OSPF

OSPF LSA

Common OSPF adjacencies Attributes:-
Interface Area ID
Hello & Dead Interval
Interface network address
Interface MTU
Network Type
Authentication
Stub-flags
Other optional capabilities

Virual Link
++ this can only be establish in case of normal area not in case of STUB/Totally STUB/NSSA etc

In the below topology how many LSA and route you will get on R4 for Eigrp

                                 


                            R2 
                                 

                            |

5000 routes EIGRP-R1——area123()—|——-Area 0——–R4
|
R3
++ Both ABR will do the generate the LSA-5 and LSA-4
++ LSA in Database will be 5000 + 2 ( LSA-4)
++ Route in Routing table will be 10000 if al link cost is same R4 will do the load balancing.

How Border router know they have to generate LSA-4.
++ When router clamming to be an ASBR
++ Type-4 LSA will trigger re-generation
++ example
EIGRP—R1–area 12—R2–area 0—R3—area 34—R4
++ In above example when router(R1) will generate the Router LSA ( LSA-1) and in this LSA E bit will be set.
++ When R2 will see the E bit set in the Router R1 LSA-1 this will generate the LSA-4 and after that router R3 will re-generate LSA-4
for area 34.
++ in Router LSA ( LSA-1) we have 3 Bits
V = virtual link Endpoints
B= Border( ABR)
E= Edge(ASBR)

Translation of LSA-7 to LSA-5
++ Translation will be done by the highest router-ID ABR.
example
R2
|
—5000( prefix) -R1——area123(NSSA)—|——-Area 0——–R4
|
R3
++ So in database there will be only 5000 LSA at Router R4 but if cost is same for all links in routing table there will be 10000 routes
Benefits of DR or role of DR:-
++ DR helps in reducing neighbors counts,so less neighbor less flooding convergence fast.
++ DR Generate LSA-2 and BDR does not generate LSA-2.
++ DR works like virtual HUB in segment in the area.

In ospf assume my router ID is 1.1.1.1 and this the loopback0 IP address.Now we have removed the loopback from router configuration??
++ There will no impact on OSPF becuase this router ID only not IP address.
++ In ospf there is no requirement of router ID to be reachable.
++ Router ID is 32 bit number not IP address

How OSPF Prevent Loop
++ First OSPF use area 0 concept means two area can communicate each other via area 0 only ( in Cisco IOS)
means you can think it use hub and spoke topology
HUB( area0)
Spoke-1(area-1)–| |——spoke-2(area-2)
++ OSPF use route prefernace means internal router then inter-area route and then external route. OSPF tries to copy keep traffic inside
in compare to BGP hot-potato routing
++ OSPF use Split-horizon on area level not on interface level.
Border router have rules-
++ Type-3 LSA received from area 0 will be summarized into non backbone area
++ But Type -3 LSA received from non backbone area will not used for routing.
++ if we have type 3 LSA from non backbone area this will not be going to advertise in backbone area ( area 0 must be contigous)
++ Area 0 must be contigous this can be not like below
area0————area1—————–area0

Which conditions must be met to set the FA in non-NSSA area?
++ The interface on the ASBR must have OSPF enabled.
++ It must not be passive and it must be broadcast.
++ Forward address is for optimal forwarding on broadcast network so its required ..its not required on P2P or P2MP network type
Which conditions must be met to set the FA in NSSA area?
++ Always inserted in Type-7 LSA
++ One of the ASBR interface must be enabled for OSPF
++ Preferance given to Loopback

* For forward address to be valid this should be known as ospf route**
Forward address route from external source like static or eigrp etc can not be used so LSA-5 and LSA7 can not user in routing table

Tiebreakers with routes from different OSPF processes
if everything is the same then the tiebreaker is the lowest process number. For EIGRP it is the lowest AS number so maybe

OSPF network type parameters:-
++ Broadcast – Hello= Multicast MASK = actual NHP = Unchanged
++ P2P Hello Multicast MASK = actual NHP = NA
++ Non-Broadcast Hello unicast MASK = actual NHP = Unchanged
++ P2MP Hello multicast MASK = /32 NHP = HUB
++ P2MP Non-broadcast Hello unicast MASK = /32 NHP = HUB
++ LOOP Mask /32

What Parameters must match  for two routers to become neighbors?
The following parameters must be the same on both routers in order for routers to become neighbors:-
1.Subnet
2.Area id
3.Hello and Dead interval time
4.Authentication

Explain the various OSPF states?
wait – in case of broadcast non-broadcast router will stay in this state till dead interval.
Init – Router has received a Hello message from the other OSFP router ( in Hello packet router share RID on there segments)
two-way – When hello are exchanged and in hello packet router have seen own router ID in neighbor hello.
This is an possible stable state between drothers.(in this state router can stuck due to no dr elected( might be priority set to 0 on
both routers)
Exchange start ( exstart) – In this state Master-slave election happend and decide how fast information will be exchange.
MTU will be matched….with the help of this MTU router will decide maximum packet size to be exchanged during loading state.
MTU mismatch or unicast reachability issue can stuck router in this state.( from this state router start using unicast communication)
Exchange – DBD packets are exchanged and in DBD router will share the information about there links this like only menu.
Unicast reachability issue can stuck router in this state.this state use LSR packet.
Loading – In this state actual database content is sent ( router can stuck in this state due to underlying MTU problem because in the
exstart state on MTU value was verify between the nei router if any underlaying or in between device have lesss MTU this problem can occurs
because we share actual data in this stage.this sate use (LSU and LSK packets)
switch is underlay
R1—MTU(1500)—————MTU(1480)Switch(MTU1480)—————–MTU(1500)–R2
Full- Database in sync and SPF will run.( no routes in routing table might be due to filtering or database descripency.

++ How OSPF DR & BDR is elected?
• The router with the highest priority becomes the DR and router with second highest priority becomes the
BDR. If there is a tie in priority, router with the highest Router ID will become  DR.
• By default priority on Cisco routers is 1. We can manually change it.
• If the Router priority is set to 0 (Zero), that router will not participate in DR/BDR election.
• DR election process is not preemptive. If a router with a higher priority is added to the network, it will not
become DR untill we clear OSPF process and DR/BDR election takes place again.
Command to change the priority on an interface
router(cong)#
interface  fa0/0
router(cong-if)#
ip ospf priority 100
DRothers form full adjacency with DR and BDR and stop at 2 Way with each other

Why DR and BDR are elected in OSPF?
All OSPF routers will form adjacencies with the DR and BDR. If link-state changes, the update will be sent
only to the DR, which then forwards it to all other routers. This greatly reduces the flooding of LSAs therefore conserving the bandwidth.

Explain the various OSPF states?
OSPF routers need to go through several states before establishing a neighbor relationship:-
1.Down  – No Hello packets have been received on the interface.
2.Attempt – In Attempt state neighbors must be configured manually. It applies only to non broadcast multiaccess
(NBMA) networks.>>>>>>>>>>>>>>>>>>>> this stage you will see only in FR type network not in ethernet
3.Init state – Router has received a Hello message from the other OSFP router.>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> after down this is direct state for ethernet
4.2way state – The neighbor has received the Hello message and replied with a Hello message of his own.
Bidirectional Communication has been established. In Broadcast network DR-BDR election can occur after
this point.>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> layer-1 problem can stop in this state
5.Exstart state – DR & BDR establish adjacencies with each router in the network. Master-slave election will
takes place (Master will send its DBD first).Master choose seq number for the DBD packets that used for LSA exchange >>>>>>>>>>>> if ospf nei going down after this state it issue with ospf attribute
6.Exchange state – Routing information is exchanged using DBD (Database Descriptor) packets, Link-State
Request (LSR). Link-State Update packets may also be sent.DBD seq number is used for reliable re-transmission
7.Loading state – LSRs (Link State Requests) are send to neighbors for every network it doesn’t know
about. The Neighbor replies with the LSUs (Link State Updates) which contain information about requested
networks. The requested information have been received, other neighbor goes through the same process
8.Full state – All neighbor routers have the synchronized database and adjacencies has been established.

What are different
OSPF LSA types ?

  1. Router LSA (Type1) – Each router generates a Type 1 LSA that lists its active interfaces, IP addresses,
    neighbors and the cost. LSA Type 1 is flooded only within an area.its Local Scope,This describe what are my links and who are my NEI.
  2. Network LSA (Type2) – Type 2 LSA is sent out by the designated router (DR) and lists all the routers on
    the segment it is adjacent to. Type 2 LSA are flooded only within an area. It contains the information about
    DR’s.Also not flooded outside the area they originate in. whats is my link cost to DR and my link cost to all others adjacent to that DR
    This also used to reduce flooding scalability issue.
  3. Summary LSA (Type3) – Type 3 LSAs are generated by Area Border Routers (ABRs) to advertise networks
    from one area to the rest of the areas in Autonomous System. It contains the information about inter-area
    routes.
  4. Summary ASBR LSA (Type4) – It is generated by the ABR and contain routes to ASBRs.
  5. External LSA (Type5) – External LSAs are generated by ASBRs and contain routes to networks that are
    external to current AS.
    This LSA contain one specific field that is Forward address

Who should i route towards to reach the link
Usually ASBR Itself but in some design else other

  1. Not-So-Stubby Area LSA (Type7) – Stub areas do not allow Type 5 LSAs.  A Not So Stubby Area (NSSA)
    allows advertisement of Type 5 LSA as Type 7 LSAs. Type LSA is generated by an ASBR inside a Not So
    Stubby Area (NSSA) to describe routes redistributed into the NSSA.

8– External attribute
9,10,11– Opaque LSA– MPLS TE

What are the different OSPF network types and give an example for each ?
Ans- Different OSPF network types with their examples are given below:
1) Broadcast Multi-Access – indicates a topology where broadcast occurs.
Examples include Ethernet, Token Ring, and ATM.

2) Point-to-Point – indicates a topology where two routers are directly connected.
An example would be a point-to-point T1.

3) Point-to-Multipoint – indicates a topology where one interface can connect to multiple destinations. Each connection between a source and destination is treated as a point-to-point link.
An example would be Point-to-Multipoint Frame Relay.

4) Non-broadcast Multi-access Network (NBMA) – indicates a topology where one interface can connect to multiple destinations; however, broadcasts cannot be sent across a NBMA network.
An example would be Frame Relay. 

In OSPF, Give one example of neighbour ship & give one example of adjacency ?

Ans.

Neighbors are routers who have exchanged Hello packets, but not LSA information and don’t have same LSDB. Example : Two DROther routers.

Adjacent routers are routers who have exchanged Hello packet, LSA information and have same LSDB. Example: DR & BDR

What problems can cause OSPF neighborship in “down” state?
Ans:- Two ospf devices should be connected back to back with cables connected on correct interfaces.
IP and mask should be correct. Then run the ospf process if not run already and advertise the interface segments on both routers.
Hello, Dead timers and MTU size should be same at both ends.
There should not be any access-list or transparent firewall blocking the OSPF Packets or IP addresses.
Neighborship should establish now.
Area number and authentication parameters must match.
If issues are still there, then check the router logs and try to analyze the problem.

What is the concept of “Area” in OSPF? What is Backbone area, stub area, Totally Stubby Area, Not So Stuby area (NSSA)?
Ans:- OSPF is hierarchical in nature and therefor it uses areas to control and manage its LSA or database traffic.
The concept of area brings stability in the environment and suppresses the unnecessary convergence updates within the area
unless meant for other areas.

Backbone area is “area 0” – this backbone area is must be physically or logically connected to other areas to communicate.
No two areas can share information if one of the areas is not backbone area.

Stub area blocks the LSA 4 and 5 i.e. External information which is sent by ABR ( Area Border Router)-
It does so to reduce the external traffic. However, connectivity can happen using Default route injection done by ABR as an alternate way.
Any router wants to send packets external network from stub area will have default route in its routing table.

Totally Stubby Area – It blocks external LSA and summary LSA i.e. LSA 3, 4 and 5. Default route will be injected by ABR to routers of area.
NSSA area – it blocks external type 5 Lsa and ASBR is allowed

Totally NSSA – It blocks external LSA 3 and 5 and ASBR is allowed.

What LSA is used for inter area communication? What LSA type is used for inter protocol communication in OSPF?
Ans:- Type 3 LSA Is used for inter area communication. For communication with other protocols or external routes , type 4 and 5 will be used.

Explain the concept of Area Border Router (ABR) and Autonomous System Border Router (ASBR). Can router sitting between area 2 and 3 be called as ABR?
Ans:- ABR is the router which sits between Backbone area i.e area 0 and non Backbone area.
ASBR is the router which sits between OSPF routing protocol and non-OSPF routing protocol.
A Router in OSPF can only be called ABR when it has atleast one interface in area 0. Router between area 2 and 3 can not be known as ABR.

there are a couple of fields in the hello packet and many of them have to match otherwise you won’t become neighbors.

Let’s walk through the items in
the hello packet and see what they are about:
 Router ID: Each OSPF router needs to have an unique ID which is the highest IP
address on any active interface. More about this later.
 Hello / Dead Interval: Every X seconds we are going to send a hello packet, if we
don’t hear any hello packets from our network for X seconds we declare you “dead”
and we are no longer neighbors. These values have to match on both sides in order
to become neighbors.
 Neighbors: All other routers who are your neighbors are specified in the hello
packet.
 Area ID: This is the area you are in. This value has to match on both sides in order
to become neighbors.
 Router Priority: This value is used to determine who will become designated or
backup designated router. More on this later.
 DR and BDR IP address: Designated and Backup Designated router. More on this
later.
 Authentication password: You can use clear text and MD5 authentication for OSPF
which means every packet will be authenticated. Obviously you need the same
password on both routers in order to make things work.
 Stub area flag: Besides area numbers OSPF has different area types, we will cover
this later. Both routers have to agree on the area type in order to become neighbors

OSPF Packet Types:-

Hello: neighbor discovery, build neighbor adjacencies and maintain them.
• DBD: This packet is used to check if the LSDB between 2 routers is the same. The
DBD is a summary of the LSDB.
• LSR: Requests specific link-state records from an OSPF neighbor.
• LSU: Sends specific link-state records that were requested. This packet is like an
envelope with multiple LSAs in it.
• LSAck: OSPF is a reliable protocol so we have a packet to acknowledge the others.

OSPF nei Debug :-

Router 6 debug output:
***ROUTER6 IS SENDING HELLOS BUT HEARS NOTHING,
STATE OF NEIGHBOR IS DOWN
00:03:53: OSPF: 170.170.11.7 address 170.170.11.7 on
Serial2.7 is dead
00:03:53: OSPF: 170.170.11.7 address 170.170.11.7 on
Serial2.7 is dead, state DOWN

Router 7 debug output:
OSPF NOT ENABLED ON ROUTER7 YET
Router 6 debug output:

***ROUTER6 SENDING HELLOS
00:03:53: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), len 64, sending broad/multicast, proto=89
00:04:03: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 64, sending broad/multicast, proto=89

Router 7 debug output:
OSPF NOT ENABLED ON ROUTER7 YET

Router 7 debug output:
***OSPF ENABLED ON ROUTER7, BEGINS SENDING
HELLOS AND BUILDING A ROUTER LSA
00:17:44: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 64, sending broad/multicast, proto=89
00:17:44: OSPF: Build router LSA for area 0,
router ID 170.170.11.7, seq 0x80000001

Router 6 debug output:
***RECEIVE HELLO FROM ROUTER7
00:04:04: IP: s=170.170.11.7 (Serial2.7), d=224.0.0.5,
Len 64, rcvd 0, proto=89
00:04:04: OSPF: Rcv hello from 170.170.11.7 area 0 from
Serial2.7 170.170.11.7
00:04:04: OSPF: End of hello processing

Router 6 debug output:
***ROUTER6 SEND HELLO WITH ROUTER7 ROUTERID
IN THE HELLO PACKET
00:04:13: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 68, sending broad/multicast, proto=89

Router 7 debug output:
***ROUTER7 RECEIVES HELLO FROM ROUTER6 CHANGES
STATE TO 2WAY
00:17:53: IP: s=170.170.11.6 (Serial0.6), d=224.0.0.5,
Len 68, rcvd 0, proto=89
00:17:53: OSPF: Rcv hello from 170.170.11.6 area 0 from
Serial0.6 170.170.11.6
00:17:53: OSPF: 2 Way Communication to 170.170.11.6 on
Serial0.6, state 2WAY

Router 7 debug output:
***ROUTER7 SENDS INITIAL DBD PACKET WITH SEQ# 0x13FD
00:17:53: OSPF: Send DBD to 170.170.11.6 on Serial0.6
seq 0x13FD opt 0x2 flag 0x7 Len 32
00:17:53: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 52, sending broad/multicast, proto=89
00:17:53: OSPF: End of hello processing

Router 6 debug output:
***ROUTER6 RECEIVES ROUTER7’S INITIAL DBD PACKET
CHANGES STATE TO 2-WAY
00:04:13: IP: s=170.170.11.7 (Serial2.7), d=224.0.0.5,
Len 52, rcvd 0, proto=89
00:04:13: OSPF: Rcv DBD from 170.170.11.7 on Serial2.7
seq 0x13FD opt 0x2 flag 0x7 Len 32 mtu 1450 state INIT
00:04:13: OSPF: 2 Way Communication to 170.170.11.7 on
Serial2.7, state 2WAY

Router 6 debug output:
***ROUTER6 SENDS DBD PACKET TO ROUTER7
(MASTER/SLAVE NEGOTIATION – ROUTER6 IS SLAVE)
00:04:13: OSPF: Send DBD to 170.170.11.7 on Serial2.7
seq 0xE44 opt 0x2 flag 0x7 Len 32
00:04:13: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 52, sending broad/multicast, proto=89
00:04:13: OSPF: NBR Negotiation Done. We are the SLAVE

Router 7 debug output:
***RECEIVE ROUTER6’S INITIAL DBD PACKET
(MTU MISMATCH IS RECOGNIZED)
00:17:53: IP: s=170.170.11.6 (Serial0.6), d=224.0.0.5,
Len 52, rcvd 0, proto=89
00:17:53: OSPF: Rcv DBD from 170.170.11.6 on Serial0.6
seq 0xE44 opt 0x2 flag 0x7 Len 32 mtu 1500 state EXSTART
00:17:53: OSPF: Nbr 170.170.11.6 has larger interface MTU

Router 6 debug output:
***SINCE ROUTER6 IS SLAVE SEND DBD PACKET WITH
LSA HEADERS,
SAME SEQ# (0x13FD) TO ACK ROUTER7’S DBD. (NOTE SIZE OF PKT)
00:04:13: OSPF: Send DBD to 170.170.11.7 on Serial2.7
seq 0x13FD opt 0x2 flag 0x2 Len 1472
00:04:13: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 1492, sending broad/multicast, proto=89

Router 7 debug output:
***NEVER RECEIVE ACK TO ROUTER7’S INITIAL DBD,
RETRANSMIT
00:17:54: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 68, sending broad/multicast, proto=89
00:18:03: OSPF: Send DBD to 170.170.11.6 on Serial0.6
seq 0x13FD opt 0x2 flag 0x7 Len 32 00:18:03: OSPF:
Retransmitting DBD to 170.170.11.6 on Serial0.6 [1]
At this point, Router 6 keeps trying to ACK the initial DBD packet from Router 7.
00:04:13: IP: s=170.170.11.7 (Serial2.7), d=224.0.0.5,
Len 68, rcvd 0, proto=89
00:04:13: OSPF: Rcv hello from 170.170.11.7 area 0 from
Serial2.7 170.170.11.7
00:04:13: OSPF: End of hello processing

00:04:18: IP: s=170.170.11.7 (Serial2.7), d=224.0.0.5,
Len 52, rcvd 0, proto=89
00:04:18: OSPF: Rcv DBD from 170.170.11.7 on Serial2.7
seq 0x13FD opt 0x2 flag 0x7 Len 32 mtu 1450 state EXCHANGE

00:04:18: OSPF: Send DBD to 170.170.11.7 on Serial2.7
seq 0x13FD opt 0x2 flag 0x2 Len 1472
00:04:18: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 1492, sending broad/multicast, proto=89

00:04:23: IP: s=170.170.11.6 (local), d=224.0.0.5
(Serial2.7), Len 68, sending broad/multicast, proto=89

00:04:23: IP: s=170.170.11.7 (Serial2.7), d=224.0.0.5,
Len 52, rcvd 0, proto=89
00:04:23: OSPF: Rcv DBD from 170.170.11.7 on Serial2.7
seq 0x13FD opt 0x2 flag 0x7 Len 32 mtu 1450 state EXCHANGE
Router 7 never gets an ACK from Router 6 because the DBD packet from Router 7 is too large for the Router 7 MTU. Router 7 repeatedly
retransmits the DBD packet.
0:17:58: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 52, sending broad/multicast, proto=89
00:18:03: OSPF: Send DBD to 170.170.11.6 on Serial0.6
seq 0x13FD opt 0x2 flag 0x7 Len 32 00:18:03: OSPF:
Retransmitting DBD to 170.170.11.6 on Serial0.6 [2]

00:18:03: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 52, sending broad/multicast, proto=89
00:18:03: IP: s=170.170.11.6 (Serial0.6), d=224.0.0.5,
Len 68, rcvd 0, proto=89
00:18:03: OSPF: Rcv hello from 170.170.11.6 area 0 from
Serial0.6 170.170.11.6
00:18:03: OSPF: End of hello processing

00:18:04: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 68, sending broad/multicast, proto=89

00:18:03: OSPF: Send DBD to 170.170.11.6 on Serial0.6
seq 0x13FD opt 0x2 flag 0x7 Len 32 00:18:03: OSPF:
Retransmitting DBD to 170.170.11.6 on Serial0.6 [3]

00:18:08: IP: s=170.170.11.7 (local), d=224.0.0.5
(Serial0.6), Len 52, sending broad/multicast, proto=89
router-7#

Because Router 6 has a higherMTU, it continues to accept the DBD packet from Router 7, attempts to acknowledge them, and remains in the EXCHANGE state.
Because Router 7 has a lower MTU, it ignores the DBD packets along with ACK from Router 6, continues to retransmit the initial DBD packet, and
remains in the EXSTART state.

The root cause could be any of the these:
++ MTU mismatch
++ Unicast is broken. In the exstart state, the router sends a unicast packet to the neighbor to elect master and slave.
This is true unless you have a point-to-point link, in which case it sends a multicast packet. These are the possible causes:
++ Wrong virtual circuit (VC) mapping in an Asynchronous Transfer Mode (ATM) or Frame Relay environment in highly redundant network.
MTU problem, meaning the routers can only ping a packet of a certain length.
++ Access list is blocking the unicast packet.
++ NAT is running on the router and is translating the unicast packet.
++ Neighbor between PRI and BRI/dialer.
++ Both routers have the same router ID (mis-configuration).

OSPF LSA Flag Field
OSPF: Send DBD to 1.1.1.1 on Ethernet0/0 seq 0x836 opt 0x52 flag 0x7 len32
Flag 0x7–> 111 means I(Initial) = 1, M = 1(More), MS = 1(Master)
Flag 0x6–> 110 not possible
Flag 0x5–> 101 not possible
Flag 0x4–> 100 not possible
Flag 0x3–> 011 means master has more data to send
Flag 0x2–> 010 means slave has more data to send
Flag 0x1–> 001 means master has no more data left to send
Flag 0x0–> 000 means slave has no more data left to send

OSPF LSA OPT Field
Normal area:OSPF: Send DBDto 141.108.97.1 on Serial0seq0xBC4 opt 0x2 flag 0x3len492
E bit is 1, Allow externals, option: 0x2(HEX) = 00000010(Bin)
Stub area:OSPF: Send DBDto 141.108.97.1 on Serial0seq0x1866 opt 0x0 flag 0x3len372
E bit is 0, no external allowed, options: 0x0= 00000000
NSSA:OSPF: Send DBDto 141.108.97.1 on Serial0seq0x118 opt 0x8 flag 0x3len372
N/P bit is on, options: 0x8= 00001000
DC:OSPF: Send DBDto 141.108.97.1 on Serial0seq0x1A1E opt 0x20 flag 0x3len392
DC bit is negotiated, options: 0x20= 00100000

++ SequenceNumberMismatch
Unexpected DD Sequence number
“I” bit is set unexpectedly
Option field different from the last option field received in the DBD packet
++ BadLSReq
Neighbor sends unrecognized LSA during exchange process.
Neighbor requested an LSA during exchange process that cannot be found

Possible Reasons for Stuck in Init
Access-list
One side multicast capabilities
OSPF authentication
Dialermap or frame-relay map missing keyword ‘broadcast’
Link-Local Signalling capability not compatible

Possible Reasons for Stuck in 2-WAY
Normal in broadcast network type
If all the routers are configured with priority equal to “0”

Stuck in Loading

LS request is being made and neighbour is sending bad packet or memory corrupt
a.Do show ip ospf bad-checksum
b.Show log will show OSPF-4-BAD LSA TYPE message
LS request is being made and neighbour is ignoring the request
debug ip ospf flood
Enhancements to allow an access-list filter and a “detail” option

Common Issue

++ Mismatched Subnet Mask
Mismatched Hello/Dead Interval
Mismatched Authentication Key
Mismatched Area Id
Mismatched Transit/Stub/NSSA Option
OSPF Graceful Shutdown; Router or Interface mode
shutdown / ipospfshutdown
OSPF TTLSecurity Check
ttl-security all-interfaces [hops hop-count]
ipospfttl-security [hops hop-count | disable]

Why Are Some OSPF Routes in the Database but Not in the Routing Table?:-

A common problem when using Open Shortest Path First (OSPF) is routes in the database don’t appear in the routing table.
In most cases OSPF finds a discrepancy in the database so it doesn’t install the route in the routing table. Often,
you can see the Adv Router is not-reachable message (which means that the router advertising the LSA is not reachable through OSPF)
on top of the link-state advertisement (LSA) in the database when this problem occurs.
Here is an example:

Adv Router is not-reachable>>>>>>>
LS age: 418
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 172.16.32.2
Advertising Router: 172.16.32.2
LS Seq Number: 80000002
Checksum: 0xFA63
Length: 60
Number of Links: 3

Reason 1: Network Type Mismatch
Reason 2: Wrong Address Assignment in Dual Serial Link Setup
Reason 3: One Side of Point-to-Point Link Included in Wrong Majornet or Subnet
Reason 4: One Side Is Unnumbered and the Other Side Is Numbered
e.g
interface Loopback0
ip address 172.16.35.1 255.255.255.255

interface Serial2
ip unnumbered Loopback0
router ospf 20
network 172.16.0.0 0.0.255.255 area 0

Reason 5 :Distribute List Is Blocking the Routes
Reason 6: Forwarding Address Known via an External Route

e.g

show ip ospf data external 200.1.1.0
OSPF Router with ID (7.7.7.1) (Process ID 1)
Type- 5 AS External Link States
LS age: 72
Options: (No TOS- capability, DC)
LS Type: AS External Link
Link State ID: 200.1.1.0 (External Network Number )
Advertising Router: 3.44.66.3
LS Seq Number: 80000001
Checksum: 0xF161
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 3.3.4.4 >>>>>>>>>>>>>>>>>>>>>>>
External Route Tag: 0

R2507# show ip route 3.3.4.4
Routing entry for 3.3.4.0/ 24
Known via “ospf 1”, distance 110, metric 20,type extern 2, forward metric 70
Redistributing via ospf 1
Last update from 1.1.1.2 on Serial0, 00: 00: 40 ago
Routing Descriptor Blocks:
* 1.1.1.2, from 3.44.66.3, 00: 00: 40 ago, via Serial0
Route metric is 20, traffic share count is 1

OSPF ABR and Loop Prevention
Q: How does OSPF prevent routing loops when exchanging summary LSAs?
A: In OSPF, the backbone area is used for exchanging inter-area routes between all other areas. Since there is no common topology
shared among different areas, loop prevention should be based on distance-vector principles.
There are three main rules of generating and receiving inter-area routes (type-3 LSAs) in OSPF that prevent control-plane routing loops:
o Area Border Router (ABR) is a router that has at least one interface in Area 0 and this interface is NOT in DOWN state. ABR is
distinguished by setting the B (border) bit in its router LSA to signal other routers in the same area of its ABR status. Only ABR is allowed to generate summary
LSAs and inject them in the attached areas.
o ABR expects summary LSAs from Area 0 only. This means there should be at least one adjacency in FULL state built over Area 0 interface. In
case if ABR has no such adjacency, it will ignore summary-LSAs received over non-backbone areas. These LSAs will be installed in the database,
but not used for SPF calculations.
o ABR will accept and use summary-LSAs learned over non-backbone area if it DOES NOT have a FULL adjacency built over an Area 0 interface. It is
safe to do so, since the ABR will not be able to flood the summary back into Area 0 creating routing loops

Purpose of Forwarding Address:-

An extra hop will sometimes be introduced if packets for external destinations need always be routed first to the advertising router.
There are 2 different LSAs that can have a Forwarding Address field.
Type 5 – “External LSA”
Type 7 – “NSSA External LSA”

Forwarding Address Type 5 LSA:-
There are 2 different situations for setting the Forwarding Address in a Type 5 LSA.
When creating a Type 5 LSA on behalf of a non-OSPF router.
When creating a Type 5 LSA on behalf of an OSPF router. This is the Type 7 to 5 translation

on Behalf of non ospf router
The following condition sets the forwarding address field to a non-zero address:
OSPF is enabled on the ASBR’s outgoing interface to the next hop ip address AND
ASBR has at least ONE full adjacency out the outgoing interface to the next hop ip address AND
ASBR’s outgoing interface to the next hop ip address is not point-to-multipoint
Any other conditions besides these set the forwarding address to 0.0.0.0.

There are 2 conditions for setting the Forwarding Address on Types 7 LSAs.
Can this NSSA ASBR generate not only the Type 7 but also a Type 5?
Can this NSSA ASBR only generate a Type 7 LSA?

If this NSSA ASBR CAN generate Type 5 LSAs then it will set the Forwarding Address to 0.0.0.0. Also, set the P-bit equal to 0
If this NSSA ASBR can not generate its own Type 5 LSA because it is ONLY an NSSA ASBR, then it must set the Forwarding Address to a
non-zero value. Also, set the P-bit equal to 1.

Cisco documentation, it states that in order to use a non-zero value for the forwarding address, the requirements below must be met:

OSPF is enabled on the ASBR’s next hop interface AND
ASBR’s next hop interface is non-passive under OSPF AND
ASBR’s next hop interface is not point-to-point AND
ASBR’s next hop interface is not point-to-multipoint AND
ASBR’s next hop interface address falls under the network range specified in the router ospf command.
Any other conditions besides the above set the forwarding address to 0.0.0.0.

Summerization :-

2 types of summarization:
Summarize internal routes
Summarize external routes

Summarize internal routes:-
On the ABR and ONLY on the ABR you can summarize Interarea routes with the command:
area X range {prefix} {mask}

The area that you put in place of ‘X’ is the old area where this router first learned of these prefixes.
This will only effect how the ABR generates new Type 3 LSAs.

Summarize external routes

If the ASBR is generating Type 5 LSAs then only THIS ASBR can summarize the external prefixes.
If the ASBR is generating Type 7 LSAs then you can summarize either on the NSSA ASBR or on the NSSA ABR that is doing the 7/5 translation
The command to summarize external prefixes is:
summary-address {prefix} {mask}

Remember this will only effect the generation of either a Type 7 or a Type 5 LSA.

Filtering:-

There are 3 different cases:
Filtering intraarea routes
Filtering interarea routes
Filtering external routes

Filtering Intraarea routes:-

You can NOT filter intraarea routes. Remember the all important ospf rule: ALL routers in the same area MUST have the EXACT same database.
IOS will allow you to use ‘distribute-list in’ on any router and it will keep an intraarea routes from going into the routing table.
But it will not remove that route from the database. This is a very silly form of filtering.

Filtering Interarea routes
Interarea routes are carried in Type 3 LSAs. So to filter Interarea routes you must do it on the routers generating the Type 3 LSAs.
This means on ALL the ABRs for an area. (it also includes virtual links).

Filtering Externals

Depends on if you are filtering Type 5 LSAs or Type 7 LSAs.
Once a Type 5 LSA is generated it must be flooded unchanged throughout the OSPF domain.
You can only stop them from going into a type of stub area. With a stub area you then get NO Type 5 LSAs.
Type 7 LSAs can be filtered out at the NSSA ABR

OSPF Superbackbone & working as PE-CE routing protocol

Our PE routers need something to tell other PE routers which area and LSA type to use. We use two additional BGP extended communities for this:
OSPF Domain Identifier: the domain ID is used to identify from what OSPF instance the route was redistributed.
OSPF Route Type: the route type is used to identify what LSA we should use:
Area number: the number of the area or 0 when it’s an external route.
Route Type: intra-area, inter-area, external, NSSA route.

PE2#show bgp vpnv4 unicast all 5.5.5.5/32
BGP routing table entry for 1:1:5.5.5.5/32, version 14
Paths: (1 available, best #1, table CUSTOMER)
Advertised to update‐groups:
1
Local
192.168.45.5 from 0.0.0.0 (192.168.34.4)
Origin incomplete, metric 2, localpref 100, weight 32768, valid,
sourced, best
Extended Community: RT:1:1 OSPF DOMAIN ID:0x0005:0x000000020200 >>>>>>>>>>>>>>>>>> Domain ID
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.168.45.4:0 >>>>>>>>>>>>>>>>>>>>>>
mpls labels in/out 16/nolabel

OSPF RT :- OSPF route type.The route type can be read like this:-

Area: 0.0.0.0
LSA 2
Options: 0

When the PE router redistributes a VPNv4 route into OSPF, it will check the domain ID and route type.
When the domain ID is the same then a LSA type 1, 2 or 3 will be redistributed as a LSA type 3. LSA type 5 or 7 will always remain the same.
If the domain ID is different then LSA type 1, 2 or 3 will always be redistributed as external prefixes.

How OSPF Work?

  1. Discover the OSPF NEI. and Exchange Topology Information — Hello packets / IP Multicast protocol with Port 89 224.0.0.5/224.0.0.6
  2. Choose Best path via SPF
  3. NEi. and Topology Table Maintenance

LSDB >> SPF >> SPT >> RIB

When a new LSA received its is checked against the database for changes such as

  1. Sequence Number — Used to track new vs Old LSA’safe
  2. Age — Use to keep information new and withdraw old information
    — Periodic flooding occurs after 30 mins
    — LSA that reach max age 60 mins are withdrawn
  3. Checksum– Used to avoid transmission & memory corruption

LSA Flooding and what are LSA require SPF recalculate

  1. When Change is detected new LSA is generated and flooded out all the links
  2. Self-originated LSA are simply dropped
  3. NOT all LSA changes requires SPF recalculate– e.g Link up/down vs Seq Number
  4. OSPF does not use split horizon

Why is recommended to use network type Point-to-Point in OSPF ? or how we can reduce the LSDB Size in OSPF?

Time it takes for the adjacency to come up on a broadcast network. It shouldn’t take that much more time than on a p2p indeed
topology simplification and LSA reduction (remove the need for an LSA type 2 for each and every one of these broadcast networks
NO DR/BDR election required

Why we create area in OSPF??

Area define flooding domain and changes inside the area required LSA flooding and full SPF
Changes outside area does not require LSA flooding and SPF and Limits impact on router resources
better convergence time

LSA are grouped together by 3 types routes

Intra-area routes(O)— LSA type 1 & 2
Inter-Area routes ( O IA)— LSA Type 3 & 4
External Routes ( E1/E2)–LSA 5 and (N1/N2)–LSA 7

OSPF Network types is to match always to form adjacencies or not?

OSPF Network type does not need to match to form adjacency but they need to be compatible and other attribute must match
what makes the network types compatible? >> Usage of type 2 LSA
So we can divide in 2 group.

  1. Broadcast and non Broadcast>> in this type network LSA 2 is required to reduce the no. of adjency and SPF calculations time
  2. Point-to-Multi-point,Point-to-Point,Point-to-Multi-point Non-Broadcast

How OSPF Flush the router ? or what is the function of MaxAge

Maxage is always is 1 hour and its has to be 1 hour on all platform,reason is Maxage is special value used to flush the route in ospf database.
and router normally send LSDB refresh in 30 mins.
If network is stable you can use Do NOT AGE (DNA) For LSA by using commnd at link level ip ospf flood reduction.

From OSPF Design Prospective OSPF Network types:-

++ In Case of HUB and Spoke HUB needs to be DR because if any case if spoke become the DR then will be problem because Multicast packet of DR will not able to reach others sites.
++ In Case of HUB and Spoke we can use network type P2MP but in this case you can not affect the traffic by using cost against nei statement
++ In Case of P2MP Non Broadcast you can affect the traffic for per nei by configure cost to each nei.
++ In Case of Network type non broadcast you can configure cost to nei but this is not compatible.
++ We should configure OSPF priority 0 at Spoke
++ In case of OSPF Network type Broadcast and Non Broadcast next hop is unchanged so this can create problem in FR Hub Spoke design SO we need full mesh FR map PVC
++ In short “broadcast” and “non-broadcast” network types will use the next hop IP address of the router advertising the network
++ In Case of P2MP network Type Next hop will be HUB router in HUB-Spoke Design

OSPF Virtual Links
++ Endpoints are must be reachable
++ Transit area must not have filtering applied l.e LSA 3 filters,Distribute list
++ Cost must be below 65535
++ Its runs on Demand Circuit

DNA– Don’t AGE :- This flag you can see in case of Virtual links or Flood reduction
This means that there is no need to reflood these LSA after 30 mins as we normally do

OSPF Split-Brain Problem and Designated Router (DR) Election :-

++ We can take scenario where we have two network and both network have own DR/BDR are elected.
++ Now in we have connected both network together then what will be happen to the DR/BDR as we have 2 DR and 2 BDR
++ So when both router exchange their hello >>
++ The two DR routers have meet. The one DR who discovered that there is another DR with better priority has willingly discarded its DR status entered election process.
++ The same happened to BDR routers, the two BDR routers identified themselves and the only the R4 has willingly discarded its BDR status.
++ There will not be any elections held when we connected the two network together.
++ RFC DR/BDR 2328 section 9.4

Electing the Designated Router

    (2) Calculate the new Backup Designated Router for the network
        as follows.  Only those routers on the list that have not
        declared themselves to be Designated Router are eligible to
        become Backup Designated Router.  If one or more of these
        routers have declared themselves Backup Designated Router
        (i.e., they are currently listing themselves as Backup
        Designated Router, but not as Designated Router, in their
        Hello Packets) the one having highest Router Priority is
        declared to be Backup Designated Router.  In case of a tie,
        the one having the highest Router ID is chosen.  If no routers  
        have declared themselves Backup Designated Router, choose
        the router having highest Router Priority, (again excluding
        those routers who have declared themselves Designated Router),
        and again use the Router ID to break ties.

    (3) Calculate the new Designated Router for the network as
        follows.  If one or more of the routers have declared
        themselves Designated Router (i.e., they are currently
        listing themselves as Designated Router in their Hello
        Packets) the one having highest Router Priority is declared
        to be Designated Router.  In case of a tie, the one having
        the highest Router ID is chosen.  If no routers have declared
        themselves Designated Router, assign the Designated
        Router to be the same as the newly elected Backup Designated
        Router.

OSPF – HOW MAX-METRIC WORKS
++ This is equivalent in OSPF as we have Overload Bit in ISIS
++ we want to take router out of service and shift traffic gracefully to other links.
++ RFC 3137 introduces the ‘Stub Router’ feature that allows you to set the transit interfaces to their maximum link cost (or LSInfinity).
++ Setting high costs on a router’s non-stub links, makes paths via that router look pretty crappy, thus shifting transit traffic away from that router.
++ IOS implements the ‘Stub router’ feature using the ‘max-metric command.
++ Let’s start our traffic shift by configuring “max-metric router-lsa” under the ospf process
++ Router_B(config)#router ospf 100
Router_B(config-router)#max-metric router-lsa

more details http://thenetworksherpa.com/how-max-metric-work/

OSPF Loop Prevention:-

++ ABR expect LSA-3 from AREA 0 only and should have full adjacencie over that interface
++ IT will ignore the LSA-3 from non-backbone area
++ ABR accept and use LSA-3 learned from non-backbone area if it does not have full adjacencie with area-0

OSPF LSA Example
https://www.youtube.com/watch?v=N5_7maAaupw

**** What if I configure the administrative distance to be the same for two routing protocols? Will the router install routes from each
routing protocol and allow me to load balance traffic?
When there is a tie of configured administrative distance settings the router will use the default administrative distance to make the
decision

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website with WordPress.com
Get started
%d bloggers like this: