Narbik – Day2
Waiting for some routers to reload between Labs. May was well put the time to good use. Today we went all through OSPF with a fine tooth comb. Once dissected with the comb, each strand was further splayed and examined under a microscope. We then held a magnifying glass over the eyepiece of the microscope, then we projected it onto a wall and magnified it about a million times.
I think you get the idea.
I think I learned more about OSPF today that what I have in my 10 years of commercial/professional/telco/ISP experience.
I wanted to break things up a little so I did some IPv6 labs (mainly RIPng) over the past hour or so. I’ll put some of my well dodgy notes from today’s OSPF lectures down, do some IPv6/OSPFv3 labs then later do some OSPFv2/IPv4 labs.
Here we go:
(this is meant to be a table – dont laugh. Im a network guy not a web guy)
LSA Type Advertised by? Routing table entry ”show ip ospf database ?”
1 all O router
2 DRs - network
3 ABRs IA summary
4 ABR - asbr-sum
5 ASBR E2/E1 external
6 MOSPF – *ignore lsa mospf
7 ASBR-NSSA N1/N2 nssa-external
I’ll just like to add that I think, even after all this time, “not so stubby area” sounds funny.
OSPF states – what’s happening?
Down – hellos sent, none received
INIT – received hello
2WAY - hellos & router-ids exchanged, DR election
EXSTART – DR & BDR adjacency, DR & others master/slave
EXCHANGE – DDP packets, database exchange
LOADING – LSR/LSU/LASCK
FULL – wheeeeeeeee
ip ospf retransmission interval
If LSACK doesnt come, neighbour is considered down after dead timer expires
State can be FULL, but routes wont be inserted into routing table unless network types are ok
Your OSPF is stuck somewhere?
DOWN – interface down, no neighbour statement for non-broadcast
INIT – ACL blocking, corrupt DB 
2WAY – DR to DROTHER
EXSTART/EXCHANGE mtu mismatch- fix mtu or ip ospf mtu-ignore
LOADING – bad LSAs coming in (why?), Hardware problem (usually RAM)
FULL – network types not matching
Network types:
Broadcast – Ethernet, 10/40 hello/dead, DR/BDR election. 224.0.0.5|6 multicast addresses, next hop = originating router, not advertising router.
non-broadcast – Frame-relay, 30/120, DR/BDR (needs neighbour command), next-hop originating router
point-to-multipoint (broadcast) – partial mesh Frame-relay, 30/120, no DR/BDR, 224.0.0.5 (ie no DR address, just 224.0.0.5 all OSPF address), next-hop advertising router – special O routes
point-to-multipoint non-broadcast – needs manual neighbour command and cost. Used for non-equal bandwidth so you can influence routing:
(warning! ASCII art!)
_________1_______
| |
2 3
| |
_________________
Say 1 has 1.5M link, 2 has 128k, 3 has 64k.
on 1:
router ospf 1
neighbor 2 cost 32
neighbor 3 cost 64
etc
fast neighbour down detection?
ip ospf dead-interval min hello-multiplier x
Dont run debugs when doing this… Unless you dont want to log into the router again
Authentication:
Area Interface
enable router int
apply int int
Summarising:
R1———2———-3————-4
lets say R1 has a few loopbacks on it you wish to summarise.
if R1 is ASBR (summarising LSA type 5s and 7s)
summary-address xxx
if R2 is ABR (LSA type 1s):
area range xxxxx/yy
Filtering:
1——–2————-3———4(RIP)
5
R1-R2-R5 area 1, R2-R3 area 0, R3-R4 area 2
LSA1 1) distribute-list on local router (on R5) 2) area 1 range xxxxxx not-adv (on R2)
LSA3 3) dl on local router, 4) IP prefix list (on R3)
ip prefix-list TEST seq 5 deny 1.0.0.0/8
ip prefix-list TEST seq 10 permit 0/0 le 32
area 2 filter-list prefix-list TEST in
LSA5 or 7 5) DL on each router, 6) distribute-list out on R4 (ONLY TIME outbound), 7) summary-address x.x.x.x not-adv on ASBR R4
DB filtering:
if# ip ospf database-filter all out -> blocks all outbound LSAs
router# neighbor X database-filter all out -> must be point-to-multipoint
Cost:
reference/BW = cost default ref=100
if changing, change on all routers
router# auto-cost reference-bandwidth xxx
you might need to configure all routers so that 10M Ethernet links have a cost of 85 etc
DB overload protection:
out: redist maximum-prefix xxx warn%
in: max-lsa xxx warn etc