<content-text>Routing with a Link-State Protocol</content-text>
<content-text>Chapter Introduction</content-text> <content-text>Introduction</content-text> <content-text></content-text>
<content-text>Routing Using the OSPF Protocol</content-text> <content-text>Link-State Protocol Operation</content-text> <content-text></content-text>

Enterprise networks and ISPs use link-state protocols because of their hierarchical design and ability to scale for large networks. Distance vector routing protocols are usually not the right choice for a complex enterprise network.

Open Shortest Path First (OSPF) is an example of a link-state routing protocol. OSPF is an open standard routing protocol, developed by the Internet Engineering Task Force (IETF) to support IP traffic.

OSPF is a classless interior gateway protocol (IGP). It divides the network into different sections, which are referred to as areas. This division allows for greater scalability. Working with multiple areas allows the network administrator to selectively enable route summarization and to isolate routing issues within a single area.

Link-state routing protocols, such as OSPF, do not send frequent periodic updates of the entire routing table. Instead, after the network converges, a link-state protocol sends an update only when a change in the topology occurs, such as a link going down. In addition, OSPF performs a full update every 30 minutes.

<content-text></content-text>

Link-state routing protocols like OSPF work well for larger hierarchical networks where fast convergence is important.

Compared with distance vector protocols, link-state routing protocols:

  • Requires more complex network planning and configuration
  • Requires increased router resources
  • Requires more memory for storing multiple tables
  • Requires more CPU and processing power for the complex routing calculations

With the high performance of routers available today, however, these requirements are usually not a problem.

Routers running RIP receive updates from their immediate neighbors, but with no details about the network as a whole. Routers running OSPF generate a complete map of the network from their own viewpoint. This map allows them to quickly determine loop-free alternate paths in the case of a network link failure.

OSPF does not automatically summarize at major network boundaries. Additionally, Cisco's implementation of OSPF uses bandwidth to determine the cost of a link. This cost metric is used by OSPF to determine the best path. A link with higher bandwidth results in a lower cost. The lowest cost route to a destination is the most desirable path.

The router trusts a metric based on bandwidth more than one based on hop count to establish the shortest path. The administrative distance of OSPF is 110, lower than RIP, because of the trustworthiness, or accuracy, of the metric.

<content-text></content-text>

Full Screen Activity

<content-text>OSPF Metrics and Convergence</content-text> <content-text></content-text>

OSPF bases the cost metric for an individual link on its bandwidth or speed. The metric for a particular destination network is the sum of all link costs in the path. If there are multiple paths to the network, the path with the lowest overall cost is the preferred path and is placed in the routing table.

The equation used to calculate the cost of an OSPF link is:

Cost = 100,000,000 / bandwidth of link in bps

The configured bandwidth on an interface provides the bandwidth value for the equation. Determine the bandwidth of an interface using the show interfaces command.

Using this equation presents a problem with link speeds 100 Mbps or greater, such as Fast Ethernet and Gigabit Ethernet. Regardless of the difference in speed between these two links, they both calculate to a value of 1, therefore will be treated equally even though they are very different. To compensate for this, configure the interface cost value manually with the ip ospf cost command.

<content-text></content-text>

OSPF routers within a single area advertise information about the status of their links to their neighbors. Messages called Link State Advertisements (LSAs) are used to advertise this status information.

Once an OSPF router receives LSAs describing all of the links within an area, it uses the SPF algorithm, also called Dijkstra's Algorithm, to generate a topological tree, or map of the network. Each router running the algorithm identifies itself as the root of its own SPF tree. Starting from the root, the SPF tree identifies the shortest path to each destination and the total cost of each path.

The OSPF link-state or topology database stores the SPF tree information. The router installs the shortest path to each network in the routing table.

Convergence occurs when all routers:

  • Receive information about every destination on the network
  • Process this information with the SPF algorithm
  • Update their routing tables

<content-text></content-text>

full screen

Activity

Identify the best path that packets can take from H1 to H2 in an OSPF network based on link cost.

<content-text>OSPF Neighbors and Adjacencies</content-text> <content-text></content-text>

With OSPF, link state updates are sent when network changes occur. But how does a router know when a neighboring router fails? OSPF routers establish and maintain neighbor relationships, or adjacencies, with other connected OSPF routers. Adjacency is an advanced form of neighborship between routers that are willing to exchange routing information. When routers initiate an adjacency with neighbors, an exchange of link-state updates begins. Routers reach a FULL state of adjacency when they have synchronized views on their link-state database.

The router goes through several state changes before becoming fully adjacent with its neighbor.

  • Init
  • 2-Way
  • Exstart
  • Exchange
  • Loading
  • Full

The OSPF Hello protocol is used to initially establish and maintain adjacencies. The hello protocol sends very small hello packets to directly connected OSPF routers on the multicast address of 224.0.0.5. The packets are sent every 10 seconds on Ethernet and broadcast links and every 30 seconds for non-broadcast links. Router settings are also included in the hello packets. The settings include the hello interval, dead interval, and network type, as well as the authentication type and authentication data if configured. For any two routers to form an adjacency, all settings must match. The router records neighbor adjacencies discovered in an OSPF adjacencies database.

<content-text></content-text>

Full is the normal state for an OSPF router. If a router is stuck in another state, this is an indication of a problem such as mismatched settings. The only exception to this is the 2-way state. In a broadcast environment, a router will only achieve a full state with a designated router (DR) and a backup designated router (BDR). All other neighbors will be viewed in the 2-way state.

The purpose of the DR and BDR is to reduces the number of updates sent, unnecessary traffic flow, and processing overhead on all routers. This is accomplished by requiring all routers to accept updates from the DR only. On broadcast network segments there is only one DR and BDR. All other routers must have a connection to the DR and BDR. When a link fails, the router with information about the link sends the information to the DR, using the multicast address 224.0.0.6. The DR is responsible for distributing the change to all other OSPF routers, using multicast 224.0.0.5. In addition to reducing the number of updates sent across the network, this process also ensures that all routers receive the same information at the same time from a single source.

The BDR ensures that there is no single point of failure. Like the DR, the BDR listens to 224.0.0.6 and receives all updates that are sent to the DR. If the DR fails, the BDR immediately takes over as DR, and a new BDR is elected. Any router not elected as the DR or BDR is known as a DROther.

<content-text></content-text>

Within a local network, the router with the highest router ID is elected the DR. The second highest is elected as the BDR.

The router ID is an IP address that is determined by:

1. The value configured with the router-id command

2. If no value is set with the router-id command, the highest configured IP address on any loopback interface

3. If no loopback interface is configured, the highest IP address on any active physical interface

The router ID can be viewed using the following show commands:

show ip protocols, show ip ospf, or show ip ospf interface commands.

In some cases, an administrator may want specific routers to be the DR and BDR. These might be routers with more processing power or lighter traffic load. An administrator can force the DR and BDR election by configuring a priority using the interface configuration command:

ip ospf priority number

By default, OSPF routers have a priority value of 1. If the priority value is changed on a router, the highest priority setting will win the election for DR, regardless of highest router ID. The highest value that can be set for router priority is 255. A value of 0 signifies that the router is ineligible to be DR or BDR.

<content-text></content-text>

Not all link types require a DR and BDR. Link types identified by OSPF include:

Broadcast Networks

  • Ethernet

Point-to-point (PPP) Networks

  • Serial
  • T1/E1

Non-Broadcast Multi-Access (NBMA) Networks

  • Frame Relay
  • ATM

On broadcast multi-access networks, such as Ethernet, the number of neighbor relationships can become large, and therefore a DR election is required.

On point-to-point networks, the establishment of full adjacencies is not an issue because, by definition, there can only be two routers on the link. The DR election is not necessary and does not apply.

On NBMA networks, OSPF can run in two modes:

  • Simulated broadcast environment: An administrator can define the network type as broadcast and the network simulates a broadcast model by electing a DR and a BDR. In this environment, it is generally recommended that the administrator choose the DR and BDR by configuring the priority of the router. This ensures that the DR and BDR have full connectivity to all other neighboring routers. Neighboring routers are also statically defined using the neighbor command in the OSPF configuration mode.
  • Point-to-multipoint environment: In this environment, each non-broadcast network is treated as a collection of point-to-point links and a DR is not elected. This environment also requires that neighboring routers are statically defined.

<content-text></content-text>

full screen

Activity

Identify the correct DR and BDR for each network shown.

<content-text>OSPF Areas</content-text> <content-text></content-text>

All OSPF networks begin with Area 0, also called the backbone area. As the network is expanded, other areas can be created that are adjacent to Area 0. These other areas can be assigned any number, up to 65,535.

OSPF has a two-layer hierarchical design. Area 0, also referred to as the backbone area, exists at the top and all other areas are located at the next level. All non-backbone areas must directly connect to area 0. This group of areas creates an OSPF Autonomous System (AS).

The operation of OSPF within an area is different from operation between that area and the backbone area. Summarization of network information usually occurs between areas. This helps to decrease the size of routing tables in the backbone. Summarization also isolates changes and unstable, or flapping, links to a specific area in the routing domain. When using summarization, when there is a change in the topology, only those routers in the affected area receive the LSA and run the SPF algorithm.

A router that connects an area to the backbone area is called an Area Border Router (ABR). A router that connects an area to a different routing protocol, such as EIGRP, or redistributes static routes into the OSPF area is called an Autonomous System Border Router (ASBR).

<content-text></content-text>

Full Screen

Activity

Match each term to the best description.

<content-text>Implementing Single-Area OSPF</content-text> <content-text>Configuring Basic OSPF in a Single Area</content-text> <content-text></content-text>

Configuration of basic OSPF is not a complex task, it requires only two steps. The first step enables the OSPF routing process. The second step identifies the networks to advertise.

Step 1: Enable OSPF

router(config)#router ospf <process-id>

The process ID is chosen by the administrator and can be any number from 1 to 65535. The process ID is only locally significant and does not have to match the ID of other OSPF routers.

Step 2: Advertise networks

Router(config-router)#network <network-address> <wildcard-mask> area <area-id>

The network command has the same function as it does in other IGP routing protocols. It identifies the interfaces that are enabled to send and receive OSPF packets. This statement identifies the networks to include in OSPF routing updates.

The OSPF network command uses a combination of network address and wildcard mask. The network address, along with the wildcard mask, specifies the interface address, or range of addresses, that will be enabled for OSPF.

The area ID identifies the OSPF area to which the network belongs. Even if there are no areas specified, there must be an Area 0. In a single-area OSPF environment, the area is always 0.

<content-text></content-text>

The OSPF network statement requires the use of the wildcard mask. When used for network summarization, or supernetting, the wildcard mask is the inverse of the subnet mask.

To determine the wildcard mask for a network or subnet, simply subtract the decimal subnet mask for the interface from the all 255s mask (255.255.255.255).

As an example, an administrator wants to advertise the 10.10.10.0/24 subnet in OSPF. The subnet mask for this Ethernet interface is /24 or 255.255.255.0. Subtract the subnet mask from the all 255s mask to get the wildcard mask.

All 255s mask: 255.255.255.255

Subnet mask: -255.255.255.0

              -----------------------

Wildcard mask: 0 . 0 . 0 .255

The resulting OSPF network statement is:

Router(config-router)#network 10.10.10.0 0.0.0.255 area 0

<content-text></content-text>

Full Screen

Activity

Determine the subnet mask and wildcard mask required to advertise the specified network addresses in OSPF.

<content-text></content-text>

Lab Activity

Configure basic single area point-to-point OSPF and verify connectivity.

Click the lab icon to begin.

<content-text>Configuring OSPF Authentication</content-text> <content-text></content-text>

Like other routing protocols, the default configuration of OSPF exchanges information between neighbors in plain text. This poses potential security threats to a network. A hacker on a network could use packet sniffing software to capture and read OSPF updates and determine network information.

To eliminate this potential security problem, configure OSPF authentication between routers. When authentication is enabled in an area, routers will only share information if the authentication information matches.

With simple password authentication, configure each router with a password, called a key. This method provides only a basic level of security because the key passes between routers in plain text form. It is just as easy to view the key as it is the plain text.

A more secure method of authentication is Message Digest 5 (MD5). It requires a key and a key ID on each router. The router uses an algorithm that processes the key, the OSPF packet, and the key ID to generate an encrypted number. Each OSPF packet includes that encrypted number. A packet sniffer cannot be used to obtain the key because it is never transmitted.

<content-text></content-text>

Lab Activity

Configure single-area point-to-point OSPF authentication using MD5.

Click the lab icon to begin.

<content-text>Tuning OSPF Parameters</content-text> <content-text></content-text>

In addition to performing the basic configuration of OSPF, administrators often need to modify, or tune, certain OSPF parameters.

An example is when a network administrator needs to specify which routers become the DR and the BDR. Setting the interface priority or the router ID on specific routers accomplishes this requirement.

The router selects the DR based on the highest value of any one of the following parameters, in the sequence listed:

1. Interface Priority: The interface priority is set with the priority command.

2. Router ID: The router ID is set with the OSPF router-id configuration command.

3. Highest Loopback Address: The loopback interface with the highest IP address is used as the router ID by default. OSPF favors loopback interfaces since they are logical interfaces and not physical interfaces. Logical interfaces are always up.

4. Highest Physical Interface Address: The router uses the highest active IP address from one of its interfaces as the router ID. This option poses a problem if interfaces go down or are reconfigured.

After changing the ID of a router or interface priority, reset neighbor adjacencies. Use the clear ip ospf process command. This command ensures that the new values take effect.

<content-text></content-text>

Lab Activity

Configure OSPF loopback addresses in a multi-access topology to control DR/BDR election.

Click the lab icon to begin.

<content-text></content-text>

Bandwidth is another parameter that often requires modification. On Cisco routers, the bandwidth value on most serial interfaces defaults to 1.544 Mbps, the speed of a T1. This bandwidth value determines the cost of the link but does not actually affect the speed of the link.

In some circumstances, an organization receives a fractional T1 from the service provider. One-fourth of a full T1 connection is 384 Kbps and is an example of a fractional T1. The IOS assumes a T1 bandwidth value on serial links even though the interface is actually only sending and receiving at 384 Kbps. This assumption results in improper path selection, because the routing protocol determines that the link is faster than it is.

When a serial interface is not actually operating at the default T1 speed, the interface requires manual modification. Configure both sides of the link to have the same value.

In OSPF, modification using the bandwidth interface command or the ip ospf cost interface command achieves the same result. Both commands specify an accurate value for use by OSPF to determine the best route.

The bandwidth command modifies the bandwidth value used to calculate the OSPF cost metric. To directly modify the cost of an interface, use the ip ospf cost command.

<content-text></content-text>

Another parameter related to the OSPF cost metric is the reference bandwidth, which is used to calculate interface cost, also referred to as the link cost.

The bandwidth value calculation of each interface uses the equation 100,000,000/bandwidth. 100,000,000, or 10^8, is known as the reference bandwidth.

A problem exists with links of higher speeds, such as Gigabit Ethernet and 10Gbit Ethernet links. Using the default reference bandwidth of 100,000,000 results in interfaces with bandwidth values of 100 Mbps and higher having the same OSPF cost of 1.

To obtain more accurate cost calculations, it may be necessary to adjust the reference bandwidth value. The reference bandwidth is modified using the OSPF command auto-cost reference-bandwidth.

When this command is necessary, use it on all routers so that the OSPF routing metric remains consistent. The new reference bandwidth is specified in terms of Mbps. To set the reference bandwidth to 10-Gigabit speed, use the value of 10,000.

<content-text></content-text>

Lab Activity

Configure OSPF link cost in a point-to-point topology to influence routing decisions.

Click the lab icon to begin.

<content-text>Verifying OSPF Operation</content-text> <content-text></content-text>

Once configured, OSPF has several commands available that verify proper operation.

When troubleshooting OSPF networks, the show ip ospf neighbor command is used to verify that the router has formed an adjacency with its neighboring routers.

If the router ID of the neighboring router is not displayed, or if it does not show a state of FULL, the two routers have not formed an OSPF adjacency. If a router is a DROther, adjacency occurs if the state is FULL or 2WAY.

If this is a multi-access Ethernet network, DR and BDR labels display after FULL/ in the State column.

Two routers may not form an OSPF adjacency if:

  • The subnet masks do not match, causing the routers to be on separate networks
  • OSPF hello or dead timers do not match
  • OSPF network types do not match
  • There is a missing or incorrect OSPF network command

<content-text></content-text>

Several show commands are also useful in verifying OSPF operation.

show ip protocols

Displays information such as the router ID, the networks that OSPF is advertising, and the IP addresses of adjacent neighbors.

show ip ospf

Displays the router ID and details about the OSPF process, timers, and area information. It also shows the last time the SPF algorithm executed.

show ip ospf interface

Displays information such as router ID, network type cost, and timer settings.

show ip route

Verifies that each router is sending and receiving routes via OSPF.

<content-text></content-text>

Full Screen

Activity

Use the show ip route output from an OSPF router to answer questions.

<content-text></content-text>

Lab Activity

Configure and verify point-to-point and multi-access OSPF networks, including tuning parameters.

Click the lab icon to begin.

<content-text>Using Multiple Routing Protocols</content-text> <content-text>Configuring and Propagating a Default Route</content-text> <content-text></content-text>

Most networks connect to other networks through the Internet. OSPF provides routing information about networks within an AS. OSPF must also provide information about reaching networks outside of the AS.

Sometimes administrators configure static routes on certain routers to provide information that is not received via a routing protocol. Configuring static routes on all routers in a large network is cumbersome. An easier method is to configure a default route that points to the Internet connection for a network.

With OSPF, an administrator configures this route on an Autonomous System Boundary Router (ASBR). The ASBR is also often called the Autonomous System Border Router. The ASBR connects the OSPF network to an outside network. As soon as the default route is entered in the routing table of the ASBR, it can be configured to advertise that pathway to the rest of the OSPF network. This process informs every router within the AS of the default route and spares the administrator the work of configuring static routes on every router in the network.

<content-text></content-text>

To configure a router to distribute a default route into the OSPF network, follow these two steps.

Step 1

Configure the ASBR with a default route.

R1(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0/0

The default static route statement can specify an interface or the next hop IP address.

Step 2

Configure the ASBR to propagate the default route to other routers. By default, OSPF does not inject the default route into its advertisements even when the route exists in its routing table.

R1(config)#router ospf 1

R1(config-router)#default-information originate

The routing tables of the other routers in the OSPF domain should now have a gateway of last resort and an entry to the 0.0.0.0 /0 network in their routing tables. The default route injects into the OSPF domain so that it appears as an external type route (E2) in the routing tables of the other routers.

<content-text></content-text>

Lab Activity

Configure an OSPF default route and propagate it to other routers in the OSPF area through the routing protocol.

Click the lab icon to begin.

<content-text>Configuring OSPF Summarization</content-text> <content-text></content-text>

One method that reduces the number of routing updates and the size of the OSPF routing tables is route summarization. Routes can be summarized into OSPF or between areas within the same OSPF network.

To facilitate OSPF summarization, group together IP addresses in a network area. For example, in a single OSPF area, allocate four contiguous network segments, such as:

  • 192.168.0.0/24
  • 192.168.1.0/24
  • 192.168.2.0/24
  • 192.168.3.0/24

It is possible to summarize and advertise the four networks as one supernet of 192.168.0.0 /22. Doing this reduces the number of networks that advertise throughout the OSPF domain. It also reduces memory requirements and the number of entries in the router updates.

Additionally, summary routes reduce the issue of flapping routes. Flapping refers to a route that consistently goes up and down. By default, every time a route flaps, a link-state update is propagated throughout the entire domain. This can create a lot of traffic and processing overhead.

When a router is using a summary route, it uses a single, supernet address to represent several routes. Only one of the routes included within the summary must actually be up in order for the router to advertise the summary route. If one or more of the routes is flapping, the router will continue to advertise the more stable summary route only. It does not forward updates about the individual routes. Any packets forwarded to the flapping route while the route is down will simply be dropped at the summarizing router.

To configure an OSPF ABR router to summarize these networks to another OSPF area, issue the following command in router configuration mode:

area area-id range ip-address ip-address-mask

Specify the area in which the networks are summarized as well as the starting network number and summary mask.

<content-text></content-text>

Lab Activity

Configure OSPF summarization to reduce routing updates.

Click the lab icon to begin.

<content-text>OSPF Issues and Limitations</content-text> <content-text></content-text>

OSPF is a scalable routing protocol. It has the ability to converge quickly and operate within very large networks. There are however, some issues to consider when using it.

OSPF must maintain multiple databases and therefore requires more router memory and CPU capabilities than distance vector routing protocols.

The Dijkstra Algorithm requires CPU cycles to calculate the best path. If the OSPF network is complex and unstable, the algorithm consumes significant resources when recalculating frequently. Routers running OSPF are typically more powerful and more expensive.

To avoid excessive use of router resources, employ a strict hierarchical design to divide the network into smaller areas. All areas must maintain connectivity to Area 0. If not, they may lose connectivity to other areas.

OSPF can be challenging to configure if the network is large and the design is complex. In addition, interpreting the information contained in the OSPF databases and routing tables requires a good understanding of the technology.

During the initial discovery process, OSPF can flood the network with LSAs and severely limit the amount of data that the network can transport. Flooding in large networks with many routers and low bandwidth noticeably decreases network throughput.

Despite the issues and limitations of OSPF, it is still the most widely used link-state routing protocol within an enterprise.

<content-text>Using Multiple Protocols in the Enterprise</content-text> <content-text></content-text>

For various reasons, organizations might choose different routing protocols.

  • A network administrator may choose different routing protocols for different sections of a network, based on legacy equipment or available resources.
  • Two companies that merge may have configured their networks using different routing protocols and still need to communicate with each other.

When multiple routing protocols exist on a single router, there is the possibility of that router learning of a destination from multiple sources. There must be a predictable method for the router to choose which route to view as the most desirable pathway and place it in the routing table.

<content-text></content-text>

When a router learns of a single network from multiple sources, it uses the administrative distance (AD) to determine which route it prefers. The Cisco IOS assigns all routing information methods an AD.

If a router learns of a particular subnet by way of RIP and OSPF, the OSPF-learned route is the one that it chooses for the routing table. Its AD is lower and, therefore, more desirable. The code at the beginning of the routing table entry indicates the source of the route, or how it was learned. Each code associates with a specific AD.

<content-text></content-text>

Full Screen

Activity

Analyze the routing table and determine the route source, the AD, and the metric.

Use the information from the show ip route command as reference. Not all answers are used, and some answers are used more than once.

<content-text></content-text>

If two networks have the same base address and subnet mask, a router views them as identical. It considers a summarized network, as well as an individual network that is part of that summary, as different networks.

The summarized network 192.168.0.0/22 and the individual network 192.168.1.0 /24 are different entries, even though the summarization includes the individual network. When this situation occurs, both networks are placed in the routing table. The decision of which route to use falls to the entry with the closest, or longest, prefix match.

As an example, a router receives a packet with a destination IP address of 172.16.0.10. Three possible routes match this packet: 172.16.0.0/12, 172.16.0.0/18, and 172.16.0.0/26. Of the three routes, 172.16.0.0/26 has the longest match. For any of these routes to be considered a match, there must be at least the number of matching bits indicated by the subnet mask of the route.

<content-text></content-text>

Full Screen

Activity

Select one route that the packet would take to each destination network.

<content-text>Chapter Summary</content-text> <content-text>Summary</content-text> <content-text></content-text> <content-text>Critical Thinking</content-text> <content-text></content-text>
<content-text>Chapter Quiz</content-text> <content-text>Quiz</content-text> <content-text></content-text>

Take the chapter quiz to check your knowledge.

Click the quiz icon to begin.