OSPF: Difference between revisions
→Troubleshooting
| (47 intermediate revisions by the same user not shown) | |||
Line 46:
auto-cost reference-bandwidth 1000
* All routers in an area have same Topology Table.
* ABR localizes updates to an Area.
* All Areas must connect to Area 0.
* Hello message is sent:
Line 60 ⟶ 58:
[[File:OSPF Hello neighbor list.png|center]]
* EIGRP keeps a backup path in case primary path fails. OSPF does not keep backup path, so needs to re-run SPF again.
* Loopback interface is advertized as /32 address even if it is defined as /24, change this behavior:
int lo1
ip ospf network point-to-point
<br />
Line 115:
| 2
| Database Description(DBD)
|
* Checks for database sync between routers
* Summary of LSDB
|-
| 3
Line 127 ⟶ 129:
| 5
| LSAck
|
* Acknowledges the other packet types;
* Sent for all packet types except for Hello & LSAck itself
|}
</center>
*Hello packet contains:
Router-ID Router Priority
Neighbors Area ID
Hello/Dead Timers DR/BDR IP Address
Netmask Authentication Password
= DR BDR =
*The DR serves as a common point for all adjacencies on a multiaccess segment
*The BDR also maintains adjacencies with all routers in case the DR fails
*Election does not occur on point-to-point or multipoint links, these routers listen only on 224.0.0.5 address.
*Neighbor Table shows:
Ethernet -> Full/DR, Full/BDR
Serial -> Full/-
*DR preemption will not occur unless the current DR is reset
*DR/BDR is not Area/AS specific; There is a DR/BDR for every shared Segment.
*DROTHER is the name for other routers.
*Router will be in Full state with only DR & BDR; all other routers will be in 2-way state.
*Does not matter much which router becomes DR/BDR; except for Frame relay, where if Router with no access to full topology becomes DR, can cause serious issues.
*Election:
Default priority (0-255) is 1
Highest priority wins
0 cannot be elected
In case of tie, Router with Highest Router ID wins election
*Set priority 0:
int eth0/0
ip ospf priority 0
= Virtual Links =
*Tunnel formed to join two areas across an intermediate Area.
*Not a permanent solution but a temporary fix in case no direct link exists, else it is a poor design.
*Depends on Router-ID. Needs to be hardcoded.
*We link ABR to ABR in a virtual Link.
*Forms a tunnel interface.
*Both end routers must share a common area
*At least one end must reside in area 0
*Cannot traverse stub areas
* Scenario
e0 e1
[R1]---------[R2}----------[R3]-----------[R4]
area0 area10 area 20
Here R3's e0 Interface is not having any issues
e1 Interface is problematic as it lies in area 20; not connected to BB.
*Configuration:
R1> router ospf 1
R1> area 2 virtual-link 10.0.0.1
Line 151 ⟶ 188:
R2> area 2 virtual-link 10.0.0.2
Here:
10.0.0.1 & 10.0.0.2 are Router-IDs
Area 2 is the area of the transit area.
R1 & R2 are the ABRs of Area 2 & Area 3.
Verify:
show ip ospf virtual-link
= Demand Circuit vs Flood Reduction =
Source: [https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/5132-dc.html cisco.com]
Line 161 ⟶ 202:
*OSPF sends hellos every 10 seconds and refreshes its LSAs every 30 minutes.
*These functions maintain neighbor relationships and ensure that the link-state databases are accurate and use far less bandwidth than similar functions in RIP & IGRP.
*However, even this amount of traffic is undesirable on demand circuits
*Using OSPF demand circuit options suppresses hello and LSA refresh functions.
*OSPF can establish a demand link to form an adjacency and perform initial database synchronization, the adjacency remains active even after Layer 2 of the demand circuit goes down.
Line 168 ⟶ 210:
*Unlike the OSPF demand circuit feature, flooding reduction is usually configured on leased lines.
*Flooding reduction uses same technique as demand circuits to suppress the periodic LSA refresh.
*This feature is submitted for
*The main difference between flooding reduction and demand circuits is that former suppresses only periodic LSA refreshes; it does not suppress periodic hello packets.
Line 175 ⟶ 217:
ip ospf demand-circuit
=
* We divide into areas when SPF runs too often i.e. when networks become too large.
* ABR will have all information; Internal routers will have default routes.
;Standard areas:
Line 185 ⟶ 231:
Block Type 5 LSAs.
A default route is substituted for external routes.
Config:
# router ospf 1
# area 2 stub
;Totally stubby
Only contain type 1 and 2 LSAs, and a single type 3 LSA.
Block LSAs Type 3,4,5.
The type 3 LSA describes a default route, substituted for all external and inter-area routes.
Config:
# router ospf 1
# area 2 stub no-summary
;Not-
Implement stub or totally stubby functionality yet contain an ASBR.
Type 7 LSAs generated by the ASBR are converted to type 5 by ABRs when entering Backbone Area to be flooded to the rest of the OSPF domain.
Config:
# router ospf 1
# area 2 nssa
;Not-So-Stubby Totally-Stubby areas
# router ospf 1
# area 2 nssa no-summary
== Backbone Area ==
;Why do we use Backbone Area?
Source: [https://networkengineering.stackexchange.com/questions/6329/why-must-all-areas-connect-to-an-area-0-backbone-in-ospf stackexchange.com]
The reason for this star-like topology is that OSPF inter-area routing uses the distance-vector approach and a strict area hierarchy permits avoidance of the "counting to infinity" problem.
OSPF prevents inter-area routing loops by implementing a split-horizon mechanism, allowing ABRs to inject into the backbone only Summary-LSAs derived from the intra-area routes,
and limiting ABRs' SPF calculation to consider only Summary-LSAs in the backbone area's link-state database.
*Simple example of OSPF's distance-vector behavior:
<pre>
<-- Area 5 --><-- Area 0 --><-------------- Area 4 ----------->
R5-----------R1-----------R2------------R3---------------------R4
Cost 3 Cost 5 Cost 7 Cost 12
LSA--> LSA-->
Type3 LSA Type3 LSA
{From R1} {From R2}
R5 cost is 3 R5 cost is 8
</pre>
*Consider what happens to a /32 Loopback route for R5:
R5 sends a Type1 LSA containing the /32 Loopback
R1 (Area 5 ABR), is connected to Area 0; it translates the Type1 LSA into a Type3 LSA with a cost of 3.
R2 (Area 4 ABR) receives R1's Type3 LSA (metric 3) and changes the metric to R5's Loopback, based on R2's cost to R1.
Now R2's Type3 LSA for R5 has a cost of 8. This is the distance-vector behavior.
*Requiring all non-backbone routes to go through the backbone is a loop-prevention mechanism.
*Connecting non-backbone OSPF areas at an ABR:
If 2 areas aren't connected through area 0 (discontiguous), how does OSPF behaving as a link state protocol increase the possibility of routing loops?
As we saw above, OSPF uses distance-vector behavior to send routes through the Area 0 backbone.
Distance-vector protocols have well-known limits, such as the count-to-infinity problem.
OSPF would be vulnerable to the same issues, if we didn't have boundaries on its behavior.
;Can we use OSPF without area 0?
There is only one way to use OSPF without an Area 0, and that is to use OSPF with a single area.
If you only have one OSPF area, you can number it any way you like, but if you have even two areas, you must have an Area 0.
<br />
Line 207 ⟶ 305:
;Type 2 - Network LSAs
Generated by the DR on a multi access segment
Represents the pseudonode
Provides similar information to an LSA type 1 for the multi access segment and subnet which it belongs
;Type 3 - Network Summary LSA / ABR Summary Route
Generated by ABRs
Contain the subnets & costs
Omit the topological data from all subnets in one area and sent to another area via the ABR
;Type 4 - ASBR summary LSA / ASBR Location
Same as summary LSA except the destination advertised by ABR is ASBR.
ABR which is in the same area as the ASBR will originate the Type 4 LSA.
The (assumed) presence of an ASBR is communicated from its immediate ABR via a type 1 LSA with the E flag set(which does not constitute a type 4 LSA) sent into backbone area 0.
The only type 4 LSA generated in this example is sent from router C into area 2,
;Type 5 - AS external LSA / ASBR Summary Route
Generated by ASBRs
;Type 7 - NSSA External LSA
Generated by the ASBR in an NSSA area
Used in stub areas in place of a type 5 LSA.
Converted into a type 5 LSA by the ABR when leaving the area
* LSA as per Areas<ref>www.ericsson.com/in</ref>:-
Line 321 ⟶ 422:
|}
<br />
= Routing =
== Summarization ==
* Only ABR & ASBR can do Summarization in OSPF. In EIGRP Summarization can be done anywhere.
* Summarization at ABR:
area 20 range 10.20.0.0 255.255.252.0
* Summarization at ASBR:
summary-address 172.16.0.0 255.255.252.0
* Summarization:
10.10.0.0/24 => 10.10.0.0 - 10.10.3.255
10.10.1.0/24
10.10.2.0/24
10.10.3.0/24
;1st method:
3rd octet is:
128 64 32 16 8 4 2 1
1 1 1 1 1 1 0 0 => 6
10.10.0.0/24
8+8+6+0 = /22
;2nd Method:
3rd octet is:
0 0 0 0 0 0|0 0
0 0 0 0 0 0|0 1
0 0 0 0 0 0|1 0
0 0 0 0 0 0|1 1
6 bits remain same
8+8+6+0 = /22
So best summary route will be:
10.10.0.0/22
== Route Types ==
;OSPF external type 1 - E1
*Metric Increments as they traverse through network.
*Used when multiple exit paths exist
[Ext network]---------[R1]-----------[R2]
200 10
Cost for E1 route in R2 will be 200 + 10 = 210
;OSPF external type 2 - E2 (Default)
*Cost does not increment in Network
*Used only when one Exit point exists.
*Bit easy for processor.
[Ext network]---------[R1]-----------[R2]
200 10
Cost for E2 route in R2 will be 200
;OSPF NSSA external type 1 - N1
{{UC}}
;OSPF NSSA external type 2 - N2
{{UC}}
;OSPF inter area - IA
{{UC}}
;OIA
{{UC}}
;Route Selection Hierarchy - E1, E2, N1, N2
{{UC}}
= N1 N2 E1 E2 =
*Type 5 is E and Type 7 is N.
*An external route will be tagged as a Type 5 LSA (E route).
*This LSA is circulated throughout the OSPF domain except for Stub, Totally Stubby and NSSA.
*Stub areas are not allowed to have external routes there should be no ASBR in a Stub area, else configure it as NSSA.
*A route redistributed inside an NSSA area is a Type 7 LSA or N route.
*This LSA is circulated only within the NSSA area.
*E1 or E2 or N1 or N2 type routes are based upon cost of the route.
*E2 or N2 routes tell OSPF routers to set the metric as the metric at the point of redistribution.(At the ASBR)
*E1 or N1 routes tell OSPF routers to add the internal costs to reach the ASBR to the cost set at the point of redistrbution (At the ASBR)
1. N1 & E1 are preferred over N2 & E2 for the same route
2. When N1 & E1 have the same route to the destination, the one that have lower cost / Metric will win and get into the route table
3. If both N1 & E1 have the same cost, P-bit in N1 will be used to break the tide.
4. If P-bit is 0 (Then it would become E1) then we will have 2 E1 routes install into the routing table. (otherwise if maximum-path = 1, LSA with Higher Router-ID will get installed
= Withdraw OSPF Routes =
*Router LSA:
When a link fails, the connected OSPF routers send an updated LSA which omits the now shutdown link from it’s list of connected links.
This new LSA has an incremented sequence number which replaces the old LSA in the LSDB of all routers in that area.
OSPF will kick off a new SFP run, calculate a new topology and remove any routes associated with that link.
*Summary LSA
If no summarisation done on ABR, it will create a Type-3 Summary LSA for every Type-1 stub-network prefix.
The ABR senda a new Summary LSA with updated sequence number flagged as unreachable by setting it’s 24-bit metric field to all Ones called LSInfinity with decimal value of 16777215.
The LSA requests that it be flushed from the receiver’s LSDB by setting it’s LSAge to MaxAge (3600 seconds).
*External LSA
When the link goes down the ASBR will send an updated Type-5 LSA for the prefix with an updated sequence number with link cost of LSIninity and LSAge to MaxAge.
Type-5 prefix withdrawal is simpler as Type-5 LSAs have domain-wide flooding scope.
As such the poisoned LSA will immediately be flooded to all routers in the OSPF domain, regarded as unreachable and flushed from the receivers LSDB and routing tables.
= R&S Quick Notes =
= Concept Recap =
* Protocol Number = 89, TTL=1, DES IP = 224.0.0.5 & 6
* OSPF packet types:
Database
LS ACK – type 5
* To bring neighborship up, following fields should be matched:
Hello interval, Dead interval, area ID, network mask, option fields and authentication, if any
* Neighborship will not form via secondary address. Other words, router will not generate hello packet with SRC IP = secondary IP.
* DR/BDR election:
Tie, highest router ID
Tie, highest interface address.
No preempt. So, first come will elect as DR, BDR, DRother. So, always start the router which has to be DR and then BDR and then other routers.
Priority=0 means ineligible to become DR/BDR.
When interface comes up, it sets DR,BDR to 0.0.0.0 and wait for ‘wait timer’= router dead interval. Within that period, if it receives hello with DR/BDR filled, accept those. Else if the time period elapse, move to BDR and then to DR.
* Timers:
Default H=10 sec and
InfTransDelay = 1 sec. change by “ip ospf transmit-delay’
RxmtInterval = 5 sec. Change by “ip ospf retramit-delay’
* Neighbor state machine:
Down: at initial
Init: Hello packet received. But couldn’t see our ID in its active neighbor list.
2-way:Could see our ID in neighbor list
Exstart: Start electing master/slave to exchange DBD packets. Highest router ID becomes master.
Exchange: exchange the LSA headers using DBD packets.
Loading: Syn the LSD using LS request and LS update. In real scenario, both Exchange and loading occurs parallel.
Full: Database was sync-ed.
* DBD Packet:
Have Interface MTU settings.
Initial(I) bit, More (M) bit and Master/Slave (MS) bit
First DBD packet sent
Neighbor sends DBD with
After master selection, slave send DBD with I/M/MS = 0/1/0 with seq = master seq + 1.
* Retransmission packets are always unicast.
* Use stub concept and summarization to reduce memory and CPU utilization.
* Sequence number, checksum and age uniquely defines as LSA:
Seq #:
From 0×80000001 to 0x7fffffff
If the seq# reaches 0x7ffffff, router flushes those LSA with age = MAXage.
Checksum:
Checksum is verified every 5 mins as it resides in LSD.
0 to 3600 (1 Hr-MaxAge)
Age increments when it resides in LSA and also incremented by ‘Infdelay’ value as it transits an interface.
* Virtual Links:
Must be configured between 2 ABRs alone.
Transit area must have full routing information.
Transit area cannot be stub.
Usually it is the worst design and needs to be changed.
Can temporarily deploy to avoid partitioned area.
* LSA types:
Router LSA:
Type-1. Generated by
Above command should have same output in all routers in an area. Seq #,checksum etc should be same.
Network LSA:
Type-2: Generated by the DR with network ID of the BC network.
Show ip ospf database network
No metric field as
LSAs are flooded within
N/w summary LSA:
Type-3: Generated by ABR to advertise the networks in another area.
If there are multiple routes to a destination, ABR advertise only the lowest cost route to its area along with cost metric.
Means, intra area routers use distance-vector protocol to know about inter-area routes.
Show ip ospf database summary
ASBR summary LSA:
Type-4; Same as summary LSA except the destination advertised by ABR is ASBR.
Show ip ospf database asbr-summary
AS external LSA:
Type-5; Advertise routes external to OSPF domain.
Typically redistribution of RIP, ISIS etc
Show ip ospf database
Group-Membership LSA:
Type-7; originated by ASBR within NSSA
Show ip ospf database nssa-external
Flooded within NSSA
ASBR can set/reset “P-bit” under “options field” of every LSA.
Only if NSSA-ABR receives type-7 LSA with P-bit set, it will translate into type-5 LSA and flood to other areas.
External Attribute LSA:
Type-8. Can be used as alternative to iBGP
Not deployed yet.
Opaque LSA:
Type- 9,10,11
Extension to OSPF. Used
* Areas:
Backbone area:
Area-0. Need for inter-area communication.
If there is only one area, no need for area-0
All types of LSAs except type-7 can be seen.
Stub area:
Single exist point for inter-area communication. But still can have more than one ABR.
Have info about OSPF
No info about external (other domain) routes. Hence, ABR sends a default route.
All the routers should have “E-bit” set to 0 in their hello packets to form adjacency.
Totally stubby area:
Router has info about its area alone. No info about inter-area routes.
Can see type-1, type-2
Command: ‘area x stub no-summary’
NSSA:
Same property as stub area (not totally-stub area) with exception of allowing other domain routes as Lype-7 LSA.
No default route from ABR. (unless ‘default-info originate’ CLI configured where N2 default route (or) ‘area x nssa no-summary’ configured. In later, IA routes will not be available and default route has IA tag)
Can see Type-1,2,3,4 and type-7 LSAs.
Command: ‘area x nssa’.
* Path types:
Intra-area paths
Inter-area paths. Denoted by “IA” in show ip route.
E1:
Cost = advertised by ASBR + cost to ASBR
E2:
Cost = advertised by ASBR. Enabled by default.
If there is only one ASBR in OSPF, there is no necessity of adding cost to ASBR. Hence E2 is default.
If there are more than on ASBR, enable E1.
* Authentication:
No authentication: Type-0
Simple password: Type-1
MD5 password: Type-2
* Few points:
Router LSA of ABR will have “B-bit” set in router-lsa packet
Router LSA of ASBR will have “E-bit” set in router-lsa packet
When NSSA ABR, translates type-7 LSA to type-5 LSA, it advertise with “Advertising Router” field set to its own router ID and it changes to ASBR. It could be confirmed by seeing “E” bit set in router LSA packet.
“Options field” in OSPF hello, DBD and every LSA: From MSB
DN – used in MPLS VPN. To detect loop.
O- Set to indicate routers’ opaque LSA support.
DC- OSPF over Demand circuit.
EA – external attribute support
N/P bit
N bit in hello: Set to indicate support for NSSA external LSAs. Mismatch will not bring adjacency
P-bit in NSSA external LSA header: to inform ABR to translate T-7 to T-5 LSAs.
MC – set to indicate multicast ospf capability
E – E bit=0 to indicate stub area.
MT – set to indicate Multi-topology OSPF support. Under development.
* Troubleshooting point of view:
Few Neighborship not coming UP:
Check for Hello packet parameter match
Network ID in correct area??
Access-list blocking OSPF packets??
Packet dropped on the way to CP incase if interface multicast count is incrementing??
Check Stub-area configuration?? Virtual link via stub area??
Neighborship UP but no advertised routes in database:
Enable debug and check for LSupdate packets.
Routes in OSPF database but not in routing table:
Routes via another protocol which has AD less than OSPFs??
One end of router has “ip ospf network PTP’ whereas other end router has default BC network type.
In case of external routes not installed in routing table, check whether the forwarding address is reachable. If not, configure ‘suppress-fa’ option at the NSSA ABR.
If an LSA has less age or high sequence number among others, we need to look for why this network was keep flapping and flooding updates. Might be reason for high CPU utilization.
* Observations:
ABR with area-1 and area-2 only.
Routes from area-1 are not leaked into area-2 using type-3 network summary LSA.
Authentication:
Configure ‘ip ospf authentication’ to change to type-1. No user-defined password possible.
For loopback IP to become router-id either remove and reapply the ospf configuration or configure ‘router-id’ command.
DBD packet can have multiple LSA headers each can be of different type.(T1/T2)
When we change the network type to ‘point-point’, the interface will send a hello with DR,BDR =0 and no neighbor IDs in active neighbor field. This makes other end router to move to init.
In BC network: DBD, LS request and LS updates are exchanged via unicast. LS update (repeat) and LS ACK are sent to 224.0.0.5
In PTP, all communications via 224.0.0.5
Changing hello packet parameters (hello interval, dead interval etc) on one end makes the other end router to ignore those hello packets which has modified parameters.
Both side of router configured with priority =0 with default n/w type, they will stuck in 2way/DRother.
In an already existing stub network, if we change to totally stub, border router send an update with IA routes’ age= 3600 for flushing from database. Same as in ‘clear ip ospf process’
Redistributing RIP to ospf in a router which is inside a stub network:
“%OSPF-4-ASBR_WITHOUT_VALID_AREA: Router is currently an ASBR while having only one area which is a stub area”
Summarization has no effect
= OSPF Notes 2 =
*OSPF Packet type -Hello ,DBD ,LSR ,LSU ,LSA
*Each interface participate in OSPF send hello at 224.0.0.5
*Two router to form neighborship-same area ,samehello and dead interval,same subnetmask ,authentication must same .
*OSPF States - Down, Init, Two way, Exstart (DR, BDR selection), Exchange (DBD contains entry of link or net type having following info link type,adv router,seq number,costoflink),if router donot have update info for link type it send LSR (loading state), Neirouter send updated LSU again LSR router adds new entry in lSDB once all the routers have identical LSDB -routers are in full state .
*To send request to DR and BDR - 224.0.0.6
*For broadcast n/w type each ospf speaking router will be form full adjancey b/w DR, BDR and two way state b/w DR other routers.
*sh ip ospf database summary ( prefix ) will give information for type 3 inter area routes learned via ABR.
*Type 3 LSA called summary LSA doesnot mean network prefixes are summarised while propagated by ABR means topolgy information is summarised.
*EACH LSA in LSDB contains seq number, EACH LSA is flooded after 30 minutes, each time LSA is flooded it is incremnted by one ) - 195
*Point to point - T1,E1,neighbors are discovered automatically,hellos send at M.A 224.0.0.5, NO DR BDR election as there are only two routers.
*Multiaccess - DR, BDR election DR failes BDR becomes DR and new BDR is elected.
*If new router added with highest priorty it will not preemt existing DR and BDR election, if DR or BDR goes down then only selection starts.
*DR/BDR-ip ospf priority =0 for DR other
*STUB Area- All the routers in Area must agree on stub flag, does not allow type 5 and type 4 LSA and ABR generates default route in stub area to reach external destination.
to cofigure stub area - area x stub
*Tottaly Stub area - removes type 3,4,5 LSA and ABR genrates inter area default route, total stubby area configured on ABR of the area.
*To configure totally stubby - on ABR area x stub no summary and other routers need to configued wth area x stub command.
*NSSA area - was desgined to keep stub feature attribute and also allowed external routes, ASBR will genrate type 7 LSA in NSSA and se the P bit 1 and ABR will translate type 7 to type 5 propagate in ospf domain and all routers should agree on NSSA area. ABR does not genrate default route automatically. So in case if we other external AS connected to other areas NSSA area will not have information for that external routes, so in that case we need to genrate defaul route mannually.
*NOSo-total stubby area - remove type 3 ,4 ,5 lsa , genrates type 7 LSA and ABR genrates default route. Note it is not necessary for ABR to be part of total stubby NSSA it can still run NSSA for that area in ospf process.
*Order of preference of OSPF routes- O,OIA,E1,E2,N1,N2.
*When ABR does LSA translation from Type 7 to Type 5, if we look for external network in an area using sh ip os database external. There are field, Advertising router and Forwading address, Advertising address will be address of ABR which is doing the translation and Forwading address is address of ASBR.
*Also if the forwading address field is 0.0.0.0, then traffic will be forwading to who is orginating the route.
*If we have mutliple ABR in NSSA the ABR with highest router id will genrate type 5 LSA. This does not mean all the traffic will follow the ABR with highest router id because the forwading address field contains the information for the ASBR to reach external destination.
*In case if we want to change the forwading address on ABR while tranlating from type 7 to type 5 we can use the command
area i nssa no summary translate type 7 suppress forwading address.
Note - in the LSA lookup if the forwading address is 0.0.0.0 so the router which is advertising the lsa and is announcing it self to use himself to reach destination.
*E1 and E2 routes - E1 routes external cost is added to cost of link packet traverse, if we have multiple ASBR then we should use marked external routes as type E1
*If we have muliple ASBR, then default metric to reach external network would be same propagated by both of them, in that case each ospf speaking router will use forward metric to reach ASBR as best path.In case the forward metric is same then decision will be based on router id of ASBR.
*That can be verified by:
sh ip ospf database external XXXX.
*E2 -External cost only, if we have single ASBR
Note- ABR has information for all the connected area's so when genrating the type 3 SLA topogy information is summarised and propagated from one area to other area.
*Loop prevnetion mechanism in OSPF-Its ABR only that accespts and process the type 3 LSA if it is from backbone area.
area X filter-list prefix {in|out}
*Good news here - this command applies after all summarization has been done and filters the routing information from being used for type-3 LSA generation. It applies to all three type of prefixes: intra-area routes, inter-area routes, and summaries generated as a result of the area X range command. All information is being learned from the router's RIB. used to filter specific prefix in Type 3 LSA.
*LSA Type 5 filerting -This LSA is originated by an ASBR (router redistributing external routes) and flooded through the whole OSPF autonomous system, Important - You may filter the redistributed routes by using the command distribute - list out configured under the protocol, which is the source of redistribution or simply applying filtering with your redistribution.
*The key thing you should remember is that non-local route filtering for OSPF is only available at ABRs and ASBRs
*Distribute list out on ABR and ASBR will filter the type 5 LSA while propagting
*We can verify using:
sh ip ospf database external x.x.x.x
*Distribute list in - Will filter the information from routing table but lSA will still be propagating to neighbor routers.
*If we have NSSA area we want to filer type 5 SLA on ABR we can filter the forwading address using ditribute list on ABR. (As the forwading address is copied from type 7 SLA when ABR regenrates the type 5 SLA out of it.
;OSPF Network Types:
1. Point to point - Supports broadcast like T1, E1, there are only two routers no DR/BDR election ,hello and dead are 10/40.
2. Brodacast - Like ethernet, broadacst capabilty, There is DR and BDR election, 10 and 40.
3. Point to multipoint brodacast - have broadcast capabilty, NO DR and BDr election , hello/dead are 40 /130, In case of hub and spoke topology hub will form adjancy.
with the spokes ,other spokes will not form adjancy as there is not direct layer connection so when hub receive the update from spoke it changes its next hop self while propagating the updates.
4. Point to multipoint non brodcast - No broadcast capabilty, hello will be send as unicast, will not be send if neighbors are not defined manually.
As there is no brodcast capabilty hellos are send as unicast and there is no DR /BDR election. hello/dead are 40 /130, Special next hope processing.
Non-Broadcast is the default network type on multipoint frame-relay interface, eg a main interface.
5. Non broadcast n/w - Default network type is nonbroadcast for frame-relay network , there is no broadcast capabilty , hello are send as unicast ,neibors need to define mannualy .hello /dead 30-40 ,DR and BDR election,
NBMAN-(Non broadcast)-Nei needs to define mannualy ,there is slection of DR and BDR ,full mesh or partail mesh,IN NBMAN if there is DR ,BDR selction all routers should be fully meshed or DR BDR can be staticly configured on router that should have full adjancies to all routers.
Make sure the for non-broadcastn/w make sure hub is chossen as DR and need to define nei mannaulay to send ospf updates as unicast.
Note - Broadcast and non broadcast n/w , DR on receiveing the LSA's didnot change the next hop while propagating the LSA to other DR-other routers so in case of broadcast segment its fine while for non broadcaset frame relay network we need to mannualy define the layer 3 to layer 2 resoltuion to reach that neibour.
While in case of point-point, HDLC there is only one device at other end so layer 3 to layer 2 mapping is not required.
6. In OSPF loopbacks are advertised as stub host and network type loopback.if the mask of loopback is /24 and we want to advertise as /24 to ospf domain we need to change the network type
*By adjusting the hello/dead timers you can make non-compatible OSPF network types appear as neighbors via the - show ip ospf neighbor - but they won't become adjacent with each other. OSPF network types that use a DR (broadcast and non-broadcast) can neighbor with each other and function properly. Likewise OSPF network types (point-to-point and point-to-multipoint) that do not use a DR can neighbor with each other and function properly. But if you mix DR types with non-DR types they will not function properly (i.e. not fully adjacent). You should see in the OSPF database Adv Router is not-reachable messages when you've mixed DR and non-DR types.
*Here is what will work:
Broadcast to Broadcast
Non-Broadcast to Non-Broadcast
Point-to-Point to Point-to-Point
Point-to-Multipoint to Point-to-Multipoint
Broadcast to Non-Broadcast (adjust hello/dead timers)
Point-to-Point to Point-to-Multipoint (adjust hello/dead timers)
*Command lines:
1. sh ip os inter brief
2. sh ip route ospf
3. sh ip os boarder routers
4. sh ip os da summary x.x.x - type 3
5. sh ip os da external x.x.x.x-type 5
6. sh ip os data router .x..x.x.x- type 1
*Sumarisation can occur on ABR and ASBR
*ABR uses area range command
*when ABR /ASBR does sumarization it genrates null route for the summary , in case spefic prefix went unreachable for some reason and ABR has received traffic for that preifx it wll drop the traffic , if we want to avoid it use default route to forward the traffic we can use command ( no discard route internal / external) to drop the null route from routing table .
ASBR- Summary address x.x.x.x mask
*RFC 2328 - to learn the ospf
;Virtual links
*All areas in an Open Shortest Path First (OSPF) autonomous system must be physically connected to the backbone area (Area 0). In some cases, where this is not possible, you can use a virtual link to connect to the backbone through a non-backbone area. You can also use virtual links to connect two parts of a partitioned backbone through a non-backbone area. The area through which you configure the virtual link, known as a transit area, must have full routing information. The transit area cannot be a stub area.
*The transit area cannot be a stub area, because routers in the stub area do not have routes for external destinations. Because data is sent natively, if a packet destined for an external destination is sent into a stub area which is also a transit area, then the packet is not routed correctly. The routers in the stub area do not have routes for specific external destinations.
*We can also use GRE link between nonbackbone area and backbone area ,run area 0 over tunneled interface but there is GRE overhead. In case of virtul only OSPF packets are send as tunneled packet and data traffic is send as it is normal area connected to backbone area.
=LAB=
Line 546 ⟶ 896:
*On a shared/ethernet network, only 2 router, DR & BDR will form full relationship, all others will stay in 2-way state.<ref>www.wipro.com</ref>
*If OSPF is stuck in ExStart State, MTU mismatch may be the cause, as it is requirement to successfully pass DBD Packets. Matching MTU is not a Adjacency Requirement, but is required to successfully pass Database Descriptor Packets
*In OSPF, MTU Mismatch causes neighbors swinging between ExStart state to Down state
| |||