OSPF: Difference between revisions
→Troubleshooting
| (6 intermediate revisions by the same user not shown) | |||
Line 314:
;Type 4 - ASBR summary LSA / ASBR Location
Same as summary LSA except the destination advertised by ABR is ASBR.
ABR which is in the same area as the ASBR will originate the Type 4 LSA.
The (assumed) presence of an ASBR is communicated from its immediate ABR via a type 1 LSA with the E flag set(which does not constitute a type 4 LSA) sent into backbone area 0.
The only type 4 LSA generated in this example is sent from router C into area 2,
Line 538 ⟶ 536:
= R&S Quick Notes =
= Concept Recap =
* Protocol Number = 89, TTL=1, DES IP = 224.0.0.5 & 6
* Network Types:
PTP:
No DR, BDR and ospf packets are sent to MC address.
Line 576 ⟶ 574:
Virtual link:
Packets are unicast.
* OSPF packet types:
Hello – type 1
Database description – type 2
Line 582 ⟶ 581:
LS update – type 4
LS ACK – type 5
* To bring neighborship up, following fields should be matched:
Hello interval, Dead interval, area ID, network mask, option fields and authentication, if any
* Neighborship will not form via secondary address. Other words, router will not generate hello packet with SRC IP = secondary IP.
* DR/BDR election:
Highest Priority
Tie, highest router ID
Line 592 ⟶ 594:
Priority=0 means ineligible to become DR/BDR.
When interface comes up, it sets DR,BDR to 0.0.0.0 and wait for ‘wait timer’= router dead interval. Within that period, if it receives hello with DR/BDR filled, accept those. Else if the time period elapse, move to BDR and then to DR.
* Timers:
Default H=10 sec and D= 40 sec
InfTransDelay = 1 sec. change by “ip ospf transmit-delay’
RxmtInterval = 5 sec. Change by “ip ospf retramit-delay’
* Neighbor state machine:
Down: at initial
Attempt: Only in NBMA
Line 605 ⟶ 609:
Loading: Syn the LSD using LS request and LS update. In real scenario, both Exchange and loading occurs parallel.
Full: Database was sync-ed.
* DBD Packet:
Have Interface MTU settings.
Initial(I) bit, More (M) bit and Master/Slave (MS) bit
Line 611 ⟶ 616:
Neighbor sends DBD with I/M/MS = 1/1/1 with seq = y
After master selection, slave send DBD with I/M/MS = 0/1/0 with seq = master seq + 1.
* Retransmission packets are always unicast.
* Use stub concept and summarization to reduce memory and CPU utilization.
* Sequence number, checksum and age uniquely defines as LSA:
Seq #:
From 0×80000001 to 0x7fffffff
Line 623 ⟶ 631:
0 to 3600 (1 Hr-MaxAge)
Age increments when it resides in LSA and also incremented by ‘Infdelay’ value as it transits an interface.
* Virtual Links:
Must be configured between 2 ABRs alone.
Transit area must have full routing information.
Line 629 ⟶ 638:
Usually it is the worst design and needs to be changed.
Can temporarily deploy to avoid partitioned area.
* LSA types:
Router LSA:
Type-1. Generated by all routers with all active networks which has ospf configured.
Line 667 ⟶ 677:
Type- 9,10,11
Extension to OSPF. Used for TE in MPLS.
* Areas:
Backbone area:
Area-0. Need for inter-area communication.
Line 688 ⟶ 699:
Can see Type-1,2,3,4 and type-7 LSAs.
Command: ‘area x nssa’.
* Path types:
Intra-area paths
Inter-area paths. Denoted by “IA” in show ip route.
Line 697 ⟶ 709:
If there is only one ASBR in OSPF, there is no necessity of adding cost to ASBR. Hence E2 is default.
If there are more than on ASBR, enable E1.
* Authentication:
No authentication: Type-0
Simple password: Type-1
MD5 password: Type-2
* Few points:
Router LSA of ABR will have “B-bit” set in router-lsa packet
Router LSA of ASBR will have “E-bit” set in router-lsa packet
Line 716 ⟶ 730:
E – E bit=0 to indicate stub area.
MT – set to indicate Multi-topology OSPF support. Under development.
* Troubleshooting point of view:
Few Neighborship not coming UP:
Check for Hello packet parameter match
Network ID in correct area??
Line 730 ⟶ 745:
In case of external routes not installed in routing table, check whether the forwarding address is reachable. If not, configure ‘suppress-fa’ option at the NSSA ABR.
If an LSA has less age or high sequence number among others, we need to look for why this network was keep flapping and flooding updates. Might be reason for high CPU utilization.
* Observations:
ABR with area-1 and area-2 only.
Routes from area-1 are not leaked into area-2 using type-3 network summary LSA.
Line 746 ⟶ 762:
“%OSPF-4-ASBR_WITHOUT_VALID_AREA: Router is currently an ASBR while having only one area which is a stub area”
Summarization has no effect of external routes (E1/E2).
= OSPF Notes 2 =
*OSPF Packet type -Hello ,DBD ,LSR ,LSU ,LSA
*Each interface participate in OSPF send hello at 224.0.0.5
*Two router to form neighborship-same area ,samehello and dead interval,same subnetmask ,authentication must same .
*OSPF States - Down, Init, Two way, Exstart (DR, BDR selection), Exchange (DBD contains entry of link or net type having following info link type,adv router,seq number,costoflink),if router donot have update info for link type it send LSR (loading state), Neirouter send updated LSU again LSR router adds new entry in lSDB once all the routers have identical LSDB -routers are in full state .
*To send request to DR and BDR - 224.0.0.6
*For broadcast n/w type each ospf speaking router will be form full adjancey b/w DR, BDR and two way state b/w DR other routers.
*sh ip ospf database summary ( prefix ) will give information for type 3 inter area routes learned via ABR.
*Type 3 LSA called summary LSA doesnot mean network prefixes are summarised while propagated by ABR means topolgy information is summarised.
*EACH LSA in LSDB contains seq number, EACH LSA is flooded after 30 minutes, each time LSA is flooded it is incremnted by one ) - 195
*Point to point - T1,E1,neighbors are discovered automatically,hellos send at M.A 224.0.0.5, NO DR BDR election as there are only two routers.
*Multiaccess - DR, BDR election DR failes BDR becomes DR and new BDR is elected.
*If new router added with highest priorty it will not preemt existing DR and BDR election, if DR or BDR goes down then only selection starts.
*DR/BDR-ip ospf priority =0 for DR other
*STUB Area- All the routers in Area must agree on stub flag, does not allow type 5 and type 4 LSA and ABR generates default route in stub area to reach external destination.
to cofigure stub area - area x stub
*Tottaly Stub area - removes type 3,4,5 LSA and ABR genrates inter area default route, total stubby area configured on ABR of the area.
*To configure totally stubby - on ABR area x stub no summary and other routers need to configued wth area x stub command.
*NSSA area - was desgined to keep stub feature attribute and also allowed external routes, ASBR will genrate type 7 LSA in NSSA and se the P bit 1 and ABR will translate type 7 to type 5 propagate in ospf domain and all routers should agree on NSSA area. ABR does not genrate default route automatically. So in case if we other external AS connected to other areas NSSA area will not have information for that external routes, so in that case we need to genrate defaul route mannually.
*NOSo-total stubby area - remove type 3 ,4 ,5 lsa , genrates type 7 LSA and ABR genrates default route. Note it is not necessary for ABR to be part of total stubby NSSA it can still run NSSA for that area in ospf process.
*Order of preference of OSPF routes- O,OIA,E1,E2,N1,N2.
*When ABR does LSA translation from Type 7 to Type 5, if we look for external network in an area using sh ip os database external. There are field, Advertising router and Forwading address, Advertising address will be address of ABR which is doing the translation and Forwading address is address of ASBR.
*Also if the forwading address field is 0.0.0.0, then traffic will be forwading to who is orginating the route.
*If we have mutliple ABR in NSSA the ABR with highest router id will genrate type 5 LSA. This does not mean all the traffic will follow the ABR with highest router id because the forwading address field contains the information for the ASBR to reach external destination.
*In case if we want to change the forwading address on ABR while tranlating from type 7 to type 5 we can use the command
area i nssa no summary translate type 7 suppress forwading address.
Note - in the LSA lookup if the forwading address is 0.0.0.0 so the router which is advertising the lsa and is announcing it self to use himself to reach destination.
*E1 and E2 routes - E1 routes external cost is added to cost of link packet traverse, if we have multiple ASBR then we should use marked external routes as type E1
*If we have muliple ASBR, then default metric to reach external network would be same propagated by both of them, in that case each ospf speaking router will use forward metric to reach ASBR as best path.In case the forward metric is same then decision will be based on router id of ASBR.
*That can be verified by:
sh ip ospf database external XXXX.
*E2 -External cost only, if we have single ASBR
Note- ABR has information for all the connected area's so when genrating the type 3 SLA topogy information is summarised and propagated from one area to other area.
*Loop prevnetion mechanism in OSPF-Its ABR only that accespts and process the type 3 LSA if it is from backbone area.
area X filter-list prefix {in|out}
*Good news here - this command applies after all summarization has been done and filters the routing information from being used for type-3 LSA generation. It applies to all three type of prefixes: intra-area routes, inter-area routes, and summaries generated as a result of the area X range command. All information is being learned from the router's RIB. used to filter specific prefix in Type 3 LSA.
*LSA Type 5 filerting -This LSA is originated by an ASBR (router redistributing external routes) and flooded through the whole OSPF autonomous system, Important - You may filter the redistributed routes by using the command distribute - list out configured under the protocol, which is the source of redistribution or simply applying filtering with your redistribution.
*The key thing you should remember is that non-local route filtering for OSPF is only available at ABRs and ASBRs
*Distribute list out on ABR and ASBR will filter the type 5 LSA while propagting
*We can verify using:
sh ip ospf database external x.x.x.x
*Distribute list in - Will filter the information from routing table but lSA will still be propagating to neighbor routers.
*If we have NSSA area we want to filer type 5 SLA on ABR we can filter the forwading address using ditribute list on ABR. (As the forwading address is copied from type 7 SLA when ABR regenrates the type 5 SLA out of it.
;OSPF Network Types:
1. Point to point - Supports broadcast like T1, E1, there are only two routers no DR/BDR election ,hello and dead are 10/40.
2. Brodacast - Like ethernet, broadacst capabilty, There is DR and BDR election, 10 and 40.
3. Point to multipoint brodacast - have broadcast capabilty, NO DR and BDr election , hello/dead are 40 /130, In case of hub and spoke topology hub will form adjancy.
with the spokes ,other spokes will not form adjancy as there is not direct layer connection so when hub receive the update from spoke it changes its next hop self while propagating the updates.
4. Point to multipoint non brodcast - No broadcast capabilty, hello will be send as unicast, will not be send if neighbors are not defined manually.
As there is no brodcast capabilty hellos are send as unicast and there is no DR /BDR election. hello/dead are 40 /130, Special next hope processing.
Non-Broadcast is the default network type on multipoint frame-relay interface, eg a main interface.
5. Non broadcast n/w - Default network type is nonbroadcast for frame-relay network , there is no broadcast capabilty , hello are send as unicast ,neibors need to define mannualy .hello /dead 30-40 ,DR and BDR election,
NBMAN-(Non broadcast)-Nei needs to define mannualy ,there is slection of DR and BDR ,full mesh or partail mesh,IN NBMAN if there is DR ,BDR selction all routers should be fully meshed or DR BDR can be staticly configured on router that should have full adjancies to all routers.
Make sure the for non-broadcastn/w make sure hub is chossen as DR and need to define nei mannaulay to send ospf updates as unicast.
Note - Broadcast and non broadcast n/w , DR on receiveing the LSA's didnot change the next hop while propagating the LSA to other DR-other routers so in case of broadcast segment its fine while for non broadcaset frame relay network we need to mannualy define the layer 3 to layer 2 resoltuion to reach that neibour.
While in case of point-point, HDLC there is only one device at other end so layer 3 to layer 2 mapping is not required.
6. In OSPF loopbacks are advertised as stub host and network type loopback.if the mask of loopback is /24 and we want to advertise as /24 to ospf domain we need to change the network type
*By adjusting the hello/dead timers you can make non-compatible OSPF network types appear as neighbors via the - show ip ospf neighbor - but they won't become adjacent with each other. OSPF network types that use a DR (broadcast and non-broadcast) can neighbor with each other and function properly. Likewise OSPF network types (point-to-point and point-to-multipoint) that do not use a DR can neighbor with each other and function properly. But if you mix DR types with non-DR types they will not function properly (i.e. not fully adjacent). You should see in the OSPF database Adv Router is not-reachable messages when you've mixed DR and non-DR types.
*Here is what will work:
Broadcast to Broadcast
Non-Broadcast to Non-Broadcast
Point-to-Point to Point-to-Point
Point-to-Multipoint to Point-to-Multipoint
Broadcast to Non-Broadcast (adjust hello/dead timers)
Point-to-Point to Point-to-Multipoint (adjust hello/dead timers)
*Command lines:
1. sh ip os inter brief
2. sh ip route ospf
3. sh ip os boarder routers
4. sh ip os da summary x.x.x - type 3
5. sh ip os da external x.x.x.x-type 5
6. sh ip os data router .x..x.x.x- type 1
*Sumarisation can occur on ABR and ASBR
*ABR uses area range command
*when ABR /ASBR does sumarization it genrates null route for the summary , in case spefic prefix went unreachable for some reason and ABR has received traffic for that preifx it wll drop the traffic , if we want to avoid it use default route to forward the traffic we can use command ( no discard route internal / external) to drop the null route from routing table .
ASBR- Summary address x.x.x.x mask
*RFC 2328 - to learn the ospf
;Virtual links
*All areas in an Open Shortest Path First (OSPF) autonomous system must be physically connected to the backbone area (Area 0). In some cases, where this is not possible, you can use a virtual link to connect to the backbone through a non-backbone area. You can also use virtual links to connect two parts of a partitioned backbone through a non-backbone area. The area through which you configure the virtual link, known as a transit area, must have full routing information. The transit area cannot be a stub area.
*The transit area cannot be a stub area, because routers in the stub area do not have routes for external destinations. Because data is sent natively, if a packet destined for an external destination is sent into a stub area which is also a transit area, then the packet is not routed correctly. The routers in the stub area do not have routes for specific external destinations.
*We can also use GRE link between nonbackbone area and backbone area ,run area 0 over tunneled interface but there is GRE overhead. In case of virtul only OSPF packets are send as tunneled packet and data traffic is send as it is normal area connected to backbone area.
=LAB=
Line 760 ⟶ 896:
*On a shared/ethernet network, only 2 router, DR & BDR will form full relationship, all others will stay in 2-way state.<ref>www.wipro.com</ref>
*If OSPF is stuck in ExStart State, MTU mismatch may be the cause, as it is requirement to successfully pass DBD Packets. Matching MTU is not a Adjacency Requirement, but is required to successfully pass Database Descriptor Packets
*In OSPF, MTU Mismatch causes neighbors swinging between ExStart state to Down state
| |||