OSPF - Operation
Transcript of OSPF - Operation
How it all works
• Internet model
2
AS X AS Y AS Z
iBGP iBGP iBGP
IGP IGP IGP
eBGP eBGP
Barry Greene & Philip Smith “Cisco ISP Essentials”
3
Recap
• In ISP networks, IGPs– Allow routers within an AS to learn about each other
– Carry next-hop reachability info• Carries infrastructure info (loopbacks & ptp)
• NOT customer routes!
– scalability and fast convergence• Hence, minimise the number of prefixes carried in IGP!
• BGP– Carries customer prefixes
– Exchanges network info with other networks• Carries internet route across the AS
OSPF - Intro
• Link-state protocol– SPF algorithm
– Protocol number (89) – runs on top of IP
– Only sends triggered updates
– Supports hierarchical routing (multi-area) – scalability
• OSPFv2 (RFC2328), OSPFv3 (RFC5340), OSPFv3 AF (RFC5838)
4
OSPF MessageOSPF HeaderIP Header
5
LSAs
R2 R1 LSDB (Topology)LSAs
SPF Tree
Best Paths
Routing Table
Dijk
stra
’s S
PF
Link State Operation
R2
R3
R1
R4
Link State Operation
• Each link-state router learns about its links and connected networks– builds a link state packet – LSP (LSAs for each link)
• Sends out Hellos for neighbor discovery– To establish adjacency
• Floods LSP to all its neighbors– Stores all LSPs learned from its neighbors in a LSDB, and floods
to other neighbors
– Eventually all routers receive all LSPs• same view of the network!
• Computes the best path to each destination – using the SPF algorithm (SPF tree)
6
Shortest Path First (SPF) Tree
• Every router in an OSPF network maintains an identical topology database
• Router places itself at the root of SPF tree when calculating the best path
Best path selection
• Lowest cumulative cost = best path
• Load balances over equal cost paths
8
FE
FE
FE
GE
1
10
10
10
FE
FE
GE
GE
1
10
10
1
OSPF Metric
• Uses link/path cost as metric
• Generally, inversely proportional to the link BW– Higher the BW lower the cost
• configurable
– The reference BW is generally 100Mbps (FE)• interfaces bigger than a FE would have a cost of 1
– For more granularity/accuracy of cost calculation• change reference BW for bigger links (all OSPF routers)
9
Cost =𝒓𝒆𝒇𝒆𝒓𝒆𝒏𝒄𝒆 𝒃𝒘
𝒊𝒏𝒕𝒆𝒓𝒇𝒂𝒄𝒆 𝒃𝒘(𝒃𝒑𝒔)
IOS:router ospf/v3 <process-id>
auto-cost reference-bandwidth <Mbps>
Junos:set protocols ospf/3 reference-bandwidth <Gbps>
Router ID
• Uniquely identifies a link-state router– 4-byte Router ID
• Either:
– Explicitly configured =>
– Else, the highest/lowest IPv4 address of any active loopback interface
– If no loopbacks, the highest/lowest IPv4 address of any active physical interface
– ** Loopbacks preferred!• Why??
10
IOS:router-id <4-byte>
Junos:set routing-options router-id <4-byte>
OSPF Packets
11
Version Type Length
Router-ID
Area-ID
Checksum AuType
Authentication
Authentication
Type Description
1 Hello
2 Database Description
3 Link State Request
4 Link State Update
5
Link State
Acknowledgement
OSPF Header OSPF Message
OSPF Packets
• Hello packet
– Initially exchanged for neighbor discovery, and
– Later periodically to maintain adjacency• Hello/Dead interval
– Hello packets contain:• Router ID (sender’s)
• Area ID *
• Hello and Dead interval *
• Neighbors (list/router-id of neighbors - valid Hellos received)
• Network mask *
• DR/BDR identity (IP)
• Authentication (if enabled) *
12
OSPF Packets
• DBD packet
– To sync LSDBs
– Summary of local LSDB• List of LSAs (headers) with sequence number
– DBD exchange uses a poll-response paradigm• Master sends DBD (polls); Slave acks with its own DBD (responds)
– The router with higher Router ID - Master
13
OSPF Packets
• LSR packet– During the sync process, if the local router finds its LSDB is
out of date (older LSAs than those received in the DBD –seq#)
– Sends a LSR for the missing/newer LSAs• Each LSA requested is identified by LS type, link state ID, and the router
that advertised the LSA
14
OSPF Packets
• LSU packet– Link state info is propagated through LSAs
– LSAs are advertised in LSU packet to neighbors• Flooded reliably (ack) throughout the nw
• Initially (after adjacency is built), all LSAs in local LSDB
• Later, LSUs are only sent during a topology change
• Also in response to LSRs
– LSUs contain• # of LSAs
• List of LSAs (single or multiple)
15
OSPF Packets
• LSAck packet– OSPF routers need to acknowledge receipt of each LSA
• LSAck
– Dataless packet
16
Neighbor States
17
+----+
|Down|
+----+
+----+
|Init|
+----+
+-----+
|2-way|
+-----+
Hello received (no local Router-ID)
2-way received (local Router-ID seen)
DR/BDR selected from the “neighbor” list
+-------+
|ExStart|
+-------+
Master-Slave decision + DBD Seq#
(higher router ID)+--------+
|Exchange|
+--------+
Exchange DBD (local LSDB)
+--------+
|Loading |
+--------+
+----+
|Full|
+----+
LSRs sent to neighbor Adjacency estb
(inc Router LSAs &
Network LSAs)
Y - more recent LSAs req?N
Scaling - Hierarchy
• With single area OSPF, as network grows:– Larger LSDB and routing table
– Frequent LSA flooding and SPF compute
• Hence, two-level hierarchy– LSA flooding contained within areas
– Only summary routes exchanged between areas• Through the backbone
Area 0
Area 1Area 3
10.10.10.0/26
10.10.10.64/26
10.10.10.128/26
10.10.10.192/26
2001:db8::/64
2001:db8:0:1::/64
2001:db8:0:2::/642001:db8:0:3::/64
Area 2
ABRABR ABR
Virtual links
• OSPF requires regular areas to be connected to the backbone (Area-0)– Inter-area routes propagated through the backbone
• Virtual links allow regular areas to connect (logically) to the backbone– Physically not feasible
Area 0
Area 1
Area 3ABR ABRVirtual link
OSPF Network Types
• Point-to-point– Can ONLY have one neighbor
connected on the link
– LSUs sent to ”all OSPF routers” multicast• 224.0.0.5/FF02::5
• Broadcast (multi-access) – Could have more than one
neighbor connected on the link• Ethernet links
20
Broadcast NW issues
• Number of adjacencies– # of Adj = n(n-1)/2;
• Extensive LSA flooding– Initially, the whole LSDB
• LSAck too
– Periodic hellos for adjacencies
– Triggered updates• During topology changes, each router will
send LSUs to neighbors - contains the same info
• LSAck too
21
LSALSA
LSA LSALSA
LSALSALSA
LSA
DR/BDR
• Hence, OSPF elects a Designated and Backup Designated router for broadcast networks– Adjacencies only formed with DR and BDR
– LSAs sent only to DR (BDR listens)• 224.0.0.6/FF02::6
– DR floods to others• 224.0.0.5/FF02::5
22
DR BDR
DR/BDR Election
• Uses the Hello protocol (Rtr Priority)– highest OSPF interface priority – DR
• Next highest priority – BDR
– Configurable:
– Else, highest router ID – DR• Next highest - BDR
– Recommended:• configure higher priority for routers meant to be DR and BDR!
23
IOS:(config-if)#ip/ipv6 ospf priority <0-255>
Junos:set protocols ospf/3 area <area-id> interface <id> priority <0-255>
LSA Types
• LSA Header
– Age: time since LSA was generated
– Link state ID: identifies what the LSA is carrying
– Advertising Router: Router ID of the router originating the LSA
– Seq#: indicates newness of the LSA
– Checksum: of the LSA content except age
– Length: of LSA (includes 20 byte header)
24
Type Link-state ID
1
Originating router’s router
ID
2 Interface IP of DR
3 Network address
4 ASBR’s router ID
5
The external network
address
LS age Options LS Type
Link State ID
Advertising Router
LS Sequence#
Checksum Length
Type Description
1 Router LSA
2 Network LSA
3 Summary LSA (ABR)
4 Summary LSA (ASBR)
5 AS-external LSA
LSA Types
• Type-1 (Router LSA)– router’s connected (active) links/interfaces and metrics
– flooded within the area (does not cross ABR)
– Identified by router ID of originating router
• Type-2 (Network LSA)– broadcast/multi-access networks
• generated by DR
– describes routers connected to the broadcast segment• Adjacent to the DR, including itself
– flooded within the area
– Identified by DR’s interface IP
25
LSA Types
• Type-3 (Summary LSA - ABR)– Inter-area routes
• Allows condensation at the are borders
– Originated by the ABR• ABRs store LSAs from each area in a separate LSDB
• Generates a Type 3 for each subnet in the area
– Floods to the backbone• Propagated to other areas
– Identified by the subnets carried in the LSA
26
LSA Types
• Type-4 (Summary LSA - ASBR)– To identify the ASBR
• Route/path to the ASBR, to forward traffic destined for nws outside the domain
– Originated by the ABR• When a ABR receives Type-1 LSA with the E-bit set, generates a Type-4
LSA
– Floods to the backbone• Propagated to other areas
– Identified by router ID of the ASBR
28
LSA Types
• Type-5 (AS-external LSA)– To advertise external routes into OSPF
• Destinations outside the domain
– Originated by the ASBR• Generates a Type-5 for each external route
– Floods to the area it belongs• Propagated unaltered to other areas via backbone by ABR of the area
– Identified by the external subnet carried in the LSA
• Note: DO NOT redistribute external routes into OSPF!– Floods unaltered throughout the network – convergence??
29
LSA Types
• Opaque LSAs– To advertise optional router capabilities
• Protocol extensibility
• RFC5250
– Ex: Router Information Opaque LSA (RFC7770)• SR capabilities
– Flooding scope depends on the type• 9- link
• 10 – area
• 11 - domain
31
Best path compute
• Intra-area routes– Lowest cost to the each nw within the area
• Inter-area routes– Type3 (summary LSA-ABR) includes cost to each network– Best path = lowest (cost to ABR + cost in Type3 LSA)
• External routes (E-bit defines the metric type – E2>E1)
– If not set (0), Type-1 ext metric (E1): cumulative as the route
gets propagated through the domain (more than one ASBR)
• Seed metric + cost to ASBR
– If set (1), Type-2 ext metric (E2): same throughout the domain
(only one ASBR)
• Seed metric
32
OSPFv3 – RFC5340
• To carry IPv6 in OSPF– Router ID, Area ID and link state ID still 32-bit
– OSPFv3 uses link-local address for adjacency• All OSPFv3 packets are sourced using link-local
– LSUs are sent to the IPv6 multicast• FF02::5 (all OSPF routers) and FF02::6 (DR/BDR)
33
OSPFv3 – New LSAs
• Type-8 (Link LSA)– Advertise local router’s link-local to other routers on the link,
and list of v6 prefixes associated with link
– Not flooded beyond the link (link-scope)
– Link state ID is the interface ID on the link
• Type-9 (Intra-Area-Prefix LSA)– Either advertises v6 prefixes associated
• With a router (directly connected interfaces) – references Router/Type-1 LSA, OR
• With a broadcast segment (Network/Type-2 LSA)
– Flooded within the area (area-scope)
34
OSPFv3 – Renamed LSAs
• Type-3 (Inter-Area-Prefix LSA)– Equivalent to Type-3 summary LSA in OSPFv2
• Describes routes to v6 prefixes within an area
– Originated by ABR• Generates a Type-3 for each IPv6 prefix
– Flood to the backbone for propagation to other areas
• Type-4 Summary (Inter-Area-Router LSA)– Equivalent to Type-4 summary (ASBR) in OSPFv2
• Route(s) to ASBR
– Originated by ABR
35
Passive interface
• When OSPF is configured/enabled on an interface (or for a subnet)– router will try to discover neighbors on that interface/within
the subnet
– We can disable sending OSPF packets on those interfaces where we know there will be no neighbors• While still advertising the network in OSPF
36
IOS:ipv6 router ospf <process-id>
router ospf <process-id>
passive-interface default
no passive-interface <interface-id>
IOS:ipv6 router ospf <process-id>
router ospf <process-id>
passive-interface <interface-id>
Junos:set protocols ospf/3 area <area-id> interface <int-id> passive