Implement OSPF in the Service Provider Network

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-1
 • Create an implementation plan:
- IP addressing
- Areas, area types
- ABRs and ASBRs
• Define summarization and redistribution points.
• Configure OSPF routing processes on every OSPF router.

OSPF Area 11 OSPF Area 1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF Area 0

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-2
 router ospf 1
area 0
interface GigabitEthernet0/0/0/1
area 1
router ospf 1 interface Loopback0
network 10.1.10.1 0.0.0.0 area 11 area 11
network 192.168.101.11 0.0.0.0 area 11 interface GigabitEthernet0/0/0/0

CE1 OSPF Area 11 PE1 OSPF Area 1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

or Gi 0/0/0/1
interface Loopback0 OSPF Area 0
ip ospf 1 area 11
!
interface GigabitEthernet0/0
ip ospf 1 area 11
!
router ospf 1

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-3
 • The router is known to OSPF by the router ID number.
• This router ID is used in LSDBs to differentiate routers.
• OSPF requires at least one active interface with an IP address.
• By default, the router ID is:
- The highest IP address on an active interface at the moment of OSPF process
startup.
- If a loopback interface exists, the router ID is the highest IP address on any
active loopback interface. A loopback interface overrides the OSPF router ID.
• The OSPF router-id command can be used to override the default
OSPF router ID selection process.
• Using a loopback interface or a router-id command is recommended for
stability.
• OSPFv3 still uses a 32-bit number, written in four octets.

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-4
 interface Loopback0 interface Loopback0
ip address 10.1.1.1 255.255.255.255 ipv4 address 10.1.1.1 255.255.255.255
! !
router ospf 1 router ospf 1
router-id 10.1.10.1 router-id 10.1.1.1

CE1 OSPF Area 11 PE1 OSPF Area 1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

clear ip ospf process clear ospf process

New loopback takes effect: Router ID takes effect

▪ Router is reloaded when OSPF is reset.
▪ OSPF process is removed and reconfigured

RP/0/RSP0/CPU0:PE1#show ospf
Routing Process "ospf 1" with ID 10.1.1.1
NSR (Non-stop routing) is Disabled
Supports only single TOS(TOS0) routes
Supports opaque LSA
It is an area border router
< text omitted >

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-5
 • The sending and receiving of routing updates is disabled.
• The specified interface address appears as a stub network in the OSPF
domain.

router ospf 1
area 11
router ospf 1 interface GigabitEthernet0/0/0/2
passive-interface GigabitEthernet 0/1 passive enable

CE1 OSPF Area 11 PE1 OSPF Area 1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0
Gi 0/1 Gi 0/0/0/02

or
router ospf 1 router ospf 1
passive-interface default passive enable
no passive-interface GigabitEthernet 0/0 area 11
interface GigabitEthernet0/0/0/0
passive disable

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-6
 router ospf 1
area 0
interface GigabitEthernet0/0/0/1
area 1
router ospf 1 interface Loopback0
network 10.1.10.1 0.0.0.0 area 11 area 11
network 192.168.101.11 0.0.0.0 area 11 interface GigabitEthernet0/0/0/0

CE1 OSPF Area 11 PE1 OSPF Area 1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF Area 0

show ospf Verify OSPF routing protocol.

show ospf interface Verify OSPF interface information.

show ospf neighbor Verify OSPF neighbors.
show route ospf Verify OSPF routes learned by the router in the IP routing table.
show protocols Verify configured IP routing protocol processes.
show ospf database Verify OSPF LSDB.

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-7
 CE1 OSPF Area 11 PE1 OSPF Area 1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF Area 0

RP/0/RSP0/CPU0:PE1#show ospf
Routing Process "ospf 1" with ID 10.1.1.1 OSPF router ID
NSR (Non-stop routing) is Disabled
Supports only single TOS(TOS0) routes
Supports opaque LSA
It is an area border router
Router is not originating router-LSAs with maximum metric OSPF timers
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Initial LSA throttle delay 50 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
Minimum LSA interval 200 msecs. Minimum LSA arrival 100 msecs
LSA refresh interval 1800 seconds
Flood pacing interval 33 msecs. Retransmission pacing interval 66 msecs
Adjacency stagger enabled; initial (per area): 2, maximum: 64
Number of neighbors forming: 0, 2 full
< text omitted >
OSPF statistics

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-8
 CE1 OSPF Area 11 PE1 OSPF Area 1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF OSPF Area 0
process ID
RP/0/RSP0/CPU0:PE1#show ospf interface GigabitEthernet 0/0/0/0 OSPF area
GigabitEthernet0/0/0/0 is up, line protocol is up
Internet Address 192.168.101.10/24, Area 11
OSPF network type
Process ID 1, Router ID 10.1.1.1, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State BDR, Priority 1, MTU 1500, MaxPktSz 1500
Designated Router (ID) 10.1.10.1, Interface address 192.168.101.11
OSPF Backup Designated router (ID) 10.1.1.1, Interface address 192.168.101.10
router ID Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
Index 1/2, flood queue length 0 OSPF timers
Next 0(0)/0(0)
Last flood scan length is 1, maximum is 6
Last flood scan time is 0 msec, maximum is 0 msec
LS Ack List: current length 0, high water mark 18
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.10.1 (Designated Router) OSPF neighbors
Suppress hello for 0 neighbor(s)
Multi-area interface Count is 0

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-9
 CE1 OSPF Area 11 PE1 OSPF Area 1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF Area 0

RP/0/RSP0/CPU0:PE1#show ospf neighbor

* Indicates MADJ interface
Neighbors for OSPF 1
Neighbor ID Pri State Dead Time Address Interface
10.1.10.1 1 FULL/DR 00:00:32 192.168.101.11 GigabitEthernet0/0/0/0
Neighbor is up for 00:41:42
Total neighbor count: 1

RP/0/RSP0/CPU0:PE1#show ospf neighbor detail

< text omitted >
Neighbor 10.1.10.1, interface address 192.168.101.11
In the area 11 via interface GigabitEthernet0/0/0/0
Neighbor priority is 1, State is FULL, 6 state changes
DR is 192.168.101.11 BDR is 192.168.101.10
Options is 0x52
LLS Options is 0x1 (LR)
Dead timer due in 00:00:33
Neighbor is up for 00:42:09
< text omitted >

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-10
 CE1 OSPF Area 11 PE1 OSPF Area 1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

Gi 0/0/0/1
OSPF Area 0

RP/0/RSP0/CPU0:PE1#show route ospf

O 10.1.10.1/32 [110/2] via 192.168.101.11, 01:23:03, GigabitEthernet0/0/0/0
O IA 192.168.102.0/24 [110/2] via 192.168.112.20, 00:57:43, GigabitEthernet0/0/0/1

RP/0/RSP0/CPU0:PE1#show protocols
Routing Protocol OSPF 1
Router Id: 10.1.1.1
Distance: 110
Non-Stop Forwarding: Disabled
Redistribution:
None
Area 0
GigabitEthernet0/0/0/1
Area 1
Loopback0
Area 11
GigabitEthernet0/0/0/0

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-11
 • Also called “cost”
• Defined per interface, but may be altered
• Inversely proportional to the bandwidth of that interface
• Auto-Cost = Ref.BW/ int.BW = 100 Mbps / Int.BW

Default Cost with

Link Type
Cost reference 1010 b/s
64 kb/s serial link 1562 156250
T1 (1.544 Mb/s serial link) 64 6476
E1 (2.048 Mb/s serial link) 48 4882
Ethernet 10 1000
Fast Ethernet 1 100
Gigabit Ethernet 1 10
10 Gigabit Ethernet 1 1

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-12
 Change the OSPF cost on the interface to 20.
router ospf 1
area 11
interface GigabitEthernet0/0 interface GigabitEthernet0/0/0/0
ip ospf cost 20 cost 20

CE1 OSPF Area 11 PE1 OSPF Area 1

OSPF Area 10
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0
192.168.101.11 192.168.101.10
10.1.10.1 10.1.1.1
Gi 0/0/0/1
OSPF Area 0

router ospf 1 router ospf 1

auto-cost reference-bandwidth 10000 auto-cost reference-bandwidth 10000

Change the reference bandwidth from 100 to 10000.

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-13
 • Extremely lightweight Hello protocol that uses UDP to test bidirectional
communication.
• Used to detect failures in the forwarding path between two adjacent
routers.
• Millisecond resolution of forwarding plane failure.
• Relies on routing protocols to detect neighbors.

BFD control packets

Echo packets
R1 R2

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-14
 • Routing protocol (BFD client) bootstraps BFD to create BFD session to a
neighbor:
- BFD client receives link status change notification.
- Receive and transmit intervals are negotiated and configurable.
• Two systems agree on a method to detect failure.
• In case of failure, BFD notifies BFD client.
- BFD client independently decides on action.

R1 R2
OSPF OSPF neighbors OSPF

BFD BFD neighbors BFD

OSPF bootstraps BFD

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-15
 OSPF Area 0

BFD enabled BFD enabled

• OSPF uses BFD on all interfaces:

Cisco IOS Router
router ospf 1
bfd all-interfaces
!

Cisco IOS XR Router

router ospf 1
• OSPF uses BFD on single interface: area 0
interface TenGigE0/1/4/0
interface TenGigabitEthernet3/0/1 bfd fast-detect
ip ospf bfd bfd minimum-interval 100
bfd interval 100 min_rx 100 multiplier 3 bfd multiplier 3
! !
!
!

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-16
 • OSPF authentication is used to prevent the following:
- Undesired adjacencies and rogue routes to be inserted into OSPF
- Changes in routing information
• OSPFv2:
- Plaintext authentication—avoid at all times!
- MD5 authentication
- Authentication material is inserted into OSPF header of every OSPF packet
and checked by other router
• OSPFv3 does not have an authentication mechanism; it relies on IPsec
built into IPv6.
CE1 PE1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

OSPF authentication Gi 0/0/0/1

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-17
 OSPFv2 authentication type and key can be configured at different levels:
▪ Routing process
▪ Area
▪ Interface
If authentication is not configured on a lower level, authentication settings are
inherited from a higher level.

CE1 PE1
Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

OSPF authentication Gi 0/0/0/1

Authentication type can be configured per area in router configuration mode or per
interface.
If authentication is not configured per interface, authentication type is inherited from
area configuration.
Authentication key can be configured only per interface.

© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-18
 router ospf 1
area 11
interface GigabitEthernet0/0 interface GigabitEthernet0/0/0/0
ip ospf authentication message-digest authentication message-digest
ip ospf message-digest-key 1 md5 cisco message-digest-key 1 md5 encrypted cisco

CE1 OSPF Area 11 PE1

Gi 0/0 Gi 0/0/0/0
Lo 0 Lo 0

OSPF authentication Gi 0/0/0/1

RP/0/RSP0/CPU0:PE1#show ospf interface GigabitEthernet 0/0/0/0

GigabitEthernet0/0/0/0 is up, line protocol is up
Internet Address 192.168.101.10/24, Area 11
Process ID 1, Router ID 10.1.1.1, Network Type BROADCAST, Cost: 20
Transmit Delay is 1 sec, State BDR, Priority 1, MTU 1500, MaxPktSz 1500
Designated Router (ID) 10.1.10.1, Interface address 192.168.101.11
Backup Designated router (ID) 10.1.1.1, Interface address 192.168.101.10
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:06
< text omitted >
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.10.1 (Designated Router)
Suppress hello for 0 neighbor(s)
Message digest authentication enabled
Youngest key id is 1
Multi-area interface Count is 0
© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-19
© 2012 Cisco and/or its affiliates. All rights reserved. SPROUTE v1.01—2-20