than distance vector protocols because it does not send out periodic routing updates as distance vector routing protocols do. OSPF only sends out changes to the neighbor routers when a change occurs, and then only the actual change is propagated, not the whole routing table, as in RIP and IGRP, for example.
OSPF uses Link State Advertisements (LSAs) and Hello messages to communicate with the neighbor routers on a link. The LSAs are used to update and receive updates to and from neighbor routers, and the Hello messages are sent out every 10 seconds to verify that nothing has changed and that all routers are still functioning properly. If a Hello message is not received in 40 seconds, the neighbor will be considered dead. The Hello protocol is used to establish peering sessions between routers. Hello packets are multicast out every interface on a router.
OSPF uses areas in place of the autonomous system used by IGRP and EIGRP. An OSPF area consists of a group of routers or interfaces on a router that are assigned to a common area. OSPF allows and uses different area types. When deploying OSPF, there must be a backbone area, called area 0. You can create different types of areas to connect to the backbone, depending on your network. (My next Daily Drill Down will focus on the different types of areas that can be used in OSPF.)
Router ID (RID)
A router’s RID is very important in OSPF. The RID is the highest IP address configured on a router. For example, an IP address of 22.214.171.124 is higher than 126.96.36.199 and would become the router’s RID. A RID is used to determine the Designated Router (DR) in an area. Think of a DR as a congressman who is elected to speak for an area of the country. Instead of having each and every citizen from an area approach Congress, one elected official speaks for the chosen area. OSPF areas have DR and backup DRs in case the DR is assassinated and can no longer speak for the area.
Link State Advertisements (LSAs)
LSAs are the heart of OSPF’s information exchange, and different types of LSAs represent different types of route information:
- · LSA Type 1: This is the typical update sent as a multicast to all routers within the same area.
- · LSA Type 2: The DR uses this to send network information it learned from a backbone router to routers within the area.
- · LSA Type 3/4: These are summary LSAs. LSA 3 is used to send a summary route from a DR to the backbone. LSA 4 is used to send a summary route from an Autonomous System Boundary Router (ASBR) out of the AS.
- · LSA Type 5: These are LSAs that contain information about networks outside the Autonomous System and are only received by the ASBR.
Before I show you how to configure OSPF in an internetwork, you must have an understanding of wildcards and how they are used within a router’s configuration. Wildcards are used with access-list and OSPF configurations on a router.
A unique aspect of OSPF configuration is that you can choose which interface is participating in an OSPF network or even which subnet will be advertised in an LSA OSPF update. This is much different from how RIP, IGRP, and EIGRP are configured. OSPF provides granular control during configuration, and wildcards are the part of the configuration that tells the router what you are actually trying to advertise.
For example, if you wanted to advertise a Class B network of 172.16.0.0, where the first two octets must match exactly, but the last two bytes can be any value, the wildcard would be 0.0.255.255. The 0 in an octet represents an exact match, where 255 represent a wildcard of any value. As another example, if we wanted the Class C network 192.168.10.0 to participate in an OSPF area, then the wildcard would be 0.0.0.255, where the first three octets must match exactly, but the fourth octet can be any value.
Okay, so far, wildcards are pretty easy. The problem comes when you want to advertise a subnet within an octet. In other words, you want to advertise 192.168.10.32/27. You would not want to use the 0.0.0.255 wildcard, as that would allow any subnet in the fourth octet to be in that particular OSPF area and you might not want that.
To understand how to configure wildcards other than by denying and permitting an entire octet, you need to really understand the use of block sizes.
The available block sizes are: 128, 64, 32, 16, 8, and 4. These never change so they are easy to remember.
These are the only block sizes you will use within an OSPF or access-list configuration. To figure out a wildcard for each block, just subtract one (-1).
Here is an example of each wildcard block size:
0.0.0.127: Block size of 128.
0.0.0.63: Block size of 64
0.0.0.31: Block size of 32
0.0.0.15: Block size of 16
0.0.0.7: Block size of 8
0.0.0.3: Block size of 4
You don’t always have to use a block size in the fourth octet. Here is an example of using a block size in the third octet:
This tells the OSPF process to use a subnet block of 16 in the third octet, but any value is acceptable in the fourth octet.
Configuring OSPF in a single area
OSPF is configured in an area. This is a portion of the network that shares the same routing information; routers within an area are called neighbor routers. Many areas can all be configured together within an internetwork called an Autonomous System (AS). This Daily Drill Down will focus on configuring OSPF in a single area. OSPF networks must have an area 0, also referred to as a backbone area, so in this example, I’ll configure all routers in a single area of 0.
Figure A shows the internetwork that I will configure. Notice that a VLSM network-addressing scheme has been designed. OSPF will work with this because it is a classless routing protocol, which means it sends prefix subnet mask information with each route update.
|One issue we have is that the 2500B router cannot run OSPF, so we will need to provide redistribution.|
To configure OSPF, you need to start the routing process with the router ospfprocess-id command. The process ID can be any number and is only locally significant, so each router’s ID is irrelevant. They can all be the same or all different; it doesn’t matter.
After you start the OSPF process, you need to tell OSPF which networks you will advertise with the network command and wildcards.
To get OSPF working on this internetwork, we will need to turn off EIGRP for IP since it has an administrative distance of 90 by default, and OSPF has an administrative distance of 110. Because of this, OSPF would never show up in the routing tables if EIGRP were running. After EIGRP is disabled, I will demonstrate how to configure OSPF on each router, and then I will go through the commands on how to verify the configuration.
If you look back to my Daily Drill Down “Configuring IGRP routing with redistribution,” I performed redistribution between IGRP and RIP. Here, I will demonstrate redistribution from OSPF to EIGRP and EIGRP to OSPF.
The 1005A router is already configured with EIGRP, and it is working within the internetwork. However, let’s take a look at the routing table to verify connectivity.
Looks like everything is still in working order, and the 1005A router is connected to both the 172.16.0.0 network and the 192.168.0.0 network off of Ethernet 0 using EIGRP. (The D is for DUAL, which is the routing algorithm used in EIGRP.)
From this router, we will start our OSPF configuration by first removing EIGRP and then adding the OSPF process. (Later in this Daily Drill Down, we’ll configure EIGRP back on 2500B for redistribution purposes.)
I configured each individual interface into OSPF area 0 using a wildcard block size of 4. However, you could use this one command if you are not using VLSM. This command will tell any interface configured into the 172.16.10.0 network to be in OSPF area 0. My first example was to show you how block sizes can be used, and if you use the first command strings, you’ll look really smart! One problem with the second command string example is that if you are using VLSM and you use the 172.16.10.0 0.0.0.255 command, your router is now saying that all networks in the fourth octet can be found on this router. This is not the case and can cause the OSPF network to be unstable if you use this same command string on another router.
To configure the 2500C router, I need to first turn off EIGRP routing and then configure the OSPF process. The 2500C is connected to 172.16.10.68/30 and 172.16.10.80/29. When I am in production, I use this type of command string to make sure that no routers overlap what networks they advertise. Notice that I used the IP address of each interface with the wildcard 0.0.0.0. This will ensure that only those two interfaces are placed in area 0 and nothing can overlap.
The 2500D configuration is the same as the others, although I will demonstrate two different block sizes: 4 and 8.
It is very important to remember to not cross over block sizes with another block size used on a different router. For example, if I typed 172.16.10.72 0.0.0.31, this would say that any interface configured between 64 and 95 will be in area 0. This will be no problem as long as another router is not advertising those same addresses.
Here is the last configuration for our network. I’ll use the same configuration as I did for 2500D.
To verify that our OSPF network is working, I’ll use the show ip route command.
The problem we have is that we do not see the 192.168.0.32/24 network that is connected to the 1005A router. This is because we need to redistribute OSPF to EIGRP from the 2500B router. First, we must turn on EIGRP for the router that will provide the translation between EIGRP and OSPF.
Let’s now look at the 2500B routing table.
We can see the 192.168.0.0 on the 2500B and 1005A routers only because those are the two routers running EIGRP. Let’s take a look at the 2500C router; notice that it does not see the 192.168.0.0 network.
>These are the commands to have the 2500B redistribute EIGRP into OSPF.
This will now allow OSPF to be translated into EIGRP, and OSPF routes will now be sent to the 1005A router as EIGRP. The metric command string is bandwidth, delay, reliability, load, and MTU.
>Here is the 1005A routing table now.
Notice that the 1005A can now see all the OSPF routes on the network as EIGRP-found routes. The 2500B router is redistributing the OSPF routes into EIGRP. However, the routers running OSPF cannot see the 192.168.0.0 network because EIGRP is not being redistributed into OSPF. >Here is the command. Very odd command, I know. The subnets command at the end is really not documented, although Cisco says that when that command is available when redistributing OSPF, use it. The metric 10 is the cost of the link we are advertising.
>Here is the routing table on the 2500C router now.
The 192.168.0.0 network is showing up as an external route into OSPF. In other words, OSPF sees this network as coming from a different AS.
OSPF is a fast, strong routing protocol that can work great in large networks if configured correctly. However, if you have a small configuration problem on just one of your routers in your network, then your whole OSPF network can become unstable. This isn’t always the case, but I have seen it happen many times.
And don’t forget—the O in OSPF stands for open, which means its specifications are totally open to the public. Even Cisco gets open source!