OSPF Part 1

Submitted by rayc on Tue, 11/23/2021 - 19:44

OSPF (Open Shortest Path First) is the IETFs replacement IGP for RIP and is a link state routing protocol. Link state routing protocols advertise all of the information about all links to all link state routers inside the AS. OSPF is a link state protocol thst uses Dijkstra's SPF algorithm to find the shortest path to a network. 

OSPF routers share information by establishing neighbour relationships or adjacencies. They do this by sending hello messages our each OSPF enable interface. When a router receives a hello message it will begin to form a neighbour adjacency. I'll explain the full process later. Once the routers have decided to become neighbours, they will send there link state information to each other. This information is then sent to all OSPF routers inside the AS. This ensures that each OSPF router inside the OSPF AS, has an identical Link State Database (LSDB). 

Once all link state information has been flooded throughout the AS. The router will run the SPF algorithm to determine the best path to each network. When a router does this, it builds an SPF Tree (SPT) where it is the root of the tree. Therefore each routers SPT will be unique to that router, but the LSDB information used to create that tree, will be identical.

OSPF Messages

OSPF routers use 5 different message types to establish neighbour relationships and send updates to neighbours. These messages are sent using the OSPF protocol number 89 using either the AllSPFRouters multicast address 224.0.0.5 with multicast MAC address 0100.e500.0005 or the AllDRouters multicast address 224.0.0.6 with multicast MAC address 0100.e500.0006.

  • Hello: Used to establish and maintain neighbour relationships. 
  • DBD: Used to send a description of the link state information to neighbouring routers. These are sent during the establishment of a neighbour adjacency. 
  • LSR: Used to request specific information that the router does not have based on the DBD contents. 
  • LSU: Used to send updates (LSA). These are explicit packets for an explicit network and are usually in a response to an LSR. 
  • Link State Ack: Used as a response to flooded LSAs. 

 

The OSPF hello message contains all of the information required for a router to form an adjacency. In order for two routers to form a neighbour relationship, certain OSPF configuration items must match such as area ID, hello interval and dead interval to name a few. I will go through this in more detail later. The following fields are in the OSPF hello message. 

  • Router ID: The OSPF router ID must be unique inside the AS. 
  • Authentication: The router will check for the authentication type and password if used. 
  • Area ID: This can be represented by either a 32bit address like an IP (0.0.0.1) or in a decimal format (125). The two routers area ID's must match. 
  • Interface address mask: The subnet mask of the interface that the router sent the hello from. The mask information must match on both routers. 
  • Interface priority: This is used for DR/BDR elections. The router with the highest priority will become the DR. This is a value from 0-255 with 0 making a router intelligible to become a DR. 
  • Hello interval: This is the frequency that a hello message is sent by the router. The hello interval must match on OSPF neighbours. By default this is 10 seconds. 
  • Dead interval: This is how long the router will wait to hear a hello before deeming a neighbour as down. By default, this is 4 x Hello interfaval plus a skew time. 
  • DR/BDR: This is the address of the DR/BDR routers if there are any. 
  • 5 optional flag bits: These are optionally set by the router and must match. 
  • Active Neighbour: This is a list of active neighbours that the sending router has seen hello messages from. The receiving router's ID must be in the list in order to proceed to the next step of forming an adjacency. 

 

OSPF Hello message packet capture

OSPF selects a router-ID in the following order:

  • If there is a configured router-ID using the router ospf configuration subcommand router-id <id> then this takes precedence.
  • The next option is the highest IP address of any configured loopback interface
  • The last step is the highest IP address of an physical interface.

 

The reason a loopback interface is preferred over a physical interface is because a loopback interface will always be in an up/up state when a router boots and the IP address will rarely change if at all. 

Forming an adjacency

OSPF routers go through a series of steps before becoming fully adjacent (neighbours). Throughout these steps, the routers OSPF neighbour state will transition through most states. There are 8 OSPF neighbour states before a router becomes fully adjacent. Although depending on the network, there are 2 states that a router can be concidered fully adjacent. 

State Description 
Down This is the initial state of a neighbour. This state indicates that a hello message has not been sent or received. 
Attempt  This state is only seen on NBMA networks thst don't support broadcast and require explicit neighbour configuration. This state indicates that no information has been received but the router is still attempting to communicate. 
Init This state indicates that a hello has been received but bidirectional communication has not started. 
2-way bidirectional communication has been established here. If there is a DR/BDR to be used, this is where the election takes place
Ex-Start This state is the first state in forming an adjacency. This is where the routers will determine who is the primary/secondary for LSDB synchronisation. 
Exchange This state is where the two routers send their DBD packets to exchange link state information. 
Loading This state is where the routers will send LSRs to request more information about LSAs that have not been discovered or received. 
Full This state is the final state for fully adjacent neighbours. 

 

Before two routers can become neighbours they must agree on certain OSPF configurations which can be seen in the hello messages. In order for two OSPF routers to become neighbours the following must match:

  • Subnet mask must match on both routers interfaces
  • The interface must not be passive
  • The interfaces must be in the same area
  • Hello and dead interval must match
  • Authentication parameters must match
  • Must have a unique router ID
  • MTU

 

While having the same MTU configured on an interface isn't an actual OSPF configuration item, it is required as OSPF will not allow packets to be fragmented. OSPF will allow the neighbour adjacency to start proceeding, but will sit in a EXSTART state unable to proceed any further. 

Neighbour state when there is an MTU missmatch

in the output of the debug ip ospf adj command, you can see that the neighbour can tell that the interface MTU's do not match

output of debug ip ospf adj command

Also, while it is possible for two routers to have the same RID in an OSPF network, the neighbour relationships will form, but will cause routing issues as LSA's appear from an OSPF RID. 

DR and BDR

The purpose of a DR/BDR (Designated Router/Backup Designated Router), is to reduce the routing protocol traffic and need for complete Full neighbour adjacency in broadcast and NBMA networks.

When you use OSPF on a broadcast or NBMA network Without a DR/BDR, each router would need to establish a fully adjacent neighbour relationship with every other OSPF router inside that AS. This would result in a total number of adjacencies that is n(n - 1)/2 where n is the number of routers. For example, if we had 6 routers in our network, we would have 6(6 - 1)/2 = 15 neighbour adjacencies. Each router would flood LSA information throughout the network and would send its full LSDB to each neighbour every 30 minutes. You can see how this unnecessarily generates routing protocol traff sic.

OSPF uses the concept of a DR/BDR to alleviate this issue. When neighbours on a broadcast or NBMA network form an relationship, part of the process is to elect a DR/BDR. There is only one election process in an OSPF network unless either the DR fails and the BDR takes over, in that case, a new BDR is elected, or if the OSPF process on the DR/BDR is reset. In order to win the DR election, the router with the highest interface priority is selected. If both routers have the same priority (on Cisco routers it's 1 by default), then the router with the highest router ID is selected. Once the DR is elected, the next router with the highest interface priority or router ID is selected as the BDR. The DR/BDR IP is then included in the OSPF hello messages and a new router wanting to establish a neighbour relationship will see this and skip the election process. 

         Note: To ensure that all routers on a network segment have fully initialised, OSPF uses a wait timer which by default is the same as the dead interval timer. Once the wait timer expires, the router will            participate in the DR election process. 

Once the DR/BDR have been elected, all OSPF routers will continue to establish a fully adjacent neighbour relationship only with the DR and BDR. All other routers in the broadcast/NBMA network will only reach a 2-Way/DROther state, however the output of the show command show ip ospf neighbor still shows the neighbours in a FULL/DROther state.

output of show ip ospf neighbor showing FULL/DROther neighbour state

Because routers only become fully adjacent with the DR/BDR, it is the responsibility of the DR/BDR, to ensure that all LSA information is sent to all OSPF routers. When a router sends LSA information to a DR/BDR, the LSA is sent using the AllDRouters multicast address 224.0.0.6. This is to ensure that no non-DR router receives and processes the LSU. The DR will then flood that LSU to all other routers using the AllSPFRouters multicast address 224.0.0.5. You can see which interfaces are listening to which multicast addresses by using the show command show ip interface <interface>.

output of show ip int <interface> command

OSPF Network Types

I've mentioned a few types about broadcast and NBMA networks in regards to OSPF, but what are they? OSPF operates in different ways depending on the type of network that the interface connects to as not all network types are created equal. For example, an Ethernet network operates in a different way to a Serial Point-to-Point link. For this reason, OSPF has the ability to be configured for a specific network type. There are 5 types on networks in OSPF

  • Point-to-Point: These networks are serial links, TI leased line links and will always form a full adjacency. There is no need for a DR election on a point-to-point link. All messages are sent to the ALLSPFRouters multicast address 224.0.0.5.
  • Point-to-Multipoint: This is a special configuration of an NBMA network where the networks are treated like a collection of point-to-point links. There is no DR/BDR election and packets on these networks are unicast. 
  • Broadcast: These are networks that support broadcast messages such as Ethernet. Broadcast networks are networks that support multiple devices (multiaccess) and support broadcast messages in that all devices on the network can receive a single packet. Broadcast networks will elect a DR/BDR. Hellos and all packets sent from the DR/BDR are sent on the ALLSPFRouters multicast address while all other routers use the ALLDRouters multicast address 224.0.0.6.
  • Nonbroadcast Multiaccess (NBMA): These networks are Frame Relay, or ATM, or DMVPN links. They are capable of connecting more than two devices but have no broadcast capabilities. OSPF Routers on NBMA networks will elect a DR/BDR and all OSPF packets are unicast. 
  • Virtual links: These are a special configuration and a interpreted by the router as unnumbered point-to-point networks. These are used to bridge an area through another area, into area 0.

 

Along with the five network types, all networks will fall into two general types in OSPF.

  • Transit: These networks have two or more attached routers and might carry packets that are "passing through". These packets could have been originated on and destined for a network other than the transit network.
  • Stub: These networks only have a single attached router. Packets on a stub network always have a destination belonging to that network. A loopback interface on a router is considered a stub network and is advertised as host routes by default.

 

Configuring the OSPF interface network type

Interface type Uses DR/BDR Default Hello Interval Dynamic neighbour discovery More than 2 routers allowed in subnet
Broadcast Yes  10 Yes Yes 
Point-to-point No  10 Yes  No
Loopback No  NA NA No
NBMA Yes  30 No Yes
Point-to-multipoint No  30 Yes Yes
Point-to-multipoint NBMA No  30 No Yes

OSPF Path Selection

In an OSPF network, when all routers have synchronised their LSDB's and are choosing which path to reach a prefix, OSPF uses a links bandwidth, to determine the path that has the lowest cost to the destination. Cisco routers use the OSPF metric cost. To calculate the cost of a link, OSPF uses the formula interface-BW/Reference-BW, where the reference bandwidth is a value of 108bits or 100Mbps by default.

This would mean that any link speeds equal to or greater than 100Mbps, will have a cost of 1. In modern networks where 1Gbps and 10Gbps is quite common, this could present an issue with correct path selection. Cisco routers provide you with the ability to alter the reference bandwidth so that higher speed links can be measured correctly. To alter the OSPF reference bandwidth value, use the OSPF router configuration subcommand auto-cost reference-bandwidth <bandwidth> where bandwidth, is in Mbps.

Configuring the reference bandwidth in OSPF

The above example sets the auto-cost reference bandwidth to 100Gbps giving the 1Gbps interfaces a cost of 100. Notice the alert saying that this should be done across all OSPF routers. This is to ensure that the cost calculation throughout your OSPF network is the same in order to avoid potential routing loops created by advertising the wrong metric to reach a route. 

show ip ospf interface command to show Interface cost

OSPF Timers

By default, OSPF uses the hello interval of 10 seconds, and dead interval of 40 seconds giving a failover period of 40 seconds on most network types but on non-broadcast networks, the Hello and Dead interval are 30 and 120 seconds respectively. This is quite a slow default failover time in modern networks and most network engineers will want to tune this. On Cisco devices, you can configure the OSPF Hello interval to be 1 seconds, making the dead interface 4 seconds using the interface configuration subcommand ip ospf hello-interval <seconds>. The seconds value can be from 1 to 65535 seconds. 

Changing the OSPF Interface hello interval

Notice that just by changing the Hello interval, the Dead interval has changed as well. You can change the Dead interval using the interface configuration subcommand ip ospf dead-interval <seconds> as well. Remember that if you change this value, it must be done on all routers otherwise you can get neighbour flaps due to missed hello messages.

OSPF, like EIGRP, supports the configuration of sub-second timers for the hello and dead intervals. This is done with the interface configuration subcommand ip ospf dead-interval minimal hello-multiplier <number> where number is the multiplier for the hello interval. If you configure a multiplier of 4, the Dead interval is set to 1 second, and will send Hello messages 4 times in that 1 second. You can use the show command show ip ospf interface <int> to view the Hello and Dead interval configuration of each interface.

Configuring sub-second timers for OSPF