Académique Documents
Professionnel Documents
Culture Documents
Back To Index
studies, but we're going to review the important points here in just a
moment. Again, I want to mention that you must not breeze through
this information, thinking that since you already have your CCNA, you
already know all this material. While quite a bit of it will be familiar to
you, there are many additional details you must master at the CCNP
level. Those of you with your eyes on the CCIE will need to truly master
Link state protocols don't work that way - they do not send routing
updates in the form that RIP and IGRP do. Link state routers that have
formed adjacencies exchange Link State Updates (LSUs), which contain
Link State Advertisements (LSAs). It's these LSAs that carry subnet
masking information and allow OSPF to support VLSM.
These LSAs are placed into a link state database. The Dijkstra algorithm
(also known as the Shortest Path First algorithm, or simply SPF ) is run
against the contents of this database to create the OSPF routing table.
Routers should have synchronized link state databases.
To see the contents of the database, run show ip ospf database. This
command shows the links and link types, sequence numbers, and how
long it's been since a particular LSA was received. This value is in
seconds and is seen under the "age" column.
The Dijkstra algorithm runs against the contents of the OSPF database...
R1#show ip ospf database
... calculates the routes, and these routes are placed into the OSPF routing table.
R1#show ip route ospf
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.1.5, 02:32:53, Ethernet0
7.0.0.0/32 is subnetted, 1 subnets
O 7.7.7.7 [110/11] via 10.1.1.5, 02:32:53, Ethernet0
The SPF algorithm actually calculates a shortest path tree, and that tree
is used to create the routing table. We don't have to think much more
about the SPF algorithm since it does a great job without our
If there is, one of three situations exists. Either the incoming LSA has a
sequence number that is the same, lower, or higher than the entry
already in the database.
If the sequence number is lower, the router will ignore the update and
sends an LSU containing that LSA back to the original sender. In this
situation, the router with the more-recent information is telling the
original sender, "The information you're sending is outdated. Here's
what you should be sending."
If the sequence number is higher, the router will add that LSA to its
database and send an LSAcknowledgment. The router will then flood
that LSA and will run the SPF algorithm in order to update its own
routing table.
area number, the hello and dead timer settings, and whether the area is
The OSPF process number itself is locally significant and does not affect
show ip ospf interface gives you the local router's OSPF RID, its role on
that segment (DR, BDR, DROther), the RID of the DR and BDR for that
segment, how many adjacencies the local router has formed on that
segment, and a lot more. It's an excellent starting point for OSPF
troubleshooting.
in the network, that router will not notify all of its neighbors. Instead,
which both the DR and BDR listen to learn about such changes. It's
important to note that only the DR and BDR will receive this particular
multicast, even though the term used for the sending of this change
As always, there are exceptions, and we'll take a detailed look at those
situations later in this section. For now, let's take a close look at the
There are four routers on this Ethernet segment. One will become the
DR, one will become the BDR, and the others will be DROthers. Before
we look at how Cisco routers decide which routers will fill these roles,
1. All routers with an OSPF priority of 1 or higher are eligible for the
Setting the interface priority to 0 will eliminate that router from the
0.
ethernet segment, which we'll discuss later in this section. For now, the
Obviously, the OSPF RID plays a huge part in the selection of the DR and
BDR - but how is the RID value determined? By this set of rules:
3. These rules are both be overridden by setting the OSPF RID manually
with the router-id command, but the router must be reloaded or the
OSPF processes cleared before the command will take effect.
It seems a little strange that a router can have a loopback address that
isn't being advertised by OSPF actually serve as the RID, doesn't it?
Let's see this in action. R1 and R5 have formed an OSPF adjacency over
an Ethernet segment on network 10.1.1.0 /24. R5 has multiple
loopbacks, and is only advertising two of them via OSPF:
hostname R5
!
interface Loopback6
ip address 6.6.6.6 255.255.255.255
!
interface Loopback7
ip address 7.7.7.7 255.255.255.255
!
interface Loopback8
ip address 8.8.8.8 255.255.255.255
!
interface Ethernet0
ip address 10.1.1.5 255.255.255.0
!
router ospf 1
network 6.6.6.6 0.0.0.0 area 0
network 7.7.7.7 0.0.0.0 area 0
network 10.1.1.0 0.0.0.255 area 0
Knowing what you know about OSPF RIDs, what will R1 show as the RID
for R5? Take a moment to look at the above configuration and figure
that out.
If you said 8.8.8.8, you're right. To see the OSPF RID of a neighbor, run
show ip ospf neighbor:
R1#show ip ospf neighbor
RouterB: 2.2.2.2
RouterC: 172.1.1.3
RouterD: 172.1.1.4
The RID process will always prefer a loopback interface IP address over a
physical interface's IP address.
Summing all of this up, we've got three options when it comes to
manipulating the DR selection:
loopback interface
None of these choices are "wrong" or "right" - so know all three, and
way router election for DR and BDR, we would expect to see RouterD
become the DR and RouterC become the BDR. But what happens if
become the BDR. And when RouterD comes back up, those routers keep
their roles. This isn't like Spanning-Tree Protocol (STP), where a new
switch with a lower BID would become the root bridge. With OSPF, a
DR/BDR election is not held when a new router comes online or when a
router that was previously a DR or BDR comes back online.
For Router A to finally become the DR again, now Router C will have to
go down. Router A will then be promoted from BDR to DR, and Router B
will become the BDR.
When Router C comes back up, it will be a DROther, and the network is
finally the way it was before!
segment. Different OSPF network types have different default hello and
dead timers, and that's one of the factors that must match between two
do not have DRs and BDRs, and others that do have special
We'll now build an OSPF network, step by step, to illustrate each of the
OSPF network types you'll need to know for the BSCI exam. Unless
backbone area.
The broadcast network's subnet is 10.1.1.0 /24. The final octet of every
Note the default hello and dead timers for a broadcast segment - 10 and
broadcast segment, but that's not true of our next network segment.
one running over a frame relay cloud. The new segment will use the
R2 and R3; there is no PVC between the spokes. All routers have their
mesh through the frame cloud (no PVC between R2 and R3), the hub
Before configuring any OSPF configuration over frame relay, make sure
It's not enough to make sure R1 wins the DR election - we've got to
R2(config)#int s0
R2(config-if)#ip ospf priority 0
R3(config)#int s0
R3(config-if)#ip ospf priority 0
The router with the highest priority set on an OSPF-enabled interface will
become the DR. If there is a tie, the router with the highest OSPF
election so there's no chance the spokes can possibly win, even if the
hub disappears! Setting the spoke priorities to zero prevents one of the
The "NB" in NBMA stands for non-broadcast, so the hub router must be
configured with manual neighbor statements, as shown below. No
neighbor statements are needed on the spokes.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#network 172.12.123.0 0.0.0.255 area 0
R1(config-router)#neighbor 172.12.123.2
R1(config-router)#neighbor 172.12.123.3
You can have NBMA networks where there is both a DR and BDR, but
they still both have to be hub routers. A network with two hubs could
have one as the DR and the other as the BDR. Every DR or BDR in an
NBMA network must have static neighbor statements; they are not
Note the default hello and dead timers for an NBMA network - 30 and
120 seconds, respectively. The dead timer is again four times the hello
timer by default.
Serial interfaces default to NBMA, but you can also change an interface's
We'll now add a direct connection between R1 and R3, but put it into
Area 13. The network number is 172.12.13.0 /24. Both routers are
is legal.
show ip ospf interface serial1 shows that this OSPF segment defaulted to
the OSPF network type point-to-point. This output also shows the
default hello and dead timers for this network type - 10 and 40 seconds,
respectively.
there are only two routers on the link. Therefore, there's no reason to
show ip ospf neighbor displays a dash where the role of the neighbor
as the DR on the NBMA segment while not seeing R1 in any role on the
point-to-point network.
DROther, which means there was no DR/BDR election in the first place.
For example, we could go back and configure the frame relay OSPF
and nonbroadcast option. We'll now configure the frame relay network
This network type doesn't require use of the neighbor statement, but
R1(config-if)#router ospf 1
R1(config-router)#neighbor 172.12.123.2 ?
cost OSPF cost for point-to-multipoint neighbor
database-filter Filter OSPF LSA during synchronization and flooding for
point-to-multipoint neighbor
poll-interval OSPF dead-router polling interval
priority OSPF priority of non-broadcast neighbor
<cr>
does require the neighbor statement. You can assign costs to neighbors
if you choose, but the neighbors must be statically defined with this
network type.
We could have used the ip ospf network broadcast command on all the
routers connected to the frame network, and as long as there's a full
mesh, technically the network should work and the routers would act as
though they were actually communicating through a LAN. In the real
world, using the OSPF broadcast network type on an NBMA topology can
lead to unpredictable results, and I personally wouldn't do it. Why spend
your time troubleshooting when you can just stick with the default?
multipoint, are officially RFC compliant for use over an NBMA topology.
(The exact RFC is 2328.) The OSPF network types broadcast, point-to-
point, and point-to-multipoint nonbroadcast aren't officially compliant,
the default NBMA and it will remain that type for the remainder of this
section.
through Area 34, and R4 will have its loopback placed into Area 4. The
an ethernet segment.
This configuration will result in incomplete routing tables, and that brings
us to our final OSPF network type. There is no problem with Area 34,
since one router with an interface in that area also has a physical
The area through which the virtual link is built, the transit area, cannot
be a stub area of any kind - stub, total stub, or not-so-stubby stub. (If
you're rusty on those, don't worry - there's a lot of information on these
areas coming later in the course!)
A virtual link must be configured on both ends of the transit area. We'll
go over to R3 now and finish the config.
R3(config)#router ospf 1
2d07h: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from
backbone area must be virtual-link but not found from 172.23.23.4,
Ethernet0
R3(config)#router ospf 1
R3(config-router)#area 34 virtual-link 4.4.4.4
R3(config-router)#^Z
2d07h: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on OSPF_VL0 from LOADING to
FULL, Loading Done
The virtual link command uses the remote device's OSPF RID, not
necessarily the IP address on the interface that's in the transit area.
Watch that - it's a very common error.
Also, don't worry about that error message you see in the output from
R3. That's normal and you'll see it on R3 until you finish building the
virtual link. If you see it after you've completed the virtual link, you do
have a problem.
Always confirm the virtual link with show ip ospf virtual-link. If you've
configured it correctly, the VL should come up in a matter of seconds.
R3#show ip ospf virtual-link
Virtual Link OSPF_VL0 to router 4.4.4.4 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 34, via interface Ethernet0, Cost of using 10
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 2/4, retransmission queue length 1, number of retransmission 1
First 0x2C8F8E(15)/0x0(0) Next 0x2C8F8E(15)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
Link State retransmission due in 3044 msec
Virtual links are actually simple to configure, but for some reason they
seem to intimidate people. It's my experience that the error message
highlighted in R3's output above causes a lot of panic, but the only thing
that message means is that you're not finished configuring the virtual
link yet.
There are three main misconfigurations that cause 99% of virtual link
configuration issues:
as well.
don't forget our old friend show ip protocols. Regardless of the network
type, that command will show you the networks being routed, link
R3#show ip protocols
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 3.3.3.3
It is an area border router
Number of areas in this router is 3. 3 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
172.12.13.0 0.0.0.31 area 13
172.12.123.0 0.0.0.255 area 0
172.23.23.0 0.0.0.31 area 34
Routing Information Sources:
Gateway Distance Last Update
4.4.4.4 110 00:28:41
8.8.8.8 110 00:28:41
1.1.1.1 110 00:28:41
3.3.3.3 110 00:35:30
Distance: (default is 110)
After you hear about the importance of Area 0 for the 10,000th time,
you might start thinking, "Why not just put all the routers into one big
Area 0? That way, you wouldn't have to worry about design issues, and
virtual links, or anything! After all, RIP and IGRP don't use areas."
That's true, and it's also one reason you don't see RIP and IGRP in use
hierarchical design.
Now that sounds great, and Cisco exams love the word "hierarchical"....
That's what OSPF areas allow you to do - build a layered network. This
does help reduce the wear on router resources such as CPU and
memory. As you'll see in the next section, there are situations where a
router doesn't need a huge routing table. An unnecessarily large routing
table can be quite a drain on router resources. And if there's only one
way for packets to get from a router to multiple destinations, why have a
full routing table when a default route will do?
Speaking of SPF recalculations, you can see how many times this
algorithm has run with the show ip ospf command. If you continually
see this number rising, there is an unstable segment in that OSPF area.
(There is a lot of output with this command, and it's worth knowing.)
R3#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3
Supports only single TOS(TOS0) routes
Supports opaque LSA
It is an area border router
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 3. 3 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm executed 10 times
Area ranges are
Number of LSA 12. Checksum Sum 0x06DBEB
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 3
Flood list length 0
Area 13
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm executed 4 times
Area ranges are
Number of LSA 14. Checksum Sum 0x0822C6
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 34
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm executed 6 times
Area ranges are
Number of LSA 15. Checksum Sum 0x06BDFB
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
When you look at an OSPF routing table, you'll see two numbers
is based on the port's speed. The default formula OSPF uses to calculate
You'll see some documentation that lists the first part of that formula as
10 to the 8th power, but I feel it's easier to remember 100,000,000 (one
manually, remember that the expression for bandwidth here is bits per
Here are some default OSPF interface costs for common interface
speeds:
56 kbps = 1785
T1 line = 64
Ethernet = 10
The cost of an interface can be seen with the show ip ospf interface
command. Note that this serial port is shown with an OSPF cost of 64,
meaning that OSPF is assuming the interface is connected to a T1 line. If
it were actually connected to a 512 kbps line, the bandwidth command
can be used on the interface to reflect this, after which OSPF will
recalculate the cost.
R1#show ip ospf interface serial0
Serial0 is up, line protocol is up
Internet Address 172.12.123.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface serial0
R1(config-if)#bandwidth 512
The OSPF path with the lowest cost is preferred. Like RIP, OSPF will
load-balance over four equal-cost paths by default.
You can actually change the value that OSPF uses to base its path cost
calculation on. If you have a very good reason to change it from
100,000,000, you can use the ospf auto-cost reference-bandwidth
command to do so. To add to the fun, note that this command asks you
to enter the new bandwidth reference value in MBPS:
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#auto-cost reference-bandwidth ?
<1-4294967> The reference bandwidth in terms of Mbits per second
OSPF is generally considered superior to RIP. Here are just a few of the
reasons.
remote network.
OSPF uses a composite metric, cost, where RIP uses the sole metric
of hop count.
OSPF supports VLSM, where RIPv1 does not. RIPv2 does, though.
VLSM support allows a protocol to have more efficient utilization of
IP addresses than a protocol that does not.
You know from your CCNA studies that OSPF adjacencies go through the
Loading - Routers now send Link State Request (LSR) packets to their
potential neighbor.
Full - Router databases are synchronized and the adjacency has been
formed.
Always use the show ip ospf neighbor and show ip ospf interface
commands to ensure your OSPF adjacencies reach the Full stage. You
can see neighbor adjacencies with either command. Show ip ospf
neighbor gives you the basic information regarding the adjacency, while
the interface command gives you more detailed information.
R1#show ip ospf neighbor
Show ip ospf interface is excellent for spotting issues related to hello and
dead timers. If you don't see the problem with the show command,
though, you can run debug ip ospf adj to see the adjacencies form - or
not form! Here is just part of the output from this command, and you
can see the different OSPF states the adjacency goes through on the way
to Full.
4d22h: OSPF: Rcv DBD from 10.1.1.1 on Serial1 seq 0x5DD opt 0x42 flag 0x7
len 32
mtu 1500 state INIT
4d22h: OSPF: 2 Way Communication to 10.1.1.1 on Serial1, state 2WAY
4d22h: OSPF: Send DBD to 10.1.1.1 on Serial1 seq 0x14EC opt 0x42 flag 0x7
len 32
4d22h: OSPF: First DBD and we are not SLAVE
4d22h: OSPF: Rcv DBD from 10.1.1.1 on Serial1 seq 0x14EC opt 0x42 flag 0x2
len 9
2 mtu 1500 state EXSTART
4d22h: OSPF: NBR Negotiation Done. We are the MASTER
4d22h: OSPF: Send DBD to 10.1.1.1 on Serial1 seq 0x14ED opt 0x42 flag 0x3
len 92
4d22h: OSPF: Database request to 10.1.1.1
4d22h: OSPF: sent LS REQ packet to 13.13.13.1, length 12
4d22h: OSPF: Rcv DBD from 10.1.1.1 on Serial1 seq 0x14ED opt 0x42 flag 0x0
len 3
2 mtu 1500 state EXCHANGE
4d22h: OSPF: Send DBD to 10.1.1.1 on Serial1 seq 0x14EE opt 0x42 flag 0x1
len 32
4d22h: OSPF: Rcv DBD from 10.1.1.1 on Serial1 seq 0x14EE opt 0x42 flag 0x0
len 3
2 mtu 1500 state EXCHANGE
4d22h: OSPF: Exchange Done with 10.1.1.1 on Serial1
R22h: OSPF: Synchronized with 10.1.1.1 on Serial1, state FULL
4d22h: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial1 from LOADING to
FULL,
Loading Done
4d22h: OSPF: Build router LSA for area 0, router ID 172.12.123.3, seq
0x80000005
The process number does not have to be agreed upon - that value
is locally significant only.
When you have more than two OSPF routers on a broadcast segment,
you'll get some interesting adjacency results. I get asked about this one
the BDR, and Router3 and Router4 as the DROTHERS. The OSPF
neighbor tables on Router1 and Router2 look like you would expect, but
You'll hear about OSPF adjacencies "stuck in 2-way", and many people
think that's what is happening here, but it's not. The DROTHERS are
This is a default behavior of OSPF that helps to cut down on the number
of LSAs being transmitted on a segment like this. The only routers that
will have an adjacency to all other routers on the segment are the DR
and BDR. The DROthers will only have full adjacencies with the DR and
BDR, never between DROthers.
For this reason, any router that detects a change in the network will
multicast news of this change to the DR and BDR only - the remaining
DROthers will then learn about it from the DR.