To configure OSPF on your Cisco router, you need to enter the router in config mode and enter the following information. First, enable the OSPF process:
router ospf <process-id>
Then you must assign areas to the interfaces:
network <network or IP address> <mask> <area-id>
The following is an example of both completed steps:
router ospf 5
network 203.11.87.156 255.255.255.0 100
The network command in the second step is how we assign a router to an area. We must specify the network or IP address to this router, which includes the subnet mask, in order to use TCP/IP to connect to this router. The area-id must correspond with the area in which this router will be placed. If you recall, an area is another name for an autonomous system (AS).
To use passwords with OSPF routers, which is one feature we were not able to take advantage of with RIPv1 routers, you must also enter the router in config mode. The passwords should be configured the same for every OSPF router in your area. To enable password authentication, enter config mode on the router and enter the following information:
ip ospf authentication-key <key> (this goes under the specific interface portion) area <area-id> authentication (this goes under "router ospf <process-id>" portion)
The following is an example of both completed portions:
interface Ethernet1
ip address 197.13.55.110 255.255.255.0 ip ospf authentication-key february
router ospf 100
network 45.113.22.188 255.0.0.0 area 200 area 200 authentication
From the preceding example you can see that our password is february. Unfortunately, anyone with a link analyzer can obtain this password as it passes over the network.
To implement a more secure means of authentication, we can use OSPF Message Digest Authentication. You must configure the key (password) and a key-id for each OSPF router that will participate in password authentication. A link analyzer cannot obtain the password because the password (key) is not passed over the network. To enable Message Digest Authentication, enter config mode on the router and enter the following information:
ip ospf message-digest-key <key-id> md5 <key> (this goes under the specific interface portion)
area <area-id> authentication message-digest (this goes under "router ospf <process- id>" portion)
The following is an example of both completed portions:
interface Ethernet1
ip address 197.13.55.110 255.255.255.0 ip ospf message-digest-key 10 md5 february router ospf 100
network 45.113.22.188 255.0.0.0 area 200 area 200 authentication message-digest
From the preceding example you can see that our password is still february. Our message-
digest-key is 10 and our area is still 200.
We have learned about the backbone, which is a contiguous area of physical links. This backbone is called “area 0” and has to be the center of all other areas. We can use a virtual link to provide a logical connection to the backbone from an area that is disconnected, as illustrated in Figure 6.7.
Figure 6.7 Creating a virtual link between to noncontiguous sites.
In Figure 6.7, Area 1 does not have a physical, contiguous connection to Area 3. A virtual link has been created between Router 1 and Router 2. Area 2 is now a transit area and Router 2 is now the entry point into Area 3.
In order for this virtual link to work, we need to enter the OSPF router in config mode and enter some information concerning the link:
The following is an example of the completed portions on both routers: Router 1# router ospf 100 area 2 virtual-link 2.2.2.2 Router 2# router ospf 100 area 2 virtual-link 1.1.1.1
The area-id in the preceding example is the transit area, which we determined was Area 2. The
RID is the router ID, in which we entered the IP address of the router.
Routing Update Impact
The RIP protocol is more suited to smaller networks because of the large amount of broadcasts used to update routers about paths to remote networks. The OSPF protocol is well-suited to larger, dynamic, more complicated networks. RIP updates occur every 30 seconds, whereas OSPF updates occur every 30 minutes. RIP routers send the entire routing table to neighboring routers, whereas OSPF sends very small update files to routers whenever they detect a change in the network, such as a failed link or new link. When routers exchange information, it is called convergence, where the routers “converge” on the new representation of the network very quickly.
A network of OSPF and RIP routers can possibly coexist. OSPF is slowly replacing RIP as the interior gateway routing protocol of choice. These OSPF routers can simultaneously RIP for router-to- end station communications, and OSPF for router-to-router communications. For example, you can configure a Windows NT computer to participate as a RIP router in a RIP-routing environment, but you cannot configure this same Windows NT computer to participate as an OSPF router in an OSPF-routing environment. This coexistance between RIP and OSPF makes gradual migrations from RIP to OSPF feasible. In fact, RIP and OSPF routers can not only coexist in the same network, they can actually share routing information. Figure 6.8 shows the enabling of RIP routing on Windows NT.
Figure 6.8 Configuring a Windows NT computer as a RIP router.
To configure your Windows NT computer to participate in sharing routing updates with other computers on the network, you need to enable IP forwarding. This is done in the Network applet of the Control Panel, by selecting the TCP/IP protocol and viewing the properties. The Routing tab is
illustrated in Figure 6.8. You also need to enable RIP in the Services applet in the Control Panel.
In OSPF, a neighbor is another router running OSPF that has an interface on the same network. When discovering and configuring OSPF neighbors, the router will use the Hello protocol to discover their neighbors and maintain this relationship. On two of the types of OSPF networks, point-to-point and broadcast, the Hello protocol will dynamically discover the neighbors. On a nonbroadcast network, you will have to configure the neighbors manually, because OSPF will not have a means of contacting and establishing relationships with its neighbors.
This Hello protocol ensures that the relationships between the routers are bidirectional. This will guarantee that every OSPF router will send as well as receive updated route information to and from each of its neighbors. The communication is bidirectional when the router sees itself in the Hello packet from another router. Included in the Hello protocol packet is the following:
The router’s priority
A list of routers that has sent the router Hello packets on this interface This router’s choice of designated router and backup designated router
However, this does not mean OSPF is a perfect routing protocol as far as routing updates are concerned. In really large network configurations, OSPF can produce a large number of router updates that flow between routers. If a network consists of hundreds of routers in a network topology that is designed to be fault tolerant, the number of link-state messages that traverse the network can be in the thousands. These thousands of link-state messages can be propagated from router to router across the network, consuming valuable bandwidth, especially on slower WAN links. The routers then have to recalculate their routing tables, which can consume valuable RAM and CPU cycles if these routing tables are a significant size. Fortunately for OSPF, no routing protocol available today is capable of minimizing routing updates in a very large network with many routers. OSPF is, however, much more capable than RIP at minimizing these bandwidth intensive routing updates. By the way, by “link-state” we mean the state, or condition of a link that is a description of the router’s relationship to its
neighboring routers. We think of the link as being an interface on the router. An interface, for example, would be the IP address of the physical interface, the subnet mask, the type of network to which it is connected, or the routers connected to the network. The collection of all these link-states would comprise a link-state database.
The link-state algorithm states (in much more complex terms than described here) a few steps of building and calculating these paths:
Upon initialization or upon a change in routing information, a router will generate a link- state advertisement that will represent the collection of all the link-states currently on the router.
In an event called flooding, all routers will exchange this link-state information. This flood of routing information will be propagated to all routers in the area.
After each router has finished compiling the link-state information, they will begin to calculate a Shortest Path Tree to all destinations. This is very CPU-intensive, as there can be hundreds of paths that need to be processed. These paths will include the associated cost and next hop information to reach those destinations.
If there are no changes in the network topology, OSPF will not be very active. OSPF will not need to exchange link-state information, and the routers will therefore not need to calculate Shortest Path Trees, because they will already have the information processed.
There are also different types of link-state packets, as follows:
Router links. Describe the state and cost of the router’s links to the area. These router links
are the indication of the interfaces on a router belonging to a certain area.
Network links. Describe all routers that are attached to a specific segment. These are
generated by the Designated Router (DR).
These summary links also describe the location of the ABSR. They are also generated by the ABRs.
External links. Describe destinations that are external to the AS, or a default route from
outside the AS. The ASBR is responsible for injecting the external link information into the autonomous system.
Another feature of OSPF is that routing updates are not passed across areas. Remember that areas are separated by the types of routers that we listed before, such as area border routers. If a network link were to fail, only the routers inside that area would exchange routing update information. Area border routers filter the routing updates from separate areas and the backbone. Area border routers can communicate with each other and exchange routing update information, but they use special link-state messages that are a brief summarization of the LAN or WAN topology for their areas.
Figure 6.9 illustrates the use of dividing areas that represent physical regions with area border routers attached to the backbone.
Figure 6.9 Dividing physical regions into areas separated by area border routers.
are separated by area border routers, which can and do exchange information between each other, but in a smaller link-state update.
You can also fine-tune OSPF routers to minimize the amount of updates that are unleashed on the network, and therefore minimize the reduction in network bandwidth. You can also fine-tune the rate of convergence, which is the time between the routers receiving the new routing information and the time the network routers have made the necessary adjustments in their routing tables.
Table 6.4 illustrates an example of the OSPF database. This output is from the following command:
show ip ospf database
OSPF Router with ID (211.231.15.67) (Process ID 10)
Router Link States (Area 1)
Link ID ADV Router Link count
211.231.15.67 211.231.15.67 2 211.231.16.130 211.231.16.130 2
Summary Net Link States (Area 1)
Link ID ADV Router
211.231.13.41 211.231.15.67 211.231.15.64 211.231.15.67 211.231.15.192 211.231.15.67
Router Link States (Area 0)
Link ID ADV Router Link count
211.231.13.41 211.231.13.41 3 211.231.15.67 211.231.15.67 1
Net Link States (Area 0)
Link ID ADV Router
211.231.15.68 211.231.13.41 Summary Net Link States (Area 0)
Link ID ADV Router
211.231.15.0 211.231.15.67 Summary ASB Link States (Area 0)
Link ID ADV Router
Table 6.4 The Complete OSPF Database Taken from an Area Border Router (ABR)
We can begin analyzing the results, first starting with the Router Link States section of Area 1, shown in Table 6.5.
Table 6.5 The Router Link States Section of Area 1 in the OSPF Database
The two entries represent two routers in this area. Both routers have two links to Area 1, as represented by the Link Count column.
We continue, skipping past the Summary Net Link States section, and on to the next Router Link States section, which is for Area 0, shown in Table 6.6.
Table 6.6 The Router Link States Section of Area 0 in the OSPF Database
Once again, there are two routers in this area. The first router has three links to Area 0, and the second router has one link to Area 0.
The Summary ASB Link States of Area 1 are listed in Table 6.7.
Table 6.7 The Summary ASB Link States of Area 1 in the OSPF Database
This gives you an indication of who the ASBR for the area is. The ASBR is a router with the address of 211.231.16.130.
The AS External Link States information contains information about destinations outside of our area, shown in Table 6.8.
AS External Link States
Link ID ADV Router Tag
0.0.0.0 211.231.16.130 10
211.231.16.128 211.231.16.130 0
Link ID ADV Router Link count
211.231.15.67 211.231.15.67 2 211.231.16.130 211.231.16.130 2
Link ID ADV Router Age Link count
211.231.13.41 211.231.13.41 179 3
211.231.15.67 211.231.15.67 675 1
Link ID ADV Router Age
211.231.16.130 211.231.15.67 468
Link ID ADV Router Age Tag
0.0.0.0 211.231.16.130 1683 10
Table 6.8 The AS External Link States in the OSPF Database
Both of the two external links that are listed have been injected into our area from the OSPF.