This article will be about OSPFv3 which is the OSPF protocol that can be configured for IPv6 as well. We will discuss only what is specific to OSPFv3 and the differences between OSPF and OSPFv3. To get up to speed regarding OSPF, please go over these resources: CCNA Prep: Complete Guide To OSPF (Part 1)  and CCNA Prep: Complete Guide To OSPF (Part 2).

After going through the article, you will know:

  • * the features of OSPFv3
  • * how to enable IPv6 routing
  • * how to enable OSPFv3 in multi area network
  • * how to configure the Router ID
  • * how to change the OSPFv3 hello timers and cost of the interfaces
  • * how to configure OSPFv3 authentication

OSPFv3 is a routing protocol for both IPv6 and IPv4. OSPFv3 is a standard protocol covered by RFC 5340. OSPFv3 supports what is called Address Family, which means that both IPv4 and IPv6 unicast traffic can be supported if only OSPFv3 is configured. Using the address family feature, one can configure two routing processes, with only one process per address family.

OSPFv3 can be configured for either IPv4 or IPv6. The command ‘address-family’ specifies which one of them will be configured.

AF is supported only starting with IOS 15.1 and it isn’t covered by this article.

Regarding the differences between OSPF and OSPFv3, here are few of them:

  • * in OSPFv3 you don’t need to configure the routing process. Once an interface is enabled for OSPFv3, the routing process is created automatically.
  • * in OSPFv3, there is no ‘network’ command under routing process configuration. Each interface must be enabled from the interface configuration stanza.
  • * In OSPFv3 all IPv6 prefixes configured under the interfaces are added automatically in the routing process.

The LSA from OSPFv3 are:

  • * Router LSAs (Type 1) – describes the link state of the router’s links
  • * Network LSAs (Type 2) – describes the link state for all the routers from the broadcast network
  • * Interarea-prefix LSAs for ABRs (Type 3) – these are internal networks advertised to routers from other area
  • * Interarea-router LSAs for ASBRs (Type 4) – describes the ASBR
  • * Autonomous system external LSAs (Type 5) – external information from the autonomous system
  • * Link LSAs (Type 8) – provide the link local address of the local router to all the routers from the same link

OSPFv3 uses IPSEC to authenticate the OSPFv3 packets. If IPv6 AH header is used, then the integrity and authentication is provided to the data. If IPv6 ESP header is used, then integrity, authentication and encryption is provided to the data.

Authentication can be configured per interface or per area.

The case study will use this topology:

Each router has a loopback interface and the following is the addressing:

IPv4: Rx = x.x.x.x/32

IPv6: Rx = 2001:1:1:1::x/128

For instance, R3 has a loopback interface configured with IPv4 3.3.3.3/32 and IPv6 2001:1:1:1::3/128. All the other IPv6 addressing can be seen on the topology.

This case study assumes that you know how to configure IPv6 addresses on the interfaces and the starting point will be the OSPFv3 configuration.

The OSPFv3 is started by using the command ‘ipv6 router ospf <process_id>’

R1(config)#ipv6 router ospf 1
% IPv6 routing not enabled
R1(config)#

As you can see, in order to configure OSPFv6 or any IPv6 routing protocol, you need to enable IPv6 routing first.

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 router ospf 1
R1(config-rtr)#

From this moment on, you can configure any OSPFv6 feature that you would like.

There is no ‘network’ command available under OSPFv6 protocol configuration like it is under OSPF protocol configuration.

To start OSPFv3 on a particular interface, you need to configure OSPFv3 under that interface.

Based on our topology, this would be a minimal and working OSPFv3 configuration on R1:

R1#show running-config interface s0/0
Building configuration...

Current configuration : 94 bytes
!
interface Serial0/0
 no ip address
 ipv6 address 2001:1:2:12::1/64
 ipv6 ospf 1 area 1
end

R1#show running-config interface s0/1
Building configuration...

Current configuration : 94 bytes
!
interface Serial0/1
 no ip address
 ipv6 address 2001:1:2:21::1/64
 ipv6 ospf 1 area 1
end

R1#show running-config interface loopback0
Building configuration...

Current configuration : 115 bytes
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 ipv6 address 2001:1:1:1::1/128
 ipv6 ospf 1 area 1
end

R1#

One other thing that you should be aware when you are configuring OSPFv3 is that you need to either manually configure the router-id or configure an interface with IPv4 address so that the OSPF process will use that as router-id.

Here is what happened after I deleted the Loopback0 interface from R3:

R3(config)#no int lo0
R3(config)#
*Mar  1 01:58:40.511: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
*Mar  1 01:58:41.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down
R3(config)#ipv6 router ospf 1
R3(config-rtr)#
*Mar  1 02:00:04.019: %OSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,
please configure manually
R3(config-rtr)#

Once the Loopback0 interface is configured on R3 and OSPFv3 is enabled on the interface towards R2, the OSPFv3 comes up:

R3(config-if)#interface lo0
R3(config-if)#
*Mar  1 02:03:42.375: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
*Mar  1 02:03:43.375: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R3(config-if)#ip address 3.3.3.3 255.255.255.255
R3(config-rtr)#interface Fas 0/0
R3(config-if)#ipv6 ospf 1 area 0
R3(config-if)#
*Mar  1 02:05:33.523: %OSPFv3-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthernet0/0 from LOADING to FULL, Loading Done
R3(config-if)#

Regarding verification, almost all the commands that are available for OSPF for IPv4 are valid for OSPFv3:

R2#show ipv6 ospf ?
              Process ID number
  border-routers       Border and Boundary Router Information
  database             Database summary
  flood-list           Link state flood list
  interface            Interface information
  neighbor             Neighbor list
  request-list         Link state request list
  retransmission-list  Link state retransmission list
  summary-prefix       Summary-prefix redistribution Information
  traffic              OSPF traffic information
  virtual-links        Virtual link information
  |                    Output modifiers

R2#show ip ospf ?
              Process ID number
  border-routers       Border and Boundary Router Information
  database             Database summary
  flood-list           Link state flood list
  interface            Interface information
  max-metric           Max-metric origination information
  mpls                 MPLS related information
  neighbor             Neighbor list
  request-list         Link state request list
  retransmission-list  Link state retransmission list
  sham-links           Sham link information
  statistics           Various OSPF Statistics
  summary-address      Summary-address redistribution Information
  timers               OSPF timers information
  traffic              Traffic related statistics
  virtual-links        Virtual link information
  |                    Output modifiers

R2#

So let’s check a few commands in order to ensure that OSPFv3 converged correctly, all the neighbors are up and all the routes are exchanged.

‘show ipv6 interface’ command return all interfaces over which the router is trying to establish OSPFv3 adjacencies. Let’s check the output for only one interface, the interface on R2 towards R3:

R2#show ipv6 ospf interface FastEthernet1/0
FastEthernet1/0 is up, line protocol is up
  Link Local Address FE80::CE14:9FF:FEB8:10, Interface ID 8
  Area 0, Process ID 1, Instance ID 0, Router ID 2.2.2.2
  Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 2.2.2.2, local address FE80::CE14:9FF:FEB8:10
  Backup Designated router (ID) 3.3.3.3, local address FE80::CE15:9FF:FEB8:0
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:01
  Index 1/1/3, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 3
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 3.3.3.3  (Backup Designated Router)
  Suppress hello for 0 neighbor(s)
R2#

As you can see, the output is very similar to the one for OSPF with the difference that link-local IPv6 addresses are displayed.

From the above output, you can see that the local router-id is 2.2.2.2 and the neighbour router-is id 3.3.3.3 which is consistent with the topology.

Let’s check the OSPFv3 neighbors:

R2#show ipv6 ospf neighbor

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface
3.3.3.3           1   FULL/BDR        00:00:32    4               FastEthernet1/0
1.1.1.1           1   FULL/  -             00:00:35    5               Serial0/1
1.1.1.1           1   FULL/  -             00:00:32    4               Serial0/0
R2#

As expected, R2 has two neighbors: R1 over two serial interfaces and R3 over FastEthernet interface.

Let’s check the IPv6 routing table of R2 to confirm that all inter-router links and all the Loopback interfaces are present in its routing table:

R2#show ipv6 route ospf
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O   2001:1:1:1::1/128 [110/64]
     via FE80::FFFF:FE10:45C5, Serial0/1
     via FE80::FFFF:FE10:45C5, Serial0/0
O   2001:1:1:1::3/128 [110/1]
     via FE80::CE15:9FF:FEB8:0, FastEthernet1/0
O   2001:1:1:1::4/128 [110/2]
     via FE80::CE15:9FF:FEB8:0, FastEthernet1/0
O   2001:1:1:1::5/128 [110/2]
     via FE80::CE15:9FF:FEB8:0, FastEthernet1/0
O   2001:1:2:35::/64 [110/65]
     via FE80::CE15:9FF:FEB8:0, FastEthernet1/0
O   2001:1:2:345::/64 [110/2]
     via FE80::CE15:9FF:FEB8:0, FastEthernet1/0
R2#

As you can see, all routes appear as intra area routes(because of the preceding ‘O’ – O – OSPF intra). The same command on R1 shows all the OSPFv3 routes are inter-area routes. Let’s check how the R2 Loopback0 interface is seen:

R1#show ipv6 route 2001:1:1:1::2/128
IPv6 Routing Table - 14 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI  2001:1:1:1::2/128 [110/64]
     via FE80::CE14:9FF:FEB8:10, Serial0/0
     via FE80::CE14:9FF:FEB8:10, Serial0/1
R1#

The other parameters of OSPFv3 like hello and dead timers, cost and router-id can be changed in the same manner as OSPF. The difference is that you need to use ‘ipv6’ instead of ‘ip.’

On the above output of ‘show ipv6 ospf interface FastEthernet1/0’ I highlighted the default values of these parameters.

The below configuration will change the hello and dead intervals to five and 20 seconds, the cost to 10 and the router-id of R2 to 200.200.200.200.

R2#show running-config interface FastEthernet1/0
Building configuration...

Current configuration : 172 bytes
!
interface FastEthernet1/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:1:2:23::2/64
 ipv6 ospf cost 10
 ipv6 ospf hello-interval 5
 ipv6 ospf 1 area 0
end

R2#show running-config | section ipv6 router
ipv6 router ospf 1
 router-id 200.200.200.200
 log-adjacency-changes
R2#

R2#show ipv6 ospf interface FastEthernet1/0
FastEthernet1/0 is up, line protocol is up
  Link Local Address FE80::CE14:9FF:FEB8:10, Interface ID 8
  Area 0, Process ID 1, Instance ID 0, Router ID 200.200.200.200
  Network Type BROADCAST, Cost: 10
  Transmit Delay is 1 sec, State DROTHER, Priority 1
  Designated Router (ID) 3.3.3.3, local address FE80::CE15:9FF:FEB8:0
  Backup Designated router (ID) 3.3.3.3, local address FE80::CE15:9FF:FEB8:0
  Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
    Hello due in 00:00:02
  Index 1/1/3, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 3, maximum is 7
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 3.3.3.3  (Designated Router)
  Suppress hello for 0 neighbor(s)
R2#

The authentication on OSPFv3 is more complex than in OSPF. As I already mentioned it is using IPSEC.

We will configure authentication (only AH) on the Serial0/0 interfaces between R1 and R2 and area authentication for area0.

This is the configuration needed on R1 and R2 on Serial0/0 interfaces:

R2#show  running-config interface s0/0
Building configuration...

Current configuration : 171 bytes
!
interface Serial0/0
 no ip address
 ipv6 address 2001:1:2:12::2/64
 ipv6 ospf 1 area 1
 ipv6 ospf authentication ipsec spi 500 md5 ABCDEF1234567890ABCDEF1234567890
end

R2#

Of course, a similar configuration is needed on R1 as well.

As you can see below, the authentication is enabled:

R2#sh ipv6  ospf  interface s0/0
Serial0/0 is up, line protocol is up
  Link Local Address FE80::CE14:9FF:FEB8:10, Interface ID 4
  Area 1, Process ID 1, Instance ID 0, Router ID 200.200.200.200
  Network Type POINT_TO_POINT, Cost: 64
  MD5 Authentication SPI 500, secure socket state UP (errors: 0)
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:06
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 10, maximum is 10
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 1.1.1.1
  Suppress hello for 0 neighbor(s)
R2#

Let’s enable area authentication in area 0. All the configuration is done only under ipv6 router stanza:

R3#show running-config | section ipv6 router
ipv6 router ospf 1
 log-adjacency-changes
 area 0 authentication ipsec spi 1000 md5 1234567890ABCDEF1234567890ABCDEF
R3#

Let’s check the status of the interface between R3 and R2:

R3#show ipv6  ospf interface f0/0
FastEthernet0/0 is up, line protocol is up
  Link Local Address FE80::CE15:9FF:FEB8:0, Interface ID 4
  Area 0, Process ID 1, Instance ID 0, Router ID 3.3.3.3
  Network Type BROADCAST, Cost: 1
  MD5 Authentication (Area) SPI 1000, secure socket state UP (errors: 0)
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 200.200.200.200, local address FE80::CE14:9FF:FEB8:10
  Backup Designated router (ID) 3.3.3.3, local address FE80::CE15:9FF:FEB8:0
  Flush timer for old DR LSA due in 00:00:47
  Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
    Hello due in 00:00:04
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 4
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 200.200.200.200  (Designated Router)
  Suppress hello for 0 neighbor(s)
R3#

By reaching this point of the article, you will know:

  • * the difference between OSPF for IPv4 and IPv6
  • * how to configure a multi area OSPFv3 network
  • * how to configure a few of the most common parameters of OSPFv3
  • * how to configure OSPFv3 authentication

References:

  1. Implementing OSPFv3(link to http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/15-2mt/ipv6-15-2mt-book/ip6-ospf.html#GUID-C94EFDA2-7D3C-4A82-AA0C-94A662767CB7)