Chapter 9. Advanced OSPF

This chapter covers the following subjects:

Areas: This section describes the benefits and functions of areas within an OSPF routing domain.

Link-State Announcements: This section explains how OSPF stores, communicates, and builds a topology from the link-state announcements (LSAs).

Discontiguous Networks: This section demonstrates a discontiguous network and explains why such a network cannot distribute routes to all areas properly.

OSPF Path Selection: This section explains how OSPF makes path selection choices for routes learned within the OSPF routing domain.

Summarization of Routes: This section explains how network summarization works with OSPF.

Route Filtering: This section explains how OSPF routes can be filtered on a router.

The Open Shortest Path First (OSPF) protocol scales well with proper network planning. IP addressing schemes, area segmentation, address summarization, and hardware capabilities for each area should all be taken into consideration for a network design.

This chapter expands on Chapter 8, “OSPF,” and explains the functions and features found in larger enterprise networks. By the end of this chapter, you should have a solid understanding of the route advertisement within a multi-area OSPF domain, path selection, and techniques to optimize an OSPF environment.

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz allows you to assess whether you should read the entire chapter. If you miss no more than one of these self-assessment questions, you might want to move ahead to the “Exam Preparation Tasks” section. Table 9-1 lists the major headings in this chapter and the “Do I Know This Already?” quiz questions covering the material in those headings so you can assess your knowledge of these specific areas. The answers to the “Do I Know This Already?” quiz appear in Appendix A, “Answers to the ‘Do I Know This Already?’ Quiz Questions.”

Table 9-1 Do I Know This Already?” Foundation Topics Section-to-Question Mapping

Foundation Topics Section

Questions

Areas

1–2

Link-State Announcements

3–6

Discontiguous Networks

7

OSPF Path Selection

8

Summarization of Routes

9–10

Route Filtering

11

1. True or false: A router with an interface associated with Area 1 and Area 2 will be able to inject routes learned from one area into another area.

  1. True

  2. False

2. True or false: A member router contains a complete copy of the LSDBs for every area in the routing domain.

  1. True

  2. False

3. How many OSPF link-state announcement (LSA) types are used for routing traditional IPv4 packets?

  1. Two

  2. Three

  3. Five

  4. Six

  5. Seven

4. What is the LSA age field in the LSDB used for?

  1. For version control—to ensure that the most recent LSA is present

  2. To age out old LSAs by removing an LSA when its age reaches zero

  3. For troubleshooting—to identify exactly when the LSA was advertised

  4. To age out old LSAs by removing an LSA when it reaches 3600 seconds

5. Which LSA type exists in all OSPF areas?

  1. Network

  2. Summary

  3. Router

  4. AS external

6. True or false: When an ABR receives a network LSA, the ABR forwards the network LSA to the other connected areas.

  1. True

  2. False

7. When a type 3 LSA is received in a nonbackbone area, what does the ABR do?

  1. Discards the type 3 LSA and does not process it

  2. Installs the type 3 LSA for only the area where it was received

  3. Advertises the type 3 LSA to the backbone area and displays an error

  4. Advertises the type 3 LSA to the backbone area

8. True or false: OSPF uses the shortest total path metric to identify the best path for every internal OSPF route (intra-area and interarea).

  1. True

  2. False

9. True or false: Breaking a large OSPF topology into smaller OSPF areas can be considered a form of summarization.

  1. True

  2. False

10. How is the process of summarizing routes on an OSPF router accomplished?

  1. By using the interface configuration command summary-address network prefix-length

  2. By using the OSPF process configuration command summary-address network prefix-length

  3. By using the OSPF process configuration command area area-id range network subnet-mask

  4. By using the interface configuration command area area-id summary-address network subnet-mask

11. OSPF supports filtering of routes using which of the following techniques? (Choose two.)

  1. Summarization, using the no-advertise option

  2. LSA filtering, which prevents type 1 LSAs from being advertised through a member router

  3. Area filtering, which prevents type 1 LSAs from being generated into a type 3 LSA

  4. Injection of an OSPF discard route on the router that filtering should apply

Answers to the “Do I Know This Already?” quiz:

1 B

2 B

3 D

4 D

5 C

6 B

7 B

8 B

9 A

10 C

11 A, C

Foundation Topics

Areas

An OSPF area is a logical grouping of routers or, more specifically, a logical grouping of router interfaces. Area membership is set at the interface level, and the area ID is included in the OSPF hello packet. An interface can belong to only one area. All routers within the same OSPF area maintain an identical copy of the link-state database (LSDB).

An OSPF area grows in size as network links and the number of routers increase in the area. While using a single area simplifies the topology, there are trade-offs:

  • Full shortest path first (SPF) tree calculation runs when a link flaps within the area.

  • The LSDB increases in size and becomes unmanageable.

  • The LSDB for the area grows, consuming more memory, and taking longer during the SPF computation process.

  • No summarization of route information occurs.

Proper design addresses each of these issues by segmenting the routers into multiple OSPF areas, thereby keeping the LSDB to a manageable size. Sizing and design of OSPF networks should account for the hardware constraints of the smallest router in that area.

If a router has interfaces in multiple areas, the router has multiple LSDBs (one for each area). The internal topology of one area is invisible from outside that area. If a topology change occurs (such as a link flap or an additional network being added) within an area, all routers in the same OSPF area calculate the SPF tree again. Routers outside that area do not calculate the full SPF tree again but perform a partial SPF calculation if the metrics have changed or a prefix is removed.

In essence, an OSPF area hides the topology from another area but enables the networks to be visible in other areas within the OSPF domain. Segmenting the OSPF domain into multiple areas reduces the size of the LSDB for each area, making SPF tree calculations faster, and decreasing LSDB flooding between routers when a link flaps.

Just because a router connects to multiple OSPF areas does not mean the routes from one area will be injected into another area. Figure 9-1 shows router R1 connected to Area 1 and Area 2. Routes from Area 1 will not advertise into Area 2 and vice versa.

A figure shows the failure of route advertisement between areas.

Figure 9-1 Failed Route Advertisement Between Areas

Area 0 is a special area called the backbone. By design, all areas must connect to Area 0 because OSPF expects all areas to inject routing information into the backbone, and Area 0 advertises the routes into other areas. The backbone design is crucial to preventing routing loops.

Area border routers (ABRs) are OSPF routers connected to Area 0 and another OSPF area, per Cisco definition and according to RFC 3509. ABRs are responsible for advertising routes from one area and injecting them into a different OSPF area. Every ABR needs to participate in Area 0; otherwise, routes will not advertise into another area. ABRs compute an SPF tree for every area that they participate in.

Figure 9-2 shows that R1 is connected to Area 0, Area 1, and Area 2. R1 is a proper ABR because it now participates in Area 0. The following occurs on R1:

  • Routes from Area 1 advertise into Area 0.

  • Routes from Area 2 advertise into Area 0.

  • Routes from Area 0 advertise into Area 1 and 2. This includes the local Area 0 routes, in addition to the routes that were advertised into Area 0 from Area 1 and Area 2.

A figure illustrates route advertisement between areas.

Figure 9-2 Successful Route Advertisement Between Areas

Figure 9-3 shows a larger-scale OSPF multi-area topology that is used throughout this chapter to describe various OSPF concepts.

The OSPF multi-area topology is illustrated in a figure.

Figure 9-3 OSPF Multi-Area Topology

In the topology:

  • R1, R2, R3, and R4 belong to Area 1234.

  • R4 and R5 belong to Area 0.

  • R5 and R6 belong to Area 56.

  • R4 and R5 are ABRs.

  • Area 1234 connects to Area 0, and Area 56 connects to Area 0.

  • Routers in Area 1234 can see routes from routers in Area 0 and Area 56 and vice versa.

Example 9-1 shows the OSPF configuration for the ABRs R4 and R5. Notice that multiple areas in the configuration have Area 0 as one of the areas.

Example 9-1 Sample Multi-Area OSPF Configuration

R4
router ospf 1
 router-id 192.168.4.4
 network 10.24.1.0 0.0.0.255 area 1234
 network 10.45.1.0 0.0.0.255 area 0
R5
router ospf 1
 router-id 192.168.5.5
 network 10.45.1.0 0.0.0.255 area 0
 network 10.56.1.0 0.0.0.255 area 56

Example 9-2 verifies that interfaces on R4 belong to Area 1234 and Area 0 and that interfaces on R5 belong to Area 0 and Area 56.

Example 9-2 Verifying Interfaces for ABRs

R4# show ip ospf interface brief
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Gi0/0        1     0               10.45.1.4/24       1     DR    1/1
Se1/0        1     1234            10.24.1.4/29       64    P2P   1/1
R5# show ip ospf interface brief
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Gi0/0        1     0               10.45.1.5/24       1     DR    1/1
Gi0/1        1     56              10.56.1.5/24       1     BDR   1/1

Area ID

The area ID is a 32-bit field and can be formatted in simple decimal (0 through 4,294,967,295) or dotted decimal (0.0.0.0 through 255.255.255.255). During router configuration, the area can use decimal format on one router and dotted-decimal format on a different router, and the routers can still form an adjacency. OSPF advertises the area ID in dotted-decimal format in the OSPF hello packet.

OSPF Route Types

Network routes that are learned from other OSPF routers within the same area are known as intra-area routes. In Figure 9-3, the network link between R2 and R4 (10.24.1.0/29) is an intra-area route to R1. The IP routing table displays OSPF intra-area routes with an O.

Network routes that are learned from other OSPF routers from a different area using an ABR are known as interarea routes. In Figure 9-3, the network link between R4 and R5 (10.45.1.0/24) is an interarea route to R1. The IP routing table displays OSPF interarea routers with O IA.

Example 9-3 provides the routing table for R1 from Figure 9-3. Notice that R1’s OSPF routing table shows routes from within Area 1234 as intra-area (O routes) and routes from Area 0 and Area 56 as interarea (O IA routes).

Example 9-3 OSPF Routing Tables for Sample Multi-Area OSPF Topology

R1# show ip route | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
! The following two routes are OSPF intra-area routes as they all come from
! Area 1234                                                                
O        10.3.3.0/24 [110/20] via 10.123.1.3, 00:12:07, GigabitEthernet0/0
O        10.24.1.0/29 [110/74] via 10.123.1.2, 00:12:07, GigabitEthernet0/0
! The following two routes are OSPF interarea routes as they all come from
! outside of Area 1234                                                    
O IA     10.45.1.0/24 [110/84] via 10.123.1.2, 00:12:07, GigabitEthernet0/0
O IA     10.56.1.0/24 [110/94] via 10.123.1.2, 00:12:07, GigabitEthernet0/0
C        10.123.1.0/24 is directly connected, GigabitEthernet0/0

Example 9-4 provides the routing table for R4 from Figure 9-3. Notice that R4’s routing table shows the routes from within Area 1234 and Area 0 as intra-area and routes from Area 56 as interarea because R4 does not connect to Area 56.

Notice that the metric for the 10.123.1.0/24 and 10.3.3.0/24 networks has drastically increased compared to the metric for the 10.56.1.0/24 network. This is because it must cross the slow serial link, which has an interface cost of 64.

Example 9-4 OSPF Routing Table for ABR R4

R4# show ip route | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks
O        10.3.3.0/24 [110/66] via 10.24.1.2, 00:03:45, Serial1/0
C        10.24.1.0/29 is directly connected, Serial1/0
C        10.45.1.0/24 is directly connected, GigabitEthernet0/0
O IA     10.56.1.0/24 [110/2] via 10.45.1.5, 00:04:56, GigabitEthernet0/0
O        10.123.1.0/24 [110/65] via 10.24.1.2, 00:13:19, Serial1/

Example 9-5 provides the routing tables with filtering for OSPF for R5 and R6 from Figure 9-3. R5 and R6 only contain interarea routes in the OSPF routing table because intra-area routes are directly connected.

Example 9-5 OSPF Routing Tables for R5 and R6

R5# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks
O IA     10.3.3.0/24 [110/67] via 10.45.1.4, 00:04:13, GigabitEthernet0/0
O IA     10.24.1.0/29 [110/65] via 10.45.1.4, 00:04:13, GigabitEthernet0/0
O IA     10.123.1.0/24 [110/66] via 10.45.1.4, 00:04:13, GigabitEthernet0/0
R6# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
O IA     10.3.3.0/24 [110/68] via 10.56.1.5, 00:07:04, GigabitEthernet0/0
O IA     10.24.1.0/24 [110/66] via 10.56.1.5, 00:08:19, GigabitEthernet0/0
O IA     10.45.1.0/24 [110/2] via 10.56.1.5, 00:08:18, GigabitEthernet0/0
O IA     10.123.1.0/24 [110/67] via 10.56.1.5, 00:08:19, GigabitEthernet0/0

External routes are routes learned from outside the OSPF domain but injected into an OSPF domain through redistribution. External OSPF routes can come from a different OSPF domain or from a different routing protocol. External OSPF routes are beyond the scope of the CCNP and CCIE Enterprise Core ENCOR 350-401 exam and are not covered in this book.

Link-State Announcements

When OSPF neighbors become adjacent, the LSDBs synchronize between the OSPF routers. As an OSPF router adds or removes a directly connected network link to or from its database, the router floods the link-state advertisement (LSA) out all active OSPF interfaces. The OSPF LSA contains a complete list of networks advertised from that router.

OSPF uses six LSA types for IPv4 routing:

  • Type 1, router LSA: Advertises the LSAs that originate within an area

  • Type 2, network LSA: Advertises a multi-access network segment attached to a DR

  • Type 3, summary LSA: Advertises network prefixes that originated from a different area

  • Type 4, ASBR summary LSA: Advertises a summary LSA for a specific ASBR

  • Type 5, AS external LSA: Advertises LSAs for routes that have been redistributed

  • Type 7, NSSA external LSA: Advertises redistributed routes in NSSAs

LSA types 1, 2, and 3, which are used for building the SPF tree for intra-area and interarea routes, are explained in this section.

Figure 9-4 shows a packet capture of an OSPF update LSA and outlines the important components of the LSA: the LSA type, LSA age, sequence number, and advertising router. Because this is a type 1 LSA, the link IDs add relevance as they list the attached networks and the associated OSPF cost for each interface.

A screenshot illustrates the packet capture of an LSA update. The details related to Internet protocol version 4 are listed. The information regarding to LS update packet are extended. LSA type, LSA age, advertising router, LSA sequence, and link IDs are labeled out.

Figure 9-4 Packet Capture of an LSA Update for the Second Interface

LSA Sequences

OSPF uses the sequence number to overcome problems caused by delays in LSA propagation in a network. The LSA sequence number is a 32-bit number for controlling versioning. When the originating router sends out LSAs, the LSA sequence number is incremented. If a router receives an LSA sequence that is greater than the one in the LSDB, it processes the LSA. If the LSA sequence number is lower than the one in the LSDB, the router deems the LSA old and discards the LSA.

LSA Age and Flooding

Every OSPF LSA includes an age that is entered into the local LSDB and that will increment by 1 every second. When a router’s OSPF LSA age exceeds 1800 seconds (30 minutes) for its networks, the originating router advertises a new LSA with the LSA age set to 0. As each router forwards the LSA, the LSA age is incremented with a calculated (minimal) delay that reflects the link. If the LSA age reaches 3600, the LSA is deemed invalid and is purged from the LSDB. The repetitive flooding of LSAs is a secondary safety mechanism to ensure that all routers maintain a consistent LSDB within an area.

LSA Types

All routers within an OSPF area have an identical set of LSAs for that area. The ABRs maintain a separate set of LSAs for each OSPF area. Most LSAs in one area will be different from the LSAs in another area. Generic router LSA output is shown with the command show ip ospf database.

LSA Type 1: Router Link

Every OSPF router advertises a type 1 LSA. Type 1 LSAs are the essential building blocks within the LSDB. A type 1 LSA entry exists for each OSPF-enabled link (that is, every interface and its attached networks). Figure 9-5 shows that in this example, the type 1 LSAs are not advertised outside Area 1234, which means the underlying topology in an area is invisible to other areas.

Note

Type 1 LSAs for an area are shown with the command show ip ospf database router.

A figure represents the Type 1 LSA flooding in an area.

Figure 9-5 Type 1 LSA Flooding in an Area

Figure 9-6 is a reference subsection of Area 1234 taken from the original Figure 9-3.

A diagram illustrates type 1 LSA flooding reference topology.

Figure 9-6 Type 1 LSA Flooding Reference Topology

The initial fields of each type 1 LSA indicate the RID for the LSA’s advertising router, age, sequence, link count, and link ID. Every OSPF-enabled interface is listed under the number of links for each router. Each network link on a router contains the link type, correlating information for neighbor router identification, and interface metric.

The correlating information for neighbor router identification is often the neighbor RID, with the exception of multi-access network segments that contain designated routers (DRs). In those scenarios, the interface address of the DR identifies the neighbor router.

If we correlate just type 1 LSAs from the sample topology of Figure 9-6, then Figure 9-7 demonstrates the topology built by all routers in Area 1234 using the LSA attributes for Area 1234 from all four routers. Using only type 1 LSAs, a connection is made between R2 and R4 because they point to each other’s RID in the point-to-point LSA. Notice that the three networks on R1, R2, and R3 (10.123.1.0) have not been directly connected yet.

Visualization of type 1 LSAs is illustrated in a figure.

Figure 9-7 Visualization of Type 1 LSAs

LSA Type 2: Network Link

A type 2 LSA represents a multi-access network segment that uses a DR. The DR always advertises the type 2 LSA and identifies all the routers attached to that network segment. If a DR has not been elected, a type 2 LSA is not present in the LSDB because the corresponding type 1 transit link type LSA is a stub. Like type 1 LSAs, Type 2 LSAs are not flooded outside the originating OSPF area.

Area 1234 has only one DR segment that connects R1, R2, and R3 because R3 has not formed an OSPF adjacency on the 10.3.3.0/24 network segment. On the 10.123.1.0/24 network segment, R3 is elected as the DR, and R2 is elected as the BDR because of the order of the RIDs.

Note

Detailed type 2 LSA information is shown with the command show ip ospf database network.

Now that we have the type 2 LSA for Area 1234, all the network links are connected. Figure 9-8 provides a visualization of the type 1 and type 2 LSAs, which correspond with Area 1234 perfectly.

Note

When the DR changes for a network segment, a new type 2 LSA is created, causing SPF to run again within the OSPF area.

Visualization of area 1234 with type 1 and type 2 LSAs is illustrated in a figure.

Figure 9-8 Visualization of Area 1234 with Type 1 and Type 2 LSAs

LSA Type 3: Summary Link

Type 3 LSAs represent networks from other areas. The role of the ABRs is to participate in multiple OSPF areas and ensure that the networks associated with type 1 LSAs are reachable in the non-originating OSPF areas.

As explained earlier, ABRs do not forward type 1 or type 2 LSAs into other areas. When an ABR receives a type 1 LSA, it creates a type 3 LSA referencing the network in the original type 1 LSA; the type 2 LSA is used to determine the network mask of the multi-access network. The ABR then advertises the type 3 LSA into other areas. If an ABR receives a type 3 LSA from Area 0 (the backbone), it regenerates a new type 3 LSA for the nonbackbone area and lists itself as the advertising router, with the additional cost metric.

Figure 9-9 demonstrates the concept of a type 3 LSA interaction with type 1 LSAs.

A conceptual overview of type 3 LSA is illustrated in a figure.

Figure 9-9 Type 3 LSA Conceptual Overview

The type 3 LSAs show up under the appropriate areas where they exist in the OSPF domain. For example, the 10.56.1.0 type 3 LSA is in Area 0 and Area 1234 on R4; however, on R5 the type 3 LSA exists only in Area 0 because the 10.56.1.0 network is a type 1 LSA in Area 56.

Detailed type 3 LSA information is shown with the command show ip ospf database summary. The output can be restricted to a specific LSA by appending the network prefix to the end of the command.

The advertising router for type 3 LSAs is the last ABR that advertises the prefix. The metric within the type 3 LSA uses the following logic:

  • If the type 3 LSA is created from a type 1 LSA, it is the total path metric to reach the originating router in the type 1 LSA.

  • If the type 3 LSA is created from a type 3 LSA from Area 0, it is the total path metric to the ABR plus the metric in the original type 3 LSA.

For example, from Figure 9-9, as R2 advertises the 10.123.1.0/24 network, the following happens:

  • R4 receives R2’s type 1 LSA and creates a new type 3 LSA by using the metric 65: The cost of 1 for R2’s LAN interface and 64 for the serial link between R2 and R4.

  • R4 advertises the type 3 LSA with the metric 65 into Area 0.

  • R5 receives the type 3 LSA and creates a new type 3 LSA for Area 56, using the metric 66: The cost of 1 for the link between R4 and R5 plus the original type 3 LSA metric 65.

  • R6 receives the type 3 LSA. Part of R6’s calculation is the metric to reach the ABR (R5), which is 1 plus the metric in the type 3 LSA (66). R6 therefore calculates the metric 67 to reach 10.123.1.0/24.

The type 3 LSA contains the link-state ID (network number), the subnet mask, the IP address of the advertising ABR, and the metric for the network prefix.

Figure 9-10 provides R4’s perspective of the type 3 LSA created by ABR (R5) for the 10.56.1.0/24 network. R4 does not know if the 10.56.1.0/24 network is directly attached to the ABR (R5) or multiple hops away. R4 knows that its metric to the ABR (R5) is 1 and that the type 3 LSA already has a metric of 1, so its total path metric to reach the 10.56.1.0/24 network is 2.

Type 3 LSA created by ABR is illustrated in a figure.

Figure 9-10 Visualization of the 10.56.1.0/24 Type 3 LSA from Area 0

Figure 9-11 provides R3’s perspective of the type 3 LSA created by ABR (R4) for the 10.56.1.0/24 network. R3 does not know if the 10.56.1.0/24 network is directly attached to the ABR (R4) or multiple hops away. R3 knows that its metric to the ABR (R4) is 65 and that the type 3 LSA already has a metric of 2, so its total path metric to reach the 10.56.1.0/24 network is 67.

Visualization of type 3 LSA from area 1234 is illustrated in a figure.

Figure 9-11 Visualization of 10.56.1.0/24 Type 3 LSA from Area 1234

Note

An ABR advertises only one type 3 LSA for a prefix, even if it is aware of multiple paths from within its area (type 1 LSAs) or from outside its area (type 3 LSAs). The metric for the best path will be used when the LSA is advertised into a different area.

Discontiguous Networks

Network engineers who do not fully understand OSPF design may create a topology such as the one illustrated in Figure 9-12. While R2 and R3 have OSPF interfaces in Area 0, traffic from Area 12 must cross Area 23 to reach Area 34. An OSPF network with this design is discontiguous because interarea traffic is trying to cross a nonbackbone area.

Discontiguous network is illustrated in a network diagram.

Figure 9-12 Discontiguous Network

At first glance, it looks like routes in the routing tables on R2 and R3 in Figure 9-13 are being advertised across area 23. The 10.34.1.0/24 network was advertised into OSPF by R3 and R4 as a type 1 LSA. R3 is an ABR and converts Area 34’s 10.34.1.0/24 type 1 LSA into a type 3 LSA in Area 0. R3 uses the type 3 LSA from Area 0 to generate the type 3 LSA for Area 23. R2 is able to install the type 3 LSA from Area 23 into its routing table.

A network diagram shows the OSPF routes for discontiguous network.

Figure 9-13 OSPF Routes for Discontiguous Network

Most people would assume that the 10.34.1.0/24 route learned by Area 23 would then advertise into R2’s Area 0 and then propagate to Area 12. However, they would be wrong. There are three fundamental rules ABRs use the for creating type 3 LSAs:

  • Type 1 LSAs received from an area create type 3 LSAs into the backbone area and nonbackbone areas.

  • Type 3 LSAs received from Area 0 are created for the nonbackbone area.

  • Type 3 LSAs received from a nonbackbone area only insert into the LSDB for the source area. ABRs do not create a type 3 LSA for the other areas (including a segmented Area 0).

The simplest fix for a discontiguous network is to ensure that Area 0 is contiguous. There are other functions, like virtual link or usage of GRE tunnels; however, they are beyond the scope of this book and complicate the operational environment.

Note

Real-life scenarios of discontiguous networks involve Area 0 becoming partitioned due to hardware failures. Ensuring that multiple paths exist to keep the backbone contiguous is an important factor in network design.

OSPF Path Selection

OSPF executes Dijkstra’s shortest path first (SPF) algorithm to create a loop-free topology of shortest paths. All routers use the same logic to calculate the shortest path for each network. Path selection prioritizes paths by using the following logic:

  1. Intra-area

  2. Interarea

  3. External routes (which involves additional logic not covered in this book)

Intra-Area Routes

Routes advertised via a type 1 LSA for an area are always preferred over type 3 LSAs. If multiple intra-area routes exist, the path with the lowest total path metric is installed in the OSPF Routing Information Base (RIB), which is then presented to the router’s global RIB. If there is a tie in metric, both routes install into the OSPF RIB.

In Figure 9-14, R1 is computing the route to 10.4.4.0/24. Instead of taking the faster Ethernet connection (R1–R2–R4), R1 takes the path across the slower serial link (R1–R3–R4) to R4 because that is the intra-area path.

An intra-area route within an interarea route is illustrated in a network diagram.

Figure 9-14 Intra-Area Routes over Interarea Routes

Example 9-6 shows R1’s routing table entry for the 10.4.4.0/24 network. Notice that the metric is 111 and that the intra-area path was selected over the interarea path with the lower total path metric.

Example 9-6 R1’s Routing Table for the 10.4.4.0/24 Network

R1# show ip route 10.4.4.0
Routing entry for 10.4.4.0/24
  Known via "ospf 1", distance 110, metric 111, type intra area
  Last update from 10.13.1.3 on GigabitEthernet0/1, 00:00:42 ago
  Routing Descriptor Blocks:
  * 10.13.1.3, from 10.34.1.4, 00:00:42 ago, via GigabitEthernet0/1
      Route metric is 111, traffic share count is

Interarea Routes

The next priority for selecting a path to a network is selection of the path with the lowest total path metric to the destination. If there is a tie in metric, both routes install into the OSPF RIB. All interarea paths for a route must go through Area 0 to be considered.

In Figure 9-15, R1 is computing the path to R6. R1 uses the path R1–R3–R5–R6 because its total path metric is 35 versus the R1–R2–R4–R6 path, with a metric of 40.

Interarea route selection is illustrated in a diagram.

Figure 9-15 Interarea Route Selection

Equal-Cost Multipathing

If OSPF identifies multiple paths in the path selection algorithms, those routes are installed into the routing table as equal-cost multipathing (ECMP) routes. The default maximum number of ECMP paths is four paths. The default ECMP setting can be overwritten with the command maximum-paths maximum-paths under the OSPF process to modify the default setting.

Summarization of Routes

Route scalability is a large factor for the IGP routing protocols used by service providers because there can be thousands of routers running in a network. Splitting up an OSPF routing domain into multiple areas reduces the size of the LSDB for each area. While the number of routers and networks remains the same within the OSPF routing domain, the detailed type 1 and type 2 LSAs are exchanged for simpler type 3 LSAs.

For example, referencing our topology for LSAs, in Figure 9-16 for Area 1234, there are three type 1 LSAs and one type 2 LSA for the 10.123.1.0/24 network. Those four LSAs become one type 3 LSA outside Area 1234. Figure 9-16 illustrates the reduction of LSAs through area segmentation for the 10.123.1.0/24 network.

A figure demonstrates LSA reduction through area segmentation.

Figure 9-16 LSA Reduction Through Area Segmentation

Summarization Fundamentals

Another method of shrinking the LSDB involves summarizing network prefixes. Newer routers have more memory and faster processors than those in the past, but because all routers have an identical copy of the LSDB, an OSPF area needs to accommodate the smallest and slowest router in that area.

Summarization of routes also helps SPF calculations run faster. A router that has 10,000 network entries will take longer to run the SPF calculation than a router with 500 network entries. Because all routers within an area must maintain an identical copy of the LSDB, summarization occurs between areas on the ABRs.

Summarization can eliminate the SPF calculation outside the area for the summarized prefixes because the smaller prefixes are hidden. Figure 9-17 provides a simple network topology where the serial link between R3 and R4 adds to the path metric, and all traffic uses the other path to reach the 172.16.46.0/24 network. If the 10.1.12.0/24 link fails, all routers in Area 1 have to run SPF calculations. R4 identifies that the 10.1.13.0/24 and 10.1.34.0/24 networks will change their next hop through the serial link. Both of the type 3 LSAs for these networks need to be updated with new path metrics and advertised into Area 0. The routers in Area 0 run an SPF calculation only on those two prefixes.

A figure demonstrates the impact of summarization on SPF topology calculation.

Figure 9-17 The Impact of Summarization on SPF Topology Calculation

Figure 9-18 shows the networks in Area 1 being summarized at the ABR into the aggregate 10.1.0.0/18 prefix. If the 10.1.12.0/24 link fails, all the routers in Area 1 still run the SPF calculation, but routers in Area 0 are not impacted because the 10.1.13.0/24 and 10.1.34.0/24 networks are not known outside Area 1.

A network topology with summarization is shown.

Figure 9-18 Topology Example with Summarization

This concept applies to networks of various sizes but is beneficial for networks with a carefully developed IP addressing scheme and proper summarization. The following sections explain summarization in more detail.

Interarea Summarization

Interarea summarization reduces the number of type 3 LSAs that an ABR advertises into an area when it receives type 1 LSAs. The network summarization range is associated with a specific source area for type 1 LSAs.

When a type 1 LSA within the summarization range reaches the ABR from the source area, the ABR creates a type 3 LSA for the summarized network range. The ABR suppresses the more specific type 3 LSAs, thereby preventing the generation of the subordinate route’s type 3 LSAs. Interarea summarization does not impact the type 1 LSAs in the source area.

Figure 9-19 shows 15 type 1 LSAs (172.16.1.0/24 through 172.16.15.0/24) being summarized into one type 3 LSA (the 172.16.0.0/20 network).

A figure shows a router R1 of ABR connected to two areas: area 1 and area 0. Area 1 is of type 1 LSA and area 0 is of type 3 LSA. Area 1 constitutes of prefix from 172.16.1.0/24 till 172.16.15.0/24 and area 0 constitutes of prefix 172.16.0.0/20.

Figure 9-19 OSPF Interarea Summarization

Summarization works only on type 1 LSAs and is normally configured (or designed) so that summarization occurs as routes enter the backbone from nonbackbone areas.

Summarization Metrics

The default metric for the summary LSA is the smallest metric associated with an LSA; however, it can be set as part of the configuration. In Figure 9-20, R1 summarizes three prefixes with various path costs. The 172.16.3.0/24 prefix has the lowest metric, so that metric is used for the summarized route.

An inter area summarization metric is illustrated in the figure.

Figure 9-20 Interarea Summarization Metric

OSPF behaves identically to Enhanced Interior Gateway Routing Protocol (EIGRP) and checks every prefix within the summarization range when a matching type 1 LSA is added or removed. If a lower metric is available, the summary LSA is advertised with the newer metric; if the lowest metric is removed, a newer and higher metric is identified, and a new summary LSA is advertised with the higher metric.

Configuration of Interarea Summarization

To define the summarization range and associated area, use the command area area-id range network subnet-mask [advertise | not-advertise] [cost metric] under the OSPF process on the ABR. The default behavior is to advertise the summary prefix, so the keyword advertise is not necessary. Appending the cost metric keyword to the command statically sets the metric on the summary route.

Figure 9-21 provides a topology example in which R1 is advertising the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 networks.

A figure shows an example topology demonstrating about OSPF inter area summarization.

Figure 9-21 OSPF Interarea Summarization Example

Example 9-7 displays the routing table on R3 before summarization. Notice that the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 networks are all present.

Example 9-7 Routing Table Before OSPF Interarea Route Summarization

R3# show ip route ospf | b Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA     10.12.1.0/24 [110/20] via 10.23.1.2, 00:02:22, GigabitEthernet0/1
      172.16.0.0/24 is subnetted, 3 subnets
O IA     172.16.1.0 [110/3] via 10.23.1.2, 00:02:12, GigabitEthernet0/1
O IA     172.16.2.0 [110/3] via 10.23.1.2, 00:02:12, GigabitEthernet0/1
O IA     172.16.3.0 [110/3] via 10.23.1.2, 00:02:12, GigabitEthernet0/1

R2 summarizes the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 networks into a single summary network, 172.16.0.0/16, as those networks are advertised into Area 0. Example 9-8 provides R2’s configuration for interarea summarization into an aggregate route of 172.16.0.0/16. A static cost of 45 is added to the summary route to reduce CPU load if any of the three networks flap.

Example 9-8 R2’s Interarea Route Summarization Configuration

router ospf 1
 router-id 192.168.2.2
 area 12 range 172.16.0.0 255.255.0.0 cost 45                              
 network 10.12.0.0 0.0.255.255 area 12
 network 10.23.0.0 0.0.255.255 area

Example 9-9 displays R3’s routing table for verification that the smaller routes were suppressed while the summary route was aggregated. Notice that the path metric is 46, whereas previously the metric for the 172.16.1.0/24 network was 3.

Example 9-9 Routing Table After OSPF Interarea Route Summarization

R3# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA    10.12.1.0/24 [110/2] via 10.23.1.2, 00:02:04, GigabitEthernet0/1
O IA  172.16.0.0/16 [110/46] via 10.23.1.2, 00:00:22, GigabitEthernet0/

The ABR performing interarea summarization installs a discard route—that is, a route to the Null0 interface that matches the summarized network range. Discard routes prevent routing loops where portions of the summarized network range do not have a more specific route in the RIB. The AD for the OSPF summary discard route for internal networks is 110, and it is 254 for external networks.

Example 9-10 shows the discard route on R2 for the 172.16.0.0/16 prefix.

Example 9-10 Discarding a Route for Loop Prevention

R2# show ip route ospf | begin Gateway
Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
O        172.16.0.0/16 is a summary, 00:03:11, Null0
O        172.16.1.0/24 [110/2] via 10.12.1.1, 00:01:26, GigabitEthernet0/0
O        172.16.2.0/24 [110/2] via 10.12.1.1, 00:01:26, GigabitEthernet0/0
O        172.16.3.0/24 [110/2] via 10.12.1.1, 00:01:26, GigabitEthernet0/0

Route Filtering

Route filtering is a method for selectively identifying routes that are advertised or received from neighbor routers. Route filtering may be used to manipulate traffic flows, reduce memory utilization, or improve security.

Filtering of routes with vector-based routing protocols is straightforward as the routes are filtered as routing updates are advertised to downstream neighbors. However, with link-state routing protocols such as OSPF, every router in an area shares a complete copy of the link-state database. Therefore, filtering of routes generally occurs as routes enter the area on the ABR.

The following sections describe three techniques for filtering routes with OSPF.

Filtering with Summarization

One of the easiest methodologies for filtering routes is to use the not-advertise keyword during prefix summarization. Using this keyword prevents creation of any type 3 LSAs for any networks in that range, thus making the subordinate routes visible only within the area where the route originates.

The full command structure is area area-id range network subnet-mask not-advertise under the OSPF process.

If we revisit Figure 9-21, where R1 is advertising the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 networks, we see that R2 can filter out any of the type 1 LSAs that are generated in Area 12 from being advertised into Area 0. The configuration is displayed in Example 9-11.

Example 9-11 R2’s Configuration for Filtering via Summarization

R2# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)# router ospf 1
R2(config-router)# area 12 range 172.16.2.0 255.255.255.0 not-advertis

Example 9-12 shows R3’s routing table after the area filtering configuration has been placed on R2. The 172.16.2.0/24 network has been removed from Area 0. If a larger network range were configured, then more of the subordinate routes would be filtered.

Example 9-12 Verifying Removal of 172.16.2.0 from Area 0

R3# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA     10.12.1.0/24 [110/3] via 10.34.1.3, 00:02:24, GigabitEthernet0/0
      172.16.0.0/24 is subnetted, 2 subnets
O IA     172.16.1.0 [110/4] via 10.34.1.3, 00:00:17, GigabitEthernet0/0
O IA     172.16.3.0 [110/4] via 10.34.1.3, 00:00:17, GigabitEthernet0/0

Area Filtering

Although filtering via summarization is very easy, it is limited in its ability. For example, in Figure 9-22, if the 172.16.1.0/24 network needs to be present in Area 0 but removed in Area 34, it is not possible to filter the route using summarization.

An expanded topology for filtering routes is shown.

Figure 9-22 Expanded Topology for Filtering Routes

Other network designs require filtering of OSPF routes based on other criteria. OSPF supports filtering when type 3 LSA generation occurs. This allows for the original route to be installed in the LSDB for the source area so that the route can be installed in the RIB of the ABR. Filtering can occur in either direction on the ABR. Figure 9-23 demonstrates the concept.

A flowchart depicts the concept of OSPF area filtering. In OSPF area filtering, first the LSA from area X neighbor is installed into the LSDB for area X. Then the process further proceeds in two ways: inbound or outbound LSA filter to area Y neighbor and the other is to install route into RIB.

Figure 9-23 OSPF Area Filtering

Figure 9-24 expands on the sample topology and demonstrates that the ABR can filter routes as they advertise out of an area or into an area. R2 is able to filter routes (LSAs) outbound as they leave Area 12 or inbound as they enter Area 0. In addition, R3 can filter routes as they leave Area 0 or enter Area 34. The same logic applies with routes advertised in the opposition direction.

An expanded OSPF area filtering topology is shown.

Figure 9-24 OSPF Area Filtering Topology

OSPF area filtering is accomplished by using the command area area-id filter-list prefix prefix-list-name {in | out} on the ABR. Say that R1 is advertising the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 network prefixes. R2 is configured to filter the 172.16.1.0/24 prefix as it enters Area 0, and R3 is configured to filter the 172.16.2.0/24 prefix as it leaves Area 0. Example 9-13 provides the necessary configuration for R2 and R3.

Example 9-13 Configuring OSPF Area Filtering

R2
ip prefix-list PREFIX-FILTER seq 5 deny 172.16.1.0/24
ip prefix-list PREFIX-FILTER seq 10 permit 0.0.0.0/0 le 32
!
router ospf 1
 router-id 192.168.2.2
 network 10.12.1.0 0.0.0.255 area 12
 network 10.23.1.0 0.0.0.255 area 0
 area 0 filter-list prefix PREFIX-FILTER in                                
R3
ip prefix-list PREFIX-FILTER seq 5 deny 172.16.2.0/24
ip prefix-list PREFIX-FILTER seq 10 permit 0.0.0.0/0 le 32
!
router ospf 1
 router-id 192.168.3.3
 network 10.23.1.0 0.0.0.255 area 0
 network 10.34.1.0 0.0.0.255 area 34
 area 0 filter-list prefix PREFIX-FILTER out                               

Example 9-14 shows the routing table on R3 where the 172.16.1.0/24 network has been filtered from all the routers in Area 0. The 172.16.2.0/24 network has been filtered from all the routers in Area 34. This verifies that the area filtering was successful for routes entering the backbone and leaving the backbone.

Example 9-14 Verifying OSPF Area Filtering

R3# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA     10.12.1.0/24 [110/2] via 10.23.1.2, 00:17:39, GigabitEthernet0/1
      172.16.0.0/24 is subnetted, 2 subnets
O IA     172.16.2.0 [110/3] via 10.23.1.2, 00:16:30, GigabitEthernet0/1
O IA     172.16.3.0 [110/3] via 10.23.1.2, 00:16:30, GigabitEthernet0/1
R4# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O IA     10.12.1.0/24 [110/3] via 10.34.1.3, 00:19:41, GigabitEthernet0/0
O IA     10.23.1.0/24 [110/2] via 10.34.1.3, 00:19:41, GigabitEthernet0/0
      172.16.0.0/24 is subnetted, 1 subnets
O IA     172.16.3.0 [110/4] via 10.34.1.3, 00:17:07, GigabitEthernet0/0

Local OSPF Filtering

In some scenarios, routes need to be removed only on specific routers in an area. OSPF is a link-state protocol that requires all routers in the same area to maintain an identical copy of the LSDB for that area. A route can exist in the OSPF LSDB, but it could be prevented from being installed in the local RIB. This is accomplished by using a Distribute List. Figure 9-25 illustrates this concept.

The OSPF distribute list filtering logic is illustrated.

Figure 9-25 OSPF Distribute List Filtering Logic

A distribute list on an ABR does not prevent type 1 LSAs from becoming type 3 LSAs in a different area because the type 3 LSA generation occurs before the distribute list is processed.

However, a distribute list on an ABR prevents type 3 LSAs coming from the backbone from being regenerated into nonbackbone areas because this regeneration process happens after the distribute list is processed. A distribute list should not be used for filtering of prefixes between areas; the following section identifies more preferred techniques.

A distribute list is configured under the OSPF process with the command distribute-list {acl-number | acl-name | prefix prefix-list-name | route-map route-map-name} in. To demonstrate this concept, the topology from Figure 9-24 is used again. Say that R1 is advertising the 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 network prefixes. R2 filters the 172.16.3.0/24 network from entering its RIB. The configuration is provided in Example 9-15.

Example 9-15 Configuring the OSPF Distribute List

R2
ip access-list standard ACL-OSPF-FILTER
 deny   172.16.3.0
 permit any
!
router ospf 1
 router-id 192.168.2.2
 network 10.12.1.0 0.0.0.255 area 12
 network 10.23.1.0 0.0.0.255 area 0
 distribute-list ACL-OSPF-FILTER in                             

Example 9-16 shows the routing tables for R2 and R3. The 172.16.3.0/24 network is removed from R2’s RIB but is present on R3’s RIB.

Example 9-16 Verifying the OSPF Distribute List

R2# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA     10.34.1.0/24 [110/2] via 10.23.1.3, 00:02:21, GigabitEthernet0/1
      172.16.0.0/24 is subnetted, 2 subnets
O        172.16.1.0 [110/2] via 10.12.1.1, 00:02:21, GigabitEthernet0/0
O        172.16.2.0 [110/2] via 10.12.1.1, 00:02:21, GigabitEthernet0/0
R3# show ip route ospf | begin Gateway
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA     10.12.1.0/24 [110/2] via 10.23.1.2, 00:24:11, GigabitEthernet0/1
      172.16.0.0/24 is subnetted, 3 subnets
O IA     172.16.1.0 [110/3] via 10.23.1.2, 00:01:54, GigabitEthernet0/1
O IA     172.16.2.0 [110/3] via 10.23.1.2, 00:23:02, GigabitEthernet0/1
O IA     172.16.3.0 [110/3] via 10.23.1.2, 00:23:02, GigabitEthernet0/1

Exam Preparation Tasks

As mentioned in the section “How to Use This Book” in the Introduction, you have a couple of choices for exam preparation: the exercises here, Chapter 30, “Final Preparation,” and the exam simulation questions in the Pearson Test Prep Software Online.

Review All Key Topics

Review the most important topics in the chapter, noted with the Key Topic icon in the outer margin of the page. Table 9-2 lists these key topics and the page number on which each is found.

Table 9-2 Key Topics for Chapter 9

Key Topic Element

Description

Page

Paragraph

Area 0 backbone

197

Paragraph

Area border routers

197

Section

Area ID

199

Section

Link-state announcements

201

Figure 9-5

Type 1 LSA Flooding in an Area

203

Figure 9-7

Visualization of Type 1 LSAs

204

Section

LSA type 2: network link

205

Figure 9-8

Visualization of Area 1234 with Type 1 and Type 2 LSAs

206

Section

LSA type 3 summary link

207

Figure 9-9

Type 3 LSA Conceptual

207

List

ABR rules for type 3 LSAs

210

Section

OSPF path selection

210

Section

Summarization of routes

212

Section

Interarea summarization

214

Section

Configuration of interarea summarization

215

Figure 9-23

OSPF Area Filtering

219

Figure 9-25

OSPF Distribute List Filtering Logic

220

Complete Tables and Lists from Memory

There are no memory tables in this chapter.

Define Key Terms

Define the following key terms from this chapter and check your answers in the Glossary:

area border router (ABR)

backbone area

discontiguous network

interarea route

intra-area route

router LSA

summary LSA

Use the Command Reference to Check Your Memory

Table 9-3 lists the important commands from this chapter. To test your memory, cover the right side of the table with a piece of paper, read the description on the left side, and see how much of the command you can remember.

Table 9-3 Command Reference

Task

Command Syntax

Initialize the OSPF process

router ospf process-id

Summarize routes as they are crossing an OSPF ABR

area area-id range network subnet-mask [advertise | not-advertise] [cost metric]

Filter routes as they are crossing an OSPF ABR

area area-id filter-list prefix prefix-list-name {in | out}

Filter OSPF routes from entering the RIB

distribute-list {acl-number | acl-name | prefix prefix-list-name | route-maproute-map-name} in

Display the LSAs in the LSDB

show ip ospf database [router | network | summary]

References in This Chapter

RFC 2328, OSPF Version 2, by John Moy. http://www.ietf.org/rfc/rfc2328.txt, April 1998.

RFC 3509, Alternative Implementations of OSPF Area Border Routers, by Alex Zinin, Acee Lindem, and Derek Yeung. https://tools.ietf.org/html/rfc3509, April 2003.

IP Routing on Cisco IOS, IOS XE, and IOS XR, by Brad Edgeworth, Aaron Foss, and Ramiro Garza Rios. Cisco Press, 2014.

Cisco IOS Software Configuration Guides. http://www.cisco.com.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.86.235.207