Open Shortest Path First

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-1

Link-State Routing Protocols

After an initial flood of LSAs, link-state routers pass small, event-triggered link-state updates to all other routers.
2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-2

OSPF Hierarchy Example

Minimizes routing table entries Localizes the impact of a topology change within an area
2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-3

Link-State Routing Protocol Algorithms

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-4

Benefits and Drawbacks of Link-State Routing

Benefits of link-state routing:
Fast convergence: Changes are reported immediately by the affected source Robustness against routing loops: Routers know the topology Link-state packets are sequenced and acknowledged Hierarchical network design enables optimization of resources.

Drawbacks of link-state routing:

Significant demands for resources:
Memory (three tables: adjacency, topology, forwarding) CPU (Dijkstras algorithm can be intensive, especially when there are many instabilities)

Requires very strict network design Configuration can be complex when tuning various parameters and when design is complex
2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-5

OSPF Overview
Creates a neighbor relationship by exchanging hello packets
Propagates LSAs rather than routing table updates

Link: Router interface

State: Description of an interface and its relationship to neighboring routers Floods LSAs to all OSPF routers in the area, not just directly connected routers Pieces together all the LSAs generated by the OSPF routers to create the OSPF link-state database Uses the SPF algorithm to calculate the shortest path to each destination and places it in the routing table

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-6

Neighbor Adjacencies: The Hello Packet

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-7

SPF Algorithm

10 10 1 1

Places each router at the root of a tree and calculates the shortest path to each destination based on the cumulative cost Cost = Reference Bandwidth / Interface Bandwidth (b/s)
2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-8

Configuring Single-Area OSPF

RouterX(config)#

router ospf process-id Defines OSPF as the IP routing protocol

RouterX(config-router)#

network address wildcard-mask area area-id

Assigns networks to a specific OSPF area

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-9

Configuring Loopback Interfaces

Router ID:
Number by which the router is known to OSPF

Default: The highest IP address on an active interface at the moment of OSPF process startup
Can be overridden by a loopback interface: Highest IP address of any active loopback interface Can be set manually using the router-id command
2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-10

Verifying the OSPF Configuration

RouterX# show ip protocols

Verifies that OSPF is configured RouterX# show ip route

Displays all the routes learned by the router
RouterX# show ip route

Codes: I - IGRP derived, R - RIP derived, O - OSPF derived, C - connected, S - static, E - EGP derived, B - BGP derived, E2 - OSPF external type 2 route, N1 - OSPF NSSA external type 1 route, N2 - OSPF NSSA external type 2 route
Gateway of last resort is 10.119.254.240 to network 10.140.0.0 O O O O O . 10.110.0.0 [110/5] via 10.119.254.6, 0:01:00, Ethernet2 IA 10.67.10.0 [110/10] via 10.119.254.244, 0:02:22, Ethernet2 10.68.132.0 [110/5] via 10.119.254.6, 0:00:59, Ethernet2 10.130.0.0 [110/5] via 10.119.254.6, 0:00:59, Ethernet2 E2 10.128.0.0 [170/10] via 10.119.254.244, 0:02:22, Ethernet2 . .
ICND2 v1.04-11

2007 Cisco Systems, Inc. All rights reserved.

Verifying the OSPF Configuration (Cont.)

RouterX# show ip ospf

Displays the OSPF router ID, timers, and statistics

RouterX# show ip ospf Routing Process "ospf 50" with ID 10.64.0.2 <output omitted>

Number of areas in this router is 1. 1 normal 0 stub 0 nssa Number of areas transit capable is 0 External flood list length 0 Area BACKBONE(0) Area BACKBONE(0) Area has no authentication SPF algorithm last executed 00:01:25.028 ago SPF algorithm executed 7 times <output omitted>

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-12

Verifying the OSPF Configuration (Cont.)

RouterX# show ip ospf interface
Displays the area ID and adjacency information

RouterX# show ip ospf interface ethernet 0 Ethernet 0 is up, line protocol is up Internet Address 192.168.254.202, Mask 255.255.255.0, Area 0.0.0.0 AS 201, Router ID 192.168.99.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State OTHER, Priority 1 Designated Router id 192.168.254.10, Interface address 192.168.254.10 Backup Designated router id 192.168.254.28, Interface addr 192.168.254.28 Timer intervals configured, Hello 10, Dead 60, Wait 40, Retransmit 5 Hello due in 0:00:05 Neighbor Count is 8, Adjacent neighbor count is 2 Adjacent with neighbor 192.168.254.28 (Backup Designated Router) Adjacent with neighbor 192.168.254.10 (Designated Router)

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-13

Verifying the OSPF Configuration (Cont.)

RouterX# show ip ospf neighbor

Displays the OSPF neighbor information on a per-interface basis

RouterX# show ip ospf neighbor ID 10.199.199.137 172.16.48.1 172.16.48.200 10.199.199.137 Pri 1 1 1 5 State Dead Time FULL/DR 0:00:31 FULL/DROTHER 0:00:33 FULL/DROTHER 0:00:33 FULL/DR 0:00:33 Address 192.168.80.37 172.16.48.1 172.16.48.200 172.16.48.189 Interface FastEthernet0/0 FastEthernet0/1 FastEthernet0/1 FastEthernet0/1

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-14

Verifying the OSPF Configuration (Cont.)

RouterX# show ip ospf neighbor 10.199.199.137 Neighbor 10.199.199.137, interface address 192.168.80.37 In the area 0.0.0.0 via interface Ethernet0 Neighbor priority is 1, State is FULL Options 2 Dead timer due in 0:00:32 Link State retransmission due in 0:00:04 Neighbor 10.199.199.137, interface address 172.16.48.189 In the area 0.0.0.0 via interface Fddi0 Neighbor priority is 5, State is FULL Options 2 Dead timer due in 0:00:32 Link State retransmission due in 0:00:03

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-15

OSPF debug Commands

RouterX# debug ip ospf events OSPF:hello with invalid timers on interface Ethernet0 hello interval received 10 configured 10 net mask received 255.255.255.0 configured 255.255.255.0 dead interval received 40 configured 30

OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.117 aid:0.0.0.0 chk:6AB2 aut:0 auk: RouterX# debug ip ospf packet
OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.116 aid:0.0.0.0 chk:0 aut:2 keyid:1 seq:0x0

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-16

Load Balancing with OSPF

OSPF load balancing:
Paths must be equal cost By default, up to four equal-cost paths can be placed into the routing table With a configuration change, up to a maximum of 16 paths can be configured: (config-router)# maximum-paths <value> To ensure paths are equal cost for load balancing, you can change the cost of a particular link: (config-if)# ip ospf cost <value>

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-17

Load Balancing with OSPF

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-18

OSPF Authentication
OSPF supports two types of authentication: Plaintext (or simple) password authentication MD5 authentication

The router generates and checks every OSPF packet.

The router authenticates the source of each routing update packet that it receives.

Configure a key (password); each participating neighbor must have the same key configured.

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-19

Configuring OSPF Plaintext Password Authentication

RouterX(config-if)#

ip ospf authentication-key password

Assigns a password to use with neighboring routers

RouterX(config-if)#

ip ospf authentication [message-digest | null]

Specifies the authentication type for an interface (as of Cisco IOS Release 12.0) OR
RouterX(config-router)#

area area-id authentication [message-digest]

Specifies the authentication type for an area

2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04-20

Plaintext Password Authentication Configuration Example

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-21

Verifying Plaintext Password Authentication

RouterX#show ip ospf neighbor Neighbor ID Pri State 10.2.2.2 0 FULL/ Dead Time 00:00:32 Address 192.168.1.102 Interface Serial0/0/1

RouterX#show ip route <output omitted> Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks O 10.2.2.2/32 [110/782] via 192.168.1.102, 00:01:17, Serial0/0/1 C 10.1.1.0/24 is directly connected, Loopback0 192.168.1.0/27 is subnetted, 1 subnets C 192.168.1.96 is directly connected, Serial0/0/1 RouterX#ping 10.2.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.2.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-22

 2007 Cisco Systems, Inc. All rights reserved.

ICND2 v1.04-23