Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

MindMap Gallery Detailed explanation of OSPF

Detailed explanation of OSPF

OSPF (Open Shortest Path First) is a link state routing protocol that is a type of Interior Gateway Protocol (IGP). This protocol uses Dijkstra's algorithm to calculate the best path within an autonomous system.

Edited at 2024-04-01 20:54:12

PlotWizard

Recent works View more works>>

Detailed explanation of OSPF

PlotWizard

Recent works View more works>>

Recommended to you
Outline

OSPF

introduce

1. It is a link state routing protocol developed based on the SPF algorithm.

2. Occupying 90% of the network market share, as long as it is a network project, the first choice of IGP protocol is OSPF protocol.

How OSPF works

1. Establish neighbor relationship, the beginning of everything;

2. Synchronize LSDB, that is, synchronize (consistency) the link information;

3. Perform SPF algorithm to calculate routes.

Type of interface network type

1.P2P - point-to-point: if the interface link layer protocol is PPP or HDLC;

2. Broadcast - broadcast link: if the interface link layer protocol is Eth, FDDI (obsolete);

3. NBMA - Non-Broadcast Multiple Access: If the interface link layer protocol is FR (Frame Relay has been eliminated), ATM (too expensive, too complex, and dying);

4.P2MP - Point-to-multipoint: No link layer protocol belongs to P2MP and requires manual configuration;

OSPF overhead

1. Link overhead

1. Automatic calculation: reference bandwidth (default 100M) / link bandwidth = COST. If the result is less than 1, if it is greater than 0, it is equal to 1; if the division cannot be completed, round up the integer.

Reference bandwidth modification command: [R1-ospf-1]bandwidth-reference 10000 ----Modified to 10Ggps reference bandwidth. If the reference bandwidth is modified, all routes in the AS All devices must be modified.

2. Manual COST: The administrator manually modifies the link cost, which is better than automatic calculation.

Manually modify the COST command: [R1-GigabitEthernet0/0/0]ospf cost 10 ----Modify the ospf overhead of the interface to 10

2. Path overhead

The sum of link costs from source IP to destination IP.

OSPF port neighbor status

1.down: Hello messages can be sent, but they do not carry the neighbor’s router id, and the neighbor’s status is not found;

2.init: Receives the hello message from the neighbor, but does not carry its own router id, and discovers the status of the other party in one direction;

3.2-way: Receive the hello message with its own router id from the neighbor, bidirectional discovery status, neighbor status; After entering the 2-way state, start LSDB synchronization;

4.exstart: Pre-start state. Send DD packets without LS summary information to perform master-slave election. The router with a larger ID becomes the Master and the router with a smaller ID becomes the Slave. After completing the master-slave election, it enters the Exhcange state;

5.exchange: Perform LSDB judgment. At this time, the slave router sends its own LSA directory to the master router through DD packets. After the exchange ends, it means that the neighbor has made a difference judgment on the LSDB and entered loading;

6. Loading: Send an LSR to the neighbor to request the missing or not the latest LSA. The neighbor receives the LSR, carries the detailed LSA information through the LSU for LSDB synchronization, and confirms through LSACK, and finally enters the full state;

7.full: adjacency status.

OSPF message

Main parameters of OSPF message header

version

OSPF protocol version

Message type

1 Hello

2DD

3LSR

4LSU

5LSACK

Source OSPF Router

OSPF router id of the source port

Area ID

Zone ID to which the source port belongs

Auth Type

0 Certification not applicable

1 Clear text authentication

2 MD5 authentication

Auth Data

MD5 value of plain text password or cipher text

Hello message

How is OSPF Hello message sent?

1. Any physical interface or tunnel interface added to the OSPF protocol will actively send Hello messages;

2. The original address of the Hello message is the IP address of the interface, and the destination address is the multicast address 224.0.0.5.

○ The P2P link and Broadcast link are sent every 10S. The neighbor failure time defaults to 4 times the Hello interval. That is, if no Hello message from the neighbor is received for 40S, the neighbor is considered invalid, the neighbor relationship is disconnected, and the neighbor relationship is reset. route calculation.

○ Sent every 30S on NBMA and P2MP links. The neighbor failure time defaults to 4 times the Hello interval. That is, if no Hello message from the neighbor is received for 120S, the neighbor is considered invalid, the neighbor relationship is disconnected, and rerouting is performed. calculate.

The options(E) parameter carried in the Hello message

Network Mask

The subnet mask of the source port

Hello interval

Hello message sending cycle

option

N bit,E bit

N=0

No synchronization of Category 7 LSAs

N=1

Category 7 LSA needs to be synchronized

E=0

No Category 5 LSA synchronization is performed

E=1

Category 5 LSA needs to be synchronized

E=1 N=0 normal area E=0 N=0 Stub area E= 0 N=1 NSSA area E=1 N =1 This combination does not exist

Router Priority

Router port priority, the default is 1, used for DR/BDR election.

Dead interval

Neighbor expiration time

The IP address of the DR router interface on the bro or nbma link

BDR

IP address of the BDR router interface on the bro or nbma link

If the link type is P2P or P2MP, the DR/BDR value is 0.0.0.0, That is, there will be no election of DR and BDR.

Factors affecting neighbor relationships in OSPF message headers and HELLO messages

1. Router IDs cannot conflict;

2. Area id must be the same;

3. Auth type must be consistent;

4. Auth data must match;

5. The hello intervals must be consistent;

6. The dead interval must be consistent;

7. The values of N bit and E bit must be consistent.

The above 7 conditions are necessary conditions for establishing neighbor relationships that must be met in any situation.

DD message

There are two types of DD messages:

1. DD message carrying LS summary information.

2. DD packets that do not carry LS summary information;

Used for master-slave election, the one with the larger router ID is the main one.

DR&BDR

MA multiple access: BRO/NMBA links are of MA type. By default, the OSPF protocol will automatically elect DR/BDR on BRO/NMBA type networks. P2P/P2MP links will not conduct DR/BDR election and directly establish a FULL adjacency relationship.

DR/BDR election rules

1. Compare the priority of the interface, the default is equal to 1, the value range is 0~255;

2. The greater the priority, the first to become DR. If the priority is 0, no election will be carried out. No matter who the identity is, as long as the priority is changed to 0, it will immediately become DRother;

3. If the priorities are the same, compare the router IDs. The larger the router ID, the higher the priority to become the DR;

4.DR/BDR is not competitive;

5. If the DR fails, the BDR becomes the DR, and then the BDR is re-elected. If there is no BDR, the DR is directly re-elected;

6. If the BDR fails, re-elect the BDR;

7. Each BRO/NMBA link must elect a DR and a BDR (default election, optional), and other routers on the link become DRother.

DR\BDR characteristics

1. To maintain a full adjacency relationship between DR, BDR, and DRother, LSDB synchronization is required;

2. DRother maintains a 2-way neighbor relationship and does not perform LSDB synchronization;

3.DR, BDR, and DRother are the roles that a router plays on a link, so a router can have multiple links, and of course it can also have multiple roles.

The role of the DD (I, M, MS) bits in the DD message

R: not defined

I：Init

0 This is not the first time to send a DD message

1 Sending a DD message for the first time

M:More

0 is sending the last DD message

1 Continue to send DD messages

MS: Master

0 I am Slave from the router

1 I am the Master router

Summary information field of all LSA headers in DD packets

Type

lsa type

Lsid

The name of the LSA, the value of ls id is determined by type

Adv rtr

The router id of the router that originated this LSA

An LSA uniquely identified by 3 parameters

Len

lsa length

Options

IE can speak

seq

LSA sequence number

Chksum

Checksum

ls age

aging time

3 parameters to determine the newness of LSA

LSR message

Function: The router determines whether the local database is complete based on the neighbor's DD message. If it is incomplete, the router will Record these LSAs into the link state request list, and then send an LSR to the neighbor router.

Only carry the identification of the required LSA.

LSU message

Function: Used to respond to the LSR sent by the neighbor router, and send the corresponding LSA to the neighbor according to the request list in the LSR. Router, truly realizes LSA flooding and synchronization. Carry the LSA header and link status information.

LSU interaction between DR, BDR, and DRother

1. The LSU generated by DRother is sent to DR and BDR through 224.0.0.6, and the DR is sent to them through 224.0.0.5. His DRother and BDR, DRother sends ACK confirmation through 224.0.0.6, and BDR sends it through 224.0.0.5 ACK confirmation;

2. The LSU generated by BDR is sent to DRother and DR through 224.0.0.5, and DR sends ACK through 224.0.0.5 Confirm, DRother sends ACK confirmation through 224.0.0.6;

3. The LSU generated by DR is sent to DRother and BDR through 224.0.0.5, and BDR sends ACK through 224.0.0.5 Confirm, DRother sends ACK confirmation through 224.0.0.6;

4. DR/BDR monitors the two multicast addresses 224.0.0.5 and 224.0.0.6 at the same time, while DRother only monitors 224.0.0.5, 224.0.0.5 includes all routers on the link, and 224.0.0.6 only includes DR and BDR.

LSA ack message

Function: Used to confirm the received LSA to ensure the reliability of the synchronization process. Only the LSA header is carried.

Confirmation relationship between DR/BDR/DROTHER:

1. DR will confirm the LSU issued by BDR;

2. BDR will confirm the LSU issued by DR;

3. DRother will confirm the LSU issued by DR or BDR;

4. DR and BDR will not confirm the LSU issued by DRother.

LSA

Type 1 router LSA

The link status of a type of LSA is described by four link types.

1. Stubnet: routing information

Link id

The network number of the direct link

Data

subnet mask

Metric

OSPF overhead from self to directly connected network

Link type

Describe the routing information directly connected to the router

2.P-2-P: Topology information

Link id

neighbor's router id

Data

Interface IP connected to neighbor

Metric

COST to neighbor

Link type

P-2-P

Describe the real node neighbors on the P2P/P2MP link

3.transnet: topology information

Link id

The router id of the pseudo node (serves as the DR interface address on this link)

Data

The interface address connected to the pseudo node

Metric

Cost from self to pseudo node

Link type

transnet

Describe network neighbors (pseudo nodes) on a Bro or NBMA link

4.virtual: topology information

Link id

The router id of the neighbor on vlink

Data

The IP address of the interface connected to the neighbor on vlink

Metric

Cost to reach neighbor on vlink

Link type

virtual describes real node neighbors on vlink

Type: Router

Lsid

The router id of the OSPF device that originated this LSA

Adv rtr

The router id that generated this LSA

Type 2 Network LSA

Type 2 LSA is used to describe transnet routing information. The real node connected to the pseudo node of the transnet

Type: network

Represents a type 2 LSA, used to describe which nodes the pseudo node is connected to, and is generated by DR

LSid

The interface address/pseudo node router id of the DR on this network segment

Adv rtr

The router id of the DR of this network segment

Net mask

Mask for this network segment

Attached router

The router id of the router connected to this network segment

The routing information calculated through Type 1 and Type 2 LSAs is called intra-area routing. Routes calculated through the SPF algorithm can 100% avoid routing loops. Because no matter whether it is a real node or a pseudo node, it can only appear once in the tree.

intra-area routing

Type 3 Summary LSA routing information

Type：Sum-Net

Represents three types of LSA, used to describe inter-area routing, generated by ABR

Lsid

Network number

Adv rtr

The router id of the ABR that generated the type 3 LSA.

Netmask

subnet mask

Metric

The cost from ABR to the route

Type 1 and Type 2 LSAs can only be flooded within the area where they are generated. How are inter-area routes calculated? 1. The ABR converts the intra-area routes directly connected to itself into Type 3 LSAs of other directly connected areas. Complete the calculation of inter-area routing; 2. ABR converts Category 3 in area 0 to Category 3 in other non-backbone areas.

inter-area routing

Four types of Asbr-summary LSA routing information

Type：sum-asbr

It represents four types of LSA, generated by the ABR in the same area as the ASBR, and describes the cost from itself to the ASBR.

Lsid

ASBR router id

Adv rtr

router id of abr

Tos 0 metric

abr to asbr overhead

Category 5 ASE LSA routing information

Type: external

It represents five types of LSA, generated by ASBR and flooded throughout the AS.

Lsid

The network number of the external route

Adv rtr

router id of asbr

Net mask

Subnet mask for external routes

Tos 0 metric

The cost of external routes when importing (the cost from ASBR to external routes), the default is 1

E type

cost type cost type, default cost-type2

Cost type 1: The routing table always displays the import cost and the sum of AS internal path costs.

Cost type 2: Only the cost of introduction is displayed in the routing table.

Etype routing rules for Category 5 and Category 7 routing

cost type 1 is always better than cost type 2

They are all cost type 1: choose the one with the smallest cost. If the cost is the same, the load will be shared. This is the route selection method in the routing sense. Mode

They are all cost type 2: Priority is given to comparing the cost when introducing, and the smaller cost when introducing is given priority, and does not care about the internal path of the AS. Overhead, routing method in management sense. If the costs are the same when introduced, compare the internal costs of the AS, that is, select The ASBR with the smallest overhead is given priority; if the overhead is the same when introduced and the AS internal overhead is also the same, the load will be shared.

Forwarding address

Forwarding address, used for external routing path optimization

When an OSPF router calculates a type 5 LSA route, if it carries a forwarding address and has a direct connection with the forwarding address When routing, the next hop of the external route is directly set as the forwarding address.

FA=0.0.0.0 indicates that the best next hop is ASBR, otherwise the best next hop is the filled specific address.

FA≠0.0.0.0

Tag

Route mark, the default is 1, it can only be marked when imported to facilitate the management of routes.

Category 7 NSSA LSA routing information

Type: NSSA

Indicates that it is a type 7 LSA, generated by ASBR, and can only be flooded in the NSSA area.

Lsid

The network number of the external route

Options:NP

It means that you can do 7 to 5

Category 5 and Category 7 LSAs are used to calculate external routes, and Category 4 LSAs are used to coordinate with Category 5

external routing

OSPF LSA update principles

1. Regular update: By default, the router that generates this LSA will update its own LSA every 1800S.

2. Triggered update: When the router that generated this LSA finds that the status of this LSA has changed.

How does the OSPF protocol delete an LSA?

When SEQ remains unchanged and chksum remains unchanged, set LS age to 3600S.

update content: SEQ 1, chksum is recalculated, ls age is set to 0; The larger the SEQ, the newer it is; The larger the Chksum, the newer it is; Ls age = 3600S latest, ls age difference is greater than 900S, The latest Ls age is the smallest, and the difference is the same if the Ls age difference is less than 900S.

Determine whether the LSA is new or old

1. The larger the serial number, the newer it is.

2. The serial numbers are the same, the bigger the checksum is, the newer it is.

3. If the serial number is the same, the checksum is the same, and the aging time is set to MaxAge3600 seconds, the instance is considered the latest.

4. The serial number is the same, the checksum is the same, and the aging time of no instance is set to 3600 seconds. Then compare the ls age. When the difference between the ls age of the two instances exceeds 15 minutes, the smaller the ls age, the newer it is.

5. The serial number is the same, the checksum is the same, and the aging time of no instance is set to 3600 seconds. Then compare the ls age. When the difference in the ls age of the two instances does not exceed 15 minutes, they are considered to be the same instance.

OSPF multi-area

Disadvantages of single zone

1. The size of the tree is large, and the SPF algorithm will consume more CPU resources;

2. Category 1 and Category 2 updates caused by any change in link status require flooding in the entire area;

3. When the network of a certain node is unstable, all routers in the entire area must participate in SPF recalculation. The stability of the entire area is difficult to control.

Solve the above problems through multi-region division

1. OSPF multi-area divides the network into a 2-layer area structure;

2. The first floor is the backbone area, namely AREA 0;

3. The second floor is a non-backbone area, that is, non-AREA 0;

4. AREA 0 must exist, be unique, and must be continuous and indivisible;

5. The non-backbone area must be directly connected to the backbone area.

OSPF router identity

IR - intra-region router

All interfaces belong to the same area of the router.

ABR - Area Border Router

1. A router that connects multiple areas and has at least one active interface belonging to area 0;

2. Configure the router with vlink.

ASBR - Autonomous System Border Router

1. The router that executes the import-route command;

2. Perform Category 7 to Category 5 ABR in the NSSA area.

VLINK virtual link

1. As long as the router that creates the VLINK is ABR;

2. VLINK always belongs to the link in area 0;

3. VLINK can only be created in non-backbone areas and can only span one non-backbone area;

4. VLINK cannot be created in special areas;

5. Used to repair discontinuous backbone areas;

6. Directly connect non-backbone areas and backbone areas;

7. Serve as a backup path for the area;

8. Don’t use it if you can’t use it. It increases the complexity of the network and makes it difficult to maintain. It is generally only used for temporary emergencies.

OSPF split horizon

OSPF's split horizon is essentially based on OSPF's area division and the third type of LSA, which is inter-area routing.

OSPF's split horizon mainly has four points:

1. Through type 3 LSA, internal routes in the common area can be transmitted to the backbone area. Routes in the backbone area can also be delivered to non-backbone areas;

2. Routes in ordinary areas cannot be directly transmitted to other non-backbone areas;

3. The routes learned by ordinary areas from the backbone area cannot be passed to other areas (including the backbone area);

4. The routes learned by the backbone area from a common area cannot be directly transmitted back to the common area.

Route calculation rules:

inter-area routing

Cost = Cost from itself to ABR Cost from ABR to target route

Next-hop = The next hop from itself to the ABR, calculated based on the SPF tree to the ABR.

external routing

Routes in the same area as ASBR

Cost= The cost from itself to ASBR The cost when introducing

Next-hop = next hop from itself to ASBR

subtopic

Cost= Cost from itself to ABR (intra-area routing is based on SPF) Cost from ABR to ASBR (category 4) Overhead during introduction (category 5)

Next-hop = next hop from itself to ABR

External route introduction

Importing external routes means introducing routes of other protocols or routes of other OSPF processes into the OSPF protocol process.

Import-route static Executing this command will import the active static routes in the routing table into the OSPF protocol. middle. The default route will not be imported.

OSPF special area

Advantages of OSPF special areas:

1. Reduce the number of LSAs in special areas;

2. Reduce the size of the routing table;

3. The network can still be kept open.

Disadvantages and limitations of special areas:

1. Suboptimal paths will be generated;

2. Unable to establish a virtual link;

3. Area 0 cannot be a special area.

stub area

1. Category 5 LSAs are not allowed to flood in this area;

2. Type 4 LSA is not generated in this area;

3. The ABR in this area generates a type 3 default route for accessing external networks;

4. Access inter-area routing through type 3 LSA;

5. Use default-cost in area view to modify the cost of the default route;

6. All routers in the area and the ABR in the area must be configured as stubs.

Totally stub area

1. Category 5 LSAs are not allowed to flood in this area;

2. Category 3 and 4 LSAs are not generated in this area;

3. The ABR in this area generates a type 3 default route for accessing inter-area and external networks;

4. Use default-cost in area view to modify the cost of the default route;

5. The IR configuration of this area is stub;

6. The ABR in this area is configured as totally stub.

Sub-stub area NSSA

1. Allow the ASBR in this area to import external routes using type 7 LSA;

2. Category 5 LSAs generated by other ASBRs are not allowed to flood, and Category 4 LSAs are not generated;

3. The ABR in the NSSA area generates a Category 7 default route for accessing external routes imported from other areas;

4. Type 7 LSA can only be flooded in the NSSA area and cannot be flooded to other areas;

5. The ABR in the NSSA area converts Type 7 LSAs into Type 5 LSAs and floods them to other areas. If there are multiple ABRs, the ABR with the larger ROUTER ID will convert Type 7 LSAs into Type 5 LSAs.

Totally sub-stub area totally NSSA

1. Allow ABSR in this area to import external routes through Category 7 LSA;

2. Category 5 LSAs generated by ASBRs in other areas are not allowed to flood, and Category 4 LSAs are not generated;

3. Type 3 LSA is not generated, and the NSSA ABR generates a Type 3 default LSA for accessing inter-area routing;

4. The ABR in the NSSA area generates a Category 7 default route for accessing external routes in other areas;

Type 5.7 LSA can only be flooded in the NSSA area and cannot be flooded to other areas;

6. The ABR in the NSSA area converts Type 7 LSAs into Type 5 LSAs and floods them to other areas. If there are multiple ABRs, then ABR with a large ROUTER ID can do 7 to 5;

7. Prioritize the use of Category 3 defaults.

When a router is both an ABR and an ASBR, how can the NSSA area only pass What if Category 7 default access external routes do not generate Category 7 external routes? Use no-import-route no-summary on ABR&ASBR

Special zones can enhance zone stability because other zones Turbulence will not affect the default route in this area.

OSPF route summary

1. Inter-area route summary abr-summary

1. Can only be executed on ABR;

2. Only routes in directly connected areas can be summarized (that is, routes within the area);

3. The default cost of summary inherits the largest one among detailed routes;

4. If all details are invalid, summary routing will also be invalid, which can enhance the stability of the network;

5. If there are multiple ABRs in a region, all ABRs must be aggregated otherwise the time zone aggregation effect will be effected.

2. External route summary asbr-summary

1. Can only be executed on ASBR;

2. The cost type of the summary route inherits the cost type of the detailed route. If the cost type of the detailed route is inconsistent, the cost type is TYPE 2;

3. The external route summary of the NSSA area can be performed on the ASBR or the ABR of the NSSA area.

After the route summary command, add the not-advertise parameter, that is This summary will not be announced. Can play a role in route filtering.

OSPF certification

First understand what data security is: 1. Data confidentiality: Only the communicating parties can understand the data, and no one else can. Understand data content; 2. Data integrity: data cannot be forged or tampered with; 3. Non-repudiation of data: You cannot deny that you have done it or that you have not done it. Training institution: Yutian

Authentication of routing protocols can protect the security of packets. Authentication of routing protocols only protects protocol packet data integrity.

OSPF authentication method

1. Zone authentication: Enable authentication on all interfaces belonging to this zone;

2. Interface authentication: Enable authentication only on this interface;

Interface authentication takes precedence over zone authentication.

Authentication mode

1. null: No authentication is performed, and the auth type in the message is 0;

2. Plain text: As long as the passwords are consistent, the authentication is considered successful, auth type 1;

3. MD5: The Key id and key must be consistent for authentication to succeed, auth type 2.

Authentication rules

The authentication modes at both ends must be consistent.

The Ospf authentication-mode null command can exclude the interface from regional authentication and do not perform authentication.

If area 0 authentication is done and vlink exists, vlink must also be authenticated.

MD5

Mathematically it is a hash function.

Features

1. Irreversible, the original data cannot be deduced through the hash value;

2. Avalanche effect: If any bit of the original data is modified, the resulting hash will be significantly different from the original hash;

3. Random input, fixed output: Regardless of the size of the original data, the hash result length is the same, MD5 is 128 bits, and SHA is 160 bits.