OSPF cheat sheet



-    link state protocol

-    Dijkstra algorithm to calculate the shortest path tree


Ø    fast convergence

Ø    larger internetwork

Ø    open standard

Ø    mature


~> ideal in multi vendor network


IP protocol number: 89


Properties:

1.    speed of convergence

2.    VLSM support and CIDR support

3.    dimensionless

4.    equal-cost load balancing

5.    virtually no reachability limitations

6.    BW friendly: multicast link-state updates & send these updates only when there is a change + send updates every 30 min.

7.    area: efficient CPU & memory usage

8.    method of path selection: uses cost value based on the speed of the connection

9.    route authentication

10.    route tagging  for tracking of external routes


OSPF Terminology:

1. interface: connection between the router & one of its attached networks

2. link state: status of link between 2 routers

<~ a router’s interface and its relationship to its neighborsing routers

<~ link state are advertised to other router in special packets: link-state advertisements (LSA)

3. cost: value assign to a link

4. autonomous system: group of routers exchanging routing info using a common routing protocol

5. area: a collection of networks & routers that have the same area ID

6. neighbors: 2 routers that have interface on a common network

7. hello: protocol used by OSPF to establish & maintain neighbor relationship

8. neighborship db: a listing of all neighbors to which a router has established bi-directional communication

9. link state db (topology db): a list of link-state entries of all router in the network

<~ show network topology

<~ all routers within an area have identical link-state db

10.    routing-table: generated when shortest path first (SPF) alg (Dijkstra) in  run on the link-state db.



OSPF Operation:

1.    send Hello packet

2.    adjacencies are formed between some neighbors

3.    each router send link state advertisement (LSA)

4.    each router receiving an LSA from neighbor, records the LSA in its link state db ~> send a copy of the LSA to all neighbors è flood LSA throughout an  area

5.    all routers will build identical dbs

6.    when dbs is completed ~[SPFalg]~> calculate loop-free graph

7.    builds its route table from its SPF tree



Hello Protocol

- the mean by which neighbors are discovered

- advertise several parameters on which two routers must agree before the can become neighbors

- act as keepalives

- ensure bi-directional communication between neighbors

- elect Designated Routers (DRs) and Backup Designated Routers (BDRs) on Broadcast and Nonbroadcast Multipleaccess (NBMA) networks

HelloInterval default: 10 secs (30 secs on NBMA)

cmd: ip ospf hello-interval


Hello packet contain:

1. Router ID

2. Area ID

3. address mask of the originating interface

4. authentication type & authentication info

5. HelloInterval

6. RouterDeadInterval

7. Router Priority

8. DR & BDR

9. flag bits signifying optional capabilities

10. Router Ids of the originating router’s neighbors



If a router has not heard a Hello from a neighbor within a period of time (RouterDeadInterval), it will declare the neighbor down

RouterDeadInterval default: 4x HelloInterval

cmd: ip ospf dead-interval



When a router receives  a Hello packet from a neighbor, it will verify:

1. Area ID

2. Authentication

3. Network mask

4. HelloInterval

5. RouterDeadInterval

6. Options values


If everything matches
               

-> Hello packet is declared valid

-> RouterDeadInterval time is reset (if the ID is already listed)

-> ID is added to the neighbor table (if ID is not listed)

If they do not match
               

-> packet is dropped and no adjacency is established


When a router send a Hello, it includes Router IDs of all neighbors for the link on which the packet is to be transmitted

If a router receive a valid Hello in which it finds its own Router Ids: the router knows that two-way communication has been established


Once two-way communication has been established, adjacencies may be established

<~ not all neighbors will become adjacent, depends on the type of network



Neighbors & Adjacencies


Before any LSAs can be sent, OSPF routes must discover their neighbors and establish adjacencies.


neighbors will be recorded in a neighbor table


tracked using Router ID (by default router choose the numerically highest IP addresses of its loopback interface, or other interface if loopback is not available)



5 OSPF Network Topologies:


1.    Point-to point networks

2.    Broadcast networks

3.    Non-broadcast Multi-access (NBMA) networks

4.    Point-to-multipoint networks

5.    Virtual links


1.    Point-to point networks:

dst addr: AllSPFRouters (224.0.0.5)

ex: T1


2.    Broadcast networks:

will elect a DR and a BD

hello packets are multicast: AllSPFRouters (224.0.0.5, MAC addr: 0100.5E00.0005)

all other routers will multicast link state update and link state acknowledgement packets: AllDRouters (224.0.0.6, MAC addr: 0100.5E00.0006)

ex: Ethernet, Token Ring, FDDI


3.    Non-broadcast Multi-access (NBMA) networks:

connecting more than  but have no broadcast capability

will elect a DR and a BDR

all OSPF packets are unicast

ex: X.25, Frame Relay, ATM


4.    Point-to-multipoint networks:

do not elect a DR and a BDR

OSFP packets are multicast


5.    Virtual links:

as unnumbered point-to-point networks

all OSFP packets are unicast



all networks fall into one of two more-general type:


1.    Transit networks

have two or more attached routers

carry packets that are “just passing through”


2.    Stub networks

have only a single attached router

either a src or a dst addr belonging to the network



DR & BDR

Two problems on multi-access  networks:

1.    n^2 LSA originating from the network

2.    many copies of the same LSA on the same network


Solution: Designated Router (DR) & Backup Designated Router (BDR) with duties:

1.    represent the multi-access network and its attached routers

2.    manage flooding process


Each routers on the network forms an adjacency with the DR and BDR

Only the DR will send LSAs to the rest of the internetwork

If DR fails, BDR becomes the new DR.


DR & BDR Election process:

if there is no BDR ~> router with the highest priority becomes BDR

if there is not DR ~> BDR is promoted to DR, a new election is held for the BDR

(i) priority can influence an election but will not override an active DR or BDR


DRothers: other routes (not DR/BRD) <~ establish adjacency with DR and BDR only


How it works:

all routers: multicast Hellos to AllSPFRouters (224.0.0.5)

DRothers: multicast updates to AllDRouters (224.0.0.6) <~ only DR and BDR will listen

DR will flood updates to DRothers on (224.0.0.5)


OSPF Packet Types

Type
               

Packet name
               

 Protocol functuion

1
               

 Hello
               

 discover/maintain neighbors

2
               

 Database Description (DD)
               

 summarize database contents

3
               

 Link State Request (LSR)
               

 database download

4
               

 Link State Update (LSU)
               

 database upload

5
               

 Link State Ack (LSAck)
               

 flooding acknowledgment



OSPF Packet Header Format (man how I love sniffing packets ;):

All OSPF packets share a common 24-octet  header





Version (1 octet)

- Version of OSPF

- default: 2


Type (1 octet)

- Specifies the type of OSPF packet:

   1 - Hello

   2 - Database Descriptor

   3 - Link-State Request

   4 - Link-State Update

   5 - Link-State Aknowledgment


Packet Length (2 octets)

-Total length of OSPF packet


Router ID (4 octets)

- router ID of the advertising router


Area ID (4 octets)

- 32-bit area ID


Checksum (2 octets)

- IP checksum of the entire OSPF packet, excluding the 64-bit authentication field.


Authentication Type (2 octets)

- Type of authentication, possible values:

  0 – Null authentication

  1 – Simple password

  2 – MD5 cryptographic authentication


Authentication (8 octets)

- Authentication data to verify  the packet’s integrity



Hello packets


Type code 1


To establish and maintain a neighbour relationship

Router sends OSPF hello packet out all configured interface and awaits a response


Addressed to AllSPFRouters mcast addr 224.0.0.5 for broadcast and point-to-point network.


    


Network Mask (4 octets)

- Contain the subnet mask of the advertising OSPF interface

- Unnumbered point-to-point interface and virtual link set this value to 0.0.0.0


Hello Interface (2 octets)

- Hello interval requested

- Possible values: 1 - 255, default value: 10 secs


Option (1 octet)

- Advertises its capabilities

- Each options field represents a different functions:

  Bit 7: DN bit: for loop prevention in VPN environment. An OSPF router receving an update with the bit set does not forward that update

  Bit 6: O bit: indicates that the local router support opaque LSAs

  Bit 5: DC bit: indicates that the local router supports Demand Circuits (not support by JunOS)

  Bit 4: EA bit: indicates that the local router support External Attributes LSA for carrying BGP information in a OSPF net, (not supported by JunOS)

  Bit 3: N/P bit: describe the handling and support of NSSA LSAs.

  Bit 2: MC bit: indicates that the local router supports mcast OSPF LSA (not supported by JunOS, IOS, AlliedWare)

  Bit 1: E bit: describes the handling and support of external LSAs

  Bit 0: T bit: indicates that the local router supports TOS routing functionality (not supported by JunOS, IOS)


Router Priority (1 octet)

- Priority of the local router

- Used in the election of the DR & BDR

- Possible values: 1 - 255, default: 128


Router Dead Interval (4 octets)

- Value of Dead Interval

- Possible values: 1 – 65535, default: 40 sec (hello X 4)


Designated Router, DR (4 octets)

- interface addr of the current DR

- when no DR: 0.0.0.0


Backup Designated Router, BDR (4 octets)

- interface addr of the current BDR

- when no BDR: 0.0.0.0


Neighbor (Variable)

- Display the router ID of all OSPF routers for which a hello packet has been received.



Database Description packet

Type code 2


After discovering its neighbours, the local router begins to form an adjacency with each neighbor.


This adjacency process requires that each router advertise its local database information. OSPF router uses the Database Description (DD) packet for this purpose.


Summarizes the local database by sending LSA headers to the remote router. The remote router analyzes these headers to determine whether it lacks any information within its own copy of link-state database.




Interface MTU (2 octets)

- MTU value, in octets, of the outgoing interface

- Virtual link interface set value to 0x0000


Options (1 octet)

- Advertises its capabilities, same bit definition as Hello packet


Flag (1 octet)

- Provides an OSPF router with the capability to exchange multiple DD packets with a neighbor during an adjacency formation:

Bit 3 – 7: currently undefined and must be set to 0

Bit 2: I bit / Initial bit: designates whether this DD packet is the first in a series of packets. The first has a value of 1, while the subsequent packets have a value of 0

Bit 1: M bit / More bit: informs the remote router whether the DD packet is the last in a series. The last packet has a value of 0, while the previous packets have values of 1

Bit 0: MS bit / Master/Slave bit: indicates which OSPF router is in control of the database synchronization process. The master router uses a value of 1, the slave uses value of 0


DD Sequence Number (4 octets)

- Guarantees that all DD packets are received and processed during the synchronization process through use of a sequence number

- The Master router initializes this field to a unique value in the first DD packet, with each packets being incremented by 1


LSA Headers (variable)

- Carries the LSA headers describing the local router’s database information

- Each header is 20 octets in length and uniquely identifies each LSA in the database

- Each DD packet may contain multiple LSA headers


Link State Request packet

Type code 3


During the database synchronization process, the local router may find that it is missing information or that its local copy is out of date. The local router acquires the needed database information by sending link-state request packet to its neighboring router. The packet contain identifiers that uniquely describe the requested LSA. An individual link-state request packet may contain a single set of identifiers or multiple sets to request multiple LSAs.




Link-State Type (4 octets)

- Display the type of LSA being requested

- Possible type code:

    1- Router LSA

    2 - Network LSA

    3 - Network Summary LSA

    4 - ASBR Summary LSA

    5 - AS external LSA

    6 - Group membership LSA

    7 - NSSA external LSA

    8 - External attribute LSA

    9 - Opaque LSA (link-local scope)

    10 - Opaque LSA (area scope)

    11 - Opaque LSA (AS scope)


Link-State ID (4 octets)

- Encodes information specific to the LSA

- Each different type of advertisement places different info here


Advertising Router (4 octets)

- Router ID of the OSPF router that first originated the LSA



Link State Update packet

Type code 4


Information in the link-state database is populated through a LSA.

Each LSA contain routing, metric, and topology info to describe a portion of the OSPF net. The local router advertise LSAs within a link-state update packet. This packet is reliably flooded throughout the net until each router has a copy.


Local router advertise a link-state update in response to a link-state request for info.


   

Number of LSAs (4 octets)

- Display the number of LSAs carried within packet


Link-State Advertisements (variable)

- Complete LSA is encoded within this variable-length field.

- Each type of LSA has a common header format along with specific data fields to describe its information.

- May contain a single or multiple LSAs.


Link State Acknowledgment packet

The reliability of OSPF arises from the fact that each router is required to acknowledge the receipt of each LSA.


Simply contain the common OSPF header followed by a list of LSA headers.

May contain a single or multiple header LSAs.


      


OSPF Interfaces:


Interface Data Structure (cmd: show ip ospf interaface):

1.    IP addr

2.    area ID

3.    process ID (Cisco specific)

4.    router ID

5.    network type

6.    cost

7.    InfTransDelay

8.    State

9.    Router priority

10.    DR

11.    BDR

12.    HelloInterval

13.    RouterDeadInterval

14.    wait timer

15.    RxmtInterval

16.    hello timer

17.    neighboring routers

18.    AuType

19.    authentication key


Interface State Machine:

1.    down

2.    point-to-point

3.    waiting

4.    DR

5.    BRD

6.    Drother

7.    loopback



OSPF Neighbors

4 phase adjacency establishment:

1.    neighbor discovery

2.    bi-directional communication

3.    database synchronization

4.    full adjacency


Hellos:

broadcast net, point-to-point net:  multicast Hellos to AllSPFRouters (224.0.05)

NBMA net, point-to-multipoint net, virtual  link  net: unicast Hellos


Neighbor Data Structure (cmd: show ip ospf neighbor)

1.    neighbor ID

2.    neighbor IP addr

3.    area ID

4.    interface

5.    neighbor priority

6.    state

7.    PollInterval

8.    neighbor options

9.    inactivity timer

10.    DR

11.    BDR

12.    Master/Slave

13.    DD sequence number

14.    last received DD packet

15.    link state restransmission list

16.    database summary list

17.    link state request list



Neighbor State Machine:

1.    Down

2.    Attempt (only NBMA)

3.    Init: hello has been seen

4.    2-way: has seen its own ID

5.    ExStart: established M/S relation

6.    Exchange: sends DD

7.    Loading: sends link state request

8.    Full: full adjacent



Building Adjacency:

~> point-to-point net, point-to-multipoint, virtual link net: always become adjacent

~> broadcast net, NBMA net: DR & BDR become adjacent will all neighbors, but no adjacencies will exist between DRothers

Adjacency building process uses three OSPF packet types:

1.    Database Description (DD) packets (type 2)

2.    Link State Request packets (type 3)

3.    Link State Update packets (type 4)


Three flags in the DD packets:

1.    the I-bit: Intial bit <~ indicates the first DD packet sent

2.    the M-bit: More bit <~ indicates that this is not the last DD packet to be sent

3.    the MS-bit: Master/Slave bit <~ set in the DD packets originated by the master


~~~~~ExStart


LSA may be acknowledge by either:

1.    Explicit Acknowledgement

2.    Implicit Acknowledgement



Flooding:


Entire OSPF topology may be depicted as a group of routers, or nodes, interconnected not by physical links but by logical adjacencies  <~ each node must posses an identical map of the OSPF topology database = link state database.


To make sure all nodes have identical link state database: flooding LSAs.


Flooding use 2 OSPF packet types:

1.    Link State Update (type 4)

2.    Link State Acknowledgement (type 5)


~ each packets may carry multiple LSAs.

~ Update & Acknowledgement  packets travel only between 2 nodes across an adjacency!


> point-to-point net: Updates are sent to multicast address AllSPFRouters (224.0.0.5)

> point-to-multipoint & virtual link net: Updates are sent to interface unicast address

> broadcast net: Updates are sent to multicast address AllDRouters (224.0.0.6) <~ DRothers form adjacency only with DR & BDR, DR in turn multicast Update to all adjacent routers, AllSPFRouters.

> NBMA net: LSAs unicast from DRothers to DR & BDR, and the DR unicast a copy of the LSA to all adjacent neighbors.



To guarantee reliability, LSA Update must be acknowledged.


Acknowledgment

-> Implicit acknowledgment: by including a duplicate of the LSA in an update of the LSA in an update back to the originator

-> Explicit acknowledgement: by sending a Link State Acknowledgment packet <~ a single Link State Acknowledgement packet can acknowledge multiple LSAs.



-> delayed acknowledgement: by delaying, so more LSAs can be acknowledged in a single Link State Acknowledgement packets.

-> direct acknowledgement: sent immediately.



Reliable Flooding is based on 3 values that that are contained within each LSAs

1.    sequence number : 32-bit, each new instance of LSA, the router increment by one

2.    checksum: 16-bit, calculated over entire LSA except Age field

3.    age: 16-bit, in seconds range 0 – 3600, router that originates and LSA set the age to 0, as the flooded LSA transit a router, age is incremented by InfTransDelay seconds. (cmd: ip ospf transmit-delay).


When LSA reaches MaxAge: LSA is reflooded and then flushed from the database.


When multiple instances of the same LSA are received, to determines the most recent:

1.    compare the seq number: higher = more recent

2.    compare the check sum: higher = more recent

3.    compare the age, if only one of the LSAs has an age of MaxAge (3600 sec), it’s considered more recent, else:

4.    if the ages of the LSA differ by more than 15 min: LSA with the lower age is more recent

5.    if none of the preceding conditions are met: the 2 LSAs are considered identical.



OSPF area:

surprise surprise SPF algorithm is not particularly processor intensive, but flooding and database maintenance that consume CPU power…


So OSPF uses area to reduce the problem:


area: logical grouping of OSPF routers and links that divide OSFP domain into sub-domain.


the benefits:

- the smaller the size of area -> less memory needed

- the smaller link state database -> less impact on CPU

- the smaller the size of area -> limited flooding inside area


Area ID:

-    32-bit

-    expressed as a decimal number or dotted decimal

-    Area ID 0 (0.0.0.0) is reserved for backbone


3 types of traffic related to areas:

1.    Intra-area: between routers within a single area

2.    Inter-area: between routers in different areas

3.    External: between a router within OSPF domain and router within another AS



6 Area Types:


1. Backbone Area:

- area 0

- responsible for summarizing the topographies of each to every other area

- all inter-area traffic must pass through the backbone, a special area that can always act as transit area between other areas, between this OSPF AS and external networks, or even between external networks


2. Regular Area:

- connect to the backbone area.

- routers see Type 1 & 2 LSAs

- use Type 3 LSAs to learn how to route to dst in other area

- use Type 5 & 6 LSAs when routing to dst outside OSPF net

* all other area are modification of regular area


3. Stub Area:

- cannot make connections to ext net via a stub area

- see detailed routing info an all other areas, but only summary info about netwokrs outside of the AS

- ABR connecting to a stub area summarizes routes to ext network outside of the AS <- all ext routes are reduced to a single summary

- ,most useful when there are may ext routes


4. Totally Stub Area (aka stub no-summary area):

- summarize not only ext routs, but aslo routes from other areas (int routes)

- only see routing info local to their area + a default route pointing to the ABR

- useful in WAN setup


5. Not So Stubby Area (NSSA):

- RFC 1586

- a variant of stub area that is able to connect to ext net

- use Type 7 LSA that is used within area to carry ext routs that originate /w ASBRs connected to this area <- ABR summarizes only those ext routes that are received from other areas, ext routes from ASBR inside the area are not summarized


6 Totally Stubby Not So Stubby Area

- the weirdest name area ;)

- combines the best of NSSA and totally stub area, by summarizing info from all other area, but handling ext routes like NSSA



4 Router Types:


1.    Internal Routers: whose all interfaces belong to the same area

2.    Area Border Routers (ABRs): connect one or more areas to the backbone & act as a gateway for inter-area traffic <- at least one interface that belong to the backbone & must maintain a separate link state database for each of its connected areas

3.    Backbone Routers: at least one interface attached to the backbone. Not all Backbone Routers are ABRs <- i.e. internal router whose interfaces all belong to area 0.

4.    Autonomous System Boundary Routers (ASBRs): gateways for external traffic, injecting routes into the OSPF domain.


Partitioned Areas: area in which a link failure causes one part of the area to become isolated.


Virtual links: link to the backbone through a non-backbone area

used for:

-    to link an area to the backbone through a non-backbone area

-    to connect the 2 parts of partitioned backbone through a non-backbone area

rules for  virtual links:

-    must be configured between two ABRs.

-    area through which the virtual link is configured, transit area, must have full routing info

-    transit area cannot be a stub area



Link State Database

All valid LSAs received are stored in link state database

cmd: show ip ospf database


LSAs are aged as they reside in the link state database, if they reach MaxAge (1 hour), they are flushed.


to prevent legitimate LSAs from reaching MaxAge:

every 30 minutes: router that originated LSA will flood a new copy of the LSA with incremented sequence number and an age of zero <- link state refresh

upon receipt: the other router will replace the old copy of LSA and begin aging the new copy


group pacing:

associating individual timer for each LSA avoid all LSAs expire all at once -> reflooding will be spread out in a semirandom pattern  causing bandwidth is used inefficiently

to solve this problem: LSA group pacing <~ each LSA has its own refresh timer, but as the individual refresh timers expire, a delay is introduced before the LSA are flooded. By delaying more LSAs can be grouped together before being flooded : Update packets are carrying a large number of LSAs

cmd: timers lsa-group-pacing  (10 – 1800 secs).

If the database is very large: decreasing the group pacing interval is beneficial.

If the database is small: increasing the interval can be useful.



LSA Types


Type Code
               

Description

1

2

3

4

5

6

7

8

9

10

11
               

Router LSA

Network LSA

Network Summary LSA

ASBR Summary LSA

AS External LSA

Group Membership LSA

NSSA External LSA

External Attributes LSA

Opaque LSA (link-local scope)

Opaque LSA (area-local scope)

Opaque LSA (AS scope)

1 Router LSA

- produced by every router

- most fundamental LSA

- list all router’s links / interfaces + cost

- flooded only within the area in which they are originated

cmd: show ip ospf database router


2 Network LSA

- produced by the DR

- list all attached routers

- Network LSA represents a pseudonode just as Router LSA represents a single physical router

-flooded only within the originating area

cmd: show ip ospf database network


3 Network Summary LSA

- originated by ABRs

- sent into a single area to advertise destinations outside that area

<~ tells the Internal Router of an attached area what destinations the ABR can reach.

- ABR also advertise within its attached areas into the backbone with Network Summary LSAs

-  default routes external to the area but internal to the OSPF AS are also advertise by this LSA type

- ABR will originate only a single Network Summary LSA for each destination even if it knows of multiple routes (the lowest cost)

- when outer router receives a Network Summary LSA, it doesn’t run SPF alg, simply adds the cost of the route to the ABR and the cost included in the LSA.

<~ while OSPF is a link state protocol within an area, it uses a distance vector alg to find inter-area routes.

cmd: show ip ospf database summary


4 ASBR Summary LSA

- originated by ASBRs

- identical to Network Summary LSAs except that the destination they advertise in an ASBR

cmd: show ip ospf database asbr-summary


5 AS External LSA

- originated by ASBRs

- advertise either a destination external to the OSPF AS or default route external to the OSPF AS

cmd: show ip ospf database external


6 Group Membership LSA

- used in Multicast OSPF (MOSPF)


7 NSSA External LSA

- originated by ASBRs within  not-so-stubby areas (NSSAs)

- almost identical to an AS External LSA

- unlike AS External LSAs, which are flooded throughout an OSPF AS, NSSA external LSAs are flooded only within the not-so-stubby area in which it was originated

cmd: show ip ospf database nssa-external


8 External Attributes LSA

- proposed as an alternative to running Internal BGP (iBGP) in order to transport BGP information across an OSPF domain


9, 10, 11 Opaque LSA (link-local scope, area-local scope, AS scope)

- proposed class of LSAs that consist of a standard LSA header followed by application-specific information



LSA types allowed per area type:


Area Type
               

1 & 2
               

3 &4
               

5
               

7

Backbone (area 0)

Non-backbone, non-stub

Stub

Totally stubby

Not-so-stubby
               



* except for a single type 3 LSA per ABR, advertising the default route




                        LS Type   Description

                        ___________________________________

                        1         Router-LSAs

                        2         Network-LSAs

                        3         Summary-LSAs (IP network)

                        4         Summary-LSAs (ASBR)

                        5         AS-external-LSAs