OSPF is a widely used protocol in campus, data center and even in service provider environments. The majority of the network setups use this protocol nowadays in favor of RIP and sometimes EIGRP due to it being a link-state and open standard protocol. With its fast convergence and scalability, OSPF is well suited for multi-vendor environments.

OSPF has a hierarchical design concept by using ‘areas.’ Most OSPF designs use the device location, region (APAC, EMEA, NA, etc.) or sometimes the device functionality as criteria to segregate the devices into different areas. One of the primary reasons why OSPF is broken down into several areas is to lessen the size of the database by reducing LSA flooding domain since Type 1 and 2 are not flooded out of an area. Generally, the recommended number of routers per area is around 100 but can be more or less depending on several factors like device model/capability, topology, circuit speed and etc.

A device can be in multiple areas, not just in a single area and OSPF Area is configured on a per link basis not per device. An area is just an arbitrary number assigned from 0-4294967295 or its equivalent in IP address format A.B.C.D (e.g. 0.0.0.0 – 255.255.255.255). OSPF Area 0 is used as a ‘backbone’ area which allows inter-area communication. Without a backbone area, inter-area communications will not be possible as the Area 0 is responsible for propagating routes from one area to another. There are different types of areas namely:

  1. Backbone/ Non-backbone
  2. Stub Area
  3. Totally Stubby Area
  4. Not-So-Stubby Area (NSSA)
  5. Totally Not-So-Stubby Area (NSSA)

As a link-state protocol, OSPF uses LSA (Link State Advertisements) to inform the status of a particular prefix. Contrary to distance vector protocol which is using ‘routing by rumor’ approach and just simply believing what the neighbor router is saying, OSPF routers calculate the best path to a destination based on the LSAs received. All routers in an OSPF area have the same view of the network because of this LSA propagation and are constantly synchronized by using LSRs (Link State Request) and LSUs (Link State Update). Other areas will not have a full view of the network in another area so this is where Area 0 comes into place. ABR (Area Border Routers) are routers that belong to Area 0 and another area. One of its functions is to inform the ABRs of other areas the status of the prefixes on one particular area. This behavior is not a link-state protocol behavior because the ABRs only believe what the other ABRs report. Some network professionals often refer to this as the ‘distance-vector behavior’ of OSPF.

The table below describes the different LSA types and their functions.

The correlation between Area types and LSA types is that each Area type allows or blocks different types of LSAs. The table below shows the Area types and allowed LSA for each area type.

OSPF LSA Table CORRECTED

Now that we have reviewed briefly the basics of OSPF, let’s proceed to the lab. The topology diagram and tasks are found below.

Tasks:

  1. Configure OSPF on all routers as per the Diagram above. Announce Loopback0 to OSPF. R1 and R2 Loopback0 should be in Area 0. Loopback0 should be the RID.
  2. Configure Virtual-links between Area 726 and Area 26 to ensure R7 routes are reachable from all areas.
  3. Configure Loopback1 in R2 with IP address of 22.22.22.33/32 and redistribute it into OSPF.
  4. Configure Area 26 as Stub Area and then convert it to a Totally Stubby Area. Check the difference in routing and database.
  5. Configure Loopback1 in R4 with IP address of 44.44.44.44/32. Redistribute it into OSPF. Configure Area 14 as NSSA, make sure that there is a default route generated by R1 to the NSSA network.
  6. Convert Area 14 as Totally NSSA.

Task 1: Configure OSPF on all routers as per Diagram above. Announce Loopback0 to OSPF. R1 and R2 Loopback0 should be in Area 0.

Loopback0 should be the RID.

R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 1.1.1.1 0.0.0.0 area 0
R1(config-router)#network 12.12.12.1 0.0.0.0 area 0
R1(config-router)#network 13.13.13.1 0.0.0.0 area 1235
R1(config-router)#network 14.14.14.1 0.0.0.0 area 14

R2(config)#router ospf 1
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 2.2.2.2 0.0.0.0 area 0
R2(config-router)#network 12.12.12.2 0.0.0.0 area 0
R2(config-router)#network 26.26.26.2 0.0.0.0 area 26
R2(config-router)#network 25.25.25.2 0.0.0.0 area 1235

R3(config)#router ospf 1
R3(config-router)#network 0.0.0.0 255.255.255.255 area 1235
R3(config-router)#router-id 3.3.3.3

R4(config)#router ospf 1
R4(config-router)#router-id 4.4.4.4
R4(config-router)#network 0.0.0.0 255.255.255.255 area 14

R5(config)#router ospf 1
R5(config-router)#router-id 5.5.5.5
R5(config-router)#network 0.0.0.0 255.255.255.255 area 1235

R6(config)#router ospf 1
R6(config-router)#router-id 6.6.6.6
R6(config-router)#network 0.0.0.0 255.255.255 area 26
R6(config-router)#network 67.67.67.6 0.0.0.0 area 726

R7(config)#router ospf 1
R7(config-router)#router-id 7.7.7.7
R7(config-router)#network 0.0.0.0 255.255.255.255 area 726

Notice in R3 to R7, the network statement is ‘network 0.0.0.0 255.255.255.255’. This denotes that all interfaces that are in up status will be announced in OSPF. Think of this as a shortcut technique to announce all routes in one particular area. In R6, all routes will be announced in area 26 except the link between R6 and R7 which will be announced in area 726.

Let’s check on R1 and R7 if we can see all the Loopback0s.

R1#sh ip route | inc /32

 1.0.0.0/32 is subnetted, 1 subnets
 2.0.0.0/32 is subnetted, 1 subnets
 3.0.0.0/32 is subnetted, 1 subnets
 4.0.0.0/32 is subnetted, 1 subnets
 5.0.0.0/32 is subnetted, 1 subnets
 6.0.0.0/32 is subnetted, 1 subnets

R7#sh ip route | beg Gate
Gateway of last resort is not set

 67.0.0.0/24 is subnetted, 1 subnets
C 67.67.67.0 is directly connected, FastEthernet0/1
 7.0.0.0/32 is subnetted, 1 subnets
C 7.7.7.7 is directly connected, Loopback0

In R1, the route to Loopback0 of R7 is not in the routing table. This is due to the fact that OSPF areas need to connect to Area 0 in order for inter-area communications to happen. Let’s fix that in Task 2.

Task 2: Configure Virtual-links between Area 726 and Area 26 to ensure R7 routes are reachable from all areas.

Virtual-links are one of the means to fix connectivity of areas that are connected to other areas but not directly to Area 0. Virtual links can also be used to connect two discontiguous Area 0s. Another method to fix the problem is to create a GRE tunnel directly to the ABR, however using virtual-links is the more preferred method.

R2(config)#router ospf 1
R2(config-router)#area 26 virtual-link 6.6.6.6

R6(config)#router ospf 1
R6(config-router)#area 26 virtual-link 2.2.2.2

The main thing to watch out for in configuring Virtual-link is where the Area boundary of two non backbone areas is. In this case the boundary is in R6 because this is where Area 26 and Area 726 meet, therefore virtual-link configuration should be here. The other part of the configuration should be on the ABR, in this case R2. Let’s check the status of the virtual-link and if R7 can reach the other Loopbacks.

R6#sh ip ospf virtual-links | inc VL
Virtual Link OSPF_VL1 to router 2.2.2.2 is up

R7#sh ip route | inc /32
 1.0.0.0/32 is subnetted, 1 subnets
 2.0.0.0/32 is subnetted, 1 subnets
 3.0.0.0/32 is subnetted, 1 subnets
 4.0.0.0/32 is subnetted, 1 subnets
 5.0.0.0/32 is subnetted, 1 subnets
 6.0.0.0/32 is subnetted, 1 subnets
 7.0.0.0/32 is subnetted, 1 subnets

R7#ping 1.1.1.1 source 7.7.7.7

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/64/72 ms

We have reachability between R7 and the rest of the networks through the virtual-link configured. Note that if Area 0 has authentication, the virtual-link also needs to have authentication because virtual-links are considered to be part of Area 0. This is one common pitfall of network engineers when configuring virtual-links.

Task 3: Configure Loopback1 in R2 with IP address of 22.22.22.33/32 and redistribute it into OSPF.

R2(config)#int Loopback1
R2(config-if)#ip add 22.22.22.22 255.255.255.255
R2(config)#router ospf 1
R2(config-router)#redistribute connected subnets

Let’s check if R6 is getting the external route for 22.22.22.22/32. Note by default, an external E2 route will have a fixed seed metric of 20. This means that the cost will remain 20 no matter where it’s received in the network. E1 on the other hand will have a cumulative cost and are more preferred than E2 routes.

R6#sh ip route | inc 22.22.22.22
O E2 22.22.22.22 [110/20] via 26.26.26.2, 00:00:10, FastEthernet0/0

Task 4: Configure Area 26 as Stub Area and then convert it to a Totally Stubby Area. Check the difference in routing and database.

Now, let’s configure Area 26 as a Stub Area and then Totally Stubby area. Let’s check if the virtual-link is affected with this change.

R2(config-router)#router ospf 1
R2(config-router)#area 26 stub
% OSPF: Area cannot be a stub as it contains a virtual link

There’s our answer.I It is not allowed to configure stub in an area with virtual-link. For us to proceed with this task, let’s remove the previous virtual-link configuration and configure Area 26 as stub.

R2(config)#router ospf 1
R2(config-router)#no area 26 virtual-link 6.6.6.6
R2(config-router)#area 26 stub

R6(config)#router ospf 1
R6(config-router)#no area 26 virtual-link 2.2.2.2
R6(config-router)#area 26 stub

Take note that if you change OSPF area from Normal to Stub, the neighbor adjacencies need to re-establish. If changing from Stub to Totally Stubby, the adjacency is retained. Let’s check R6 routing table if it is still seeing the 22.22.22.22/32 External route and if the routes to other routers’ Loopback0 can still be seen.

R6#sh ip route 22.22.22.22
% Network not in table

R6#sh ip route | inc /32
 1.0.0.0/32 is subnetted, 1 subnets
 2.0.0.0/32 is subnetted, 1 subnets
 3.0.0.0/32 is subnetted, 1 subnets
 4.0.0.0/32 is subnetted, 1 subnets
 5.0.0.0/32 is subnetted, 1 subnets
 6.0.0.0/32 is subnetted, 1 subnets
 7.0.0.0/32 is subnetted, 1 subnets

Now, let’s configure Area 26 into a Totally Stubby Area.

R2(config)#router ospf 1
R2(config-router)#area 26 stub no-summary

No need to configure ‘no-summary’ statement on R6. This is only required in the ABR for Totally Stubby Areas. Let’s check if Type 3 LSAs are still propagated and we check the routing table as well.

R6#sh ip ospf data summary | inc Link State
 Summary Net Link States (Area 26)
 Link State ID: 0.0.0.0 (summary Network Number)

R6#sh ip route ospf
7.0.0.0/32 is subnetted, 1 subnets
O 7.7.7.7 [110/2] via 67.67.67.7, 00:17:55, FastEthernet0/1
O*IA 0.0.0.0/0 [110/2] via 26.26.26.2, 00:02:44, FastEthernet0/0

Once we have configured the ‘no-summary’ statement in R2, we lost all the Type 3 LSAs to the other routers’ Loopbacks and replaced with just one Type 3 LSA injecting a default route. Totally Stub Areas are useful in low performance routers that have low memory as the number of routes are reduced to one default route. Same as Stub Area, the external route to 22.22.22.22/32 is not injected into the routing table.

Task 5: Configure Loopback1 in R4 with IP address of 44.44.44.44/32. Redistribute it into OSPF. Configure Area 14 as NSSA, make sure that there is a default route generated by R1 to the NSSA network.

R4(config)#int l01
R4(config-if)#ip address 44.44.44.44 255.255.255.255
R4(config-if)#router ospf 1
R4(config-router)#redistribute connected subnets
R4(config-router)#no network 0.0.0.0 255.255.255.255 area 14
R4(config-router)#network 4.4.4.4 0.0.0.0 area 14
R4(config-router)#network 14.14.14.4 0.0.0.0 area 14
R4(config-router)#area 14 nssa

R1(config)#router ospf 1
R1(config-router)#area 14 nssa

The network command ‘0.0.0.0 255.255.255.255’ is removed so as not to interfere with the ‘redistribute connected subnets’ command as the former will cause Loopback0 to be announced in OSPF instead of redistributed into OSPF. Let’s check how R1 sees the 44.44.44.44/32 route and if R4 has a default route.

R1#sh ip route | inc 44.44.44.44
O N2 44.44.44.44 [110/20] via 14.14.14.4, 00:01:46, FastEthernet1/0

R1#show ip ospf database nssa-external

 OSPF Router with ID (1.1.1.1) (Process ID 1)

 Type-7 AS External Link States (Area 14)

 Routing Bit Set on this LSA
 LS age: 206
 Options: (No TOS-capability, Type 7/5 translation, DC)
 LS Type: AS External Link
 Link State ID: 44.44.44.44 (External Network Number )
 Advertising Router: 4.4.4.4
 LS Seq Number: 80000003
 Checksum: 0xAF14
 Length: 36
 Network Mask: /32
 Metric Type: 2 (Larger than any link state path)
 TOS: 0
 Metric: 20
 Forward Address: 4.4.4.4
 External Route Tag: 0

R4#sh ip route 0.0.0.0
% Network not in table

R1 sees 44.44.44.44/32 as Type 7 LSA and as the ABR it will convert it to a Type 5. The output below will prove that it has been converted to Type 5 and received by R3.

R3#sh ip ospf database external | inc Link State
 Type-5 AS External Link States
 Link State ID: 22.22.22.22 (External Network Number )
 Link State ID: 44.44.44.44 (External Network Number )

R4 still has no default route. Let’s configure R1 to inject a default router to R4 so it will be able to reach 22.22.22.22/32 using that default route.

R1(config)#router ospf 1
R1(config-router)#area 14 nssa default-information-originate

R4#sh ip route | inc 0.0.0.0
Gateway of last resort is 14.14.14.1 to network 0.0.0.0
O*N2 0.0.0.0/0 [110/1] via 14.14.14.1, 00:01:00, FastEthernet0/0

R4#ping 22.22.22.22 source 44.44.44.44

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
Packet sent with a source address of 44.44.44.44
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/38/52 ms

R4#sh ip ospf database | beg Type-7
Type-7 AS External Link States (Area 14)

Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 1.1.1.1 160 0x80000001 0x00EEBE 0
44.44.44.44 4.4.4.4 634 0x80000003 0x00AF14 0

Task 6: Convert Area 14 as Totally NSSA.

R1(config-router)#router ospf 1
R1(config-router)#no area 14 nssa default-information-originate
R1(config-router)#area 14 nssa no-summary

In this case no need to add the ‘no-summary’ argument to R4 to convert from NSSA to Totally NSSA. Similar to Totally Stub Area, Totally NSSA will inject a Type 3 LSA default route.

R4#sh ip ospf database | beg Summary
Summary Net Link States (Area 14)

Link ID ADV Router Age Seq# Checksum
0.0.0.0 1.1.1.1 189 0x80000002 0x001918

Type-7 AS External Link States (Area 14)

Link ID ADV Router Age Seq# Checksum Tag
44.44.44.44 4.4.4.4 953 0x80000003 0x00AF14 0
R4#sh ip route ospf
O*IA 0.0.0.0/0 [110/2] via 14.14.14.1, 00:03:06, FastEthernet0/0

If ‘default-information-originate’ is used along with ‘no-summary,’ you will see Type 7 and Type 3 LSA for 0.0.0.0. However since IA is more preferred than N2 routes, IA will be injected to the routing table.

I hope that this has been a good read. The next article will use the same lab topology but will discuss how to filter OSPF routes.