11.advanced OSPF Topics Part II

Cisco CCNP ROUTE Training
Instructor: Joe Rinehart, CCIE #14256

Advanced OSPF
Topics Part II
Advanced OSPF Topics
In This Lesson:
Route Summarization
Route Filtering Functionality
Virtual Links
Configuration of Advanced OSPF Lab Exercises
Route Summarization
1. Why Summarize Routes at All?
2. Configuring Summary Routes
3. Verification of Summary Routes
Route Summarization
Why Summarize Routes at All?
Positive Aspects of Route Summarization
Reduction in size and scope of routing
tables
Shrinking of query scope (stops at
router configured with summary)
Summary routes carry best metric
Potential Drawbacks
Possible less than optimal routing
Packet discards (if networks contained
in the summary are unreachable)
Route Summarization
Configuring Summary Routes
Uses the area <area #> range
<prefix> <mask> command on the
ABR in OSPF router configuration mode
Summary route to Null0 will be
created in the IP routing table for
OSPF
More specific routes in neighbor
routing tables will be suppressed in
favor of the configured summary
route
Multiple summary routes per area
Route Summarization
Configuring Summary Routes
Uses the summary-address <prefix>
<mask> command on the ASBR in OSPF
router configuration mode
Used for summarization of external
routes into the OSPF routing domain
More specific routes in neighbor
routing tables will be suppressed in
favor of the configured summary
route
Creates a Type 5 LSA for the
summary route
Route Summarization
Verification of Summary Routes
Verify Existence of Summary Route
show ip route ospf should list only
the summarized route
show ip route <prefix> should list
route details
show ip ospf summary-address
should list the summary route
show ip route <summary prefix>
on the originating router should list
the route to Null0
show ip ospf database should list
the summary route in the topology
1. Understanding OSPF Route Filtering
2. Configuring OSPF Route-Filtering
3. Verifying Route-Filtering
Understanding OSPF Route Filtering
Filtering Inherent to OSPF
Certain OSPF area types filter certain
types of routes by default
Stub/Totally stubby
NSSA/Totally NSSA
Area Filtering (LSA Type 3 Filtering)
Identifying routes to be filtering into
or out of a particular area
Configured using the area <area#>
filter-list prefix <prefix-list>
<in|out> command
Understanding OSPF Route Filtering
Filtering OSPF Routes from the IP Routing
Table
Essentially blocks routes from the
OSPF LSDB from being installed in the
routing table
Utilizes distribute-lists with caveats:
While distribute-lists can be used
in or out with other protocols,
OSPF only supports the in option
Using an ACL, prefix-list or route
map, permit allows route in the
table deny filters the route
Configuring OSPF Route-Filtering
Using Access-Lists for Route Filtering
Route filtering uses standard rather
than extended access lists
Always place more specific entries
before more general ones
Applying the access-list is performed
using the distribute-list command
Access-List Filtering Syntax
access-list <number | name>
<permit | deny> <prefix>
<mask>
distribute-list <number | name>
out <interface>
Using Prefix-Lists for Route Filtering
Allows for the ability to match:
Route prefix/subnet
Prefix length/mask
le and ge can be used together to
specify a range of prefix lengths
Prefix-List Filtering Syntax
prefix-list <name> <permit |
deny> <prefix/length> [le |
ge] <value>
Distribute-list <number |
name> <out> <interface>
Using Route-Maps for Route Filtering
Route Maps can be utilized by all
routing protocols to perform multiple
levels of route manipulation
Route Maps use sequence numbers to
identify successive steps
Route Map actions include:
Match: Specifying Match Criteria:
IP address
Next-hop
Interface
Route metric
Using Route-Maps for Route Filtering
Route Map actions include:
Match: Specifying Match Criteria:
Route type (internal/external)
MPLS labels (out of scope)
Tag (tagged routes)
Set: Actions to take:
Metric (offset or static value)
Tag (tagged routes)
Other values exist but do not
apply to EIGRP route
manipulation
Route-Map Syntax
route-map <map-name>
<permit| deny> <sequence-
number>
match <match-criteria>
set <set-actions>
distribute-list route-map <map-
name> <out>
Verifying Route-Filtering
Access-List Filtering
Use show access-list command and
determine if the counters are non-
zero
Execute show ip route ospf and
confirm route does not appear
If filtering on all interfaces, execute
the show ip protocols command
and verify that filtering is applied
Prefix-List Filtering
Use show ip prefix-list command
and determine if the counters are
non-zero
Verifying Route-Filtering
Prefix-List Filtering
Execute show ip route ospf and
confirm route does not appear
Route-Map Filtering
Use previously listed commands to
confirm specific actions have worked
Virtual Links
1. Understanding Virtual Links
2. Configuring Virtual Links
3. Verifying Virtual Links
Virtual Links
Understanding Virtual Links
What Virtual-Links Accomplish
The OSPF hierarchy requires that all
areas connect to Area 0 as a transit
area
Virtual-Links create a legitimate
exception by using another area as a
transit
When to Use Virtual-Links
As seldom as possible (design issue)
When companies merge
To prevent partitioning of Area 0
(called split-brain)
VLAN 79
VLAN 910
R7
R10 R9
OSPF
Area 79
OSPF
Area 910
OSPF
Area 0
Virtual-Link
Virtual Links
Configuring Virtual Links
Configuration Takes Place on ABRs of
Transit Area (Area 79 pictured left)
Use area <area#> virtual-link
<router-id> command on ABR on
each side of the transit area
Other optional commands include:
authentication,
authentication-key or
message-digest-key
hello-interval, dead-interval
Retransmit-interval, transmit-
delay
VLAN 79
VLAN 910
R7
R10 R9
OSPF
Area 79
OSPF
Area 910
OSPF
Area 0
Virtual-Link
Virtual Links
Verifying Virtual Links
On the Transit ABRs
Execute show ip ospf neighbors
command and verify presence of
virtual-link neighbor ABR (status full)
Execute show ip ospf virtual-links
and confirm adjacency and state is up
Execute show ip ospf interface and
verify virtual-link interface presence
and state is up
On the Discontiguous Area Router(s)
Execute show ip route ospf
command and verify expected routes
VLAN 79
VLAN 910
R7
R10 R9
OSPF
Area 79
OSPF
Area 910
OSPF
Area 0
Virtual-Link
1. Review of OSPF Configuration Commands
2. Configuration of OSPF Routers
3. Verification of OSPF Configuration
Review of OSPF Configuration
Commands
Neighbor Authentication
Creation of keys using the ip ospf
message-digest-key command in
interface configuration mode
Specification of area parameters using
the area <area#> message-
digest command
Application to the interface using the
ip ospf authentication message-
digest commands
Frame Relay
WAN
607
706
VLAN 79
VLAN 910
R6
R7 R8
R10 R9
608
806
708
807
OSPF
Area 0
OSPF
Area 79
OSPF
Area 8
(Stub)
OSPF
Area 910
Backbone
Commands
Route Summarization on R10
Suppression of loopback 0
(10.10.10.10/32) on R10 using the
area <area#> range <prefix>
<mask> command
Route Filtering on R9
Creation of standard access-list using
the access-list <number>
<permit | deny> <network>
<mask> command
Applying filtering using the
distribute-list command
Frame Relay
WAN
607
706
VLAN 79
VLAN 910
R6
R7 R8
R10 R9
608
806
708
807
OSPF
Area 0
OSPF
Area 79
OSPF
Area 8
(Stub)
OSPF
Area 910
Backbone
Commands
OSPF Stub Area Configuration on R8
Configuration of the stub area using
the area 8 stub command under the
OSPF routing process
OSPF Virtual-Link Configuration on R7/R9
Configuration of a virtual-link joining
area 910 to Area 0 using the area
<area#> virtual-link command
under the OSPF routing process
Frame Relay
WAN
607
706
VLAN 79
VLAN 910
R6
R7 R8
R10 R9
608
806
708
807
OSPF
Area 0
OSPF
Area 79
OSPF
Area 8
(Stub)
OSPF
Area 910
Backbone
Configuration of OSPF Routers
Using preshared key of myospfkey
between Area 0 frame-relay neighbors
Configuration of default route to
192.168.254.1 (ASA Firewall) for Internet
access
Creating Area 910 range summary of
10.10.10.0/24 from R10
Filtering of 10.10.10.10/32 on all routing
updates from R9 to R7
Configuration of OSPF stub area on R8
Configuration of a Virtual-Link on R7 and
R9
Frame Relay
WAN
607
706
VLAN 79
VLAN 910
R6
R7 R8
R10 R9
608
806
708
807
OSPF
Area 0
OSPF
Area 79
OSPF
Area 8
(Stub)
OSPF
Area 910
Backbone
Verification of OSPF Configuration
Verify fully functional neighbor
relationships on R6, R7, & R8 using the
show ip ospf neighbor command
Verify no 10.10.10.10/32 route exists on
all routers except R10 using the show ip
route ospf and show ip ospf
database summary commands
Verify Stub Area using ip ospf command
Verify Virtual-Link is correctly configured
by confirming output of show ip ospf
virtual-links and show ip ospf
interface commands on R7
Frame Relay
WAN
607
706
VLAN 79
VLAN 910
R6
R7 R8
R10 R9
608
806
708
807
OSPF
Area 0
OSPF
Area 79
OSPF
Area 8
(Stub)
OSPF
Area 910
Backbone
Key Terms You Should Know
Area-Range OSPF route summarization method that
advertises a summarized prefix at the Area Border Router
Summary-Address OSPF route summarization method that
advertises a summarized prefix at the ASBR for external routes
Route Summarization The process of taking a larger
number of contiguous and expressing them in a reduced form
Route-Filtering The process of selectively removing routes
from the routing table and/or routing process
Distribute-List In OSPF, a route filtering method making use
of access-lists, prefix-lists and route maps to prevent OSPF
routes from being installed in the IP routing table
Virtual-Link Virtual point-to-point link used to link a
discontiguous area to Area 0
What We Covered
Route Summarization
Virtual Links

11.advanced OSPF Topics Part II

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

11.advanced OSPF Topics Part II

Transféré par

Droits d'auteur :

Formats disponibles

Cisco CCNP ROUTE Training

Instructor: Joe Rinehart, CCIE #14256

Vous aimerez peut-être aussi