Cisco Router OSPF Design and Implementation Guide
William Parkhurst, PhD, CCIE
 $54.95  0-07-048626-3
Backward Forward
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

Reserve your copy at a
Beta Bookstore near you!
Contact Bet@books
© 1998 The McGraw-Hill Companies, Inc. All rights reserved.
Any use of this Beta Book is subject to the rules stated in the Terms of Use.

Chapter 11

Basic OSPF Configuration

Introduction

OSPF is a very complex IP routing protocol as we have seen in chapter 6. Mastering the concepts and properties of OSPF, in order to design and maintain efficient and robust networks, is a must for any network designer. This chapter examines almost every OSPF router configuration command except for those commands that are used for router redistribution and implementing OSPF on frame relay, X.25, and ISDN networks. The commands that are not covered in this chapter will be covered in chapters 12, Advanced OSPF Configuration, and chapter 13, Route Redistribution.

OSPF

We will start with the network of figure 11.1 to demonstrate the basic OSPF configuration commands.

Router r1 Configuration Router r2 Configuration

hostname r1 hostname r2

enable password cisco enable password cisco

interface Loopback0 interface Loopback0

ip address 172.16.1.1 255.255.255.0 ip address 172.16.4.1 255.255.255.0

interface Loopback1 interface Loopback1

ip address 172.16.2.1 255.255.255.0 ip address 172.16.5.1 255.255.255.0

interface Ethernet0 interface Ethernet0

ip address 172.16.3.1 255.255.255.0 ip address 172.16.3.2 255.255.255.0

The first steps in configuring OSPF are similar to the other routing protocols that have already been examined. An OSPF routing process needs to be started and the OSPF process needs to be informed which networks need to be advertised. Since OSPF is a hierarchical routing scheme additional information is required to start an OSPF process and that information is the area parameter. The network of figure 11.1 uses only 1 area, area 0 or the backbone. This will be our starting point for the basic OSPF configuration.

The OSPF routing process is started similarly to IGRP and EIGRP and requires a process ID while IGRP and EIGRP required an autonomous system number (which we discovered really wasn’t an autonomous system number, it was just a process ID also!). The difference being is that for the IGRP or EIGRP process to be able to communicate with another IGRP or EIGRP process, the autonomous system number had to be identical when the routing process was initially configured. The OSPF process ID has only local significance and does not have to match the OSPF process ID on other routers in order for the OSPF processes to be able to communicate.

r1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

r1(config)#router ospf ?

<1-65535> Process ID

r1(config-router)#router ospf 100

r1(config-router)#^Z

The OSPF routing process must be assigned a process ID in the range 1 – 65535. Multiple OSPF processes can be configured on the same router, but this practice is not recommended. Multiple OSPF processes will require multiple copies of OSPF databases and multiple copies of the shortest path algorithm will have to be run. This will put additional strain on the router. Typically multiple OSPF processes are run for purely political reasons such as turf wars where one group wants control of one set of routers and another group wants to control another set of routers. This may be the policy for some organizations but your job is to convince the powers in charge that running multiple OSPF processes is not an efficient or optimal solution. For r1, we want to advertise networks 172.16.1.0, 172.16.2.0, and 172.16.3.0. The network command is used to inform OSPF which networks to advertise in the routing updates and is more explicit than the RIP, IGRP and EIGRP network commands. The RIP, IGRP and EIGRP network commands would only allow you to input a major network number. The OSPF network command has the three components, the network number, the network mask, and the area to which the network belongs. These network components allow the specification of which networks will be involved in the OSPF routing process to take many forms. The first form is to use the actual IP address of the interface with a network mask of 0.0.0.0. This mask is referred to as the OSPF wild card bits and is the reverse of a netmask, similar to what is used in access-lists. A 0 in the wild card bits means to match the corresponding bits in the network number. Using this form the configuration for router r1 would be

r1(config-router)#network ?

A.B.C.D Network number

r1(config-router)#network 172.16.1.1 ?

A.B.C.D OSPF wild card bits

r1(config-router)#network 172.16.1.1 0.0.0.0 ?

area Set the OSPF area ID

r1(config-router)#network 172.16.1.1 0.0.0.0 area 0

<0-4294967295> OSPF area ID as a decimal value

A.B.C.D OSPF area ID in IP address format

or

r1(config-router)#network 172.16.1.1 0.0.0.0 area 0.0.0.0

Notice that the area ID for the network can be entered as either a decimal number in the range 0 – 4294967295 or with the IP address format x.x.x.x. Neither form has an advantage over the other but there is less typing with the decimal form. Also notice that the decimal form has the range of an unsigned 32-bit number which is exactly the length, in bits, of an IP address. The remaining networks would be entered using a similar form as shown.

r1(config-router)#network 172.16.2.1 0.0.0.0 area 0

r1(config-router)#network 172.16.3.1 0.0.0.0 area 0

The configuration for router r2 using this form would be

router ospf 100

network 172.16.3.2 0.0.0.0 area 0

network 172.16.4.1 0.0.0.0 area 0

network 172.16.5.1 0.0.0.0 area 0

OSPF is now running on routers r1 and r2 and can be verified by listing their routing tables.

r2#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR

Gateway of last resort is not set

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

O 172.16.1.1/32 [110/2] via 172.16.3.1, 00:02:49, FastEthernet0/0

O 172.16.2.1/32 [110/2] via 172.16.3.1, 00:02:49, FastEthernet0/0

C 172.16.3.0/24 is directly connected, FastEthernet0/0

r1#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR

Gateway of last resort is not set

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

O 172.16.5.1/32 [110/2] via 172.16.3.2, 00:03:40, FastEthernet8/1

O 172.16.4.1/32 [110/2] via 172.16.3.2, 00:03:40, FastEthernet8/1

C 172.16.1.0/24 is directly connected, Loopback0

C 172.16.2.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet8/1

Notice that r1 and r2 have three directly connected routes and two routes that have been learned from OSPF. Each entry in the routing table contains the following information:

The cost of an OSPF network is calculated by dividing 100,000,000 by the bandwidth of the network. The fast ethernet link has a bandwidth of 100,000,000 and can be seen by examining the interface.

r1#show interface fastEthernet8/1

FastEthernet8/1 is up, line protocol is up

Hardware is cyBus FastEthernet Interface, address is 0000.0ca5.d402 (bia 0000.0ca5.d402)

Internet address is 172.16.3.1/24

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, rely 255/255, load 1/255

Encapsulation ARPA, loopback not set, keepalive set (10 sec)

Half-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:07, output 00:00:02, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

27021 packets input, 2443141 bytes, 0 no buffer

Received 14795 broadcasts, 0 runts, 0 giants, 0 throttles

1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 watchdog, 1 multicast

0 input packets with dribble condition detected

28489 packets output, 2502377 bytes, 0 underruns

22 output errors, 1 collisions, 54 interface resets

0 babbles, 0 late collision, 0 deferred

22 lost carrier, 22 no carrier

0 output buffer failures, 0 output buffers swapped out

The bandwidth used for the loopback interfaces is 80,000,000 and seen below.

r1#show interfaces loopback 0

Loopback0 is up, line protocol is up

Hardware is Loopback

Internet address is 172.16.1.1/24

MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec, rely 255/255, load 1/255

Encapsulation LOOPBACK, loopback not set, keepalive set (10 sec)

Last input 02:29:05, output never, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/0, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

5904 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

The cost or metric from r2 to network 172.16.1.0 on r1 (loopback 0) is the sum of the costs using the fast ethernet interface and then the loopback interface and dividing by 100,000,000.

(100,000,000 + 80,000,000)/100,000,000 = 1.8 rounded to 2.

The next form of the network command is to enter the network and wildcard bits identically to the form used to enter the IP addresses on the interfaces with the OSPF wild card bits being the reverse of the interface netmask. Using this form the router configuration would be

Router r1 configuration

router ospf 100

network 172.16.1.0 0.0.0.255 area 0

network 172.16.2.0 0.0.0.255 area 0

network 172.16.3.0 0.0.0.255 area 0

Router r2configuration

router ospf 100

network 172.16.30 0.0.0.255 area 0

network 172.16.40 0.0.0.255 area 0

network 172.16.50 0.0.0.255 area 0

Examining the router table for r1 shows that this configuration form has the same effect as the first form.

r1#show ip route

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

O 172.16.5.1/32 [110/2] via 172.16.3.2, 00:01:25, FastEthernet8/1

O 172.16.4.1/32 [110/2] via 172.16.3.2, 00:01:25, FastEthernet8/1

C 172.16.1.0/24 is directly connected, Loopback0

C 172.16.2.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet8/1

The next form of the network command is almost identical to the form used with RIP, IGRP, and EIGRP where we only enter a major network number. For the network of figure 11.1 the network number would be 172.16.0.0 and the OSPF configuration for routers r1 and r2 would be identical.

router ospf 100

network 172.16.0.0 0.0.255.255 area 0

You have to be careful with the above form since all subnets of 172.16.0.0 will be put into area 0. If we wanted to put network 172.16.1.0 in area 51 after using the above command the router will prevent this from happening.

r1(config)#router ospf 100

r1(config-router)#net 172.16.0.0 0.0.255.255 area 0

r1(config-router)#net 172.16.1.0 0.0.0.255 area 51

% OSPF: "network 172.16.1.0 0.0.0.255 area 51" is ignored. It is a subset of a previous entry.

The second network statement tries to put network 172.16.1.0 in area 51 but this network has already been placed in area 0 by the first network command. We can put network 172.16.1.0 in area 51 first and then place the rest of the subnets of 172.16.0.0 in area 0.

r1(config)#router ospf 100

r1(config-router)#net 172.16.1.0 0.0.0.255 area 51

r1(config-router)#net 172.16.0.0 0.0.255.255 area 0

Although this approach will work I would not recommend using a form of any command that operates differently depending on the order the commands are entered.

The final form uses Classes Inter-Domain Routing (CIDR) or supernetting. The normal subnet mask for a class B address is 255.255.0.0 and when used as a standard subnet mask the first two octets will always be 255.255. With CIDR, we can modify the natural mask and actual use a smaller mask. For example if we use the network and wild card bit pair 172.0.0.0/0.255.255.255 then OSPF will advertise every interface that belongs to the class B family 172.x.x.x.

router ospf 100

network 172.0.0.0 0.255.255.255 area 0

This form will have the same effect as the first two that we have examined but it can cause problems. For example, lets add another loopback interface on router r1 as shown in figure 11.2.

interface Loopback2

ip address 172.17.6.1 255.255.255.0

No additional parameters need to be given to the OSPF process in order for OSPF to advertise this route. The network statement used included this interface so the network will be advertised. This can be seen by examining the router r2’s routing table.

r2#show ip route

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

O 172.16.1.1/32 [110/2] via 172.16.3.1, 00:02:55, FastEthernet0/0

O 172.16.2.1/32 [110/2] via 172.16.3.1, 00:02:55, FastEthernet0/0

C 172.16.3.0/24 is directly connected, FastEthernet0/0

172.17.0.0/32 is subnetted, 1 subnets

O 172.17.6.1 [110/2] via 172.16.3.1, 00:02:55, FastEthernet0/0

Which area is the network 172.17.6.0 in? The network command

network 172.0.0.0 0.255.255.255 area 0

will automatically put 172.17.6.0 in area 0. What if we want to put network 172.17.0.0 into a different area? This is a situation where the form of the network command can cause us problems if we are not careful. Using the current configuration on r1 try using the following network statement under ospf router configuration mode.

r1(config-router)#network 172.17.6.0 0.0.0.255 area 1

r1(config-router)#

% OSPF: "network 172.17.6.0 0.0.0.255 area 1" is ignored. It is a subset of a previous entry.

What happened? The network 172.17.6.0 is already include in area 0 by the first network command so OSPF will ignore it. We can remedy the situation by reversing the order in which we enter the network commands. Delete the OSPF network entry on r1 by using the no form of the command.

r1(config-router)#no network 172.0.0.0 0.255.255.255 area 0

Now enter the network commands in reverse order.

r1(config-router)#network 172.17.6.0 0.0.0.255 area 1

r1(config-router)#network 172.0.0.0 0.255.255.255 area 0

OSPF is now happy because we put network 172.17.6.0 in area 1 before putting everything else in area 0. If we examine the routing table for r2 we do see one change in the table.

r2#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR

Gateway of last resort is not set

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

O 172.16.1.1/32 [110/2] via 172.16.3.1, 00:00:00, FastEthernet0/0

O 172.16.2.1/32 [110/2] via 172.16.3.1, 00:00:00, FastEthernet0/0

C 172.16.3.0/24 is directly connected, FastEthernet0/0

172.17.0.0/32 is subnetted, 1 subnets

O IA 172.17.6.1 [110/2] via 172.16.3.1, 00:00:00, FastEthernet0/0

Notice that the entry for network 172.17.6.0 is an Inter-area route (IA). Which form should I use? We have seen that the last form using CIDR may be cool but it can also cause us problems and the last thing we need are problems. I would recommend using the same form as the network interface because we can see exactly what networks are being configured for OSPF and it causes no confusion.

The network of figure 11.1 has every interface in area 0. When only one area is being used in an OSPF network, any valid area number can be used. When multiple areas are being utilized then we must have an area 0 or backbone area. We can see this by reconfiguring the ospf process so that we use area 1 instead of area 0 and verify that routing is still occurring by examining the routing tables.

Router r1 OSPF configuration

router ospf 100

network 172.16.1.0 0.0.0.255 area 1

network 172.16.2.0 0.0.0.255 area 1

network 172.16.3.0 0.0.0.255 area 1

Router r2 OSPF configuration

router ospf 100

network 172.16.3.0 0.0.0.255 area 0.0.0.1

network 172.16.4.0 0.0.0.255 area 0.0.0.1

network 172.16.5.0 0.0.0.255 area 0.0.0.1

r1#show ip route

O 172.16.5.1/32 [110/2] via 172.16.3.2, 00:12:07, FastEthernet8/1

O 172.16.4.1/32 [110/2] via 172.16.3.2, 00:12:07, FastEthernet8/1

C 172.16.1.0/24 is directly connected, Loopback0

C 172.16.2.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet8/1

r2#show ip route

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

O 172.16.1.1/32 [110/2] via 172.16.3.1, 00:12:45, FastEthernet0/0

O 172.16.2.1/32 [110/2] via 172.16.3.1, 00:12:45, FastEthernet0/0

C 172.16.3.0/24 is directly connected, FastEthernet0/0

What happens if the subnet masks are not identical? Assume that the two networks on r1, Loopback 0 and Loopback 1, will have no more than 14 hosts each. We can use VLSM to sub-subnet network 172.16.1.0 into two networks using a 28-bit subnet mask as shown in figure 11.3.

We will need to modify the ospf network command for the loopback interfaces on r1 as shown. First use the no form of the network command to remove the previous network commands for the loopback interfaces.

r1(config)#router ospf 100

r1(config-router)#no network 172.16.1.0 0.0.0.255 area 1

r1(config-router)#no network 172.16.2.0 0.0.0.255 area 1

Now modify the IP address and subnet mask for the loopback interfaces.

r1(config)#interface loopback 0

r1(config-if)#ip address 172.16.1.17 255.255.255.240

r1(config-if)#exit

r1(config)#interface loopback 1

r1(config-if)#ip address 172.16.1.33 255.255.255.240

r1(config-if)#^Z

Finally use the ospf network command to add the loopbacks to the ospf routing process.

r1(config)#router ospf 100

r1(config-router)#network 172.16.1.16 0.0.0.15 area 1

r1(config-router)#network 172.16.1.32 0.0.0.15 area 1

r1(config-router)#^Z

Notice the reverse of the subnet mask 255.255.255.240 is 0.0.0.15. If we examine the routing table for r2 we can see that ospf has no trouble with these new networks that are using VLSM. If fact, all of the scenarios that we have see using VLSM with RIP, IGRP, and EIGRP will work fine when using OSPF.

r2#show ip route

172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks

O 172.16.1.33/32 [110/2] via 172.16.3.1, 00:00:49, FastEthernet0/0

O 172.16.1.17/32 [110/2] via 172.16.3.1, 00:00:49, FastEthernet0/0

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet0/0

Additional OSPF configuration commands can be seen by entering router configuration mode and typing a question mark.

r1(config)#router ospf 100

r1(config-router)#?

Router configuration commands:

Area OSPF area parameters

default-information Control distribution of default information

default-metric Set metric of redistributed routes

distance Define an administrative distance

distribute-list Filter networks in routing updates

exit Exit from routing protocol configuration mode

help Description of the interactive help system

maximum-paths Forward packets over multiple paths

neighbor Specify a neighbor router

network Enable routing on an IP network

no Negate a command or set its defaults

ospf OSPF specific commands

passive-interface Suppress routing updates on an interface

redistribute Redistribute information from another routing protocol

summary-address Configure IP address summaries

timers Adjust routing timers

Command: Area

Purpose: OSPF area parameters.

The area command has many subcommands as show below.

r1(config)#router ospf 100

r1(config-router)#area ?

<0-4294967295>OSPF area ID as a decimal value

A.B.C.D OSPF area ID in IP address format

r1(config-router)#area 0 ?

authentication Enable authentication

default-cost Set the summary default-cost of a NSSA/stub area

nssa Specify a NSSA area

range Summarize routes matching address/mask (border routers only)

stub Specify a stub area

virtual-link Define a virtual link and its parameters

The area command applies to parameters for a specific area that is selected with the first parameter, the area ID, as either a decimal number or in IP address format. We will now examine each area command.

Command: Area

Subcommand: Authentication

Purpose: Enable authentication for an area.

By default OSPF does not use area authentication. Authentication can be enabled using one of two methods as shown.

r1(config-router)#area 0 authentication ?

message-digest Use message-digest authentication

<cr>

The first method is to use a clear text authentication password by selecting a <cr> with the area 0 authentication command. Sending the authentication password as clear text enables the password to be determined using a network sniffer so this method is not actually very secure. When authentication is used all routers with interfaces in the area must use the same authentication method. To enable clear text authentication we must also configure the password for each router interface in the area under router interface configuration mode. For the network in figure 11.1 we will use simple clear text authentication for area 0 using the password cisco.

Router r1 configuration

interface FastEthernet8/1

ip address 172.16.3.1 255.255.255.0

ip ospf authentication-key cisco

router ospf 100

network 172.16.1.0 0.0.0.255 area 0

network 172.16.2.0 0.0.0.255 area 0

network 172.16.3.0 0.0.0.255 area 0

area 0 authentication

Router 2 configuration

interface FastEthernet0/0

ip address 172.16.3.2 255.255.255.0

ip ospf authentication-key cisco

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 172.16.4.0 0.0.0.255 area 0

network 172.16.5.0 0.0.0.255 area 0

area 0 authentication

Link state information that is being exchanged between r1 and r2 will now be authenticated using the clear text password cisco.

The second method is to use message digest (md5) authentication. If authentication is going to be used then this is the preferred method since md5 encrypts the authentication password before it is transmitted. The configuration for md5 authentication is shown below. The message digest key is a number in the range 1-255 and cisco is the authentication password.

Router r1 configuration

interface FastEthernet8/1

ip address 172.16.3.1 255.255.255.0

ip ospf message-digest-key 1 md5 cisco

!

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 172.16.1.16 0.0.0.15 area 0

network 172.16.1.32 0.0.0.15 area 0

area 0 authentication message-digest

Router r2 configuration

interface FastEthernet0/0

ip address 172.16.3.2 255.255.255.0

ip ospf message-digest-key 1 md5 cisco

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 172.16.4.0 0.0.0.255 area 0

network 172.16.5.0 0.0.0.255 area 0

area 0 authentication message-digest

As with clear text authentication all routers with interfaces in the area need to be configured with the same authentication method, key, and password. Security practices normally dictate the passwords should be changed periodically. If this is the case, what happens when we change the authentication key on one router but we haven’t changed the keys on the other routers? If a new key is configured the router will send multiple copies of the packet, one with the old key and one with the new key. This will continue until the router detects that everyone is using the new key and then only one copy of the packet will be sent. This will give you time to configure the other routers with the new key. We can see the authentication method being used with the global command

r1#show ip ospf interface f8/1.

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.1.33, Network Type BROADCAST, Cost: 1

Transmit Delay is 1 sec, State BDR, Priority 1

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.1.33, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:08

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

Message digest authentication enabled

Youngest key id is 1

If we change the md5 key and password on r1 but not on r2 we can see that both keys are being used.

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf message-digest-key 2 md5 secret

r1#sh ip ospf int f8/1

Message digest authentication enabled

Youngest key id is 2

Rollover in progress, 1 neighbor(s) using the old key(s):

Next apply the new key on the fast ethernet interface on r2. When all the routers have been configured with the new key then remove the old key from each interface using the no form of the command.

r1(config)#interface fastEthernet 8/1

r1(config-if)#no ip ospf message-digest-key 1 md5 cisco

Command: Area

Subcommand: default-cost

Purpose: Set the summary default-cost of a NSSA/stub area.

An OSPF stub area is an area that has one exit point from the area or and area with multiple exit points but routing out of the area does not have to take the shortest path.

This command is used to set the cost of the default summary route that is sent into a stub area. The default cost is 1 and can be modified with this command.

r1(config-router)#area 51 stub

r1(config-router)#area 51 default-cost ?

<0-16777215> Stub's advertised external route metric

r1(config-router)#area 51 default-cost 5 ?

<cr>

Command: Area

Subcommand: nssa

Purpose: Specify a NSSA area.

The NSSA area type was covered in chapter 6. Specification of a NSSA area is accomplished using the command

r1(config-router)#area 51 nssa ?

default-information-originate Originate Type 7 default into NSSA area

no-redistribution No redistribution into this NSSA area

no-summary Do not send summary LSA into NSSA

<cr>

The default-information-originate sub-command is optional and is used to generate a type 7 LSA into the NSSA area and should only be used on a NSSA ABR. The no-redistribution is used if you are redistributing routes but you do not what the redistributed routes to be injected into the NSSA area. Finally the no-summary sub-command will prevent summary LSAs from being injected into the NSSA area.

Command: Area

Subcommand: range

Purpose: Summarize routes matching address/mask (border routers only).

One important item to remember is that the area range command can only be used on an area border router (ABR). An area border router has interfaces in more than one area. The network in figure 11.1 has only one area so neither one of the routers is an area border router. We can use this command on a non-area border router but it will have no effect. The purpose of the area range command is to reduce multiple routes into an area into one route. This function is called route summarization. As an example assume we have two networks with a maximum of 30 hosts each in network 200.16.10.0 (Class C). We can use a 28-bit subnet mask to describe these networks and can choose from the following subnets.

200.16.10.0 (if we use the command ip subnet-zero to allow this subnet)

200.16.10.32

200.16.10.64

200.16.10.96

200.16.10.128

200.16.10.160

200.16.10.192

200.16.10.224

We will choose networks 200.16.10.32 and 200.16.10.64 and assign them to interfaces loopback 2 and loopback 3 on r1 and add them to the OSPF process in area 51.

Router r1 configuration

interface Loopback2

ip address 200.16.10.33 255.255.255.224

interface Loopback3

ip address 200.16.10.65 255.255.255.224

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 172.16.1.16 0.0.0.15 area 0

network 172.16.1.32 0.0.0.15 area 0

network 200.16.10.32 0.0.0.31 area 51

network 200.16.10.64 0.0.0.31 area 51

The routing table for r2 now contains the two new routes.

r2#show ip route

O 172.16.1.33/32 [110/2] via 172.16.3.1, 00:36:33, FastEthernet0/0

O 172.16.1.17/32 [110/2] via 172.16.3.1, 00:36:33, FastEthernet0/0

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet0/0

200.16.10.0/32 is subnetted, 2 subnets

O IA 200.16.10.65 [110/2] via 172.16.3.1, 00:01:46, FastEthernet0/0

O IA 200.16.10.33 [110/2] via 172.16.3.1, 00:01:56, FastEthernet0/0

Do we really need both routes? The path to these two networks is identical and all we need is a route to network 200.16.10.0 since this will include both subnetted networks. In other words we want to summarize these two routes into one route. This can be easily done with the area range command.

r1(config-router)#area 51 range ?

A.B.C.D IP address to match

r1(config-router)#area 51 range 200.16.10.0 ?

A.B.C.D IP mask for address

r1(config-router)#area 51 range 200.16.10.0 255.255.255.0 ?

<cr>

r1(config-router)#area 51 range 200.16.10.0 255.255.255.0

The first parameter of the area range command is the area to be summarized, area 51. The next parameters are the IP address and mask pair that will include both subnets. The mask used is the standard subnet mask style that is used on network interfaces. Using the address/mask pair 200.16.10.0/255.255.255.0 will cause route r1 to advertise one route to network 200.16.10.0. If we examine the routing table for r2 we can see this summarized route.

r2#show ip route

O 172.16.1.33/32 [110/2] via 172.16.3.1, 00:42:49, FastEthernet0/0

O 172.16.1.17/32 [110/2] via 172.16.3.1, 00:42:49, FastEthernet0/0

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet0/0

O IA 200.16.10.0/24 [110/2] via 172.16.3.1, 00:03:22, FastEthernet0/0

The route 200.16.10.32 and 200.16.10.64 have been summarized into one route, 200.16.10.0. What we have done works but it is not the best solution. To see why, what if we wanted two more subnets of 200.16.10.0 on different interfaces in a different area? With the area range command that we are using this could not be done. For example, assume we choose the networks 200.16.10.96 and 200.16.10.160 for our new network and we want to put them in area 8 attached top router r2. Try it and see.

Router r2 configuration

interface Loopback2

ip address 200.16.10.97 255.255.255.224

interface Loopback3

ip address 200.16.10.129 255.255.255.224

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 172.16.4.0 0.0.0.255 area 0

network 172.16.5.0 0.0.0.255 area 0

network 200.16.10.96 0.0.0.31 area 8

network 200.16.10.160 0.0.0.31 area 8

area 0 authentication message-digest

area 8 range 200.16.10.0 255.255.255.0

If we look at the routing tables for r1 and r2 we do not see the routes to the new networks. What has happened? Both routers are advertising summary routes to network 200.16.10.0. The best route to this network is through the attached router since it has a lower cost to the network. So r1 will ignore r2’s summary advertisement and r2 will ignore r1’s summary advertisement. The problem is that we did not think enough when choosing our network numbers. We need to be more precise with the area range command in order for all the routes to be seen by both routers. The best way of looking at the problem is to examine the bit patterns of the last octet for the subnets of network

200.16.10.0 (the h represents a host identifier bit).

Network 0 200.16.10.0 last octet = 0 0 0 h h h h h

Network 1 200.16.10.32 last octet = 0 0 1 h h h h h

Network 0 200.16.10.64 last octet = 0 1 0 h h h h h

Network 0 200.16.10.96 last octet = 0 1 1 h h h h h

Network 0 200.16.10.128 last octet = 1 0 0 h h h h h

Network 0 200.16.10.160 last octet = 1 0 1 h h h h h

Network 0 200.16.10.192 last octet = 1 1 0 h h h h h

Network 0 200.16.10.224 last octet = 1 1 1 h h h h h

With this list of subnet bit patterns we can easily choose the best network/mask pair for the area range command as follows.

List the bit pattern of the subnet mask for the networks that you want to summarize. The first pair of networks are

        1. 0 0 1 h h h h h

        1. 0 1 0 h h h h h.

The range command must "cover" all the bits that are different between the two subnet masks. Another way of looking at it is to assume the bits that are different are part of the host address and then determine the subnet mask if this were true. This would give us a subnet mask of 255.255.255.128. The IP address to use is the lowest network address of the bits that are going to be used as host bits. If we look at our subnets again we see that the lower 2 bits of the subnet are changing while the most significant bit is always 0. The lowest subnet for these bit patterns is 200.16.10.0.

Network 0 200.16.10.0 last octet = 0 0 0 h h h h h lowest subnet

Network 1 200.16.10.32 last octet = 0 0 1 h h h h h

Network 0 200.16.10.64 last octet = 0 1 0 h h h h h

Network 0 200.16.10.96 last octet = 0 1 1 h h h h h

r1(config-router)#area 51 range 200.16.10.0 255.255.255.128

For the second pair of networks we would have

        1. 0 1 1 h h h h h

        1. 1 0 1 h h h h h

Since the left-most bits are different we need to include them in the host portion. Also the lowest subnet for these bit patterns 200.16.10.0 since all three of the subnet bits are changing.

Network 0 200.16.10.96 last octet = 0 1 1 h h h h h

Network 0 200.16.10.128 last octet = 1 0 0 h h h h h

Network 0 200.16.10.160 last octet = 1 0 1 h h h h h

Network 0 200.16.10.192 last octet = 1 1 0 h h h h h

Network 0 200.16.10.224 last octet = 1 1 1 h h h h h

The command to summarize would then be

area 8 range 200.16.10.0 255.255.255.0

r1#show ip route

C 172.16.1.32/28 is directly connected, Loopback1

C 172.16.1.16/28 is directly connected, Loopback0

O 172.16.5.1/32 [110/2] via 172.16.3.2, 00:15:42, FastEthernet8/1

O 172.16.4.1/32 [110/2] via 172.16.3.2, 00:15:42, FastEthernet8/1

C 172.16.3.0/24 is directly connected, FastEthernet8/1

200.16.10.0/24 is variably subnetted, 3 subnets, 2 masks

C 200.16.10.64/27 is directly connected, Loopback3

O IA 200.16.10.0/24 [110/2] via 172.16.3.2, 00:15:42, FastEthernet8/1

C 200.16.10.32/27 is directly connected, Loopback2

r2#show ip route

O 172.16.1.33/32 [110/2] via 172.16.3.1, 00:01:41, FastEthernet0/0

O 172.16.1.17/32 [110/2] via 172.16.3.1, 00:01:41, FastEthernet0/0

C 172.16.4.0/24 is directly connected, Loopback0

C 172.16.5.0/24 is directly connected, Loopback1

C 172.16.3.0/24 is directly connected, FastEthernet0/0

200.16.10.0/24 is variably subnetted, 3 subnets, 2 masks

C 200.16.10.160/27 is directly connected, Loopback3

C 200.16.10.96/27 is directly connected, Loopback2

O IA 200.16.10.0/25 [110/2] via 172.16.3.1, 00:01:41, FastEthernet0/0

There is still one problem with the way we have chosen our networks and ranges. The first pair, 200.16.10.32 and 200.16.10.64, actually "uses up" four networks. The range command

r1(config-router)#area 51 range 200.16.10.0 255.255.255.128

summarizes four networks, 200.16.10.0, 10.32, 10.64 and 10.96. Network 10.96 is on router r2 so how can r1 reach it if r1 is also summarizing this network? The longest match algorithm has saved us in this case. The best way to choose your subnets is to pick networks with the fewest number of changing bits in the subnet part of the address. For example the networks

1. Network 0 200.16.10.0 last octet = 0 0 0 h h h h h

2. Network 1 200.16.10.32 last octet = 0 0 1 h h h h h 1 bit change from 10.0

3. Network 0 200.16.10.64 last octet = 0 1 0 h h h h h 2 bit changes from 10.32

4. Network 0 200.16.10.96 last octet = 0 1 1 h h h h h 1 bit change from 10.64

5. Network 0 200.16.10.128 last octet = 1 0 0 h h h h h 3 bit changes from 10.96

6. Network 0 200.16.10.160 last octet = 1 0 1 h h h h h 1 bit change from 10.128

7. Network 0 200.16.10.192 last octet = 1 1 0 h h h h h 2 bit changes from 10.160

8. Network 0 200.16.10.224 last octet = 1 1 1 h h h h h 1 bit change from 10.192.

If we want two networks then use the pairs 1-2, 3-4, 5-6, or 7-8. If we want four networks then chose the groups 1-4 or 5 – 8. If we need an odd number of networks then remember we are summarizing in powers of 2 (2, 4, 8, etc) so you can tell how many networks you will be wasting. If we want 3 networks we could chose networks 1, 2, and 3 and network 4 could not be used elsewhere.

Another example of the range command may be in order. Assume we have the class B address 156.25.0.0 and want 12 subnets with a maximum number of 3000 hosts each and that the subnets will be spread across 4 routers. Determine the subnets and the proper area range command. Assume the subnets on each router are in the same area but the areas are different on different routers.

Solution

For 3000 hosts we need 12 bits for the host portion of the address and 4 bits for the subnet portion. The subnet mask would be 255.255.240.0 and the possible subnets are listed below.

Group 1

156.26.0.0 0 0 0 0 h h h h . h h h h h h h h lowest network address

156.26.16.0 0 0 0 1 h h h h . h h h h h h h h

156.26.32.0 0 0 1 0 h h h h . h h h h h h h h

      1. 0 0 1 1 h h h h . h h h h h h h h

Group 2

156.26.64.0 0 1 0 0 h h h h . h h h h h h h h lowest network address

156.26.80.0 0 1 0 1 h h h h . h h h h h h h h

156.26.96.0 0 1 1 0 h h h h . h h h h h h h h

      1. 0 1 1 1 h h h h . h h h h h h h h

Group 3

156.26.128.0 1 0 0 0 h h h h . h h h h h h h h lowest network address

156.26.144.0 1 0 0 1 h h h h . h h h h h h h h

156.26.160.0 1 0 1 0 h h h h . h h h h h h h h

156.26.176.0 1 0 1 1 h h h h . h h h h h h h h

Group 4

156.26.192.0 1 1 0 0 h h h h . h h h h h h h h lowest network address

156.26.208.0 1 1 0 1 h h h h . h h h h h h h h

156.26.224.0 1 1 1 0 h h h h . h h h h h h h h

156.26.240.0 1 1 1 1 h h h h . h h h h h h h h

With 4 routers and 12 subnets we need 3 subnets per router. We can use the 4 groups shown above by using 3 networks from each group. For the first group the least 2 significant bits of the subnet mask are changing so they need to be covered by the subnet mask in the range command. These two bits will be transferred to the host portion of the network address so the subnet mask will be 255.255.192.0 and the range command is

area 1 range 156.26.0.0 255.255.192.0.

For the second group the same two bits are changing as in the first group so the subnet mask will be the same but the network will be 156.26.64.0, the lowest one on the group. The associated range command is

area 2 range 156.26.64.0 255.255.192.0.

For the third group and fourth groups we again have the same subnet masks as the first and second groups since only the low order 2 bits of the subnet mask are changing and their area ranges commands are

area 3 range 156.26.128.0 255.255.192.0.

area 4 range 156.26.192.0 255.255.192.0.

We can check part of this example by configuring r1 with the first group and r2 with the second group.

Router r1 configuration

interface Loopback0

ip address 156.26.0.1 255.255.240.0

interface Loopback1

ip address 156.26.16.1 255.255.240.0

interface Loopback2

ip address 156.26.32.1 255.255.240.0

interface FastEthernet8/1

ip address 172.16.3.1 255.255.255.0

ip ospf message-digest-key 1 md5 cisco

ip ospf message-digest-key 2 md5 secret

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 156.26.0.0 0.0.15.255 area 1

network 156.26.16.0 0.0.15.255 area 1

network 156.26.32.0 0.0.15.255 area 1

area 0 authentication message-digest

Router r2 configuration

interface Loopback0

ip address 156.26.64.1 255.255.240.0

interface Loopback1

ip address 156.26.80.1 255.255.240.0

interface Loopback2

ip address 156.26.96.1 255.255.240.0

interface FastEthernet0/0

ip address 172.16.3.2 255.255.255.0

ip ospf message-digest-key 1 md5 cisco

ip ospf message-digest-key 2 md5 secret

router ospf 100

network 172.16.3.0 0.0.0.255 area 0

network 156.26.64.0 0.0.15.255 area 2

network 156.26.80.0 0.0.15.255 area 2

network 156.26.96.0 0.0.15.255 area 2

area 0 authentication message-digest

Before using the range command check to see if the routes are in the routing table and that you can ping all the loopback interfaces.

r1#show ip route

156.26.0.0/16 is variably subnetted, 6 subnets, 2 masks

C 156.26.0.0/20 is directly connected, Loopback0

C 156.26.16.0/20 is directly connected, Loopback1

C 156.26.32.0/20 is directly connected, Loopback2

O IA 156.26.64.1/32 [110/2] via 172.16.3.2, 00:04:16, FastEthernet8/1

O IA 156.26.80.1/32 [110/2] via 172.16.3.2, 00:04:06, FastEthernet8/1

O IA 156.26.96.1/32 [110/2] via 172.16.3.2, 00:04:06, FastEthernet8/1

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.3.0 is directly connected, FastEthernet8/1

r2#show ip route

156.26.0.0/16 is variably subnetted, 6 subnets, 2 masks

O IA 156.26.0.1/32 [110/2] via 172.16.3.1, 00:02:26, FastEthernet0/0

O IA 156.26.16.1/32 [110/2] via 172.16.3.1, 00:02:26, FastEthernet0/0

O IA 156.26.32.1/32 [110/2] via 172.16.3.1, 00:02:26, FastEthernet0/0

C 156.26.64.0/20 is directly connected, Loopback0

C 156.26.80.0/20 is directly connected, Loopback1

C 156.26.96.0/20 is directly connected, Loopback2

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.3.0 is directly connected, FastEthernet0/0

Now add the area range command on routers r1 and r2 and then check the routing tables to see if summarization was successful (is there any doubt?).

r1(config)#router ospf 100

r1(config-router)#area 1 range 156.26.0.0 255.255.192.0

r2(config)#router ospf 100

r2(config-router)#area 2 range 156.26.64.0 255.255.192.0

r1#show ip route

156.26.0.0/16 is variably subnetted, 4 subnets, 2 masks

C 156.26.0.0/20 is directly connected, Loopback0

C 156.26.16.0/20 is directly connected, Loopback1

C 156.26.32.0/20 is directly connected, Loopback2

O IA 156.26.64.0/18 [110/2] via 172.16.3.2, 00:02:01, FastEthernet8/1

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.3.0 is directly connected, FastEthernet8/1

r2#show ip route

156.26.0.0/16 is variably subnetted, 4 subnets, 2 masks

O IA 156.26.0.0/18 [110/2] via 172.16.3.1, 00:00:07, FastEthernet0/0

C 156.26.64.0/20 is directly connected, Loopback0

C 156.26.80.0/20 is directly connected, Loopback1

C 156.26.96.0/20 is directly connected, Loopback2

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.3.0 is directly connected, FastEthernet0/0

Command: Area

Subcommand: stub

Purpose: Specify a stub area.

This command is used to define an area as a stub area. All routers in a stub area must be configured using this command.

r1(config-router)#area 1 stub ?

no-summary Do not send summary LSA into stub area

<cr>

The first form, area 1 stub, configures the area as a stub area. The second form, area 1 stub no-summary, reduces the amount of information sent into the area by preventing the ABR from sending type 3 LSAs (summary LSA) into the area.

Command: Area

Subcommand: virtual-link

Purpose: Define a virtual link and it’s parameters.

All non-backbone (non-zero) areas must connect to the backbone. If the backbone becomes divided or if an area cannot physically attach to the backbone then a virtual link is needed (figure 11.4). The format of the command is

Area <transit area id> virtual-link <remote route ID>.

The transit area is the area connecting the backbone and non-backbone areas or the area connecting the two disjoint backbone areas. In figure 11.4 the transit area is area 51. The router ID is the highest IP address assigned to the router or the highest loopback address if loopbacks are being used (and they should). The commands to create the virtual-link

Router r1

area 51 virtual-link 172.16.60.1

Router r2

area 51 virtual-link 172.16.30.1

There are additional subcommands for the virtual-link command and they will be explained in the section on OSPF interface commands.

r1(config-router)#area 1 virtual-link 1.2.3.4 ?

authentication-key Set authentication key

dead-interval Dead router detection time

hello-interval Hello packet interval

message-digest-key Set message digest key

retransmit-interval LSA retransmit interval

transmit-delay LSA transmission delay

<cr>

Command: default-information

Purpose: Control distribution of default information

This command is covered in chapter 13, Route redistribution.

Command: default-metric

Purpose: A router may be running more that one IP routing protocol (RIP, IGRP, EIGRP or OSPF). Each routing protocol has a different metric, for example RIP has a hop count, OSPF has a dimensionless cost and IGRP and EIGRP have a cost based on five metrics. When injecting routes from one routing protocol to another, the route metric needs to be converted from one protocol to another. The default-metric command is used to perform this conversion. This will be covered in detail in chapter 13.

Command: distance

Purpose: Used to adjust the administrative distance of a route.

r2(config)#router ospf 100

r2(config-router)#distance ?

<1-255> Administrative distance

ospf OSPF distance

The first form is to enter an administrative distance in the range 1 – 255. The default for OSPF is 120. The administrative distance is used when more than one routing protocol is active on a router. For example, if we are running IGRP and OSPF and each protocol has a route to the same network the IGRP route would be preferred because IGRP has a lower administrative distance (100) than OSPF (110). We can force the IGRP route to not be chosen by setting the administrative distance to be lower than that for IGRP.

r2(config-router)#distance 95 ?

A.B.C.D IP Source address

<cr>

Choosing <cr> will set the administrative distance to all routes learned from OSPF to the number entered, in this case, 95. This can be seen by examining the IP protocol listing.

r2#show ip protocols

Routing Protocol is "ospf 100"

Sending updates every 0 seconds

Invalid after 0 seconds, hold down 0, flushed after 0

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Redistributing: ospf 100

Routing for Networks:

172.16.4.0/24

172.16.5.0/24

172.16.3.0/24

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 95)

If you want to adjust the administrative distance for a particular IP network use the form

r2(config-router)#distance 130 172.16.0.0 ?

A.B.C.D IP address mask

r2(config-router)#distance 130 172.16.0.0 0.0.255.255 ?

<1-99> IP Standard access list number

Notice that the IP address mask is the "reverse" of what is used for a subnet mask. This is the same style used for IP access-lists that were discussed in chapter 7. We can choose the routes that will have their administrative distance modified through the use of an IP access-list. Assume we want to change the administrative distance of the route to 172.16.1.0 to 95 but not affect the route to 172.16.2.0. First we would use the OSPF command

r2(config-router)#distance 95 172.16.0.0 0.0.255.255 ?

<1-99> IP Standard access list number

r2(config-router)#distance 130 172.16.0.0 0.0.255.255 1 ?

<cr>

r2(config-router)#distance 130 172.16.0.0 0.0.255.255 1

r2(config-router)#^Z

The final step is to create an IP access-list that informs OSPF to adjust the administrative distance of 172.16.1.0 but leave the administrative distance of 172.16.2.0 set to 110. Without an access-list but with the distance command shown above, all the routes learned for network 172.16.0.0 will have their administrative distance set to 130 as shown. This is the default behavior.


The access-list needed to adjust only the 172.16.1.0 is

r2(config)#access-list 1 ?

deny Specify packets to reject

permit Specify packets to forward

r2(config)#access-list 1 permit ?

Hostname or A.B.C.D Address to match

any Any source host

host A single host address

r2(config)#access-list 1 permit 172.16.1.0 0.0.0.225 ?

<cr>

r2(config)#access-list 1 permit 172.16.1.0 0.0.0.225

r2(config)#^Z

Notice that we did not have to use a permit any statement at the end of the access-list. A normal IP access-list always has an implicit deny any as the last statement. This is true in this case but the administrative distance is only affected for those routes that have a matching permit statement, so in the case the implicit deny any in the access-list has no effect. The new IP protocol listing contains

r2#show ip protocols

Routing Protocol is "ospf 100"

Sending updates every 0 seconds

Invalid after 0 seconds, hold down 0, flushed after 0

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Redistributing: ospf 100

Routing for Networks:

172.16.1.0/24

172.16.2.0/24

172.16.3.0/24

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 110)

Address Wild mask Distance List

172.16.1.0 0.0.0.255 95 1

Another form of the distance commands allows you to adjust the distance of either external, inter-area, or intra-area routes.

r1(config-router)#distance ospf ?

external External type 5 and type 7 routes

inter-area Inter-area routes

intra-area Intra-area routes

r1(config-router)#distance ospf external ?

<1-255> Distance for external type 5 and type 7 routes

r1(config-router)#distance ospf inter-area ?

<1-255> Distance for inter-area routes

r1(config-router)#distance ospf intra-area ?

<1-255> Distance for intra-area routes

Command: distribute-list

Purpose: Used to filter incoming or outgoing routing updates.

A distribute list is used to delete routes from either incoming or outgoing routing updates as we have seen with RIP, IGRP, and EIGRP. The distribute-list command will have no effect on OSPF and shouldn’t be used. Can you think of a reason why? OSPF routers exchange link-state information and not routes. The routes are derived from the link state information and every router in an area has an identical link-state database. Therefore there really aren’t any routes to block. Even if we could, they would be regenerated from the link-state database.

Command: Exit

Purpose: Exit router configuration mode and enter global configuration mode.

r2(config)#router ospf 100

r2(config-router)#exit

r2(config)#

Command: Help

Purpose: Get help on help

r2(config)#router ospf 100

r2(config-router)#help

Help may be requested at any point in a command by entering

a question mark '?'. If nothing matches, the help list will

be empty and you must backup until entering a '?' shows the

available options.

Two styles of help are provided:

1. Full help is available when you are ready to enter a

command argument (e.g. 'show ?') and describes each possible

argument.

2. Partial help is provided when an abbreviated argument is entered

and you want to know what arguments match the input

(e.g. 'show pr?'.)

Command: maximum-paths

Purpose: Forward packets over multiple paths

OSPF can distribute traffic on up to 6 different paths.

r2(config)#router ospf 100

r2(config-router)#maximum-paths ?

<1-6> Number of paths

r2(config-router)#maximum-paths 3 ?

<cr>

Command: neighbor

Purpose: Specify a neighbor on a non-broadcast network.

For NBMA networks such as X.25 and frame-relay additional configuration information is needed to propagate OSPF LSAs. The neighbor command can be used in order for OSPF LSAs to cross a frame-relay cloud or X.25 cloud. This command has been superceded by OSPF interface commands, which we shall see in chapter 12.

Command: Network

Purpose: To inform OSPF which networks to advertise and out which interfaces to advertise. Any active interface that has an IP address that is contained in the network command will be used to send and receive OSPF link state information.

Command: No

Purpose: Used to negate configuration commands.

The no command is used to undo previous configuration commands.

r1(config)#router ospf 100

r1(config-router)#no network 172.16.1.0 0.0.0.255 area 1

Command: ospf

Purpose: OSPF specific commands.

The format for the OSPF specific commands is given below.

r1(config-router)#ospf ?

auto-cost Calculate OSPF interface cost according to bandwidth

ignore Do not complain about specific event

log-adjacency-changes Log changes in adjacency state

r1(config-router)#ospf auto-cost ?

reference-bandwidth Use reference bandwidth method to assign OSPF cost

<cr>

r1(config-router)#ospf auto-cost reference-bandwidth ?

<1-4294967> The reference bandwidth in terms of Mbits per second

r1(config-router)#ospf auto-cost reference-bandwidth 10 ?

r1(config-router)#ospf ignore ?

lsa Do not complain upon receiving LSA of the specified type

r1(config-router)#ospf ignore lsa ?

mospf MOSPF Type 6 LSA

r1(config-router)#ospf ignore lsa mospf ?

<cr>

r1(config-router)#ospf log-adjacency-changes ?

<cr>

The auto-cost command determines how OSPF will calculate default metrics for the router interfaces. The default, as we have seen, is 100,000,000 and can be changed with this command. For example, if we change the reference bandwidth to 1,000,000,000 then the cost of the fast ethernet interface should increase from 1 to 2 as shown.

r1(config-router)#ospf auto-cost reference-bandwidth ?

<1-4294967> The reference bandwidth in terms of Mbits per second

r1(config-router)#ospf auto-cost reference-bandwidth 1000

% OSPF: Reference bandwidth is changed.

Please ensure reference bandwidth is consistent across all routers.

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 10

Transmit Delay is 1 sec, State BDR, Priority 2

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.2.1, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:07

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

The interface command ip ospf cost will override the auto-cost router ospf command.

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf cost 1

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 1

Transmit Delay is 1 sec, State BDR, Priority 2

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.2.1, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:06

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

The subcommand ospf log-adj-changes will send information to the console screen when a neighbor’s status changes. To test this feature, shut down the ethernet interface on r2 and see what happens.

r1(config-router)#ospf log-adjacency-changes

r2(config)#interface fastEthernet 0/0

r2(config-if)#shut

r2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down

Router r1 console output

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from FULL to DOWN, Neighbor Down

Now re-enable the ethernet interface on r2 and watch r1 and r2 form their adjacency.

r2(config-if)#no shut

r2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

Router r1 console output

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from DOWN to INIT

, Received Hello

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from INIT to 2WAY, 2-Way Received

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from 2WAY to EXSTART, AdjOK?

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from EXSTART to EXCHANGE, Negotiation Done

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from EXCHANGE to LOADING, Exchange Done

%OSPF-5-ADJCHG: Process 100, Nbr 172.16.5.1 on FastEthernet8/1 from LOADING to FULL, Loading Done

The final OSPF subcommand is used to ignore MOSPF type 6 LSAs.

r1(config-router)#ospf ignore ?

lsa Do not complain upon receiving LSA of the specified type

r1(config-router)#ospf ignore lsa ?

mospf MOSPF Type 6 LSA

r1(config-router)#ospf ignore lsa mospf ?

<cr>

Command: passive-interface

Purpose: Suppress routing updates on an interface.

The passive-interface command stops routing information from being sent or received (processed) on an interface. Interfaces that have been configured as passive can be shown with the show ip protocols command.

r1#show ip protocols

Routing Protocol is "ospf 100"

Sending updates every 0 seconds

Invalid after 0 seconds, hold down 0, flushed after 0

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Redistributing: ospf 100

Routing for Networks:

172.16.1.0/24

172.16.2.0/24

172.16.3.0/24

Passive Interface(s):

Loopback0

Routing Information Sources:

Gateway Distance Last Update

172.16.5.1 110 00:09:18

Distance: (default is 110)

Since OSPF does not send routing updates as a broadcast, the passive-interface used in conjunction with the neighbor command will not allow OSPF to receive routing updates like we have seen with RIP and IGRP. Making an interface passive blocks the OSPF hello protocol preventing a neighbor relationship from being established on the interface. This has the affect of blocking the incoming routing updates since they are only sent to neighbors. The passive-interface is not needed with OSPF because we can prevent OSPF from functioning on an interface by not entering a network command for that interface. We could not do this with RIP, IGRP, and EIGRP since we could only enter major network numbers with the network command.

Command: redistribute

Purpose: Redistribute information from another routing protocol.

This command is covered in chapter 13, Protocol Redistribution.

Command: summary-address

Purpose: Configure IP address summaries.

The summary-address command is used for external route summarization of external routes that are injected into OSPF through redistribution. This topic will be covered in chapter 13, Route Redistribution.

Command: timers

Purpose: Adjust routing timers.

The OSPF timer values can be seen by using the global command show ip ospf 100.

r1#show ip ospf 100

Routing Process "ospf 100" with ID 172.16.2.1

Supports only single TOS(TOS0) routes

SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

Number of DCbitless external LSA 0

Number of DoNotAge external LSA 0

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Area BACKBONE(0)

Number of interfaces in this area is 3

Area has no authentication

SPF algorithm executed 4 times

Area ranges are

Link State Update Interval is 00:30:00 and due in 00:11:09

Link State Age Interval is 00:20:00 and due in 00:01:08

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

The two OSPF timer values can be modified with the timers command.

r1(config)#router ospf 100

r1(config-router)#timers ?

spf OSPF SPF timers

r1(config-router)#timers spf ?

<0-4294967295> Delay between receiving a change to SPF calculation

r1(config-router)#timers spf 7 ?

<0-4294967295> Hold time between consecutive SPF calculations

r1(config-router)#timers spf 7 13 ?

<cr>

r1(config-router)#timers spf 7 13

r1#show ip ospf 100

Routing Process "ospf 100" with ID 172.16.2.1

Supports only single TOS(TOS0) routes

SPF schedule delay 7 secs, Hold time between two SPFs 13 secs

Number of DCbitless external LSA 0

Number of DoNotAge external LSA 0

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Area BACKBONE(0)

Number of interfaces in this area is 3

Area has no authentication

SPF algorithm executed 4 times

Area ranges are

Link State Update Interval is 00:30:00 and due in 00:06:46

Link State Age Interval is 00:20:00 and due in 00:16:45

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

OSPF Interface Commands

The OSPF commands available for an interface are shown below.

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf ?

authentication-key Authentication password (key)

cost Interface cost

dead-interval Interval after which a neighbor is declared dead

demand-circuit OSPF demand circuit

hello-interval Time between HELLO packets

message-digest-key Message digest authentication password (key)

network Network type

priority Router priority

retransmit-interval Time between retransmitting lost link state advertisements

transmit-delay Link state transmit delay

Command: Authentication password (key)

Purpose: Used to apply clear text authentication to the interface

This command was covered in the discussion of the area authentication router configuration command.

Command: cost

Purpose: Change the interface OSPF cost.

The default cost for an interface is 100,000,000 divided by the bandwidth of the interface. For the fast ethernet interface the cost would be 1 as seen by using the global command

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 1

Transmit Delay is 1 sec, State BDR, Priority 1

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.2.1, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:00

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

The interface cost can be modified by using the ip ospf cost interface command. For example, if we want to change the cost of the fast ethernet interface to 2 we would use

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf cost ?

<1-65535> Cost

r1(config-if)#ip ospf cost 2 ?

<cr>.

The new cost can be seen by listing the OSPF interface.

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 2

Transmit Delay is 1 sec, State BDR, Priority 1

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.2.1, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:06

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

Command: dead-interval

Purpose: Interval after which a neighbor is declared dead.

Command: hello-interval

Purpose: Time between HELLO packets

Command: retransmit interval

Purpose: Time between retransmitting lost link state advertisements

Command: transmit-delay

Purpose: Link state transmit delay.

The above four commands are used to adjust OSPF timers. These values and their defaults can be seen by executing the global command

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 1

Transmit Delay is 1 sec, State BDR, Priority 1

Designated Router (ID) 172.16.5.1, Interface address 172.16.3.2

Backup Designated router (ID) 172.16.2.1, Interface address 172.16.3.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:00

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 172.16.5.1 (Designated Router)

Suppress hello for 0 neighbor(s)

The OSPF timer values can be modified in interface configuration mode as shown below.

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf dead-interval ?

<1-65535> Seconds

r1(config-if)#ip ospf dead-interval 20

r1(config-if)#ip ospf hello-interval ?

<1-65535> Seconds

r1(config-if)#ip ospf hello-interval 5

r1(config-if)#ip ospf retransmit-interval ?

<1-65535> Seconds

r1(config-if)#ip ospf retransmit-interval 7

r1(config-if)#ip ospf transmit-delay ?

<1-65535> Seconds

r1(config-if)#ip ospf transmit-delay 23 ?

<cr>

r1(config-if)#ip ospf transmit-delay 23

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 2

Transmit Delay is 23 sec, State DR, Priority 1

Designated Router (ID) 172.16.2.1, Interface address 172.16.3.1

No backup designated router on this network

Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 7

Hello due in 00:00:03

Neighbor Count is 0, Adjacent neighbor count is 0

Suppress hello for 0 neighbor(s)

Command: demand-circuit

Purpose: OSPF command circuit.

This command is covered in chapter 12, Advanced OSPF Configuration.

Command: message-digest-key

Purpose: Message digest authentication password (key).

This command was covered in the discussion of OSPF authentication.

Command: network

Purpose: Network type

This command is covered in chapter 12, Advanced OSPF Configuration.

Command: priority

Purpose: Router priority

The default OSPF priority on an interface is 1. If you do not want a router to be elected the DR or BDR for a network then set the interface OSPF priority to 0. Normally the router with the highest router ID is elected designated router for a network. You can influence the DR election by increasing the interface OSPF priority. The router with highest interface priority will be elected DR. The OSPF priority for an interface is contained in the interface OSPF properties listing.

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 2

Transmit Delay is 1 sec, State DR, Priority 1

Designated Router (ID) 172.16.2.1, Interface address 172.16.3.1

No backup designated router on this network

Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 7

Hello due in 00:00:01

Neighbor Count is 0, Adjacent neighbor count is 0

Suppress hello for 0 neighbor(s)

To change the interface OSPF priority use the interface command

r1(config)#interface fastEthernet 8/1

r1(config-if)#ip ospf priority ?

<0-255> Priority

r1(config-if)#ip ospf priority 2 ?

<cr>

r1(config-if)#ip ospf priority 2

To see the effect of the command list the interface OSPF parameters.

r1#show ip ospf interface fastEthernet 8/1

FastEthernet8/1 is up, line protocol is up

Internet Address 172.16.3.1/24, Area 0

Process ID 100, Router ID 172.16.2.1, Network Type BROADCAST, Cost: 2

Transmit Delay is 1 sec, State DR, Priority 2

Designated Router (ID) 172.16.2.1, Interface address 172.16.3.1

No backup designated router on this network

Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 7

Hello due in 00:00:01

Neighbor Count is 0, Adjacent neighbor count is 0

Suppress hello for 0 neighbor(s)

Changing the priority will not immediately affect which router is the DR. For stability, the current DR will remain DR until a change causes the election process to be run. When this happens, then the router with the highest interface priority will be elected DR.

Monitoring OSPF

There are a multitude of show commands that can be used to monitor an OSPF network and we will examine those show commands that apply to our basic OSPF network shown in figure 11.1 with one modification. Put interface loopback 0 in area 51 instead of area 0. This will have the effect of making router r1 and area border router.

Command: show ip ospf <process id>

Purpose: Display information about all OSPF routing processes by using show ip ospf or a particular process by using show ip ospf <process id>.

r1#show ip ospf 100

Routing Process "ospf 100" with ID 172.16.2.1

Supports only single TOS(TOS0) routes

It is an area border router

Summary Link update interval is 00:30:00 and the update due in 00:28:13

SPF schedule delay 7 secs, Hold time between two SPFs 13 secs

Number of DCbitless external LSA 0

Number of DoNotAge external LSA 0

Number of areas in this router is 2. 2 normal 0 stub 0 nssa

Area BACKBONE(0) (Inactive)

Number of interfaces in this area is 2

Area has no authentication

SPF algorithm executed 10 times

Area ranges are

Link State Update Interval is 00:30:00 and due in 00:11:43

Link State Age Interval is 00:20:00 and due in 00:01:43

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Area 51

Number of interfaces in this area is 1

Area has no authentication

SPF algorithm executed 2 times

Area ranges are

Link State Update Interval is 00:30:00 and due in 00:28:06

Link State Age Interval is 00:20:00 and due in 00:18:06

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

The first line shows the OSPF routing process number and the ID of the router. Notice that the router ID is not the highest IP address assigned to the router but is the highest loopback interface IP address. The third line indicates that r1 is an area border router. Router r1 is an ABR since interface loopback 0 is a non-backbone area so router r1 has interfaces in more than one area making it an ABR. The forth line shows that the LSA update time is 30 minutes, making OSPF a very quiet protocol.

Command: show ip ospf neighbor

Purpose: Display an OSPF routers neighbor relationships.

For the basic network in figure 11.1 each router has only 1 neighbor as shown.

r1#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

172.16.5.1 1 FULL/DR 00:00:31 172.16.3.2 FastEthernet8/1

r2#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

172.16.2.1 1 FULL/BDR 00:00:36 172.16.3.1 FastEthernet0/0

Since we only have two routers, one will be elected the DR and the other the BDR as shown. Router r1 is showing that r2 is the DR and r2 is showing that r1 is the BDR. This is expected since r2 has a higher router ID (172.16.5.1) than r1 (172.16.2.1). The state of this neighbor relationship if FULL. Recall from chapter 7 the states the neighbors go through before achieving an adjacency. We can view this process by shutting down the fast ethernet interface on r1 and then turning it on again with the shut and no shut router interface commands. We can then watch the adjacency form by executing the show ip ospf neighbor command until the full adjacency is reached.

Neighbor ID Pri State Dead Time Address Interface

172.16.5.1 1 2WAY/DROTHER 00:00:35 172.16.3.2 FastEthernet8/1

Neighbor ID Pri State Dead Time Address Interface

172.16.5.1 1 EXSTART/DR 00:00:39 172.16.3.2 FastEthernet8/1

Neighbor ID Pri State Dead Time Address Interface

172.16.5.1 1 FULL/DR 00:00:39 172.16.3.2 FastEthernet8/1

We have discussed that if we want to influence the DR election we can do so by changing an interfaces OSPF priority. Currently, router r2 is the DR since it has a higher router ID. What will happen if we set the fast ethernet interface priority on r1 to 2? Router r1 should be elected designated router. Change the OSPF priority on router r1 to 2, shut down the interface and then re-enable the interface. After the routers have reached the full state determine which one is the designated router.

r1(config)#interface fastEthernet 8/1

r1(config-if)#shut

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet8/1, changed state to down

%LINK-5-CHANGED: Interface FastEthernet8/1, changed state to administratively down

r1(config-if)#ip ospf priority 2

r1(config-if)#no shut

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet8/1, changed state to up

%LINK-3-UPDOWN: Interface FastEthernet8/1, changed state to up [Resuming connection 1 to r2 ... ]

r2#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

172.16.2.1 2 FULL/BDR 00:00:35 172.16.3.1 FastEthernet0/0

Something seems wrong. Router r1 shows a higher priority but it is still the BDR. Router r2 was the designated router. Since the link on r2 did not go down, it will remain the DR regardless of the priority of r1. To force r1 to be DR we need to shut down r2’s interface and then re-enable it.

r2(config)#interface fastEthernet 0/0

r2(config-if)#shut

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down

r2(config-if)#no shut

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

r2#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

172.16.2.1 2 FULL/DR 00:00:31 172.16.3.1 FastEthernet0/0

Router r1 is now the designated router due to its higher priority.

There are a multitude of ip ospf show commands and we have seen the most commonly used forms. The remaining forms are shown below. Experiment with them to get some practice with the information they can reveal.

r1#show ip ospf ?

<1-4294967295> Process ID number

border-routers Border and Boundary Router Information

database Database summary

interface Interface information

neighbor Neighbor list

request-list Link state request list

retransmission-list Link state retransmission list

retransmission-list Link state retransmission list

virtual-links Virtual link information

<cr>

OSPF Debug Commands

The are a number of OSPF debug commands available for the monitoring of the OSPF process as shown below.

r1#debug ip ospf ?

adj SPF adjacency events

events OSPF events

flood OSPF flooding

lsa-generation OSPF lsa generation

packet OSPF packets

retransmission OSPF retransmission events

spf OSPF spf

tree OSPF database tree

The debug ip ospf adj command will display on the console events relating to any formed adjacencies or to adjacencies the router is trying to establish. Enable adjacency debugging and then shut down the ethernet interface on r2 in order to view the operation of this command. How long will it take from the time we disable the ethernet interface on r2 until we see an adjacency change? The neighbor router will not be declared dead until the dead-interval has expired which has a default of 40 seconds.

r1#debug ip ospf adj

OSPF adjacency events debugging is on

r2(config)#interface fastEthernet 0/0

r2(config-if)#shut

r2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down

OSPF: 172.16.5.1 address 172.16.3.2 on FastEthernet8/1 is dead

OSPF: 172.16.5.1 address 172.16.3.2 on FastEthernet8/1 is dead, state DOWN

OSPF: Neighbor change Event on interface FastEthernet8/1

OSPF: DR/BDR election on FastEthernet8/1

OSPF: Elect BDR 0.0.0.0

OSPF: Elect DR 172.16.2.1

DR: 172.16.2.1 (Id) BDR: none

OSPF: Build router LSA for area 0, router ID 172.16.2.1

OSPF: Build router LSA for area 0, router ID 172.16.2.1

OSPF: Build network LSA for FastEthernet8/1, router ID 172.16.2.1

OSPF: No full nbrs to build Net Lsa

OSPF: Flush network LSA on FastEthernet8/1 for area 172.16.2.1

OSPF: Schedule SPF to remove network route

OSPF: Build router LSA for area 0, router ID 172.16.2.1

Now re-enable the ethernet interface on r2.

r2(config-if)#no shut

r2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

Router r1 console output

OSPF: 2 Way Communication to 172.16.5.1 on FastEthernet8/1, state 2WAY

OSPF: Neighbor change Event on interface FastEthernet8/1

OSPF: DR/BDR election on FastEthernet8/1

OSPF: Elect BDR 172.16.5.1

OSPF: Elect DR 172.16.2.1

DR: 172.16.2.1 (Id) BDR: 172.16.5.1 (Id)

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Build router LSA for area 0, router ID 172.16.2.1

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Neighbor change Event on interface FastEthernet8/1

OSPF: DR/BDR election on FastEthernet8/1

OSPF: Elect BDR 172.16.5.1

OSPF: Elect DR 172.16.2.1

DR: 172.16.2.1 (Id) BDR: 172.16.5.1 (Id)

OSPF: Build router LSA for area 0, router ID 172.16.2.1

OSPF: Retransmitting DBD to 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1A82 opt 0x2 flag 0x7 len 32

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x1DE5 opt 0x2 flag 0x7 len 32 state EXSTART

OSPF: NBR Negotiation Done. We are the SLAVE

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1DE5 opt 0x2 flag 0x2 len 112

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x1DE6 opt 0x2 flag 0x3 len 132 state EXCHANGE

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1DE6 opt 0x2 flag 0x0 len 32

OSPF: Database request to 172.16.5.1

OSPF: sent LS REQ packet to 172.16.3.2, length 24

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x1DE7 opt 0x2 flag 0x1 len 32 state EXCHANGE

OSPF: Exchange Done with 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x1DE7 opt 0x2 flag 0x0 len 32

OSPF: Build network LSA for FastEthernet8/1, router ID 172.16.2.1

OSPF: No full nbrs to build Net Lsa

OSPF: Flush network LSA on FastEthernet8/1 for area 172.16.2.1

OSPF: Synchronized with 172.16.5.1 on FastEthernet8/1, state FULL

OSPF: Build router LSA for area 0, router ID 172.16.2.1

OSPF: Build network LSA for FastEthernet8/1, router ID 172.16.2.1

This debugging output gives you a clear picture of the events that occur when two routers are forming an adjacency on a network. The debug ip ospf events command displays a more summarized output than the debug ip ospf adjacencies command. Enable events debugging and again shutdown the ethernet interface on r2. We will again have to wait 40 seconds before seeing any output.

r1#debug ip ospf events

OSPF events debugging is on

OSPF: 172.16.5.1 address 172.16.3.2 on FastEthernet8/1 is dead

OSPF: Neighbor change Event on interface FastEthernet8/1

OSPF: DR/BDR election on FastEthernet8/1

OSPF: Elect BDR 0.0.0.0

OSPF: Elect DR 172.16.2.1

DR: 172.16.2.1 (Id) BDR: none

OSPF: Tried to build Router LSA within MinLSInterval

OSPF: Schedule SPF to remove network route

OSPF: service_maxage: Trying to delete MAXAGE LSA

Re-enable the ethernet interface on r2 and sit back and watch the action.

OSPF: 2 Way Communication to 172.16.5.1 on FastEthernet8/1, state 2WAY

OSPF: Neighbor change Event on interface FastEthernet8/1

OSPF: DR/BDR election on FastEthernet8/1

OSPF: Elect BDR 172.16.5.1

OSPF: Elect DR 172.16.2.1

DR: 172.16.2.1 (Id) BDR: 172.16.5.1 (Id)

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x236D opt 0x2 flag 0x7 len 32

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x2324 opt 0x2 flag 0x7 len 32 state EXSTART

OSPF: NBR Negotiation Done. We are the SLAVE

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x2324 opt 0x2 flag 0x2 len 112

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x2325 opt 0x2 flag 0x3 len 132 state EXCHANGE

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x2325 opt 0x2 flag 0x0 len 32

OSPF: Database request to 172.16.5.1

OSPF: sent LS REQ packet to 172.16.3.2, length 24

OSPF: Rcv DBD from 172.16.5.1 on FastEthernet8/1 seq 0x2326 opt 0x2 flag 0x1 len 32 state EXCHANGE

OSPF: Exchange Done with 172.16.5.1 on FastEthernet8/1

OSPF: Send DBD to 172.16.5.1 on FastEthernet8/1 seq 0x2326 opt 0x2 flag 0x0 len 32

OSPF: Synchronized with 172.16.5.1 on FastEthernet8/1, state FULL

Experiment with the other debug commands and become familiar with the information they can supply.

Backward Forward
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

Reserve your copy at a
Beta Bookstore near you!
Contact Bet@books
© 1998 The McGraw-Hill Companies, Inc. All rights reserved.
Any use of this Beta Book is subject to the rules stated in the Terms of Use.

Beta Books | Beta Bookstores | Computing McGraw-Hill

Professional Publishing Home | Contact Us | Customer Service | For Authors | International Offices | New Book Alert | Search Catalog/Order | Site Map | What's New


A Division of the McGraw-Hill Companies
Copyright © 1998 The McGraw-Hill Companies. All rights reserved. Any use is subject to the Terms of Use; the corporation also has a comprehensive Privacy Policy governing information we may collect from our customers.