OSPF Configuration Guide

introduction introduction ospf (open shortest path first) is an internal gateway protocol based on link state developed by the ietf organization, which is used to announce routing information in a single autonomous system it has the advantages of fast convergence of routing changes, no routing loops, support for variable length subnet masks (vlsm), and support for area division, etc after deploying the ospf protocol in the network, most routes will be automatically calculated and generated, eliminating the need for manual configuration by network administrators when the network topology changes, the protocol can automatically recalculate and correct routes, significantly facilitating network management before the advent of ospf, rip (routing information protocol) was widely used as an internal gateway protocol in the network since the rip is a routing protocol based on the distance vector algorithm, it suffers from issues such as slow convergence, routing loops, and poor scalability as a result, it has gradually been replaced by the ospf currently, ospf version 2 (rfc2328) is used for the ipv4 protocol, while ospf version 3 (rfc5340) is used for the ipv6 protocol basic concepts basic concepts link state link state ospf is a link state routing protocol the link can be thought of as a router's interface, and the link state can be thought of as a collection of interface and neighbor information, including the interface ip, mask, neighbors, and so on cost cost in the ospf, "cost" is used as the routing metric if the interface cost is not specified, the interface cost is calculated as the ospf reference bandwidth divided by the interface bandwidth, with the ospf reference bandwidth being 100 mbps if the calculated value is less than 1, the cost is set to 1 the calculation of the route cost is the sum of the costs of all ingress interfaces from the origin of the route to reach the local network router id router id router id is a 32 bit value used to identify an ospf device, usually in the form of ipv4 address the router id can be manually configured on the router running ospf, or automatically generated by the router typically, when a router id is not manually configured, the router will select the largest ip address among its interface addresses to be used as the router id area area ospf is a link state routing protocol in which all routers broadcast the link state of their connected networks each router then uses this comprehensive link state information to construct its own view of the network topology, upon which route calculations are based however, when the network size is large, the amount of link state broadcasts will become large, affecting the scalability of ospf to resolve this issue, ospf introduced the concept of area in ospf, there are five types of areas standard area, stub area, totally stub area, nssa (not so stubby area), and totally nssa table 1 ospf area type table 1 ospf area type area type description standard area generally, the ospf area type is defined as a standard area, which can be categorized into standard areas and backbone areas standard area receives routing information from within the area, between areas, and from outside the autonomous system backbone area serves as the central area connecting other ospf areas, which uses the special ospf area 0 (often written as area 0 0 0 0) stub area does not accept routing information from outside the autonomous system external route information is advertised by the area's abr (area border router) as a type 3 default route into the area totally stub area only receives internal area routing information external routes and inter area routing information are advertised into the area by the area border router (abr) as a type 3 default route nssa (not so stubby area) permits the introduction of external autonomous system routes while maintaining the characteristics of a stub area within the autonomous system totally nssa permits the introduction of external autonomous system routes while maintaining the characteristics of a totally stub area within the autonomous system classification of ospf routers classification of ospf routers when the as is split into ospf areas, the routers are further divided according to function into the following four overlapping categories internal routers a router with all directly connected networks belonging to the same area area border routers a router that attaches to multiple areas area border routers condense the topological information of their attached areas for distribution to the backbone the backbone in turn distributes the information to the other areas backbone routers a router that has an interface to the backbone area this includes all routers that interface to more than one area (i e , area border routers) however, backbone routers do not have to be area border routers routers with all interfaces connecting to the backbone area are supported as boundary routers a router that exchanges routing information with routers belonging to other autonomous systems such a router advertises as external routing information throughout the autonomous system as boundary routers may be internal or area border routers, and may or may not participate in the backbone lsa lsa lsa (link state advertisement), is used to carry and transmit link state information, including adjacent routing information, directly connected link information, area information, etc currently, various lsa types are defined the table below enumerates the commonly encountered lsa types table 2 lsa type table 2 lsa type las type name router description type 1 router lsa all routers this lsa describes the link state and cost of a device and can only be propagated within its originating area type 2 network lsa dr it describes the link state of routers in a multi access network and is propagated only within its originating area type 3 network summary lsa abr it describes the network prefixes and cost metrics to reach other areas, enabling routers to perform inter area route calculation type 4 asbr summary lsa abr it describes the route to the asbr and is advertised to other relevant areas except the one where the asbr resides type 5 as external lsa asbr it describes routes to external as and is advertised to all areas except stub areas and nssa type 7 nssa lsa asbr it describes routes to external as and is propagated only within nssa the support for different types of lsas in different ospf areas is as follows table 3 support for lsa dissemination in various areas table 3 support for lsa dissemination in various areas area type type 1 type 2 type 3 type 4 type 5 standard area, 1 1 1 1 1 stub area 1 1 1 0 0 totally stub area 1 1 0 0 0 nssa area 1 1 1 0 0 totally nssa area 1 1 0 0 0 in totally stub and totally nssa areas, no type 3 lsas can be propagated except for the default routes of abr generated type 3 lsas ospf protocol message ospf protocol message table 4 message type table 4 message type message type description hello hello packets are sent out each functioning router interface they are used to discover and maintain neighbor relationships dd(database description) after the ospf neighbor relationship is established, dd packets are used for describing its local lsdb (link state database) upon receiving this information, routers compare it with their own lsdb to synchronize the lsdb within the area lsr（link state request） lsr packets are used to request the necessary lsas from the counterpart lsu（link state update） lsu packets are used to response to the lsr lsack lsack are used to send an acknowledgment message in response to receiving an lsu from the peer neighbor states neighbor states in an ospf network, two routers need to establish an adjacency to exchange routing information neighbor relationships and adjacency relationships are distinct neighbor relationships ospf routers detect each other via hello packets on a shared subnet if the information (e g , area id, hello/dead intervals) carried in hello packets matches, two routers will form a neighbor relationship adjacency relationships adjacency is a deeper relationship where routers synchronize their link state databases by exchanging dd, lsr, and lsu packets there are seven types of neighbor states in ospf table 5 neighbor states table 5 neighbor states neighbor states description down it’s the initial stage of the neighbor session, indicating that no active neighbor has been detected init when the received hello packet does not contain its own router id, the state transitions to init 2 way when the received hello packet contain its own router id, the state transitions to 2 way at this point, the neighbor relationship has been established and link status data can be shared exstart the state transitions to exstart when master slave relationship negotiation begins and the dd sequence number is determined exchange the state transitions to exchange when master slave relationship negotiation has finished and the dd message begin to be exchanged loading the state transitions to loading when dd message exchange has completed full the state transitions to full when the lsr retransmission list is empty authentication authentication ospf supports three authentication methods interface authentication, area authentication, and virtual link authentication each of these methods can use either plain text authentication or message digest (md5) authentication plain text authentication transmits credentials in text, which can be intercepted by network sniffers and is therefore insecure it is not recommended in contrast, message digest (md5) authentication encrypts credentials before transmission, making it the preferred method for secure deployments table 6 authentication methods table 6 authentication methods authentication description interface authentication enable authentication for all packets on this interface area authentication enable authentication for all packets on all interface in this area virtual link authentication enable authentication for all packets on virtual link route route aggregation aggregation route aggregation refers to the process where an area border router combines routes with common subnet prefixes into a single route and advertises it to other areas by implementing inter area route aggregation, the number of routing information is reduced, thereby reducing routing table sizes and improving device performance ospf does not support automatic route aggregation; it requires manual configuration ospf offers two aggregation mechanisms inter area route aggregation and external route aggregation inter area route aggregation, also known as abr aggregation, refers to the process where an abr combines routes generated by type 1 lsas or type 2 lsas within its directly connected area this reduces the number of type 3 lsas propagated to other directly connected areas external route aggregation, also known as asbr aggregation, refers to the process where an asbr combines external routes introduced into the ospf network this reduces the number of type 5 lsas within the ospf domain network types network types in ospf network, there are four network types based on the link layer protocol type broadcast broadcast the ospf network type defaults to broadcast when the link layer protocol is ethernet or fddi in such networks, dr and bdr are automatically elected, and manual neighbor configuration is not required non broadcast multiple access(nbma) non broadcast multiple access(nbma) the ospf network type defaults to nbma when the link layer protocol is frame relay or x 25 in such networks, dr is elected, all protocol packets are sent via unicast, and manual neighbor configuration is required point to multipoint(p2mp) point to multipoint(p2mp) ospf does not automatically assign the p2mp network type to any link layer protocol p2mp must be manually configured by overriding the original network type in this type, hello packets are sent via multicast, while other protocol packets (e g , dd, lsr, lsu) use unicast p2mp networks do not elect a dr/bdr and do not require manual neighbor configuration point to point(p2p) point to point(p2p) the ospf network type defaults to p2p when the link layer protocol is ppp, hdlc or lapb in such networks, there is no need to elect a dr/bdr multicast address 224 0 0 5 is used to send various protocol packets, allowing routers to automatically form full adjacencies without manual neighbor configuration dr in the above context means designated router and bdr means backup designated router after the election of a dr, all routers send their information only to the dr, which broadcasts the lsa this mechanism reduces synchronization overhead within the area, lowers router memory consumption, minimizes routing update traffic, and ensures all routers in the same area maintain identical link state information the dr is not manually assigned but elected autonomously by routers in the area the router with the highest priority becomes the dr (the default priority for all ospf routers is 1, but this can be modified via configuration commands; a priority of 0 excludes a router from the election) if priorities are equal, the router with the highest router id is elected as the dr ospf configuration ospf configuration prerequisite configure the interface ip so that the network layer of adjacent nodes is reachable table 7 overview of ospf configuration tasks table 7 overview of ospf configuration tasks configuration tasks description refer to basic functions enable ospf required docid\ miab4phi kfl05kef8hkb configure ospf area required docid\ miab4phi kfl05kef8hkb configure cost for interface optional docid\ miab4phi kfl05kef8hkb configure ospf reference bandwidth optional docid\ miab4phi kfl05kef8hkb configure ospf network type optional docid\ miab4phi kfl05kef8hkb configure ospf interface priority optional docid\ miab4phi kfl05kef8hkb configure ospf parameters optional docid\ miab4phi kfl05kef8hkb configure ospf interface authentication optional docid\ miab4phi kfl05kef8hkb configure ospf area authentication optional docid\ miab4phi kfl05kef8hkb configure ospf route introduction optional docid\ miab4phi kfl05kef8hkb enable bfd with ospf linkage optional docid\ miab4phi kfl05kef8hkb ospf default setting ospf default setting table 8 ospf default setting table 8 ospf default setting parameter default value ospf disable area type standard area router id largest address in interface ip address list network type broadcast ospf parameters hello packets interval 10slsa retransmission interval 5stimeout interval 40s enable ospf enable ospf table 9 enable ospf table 9 enable ospf purpose commands description enter global configuration view configure terminal configure ospf packet trap to cpu ospf enable default disable configure ospf instance router ospf \[ vrf vrf name ] configure the router id ospf router id x x x x the router id uniquely identifies a device within an autonomous system configure ospf area configure ospf area table 10 configure ospf area table 10 configure ospf area purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure area id ip ospf area area id area id range 0 4294967295 enter ospf configuration view router ospf \[ vrf vrf name ] (optional)configure area type area area id { stub|nssa } area type cannot be configured as a stub area or nssa area when area id is 0 by default, an area without explicit type configuration is classified as a standard area configure cost for interface configure cost for interface table 11 configure cost for interface table 11 configure cost for interface purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure the cost ip ospf cost value value range 1 65535 configure ospf reference bandwidth configure ospf reference bandwidth table 12 configure reference bandwidth table 12 configure reference bandwidth purpose commands description enter global configuration view configure terminal enter ospf configuration view router ospf \[ vrf vrf name ] configure reference bandwidth auto cost reference bandwidth bandwidth bandwidth range 1 4294967mbps configure ospf network type configure ospf network type table 13 configure ospf network type table 13 configure ospf network type purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure ospf network type ip ospf network { broadcast | non broadcast | point to multipoint | point to point } the default network type is broadcast configure ospf interface priority configure ospf interface priority table 14 configure ospf interface priority table 14 configure ospf interface priority purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure ospf priority ip ospf priority priority priority range 0 255 configure ospf parameters configure ospf parameters table 15 configure ospf parameters table 15 configure ospf parameters purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure hello packets interval ip ospf hello interval seconds range 1 65535 configure timeout interval ip ospf dead interval seconds range 1 65535 configure lsa retransmission interval ip ospf retransmit interval seconds range 1 65535 configure ospf interface authentication configure ospf interface authentication table 16 configure ospf interface authentication table 16 configure ospf interface authentication purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure authentication methods ip ospf authentication \[ message digest ] when the configuration command does not include 'message digest', the authentication method is plain text authentication; when 'message digest' is included, the authentication method is message digest (md5) authentication configure the key for plain text authentication ip ospf authentication key auth key auth key length should be no more than 8 characters configure the key for method is message digest authentication ip ospf message digest key key id md5 auth key key id range 1 255 auth key length should be no more than 16 characters configure ospf area authentication configure ospf area authentication table 17 configure ospf area authentication table 17 configure ospf area authentication purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure the key for plain text authentication ip ospf authentication key auth key auth key length should be no more than 8 characters configure the key for method is message digest authentication ip ospf message digest key key id md5 auth key key id range 1 255 auth key length should be no more than 16 characters exit interface configuration view exit enter ospf configuration view router ospf \[ vrf vrf name ] configure authentication methods area area id authentication \[ message digest ] when the configuration command does not include 'message digest', the authentication method is plain text authentication; when 'message digest' is included, the authentication method is message digest (md5) authentication configure ospf route introduction configure ospf route introduction table 18 configure ospf route introduction table 18 configure ospf route introduction purpose commands description enter global configuration view configure terminal enter ospf config view router ospf \[ vrf vrf name ] configure route introduction redistribute { ospf | kernel | connected | static | rip | bgp } enable ospf with bfd enable ospf with bfd table 19 enable ospf with bfd table 19 enable ospf with bfd purpose commands description enter global configuration view configure terminal enter interface configuration view interface { ethernet interface name \[ subinterface number ] | link aggregation lag id \[ subinterface number ]| vlan vlan id } configure ospf with bfd ip ospf bfd \[ profile profile name ] you can modify bfd session parameters via binding to a user defined bfd profile the default bfd parameters are set to 3×300ms display and maintenance display and maintenance table 20 ospf configuration display table 20 ospf configuration display purpose commands description show ospf neighbor information show ip ospf neighbor \[options] the options for options are as follows all display summary information of all neighbors json display ospf neighbor information in json format detail display neighbor details a b c d display information about neighbors with the specified router id ethernet display neighbor information for the specified physical port vlan display neighbor information for the specified vlanif link aggregation display neighbor information for the specified lag port display ospf neighbor information for the specified interface show ip ospf interface \[options] the options for options are as follows ethernet display neighbor information for the specified physical port vlan display neighbor information for the specified vlanif link aggregation display neighbor information for the specified lag port json display ospf neighbor information in json format traffic display ospf packet counts display ospf routing information show ip ospf route \[options] the options for options are as follows json display ospf routing information in json format display ospf link state information show ip ospf database typical configuration example typical configuration example networking requirements hosts on different network segments are connected via four switches, all running the ospf protocol it is required to configure ospf neighbors so that pc1 hanging under switch d and pc0 hanging under switcha can interoperate topology configuration roadmap first check that the status of each interface is up and that the wiring is correct configure the ip address of each interface and the loopback0 ip configure the ospf router id configure ospf area id, authentication methods and authentication key import direct routes into the ospf protocol on switch a and switch d procedure switch a interface loopback 0 ip address 10 0 1 226 exit ! interface ethernet 0/56 fec rs ip address 200 101 1 2/24 mtu 9216 speed 100000 ip ospf area 1 ip ospf authentication ip ospf authentication key 12345678 exit ! ospf enable ! interface ethernet 0/0 fec rs ip address 200 101 2 1/24 mtu 9216 speed 100000 description to pc0 exit ! router ospf ospf router id 10 0 1 226 redistribute connected exit switch b interface loopback 0 ip address 10 0 1 110 exit ! interface ethernet 0/48 fec rs ip address 200 101 1 1/24 mtu 9216 speed 100000 ip ospf area 1 ip ospf authentication ip ospf authentication key 12345678 exit ! interface ethernet 0/56 fec rs ip address 200 101 3 1/24 mtu 9216 speed 100000 ip ospf area 0 ip ospf message digest key 1 md5 12345678 exit ! ospf enable ! router ospf ospf router id 10 0 1 110 area 0 authentication message digest exit switch c interface loopback 0 ip address 10 0 1 225 exit ! interface ethernet 0/48 fec rs ip address 200 101 3 2/24 mtu 9216 speed 100000 ip ospf area 0 ip ospf message digest key 1 md5 12345678 exit ! interface ethernet 0/52 fec rs ip address 200 101 4 2/24 mtu 9216 speed 100000 ip ospf area 0 ip ospf message digest key 1 md5 12345678 exit ! ospf enable ! router ospf ospf router id 10 0 1 225 area 0 authentication message digest exit switch d interface loopback 0 ip address 10 0 1 221 exit ! interface ethernet 0/56 fec rs ip address 200 101 4 1/24 mtu 9216 speed 100000 ip ospf area 0 ip ospf message digest key 1 md5 12345678 exit ! interface ethernet 0/0 fec rs ip address 200 101 5 1/24 mtu 9216 speed 100000 description to pc1 exit ! ospf enable ! router ospf ospf router id 10 0 1 221 redistribute connected area 0 authentication message digest exit verify the configuration \#check if the ospf connection is established successfully switch a sonic# show ip ospf neighbor neighbor id pri state up time dead time address interface rxmtl rqstl dbsml 10 0 1 110 1 full/dr 1h44m56s 33 289s 200 101 1 1 ethernet 0/56 200 101 1 2 0 0 0 switch b sonic# show ip ospf neighbor neighbor id pri state up time dead time address interface rxmtl rqstl dbsml 10 0 1 226 1 full/backup 1h47m33s 34 972s 200 101 1 2 ethernet 0/48 200 101 1 1 0 0 0 10 0 1 225 1 full/dr 1h27m07s 32 434s 200 101 3 2 ethernet 0/56 200 101 3 1 0 0 0 switch c sonic# show ip ospf neighbor neighbor id pri state up time dead time address interface rxmtl rqstl dbsml 10 0 1 110 1 full/backup 1h28m48s 38 460s 200 101 3 1 ethernet 0/48 200 101 3 2 0 0 0 10 0 1 221 1 full/backup 1h25m24s 35 713s 200 101 4 1 ethernet 0/52 200 101 4 2 0 0 0 switch d sonic# show ip ospf neighbor neighbor id pri state up time dead time address interface rxmtl rqstl dbsml 10 0 1 225 1 full/dr 1h25m58s 37 968s 200 101 4 2 ethernet 0/56 200 101 4 1 0 0 0 \#check for successful ospf route exchange switch a sonic# show ip route ospf codes k kernel route, c connected, s static, r rip, o ospf, i is is, b bgp, e eigrp, n nhrp, t table, v vnc, v vnc direct, a babel, f pbr, f openfabric, \> selected route, \\ fib route, q queued, r rejected, b backup t trapped, o offload failure o> 10 1 0 1/32 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 10 1 0 137/32 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 10 226 148 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 10 250 0 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 99 0 0 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 172 1 1 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 o> 172 2 1 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 00 38 40 o 200 101 1 0/24 \[110/10000] is directly connected, ethernet 0/56, weight 1, 01 52 41 o> 200 101 3 0/24 \[110/10010] via 200 101 1 1, ethernet 0/56, weight 1, 01 32 06 o> 200 101 4 0/24 \[110/20010] via 200 101 1 1, ethernet 0/56, weight 1, 01 30 54 o> 200 101 5 0/24 \[110/20] via 200 101 1 1, ethernet 0/56, weight 1, 01 16 20 switch d sonic# show ip route ospf codes k kernel route, c connected, s static, r rip, o ospf, i is is, b bgp, e eigrp, n nhrp, t table, v vnc, v vnc direct, a babel, f pbr, f openfabric, \> selected route, \\ fib route, q queued, r rejected, b backup t trapped, o offload failure o> 10 250 0 0/16 \[110/20] via 200 101 4 2, ethernet 0/56, weight 1, 01 18 21 o> 172 16 1 111/32 \[110/20] via 200 101 4 2, ethernet 0/56, weight 1, 01 18 21 o> 172 16 1 226/32 \[110/20] via 200 101 4 2, ethernet 0/56, weight 1, 01 18 21 o> 200 101 1 0/24 \[110/10020] via 200 101 4 2, ethernet 0/56, weight 1, 01 29 28 o> 200 101 2 0/24 \[110/10020] via 200 101 4 2, ethernet 0/56, weight 1, 01 29 28 o> 200 101 3 0/24 \[110/10010] via 200 101 4 2, ethernet 0/56, weight 1, 01 29 28 o 200 101 4 0/24 \[110/10] is directly connected, ethernet 0/56, weight 1, 01 29 33 the subnet 200 101 2 0/24 is the directly connected segment of switch a, and the subnet 200 101 5 0/24 is the directly connected segment of switch d this indicates that both switch a and switch d get each other's directly connected routes through ospf \#verify connectivity using the ping command pc0 and pc1 can ping each other successfully