OSPF - Key concepts

 OSPF Overview (RFC 2328)

• OSPF (v2 & v3): A dynamic link-state routing protocol known for fast convergence through incremental updates (LSAs). OSPF is classless, supports VLSM, route summarization, authentication, and external route tagging. It utilizes a two-tier hierarchical design with a backbone (Area 0) connecting to non-backbone areas.
• Link-State Database (LSDB): All routers within the same OSPF area maintain identical LSDBs. Each router’s local state is shared by flooding LSAs to its neighbors.

OSPF Hierarchical Architecture

• Purpose:
• Reduces routing overhead.
• Increases scalability.
• Improves convergence speed.
• Limits routing instabilities to specific areas.
• Backbone (Area 0): Connects all other OSPF areas and provides transit connectivity. Non-backbone areas communicate through the backbone.
• LSDB Differences: When an OSPF routing domain is divided into areas, the LSDBs differ across areas, although routers within the same area maintain identical LSDBs.

OSPF Neighbor and Adjacency

• Neighbors: Routers on a common OSPF-enabled link discovered via Hello packets.
• Adjacency: Neighbors with synchronized LSDBs that exchange full routing information.
• Requirements for adjacency:
• Matching Hello/Dead timers, area ID, subnet masks, MTUs, authentication type, and credentials.
• Tip: The OSPF process numbers are locally significant and do not need to match among routers.
• Hello and Dead Intervals: Default Hello interval is 10 seconds for broadcast and point-to-point networks, 30 seconds for non-broadcast or point-to-multipoint. Dead interval is four times the Hello interval.

OSPF Neighbor States

1. Down: Initial state; no Hello packets received.
2. Attempt: Active attempt to contact a neighbor (NBMA networks).
3. Init: Hello packet received, but no bidirectional communication.
4. 2-Way: Bidirectional communication established; stable state on multi-access networks.
5. ExStart: Routers negotiate master/slave status for DD packet exchange.
6. Exchange: Exchange of DD packets, listing known LSAs.
7. Loading: Routers request and download LSAs from neighbors.
8. Full: Adjacency is fully established, LSDBs synchronized.

Technical Tip: MTU mismatches may prevent routers from progressing beyond ExStart/Exchange states.

OSPF LSA Types

1. Type 1 (Router LSA): Advertised by each router, lists neighbors and interfaces within the same area.
2. Type 2 (Network LSA): Describes multi-access networks (e.g., Ethernet) and is generated by the DR.
3. Type 3 (Summary LSA): Generated by ABRs, summarizing routes from other areas.
4. Type 4 (ASBR Summary LSA): Advertises ASBRs to other areas.
5. Type 5 (External LSA): Describes routes redistributed from outside the OSPF domain.
6. Type 7 (NSSA LSA): Used in NSSAs to describe external routes, which are converted to Type 5 LSAs by ABRs.

OSPF Network Types

• Broadcast: Default for Ethernet, requires DR/BDR election, Hello/Dead timers of 10/40 seconds.
• Non-broadcast: Requires manual neighbor configuration, no multicast support, and Hello/Dead timers of 30/120 seconds.
• Point-to-Point: No DR/BDR election, used for serial or GRE tunnels, Hello/Dead timers of 10/40 seconds.
• Point-to-Multipoint: No DR/BDR election; supports partial mesh.
• Loopback: Always advertised with a /32 prefix.

Tip: OSPF network type can be overridden using the ip ospf network command.

OSPF Area Types

• Regular Area: Receives all LSA types.
• Stub Area: Blocks Type 4 and 5 LSAs, receiving only a default route from the ABR.
• Totally Stubby Area: Blocks Type 3, 4, and 5 LSAs, receives only a default route.
• Not-So-Stubby Area (NSSA): Allows external route injection with Type 7 LSAs while blocking Type 5 LSAs. ABRs translate Type 7 LSAs to Type 5 LSAs.

Exam Tip: To configure stub or NSSA areas, all routers within the area must have consistent configurations. Use the area [x] stub or area [x] nssa commands.

OSPF Path Selection and Metrics

• Path Preference:
• OSPF prefers intra-area routes over inter-area routes.
• External Type 1 (E1) routes are preferred over Type 2 (E2) routes, as they consider both external and internal metrics.
• Equal-Cost Multipath (ECMP): OSPF can install multiple paths with equal cost into the routing table. By default, OSPF supports four ECMP paths, configurable with the maximum-paths command.
• Metric Calculation: The OSPF cost is calculated as Reference Bandwidth / Interface Bandwidth. Adjust the reference bandwidth using the auto-cost reference-bandwidth command.

Tip: OSPF metrics can be manually set per interface using the ip ospf cost command.

OSPF DR/BDR Election

• DR and BDR: Elected on broadcast and non-broadcast multi-access networks to reduce adjacencies. The router with the highest priority (or RID if priorities are equal) becomes the DR. The election is non-preemptive.
• Wait Timer: Ensures all routers can participate in the DR/BDR election, matching the Dead timer.

Tip: To remove a router from the DR/BDR election, set the interface priority to 0 using the ip ospf priority command.

OSPF Operations and Convergence

• SPF Throttling: OSPF supports SPF tuning with the timers throttle spf command, allowing dynamic SPF calculations based on network stability. This helps delay SPF calculations during instability.
• LSA Throttling: Controls the rate at which LSAs are generated and received to limit frequent updates during instability. Configure LSA throttling with the timers throttle lsa command.

Tip: Use the max-lsa command to limit the number of LSAs a router can learn, preventing excessive CPU usage.

OSPF Graceful Shutdown

• Graceful Shutdown: Temporarily shuts down OSPF while notifying neighbors to reroute traffic. Initiated using the shutdown command in OSPF configuration mode. Can also be applied on specific interfaces with the ip ospf shutdown command.

OSPF TTL Security

• TTL Security: Protects OSPF from DoS attacks by requiring packets to have a TTL of 255. Configure using the ip ospf ttl-security command on both sending and receiving routers.

Tip: Use the TTL security check to limit attacks from remote systems.

OSPF Optimization Techniques

• Fast Hello: Enables sub-second Hello intervals to detect neighbor failures faster. Configured using the ip ospf dead-interval minimal hello-multiplier command. Ideal for LAN segments with faster convergence requirements.

Tip: Fast Hello is useful, but Bidirectional Forwarding Detection (BFD) is recommended for sub-second detection in OSPF networks.

• Incremental SPF (iSPF): Reduces CPU load by recalculating only the affected part of the SPF tree after a topology change. Activate iSPF using the ispf command.

Troubleshooting OSPF

• Common Issues:
• Mismatched Hello/Dead timers.
• Duplicate Router IDs.
• MTU mismatches.
• Passive interfaces blocking Hello packets.

Useful Commands:

• show ip ospf neighbor: Displays neighbor status and adjacencies.
• show ip ospf database: Shows the LSDB.
• debug ip ospf hello, debug ip ospf adjacencies: Debugs OSPF neighbor formation and adjacencies.

Tip: Use ip ospf mtu-ignore to bypass MTU mismatches.