Wednesday, November 2, 2011

Routing Protocols: OSPF

OSPF:
  •          One of the types of link state (only other is IS-IS)
  •          Topology tables contains “entire roadmap” where routing table is the “best routes”
  •          Link-state routers don’t just know what their neighbors know; they have a roadmap for the entire area.
  •          Only disadvantage is very processor intensive.
  •          Send triggered updates to announce network changes
  •          Link-state refresh (once every 30 mins, will send out full topology to make sure nothing was missed)
  •          Network divided into multiple areas, with a group of routers.
    •    All areas must connect to area 0 (backbone)
    •    All routers in an area have the same topology table
    •    Goal is to localize updates within an area
  •          Router ID only changes when OSPF router reboots, or OSPF process is restarted.  Cisco recommends hard coding the router ID to prevent issues.  For example, a loopback is set and a year later the router is restarted.  To prevent the confusion, if the router ID is hardcoded, a reset won’t matter.
  •          Hello messages sent every 10 seconds on broadcast / point to point networks
  •          Hello messages sent ever 30 seconds on NBMA networks (Frame relay, ATM)
  •          Dead timer is 4x hello message timer
  •          Two routers must have same: Authentication password, hello and dead timers,  area ID, and network mask in order to become neighbors.
  •          States…
    •    Received hello message from R1, R2 in “init” state
    •    Router sends initial hello messages, but still waiting on a response back – “Down state”
      •   If goes from init to down, repeatedly, check the necessary parameters
    •    R2 sends hello back, R1 sees itself in neighbor table, put in “two-way” state
      •   Every time a hello message is received, will updated dead timer.  If dead timer exceeds 40 seconds (default), neighbor relationship is torn down.
    •    “Exstart state” Exchanging of link state databases, master slave relationship.
      •   Master sends database descriptions (DBD) to slaves, which is a summarization of the link state database.  The slave will also send a DBD back to the master, so they can compare to see what the slave does not know.  During this process, their states will show as, “Loading State.”  Here they load the information into memory, to determine what they need.  In this process, they will go down the list, requesting details (beginning with the slave), and this is called a link-state request.  “OH I don’t know that, need information!!”  The master will respond back with the requested details (known as a link-state update).  Once the slave has been updated, the master will send out its own LSR’s if necessary.
    •    Once both devices have the same link-state database, the neighbors will be at a “full state” All routers attached to DR should be the only ones showing as “full” whereas every other router show ld show as “two-way”
  •          DRs & BDR are used to reduce network traffic.  Link updates sent to DR versus sending update to all neighbors. 
  •          224.0.0.6 multicast address for all OSPF devices, 224.0.0.5 used for DRs & BDRs (with shared network segments)
  •          One DR/BDR for ever shared segment
  •          Point to point links, uses 224.0.0.5 address
  •          DR / BDR chosen by…(highest to lowest importance & no other elections until either the DR or BDR fail)
    •    Router priority
    •    Router ID
  •          Link-state advertisements (LSA) are updates about individual routes.  (Link state updates contain individual link state advertisements)
  •          Link-state acknowledgement (LSACK) is a transport layer protocol used to acknowledge everything sent between routers (no TCP in OSPF).  With the use of LSACK, OSPF if considered to have reliable transport (similar to TCP).
  •          Router-id <#> from within OSPF sub command to define router ID
  •          E1 routes (increment metric), E2 routes (do not increment meric-default)
  •           Redistribute static subnets metric-type<1 or 2>  metric <#> (configures E2) with a metric of 200
  •           Clear ip ospf processes – resets ospf process, tears down neighbors
  •          Ip ospf network point-to-point  -- tricks OSPF into thinking loopback as not a loopback /24 instead of /32
  •          Sh ip ospf interface – used to show DR / BDR status, and other ospf info on device.
  •          Sh ip ospf neighbor  - shows neighbor devices DR / BDR status.
  •          Ip ospf priority – used to configure priority numbers, higher # means DR.  IF set to 0, the device will not become DR / BDR.
  •          Area <area #> range <summary address + subnet mask> method of summarization for OSPF
  •          Summary-address <summary address + subnet mask> method of summarization for ASBR (when communicating with non ospf networks, that do not understand areas.
  •          Cost = 100/bandwidth in mbps (cannot accurately determine cost for higher costs)  Use auto-cost reference-bandwidth <whatevs> changes the default 100
  •          OSPF Network Types:
    •    Broadcast / Multi-access networks
      •   Example: Ethernet, Token Ring
      •   Single operation mode – walk into any network, should work.
      •   DR/BDR election, 10 sec hellos, dual multicast add
    •    Point-to-point networks
      •   Example: T1 CAS, ISDN BRI/PRI
      •   Single operation mode
      •   No DR/BDR, 10 sec hellos, single multicast add (2
    •    Non Broadcast Multi-access (NBMA) networks
      •   Example: Frame Relay, ATM
      •   30 second hellos
      •   Five modes of operation
        •   Non-broadcast (RFC standard)
          •    Default mode for X.25, FR, ATM
          •    Neighbors statistically configured
            •   Neighbor <remote ip> priority <priority value>
          •    Must be one subnet
          •    Acts like a lan environment
          •    DR/BDR elected, must be fully connected
        •   Point-to-multipoint (RFC standard)
          •    Fixes issues with NBMA networks
          •    Requires single subnet (advantage)
          •    No DR/BDR elected
          •    Neighbors automatically form (IF pseudo broadcasts allowed)
        •   Point-to-point (Cisco proprietary)(Like point to point, without NBMA)
          •    Uses separate sub interfaces
          •    Requires diff subnets (Disadvantage, wastes addresses)
          •    No DR/BDR elected
          •    Neighbors automatically form
        •   Broadcast (Cisco proprietary)
          •    Like Ethernet over a cloud
          •    Form DR/BDR
        •   Point-to-multipoint, non-broadcast (Cisco proprietary)
          •    Fixes issues with NBMA networks
          •    Requires single subnet
          •    No DR/BDR elected
          •    Similar to point-to-multipoint, but neighbors do not auto form, must be configured statically.
  •           Ip ospf hello-interval <configured hello interval> - configures hello / dead timer so that NBMA can communicate with other devices.
  •          Virtual links are useful to make things work until you can fix it.
    •    Area <area> virtual-link <remote ID> - Used to create a virtual link (perform on device attached to area 0 (also on router connected to virtual link)
    •    Sh ip ospf virtual-link – Displays virtual links
  •       OSPF LSA types:
    •    Type 1: Router LSA
      • The LSDB for one area contains one Type 1 LSA per router per area.
      • ABRs create multiple Type 1 LSAs for themselves: one per area.
    •    Type 2: Network LSA (DR generated)
      •   Routes attached to same switch / subnet
    •    Type 3: Summary LSA (ABR summary route)
      •   ABR that passes routes from one area to another
      •   ABRs do not forward Type 1 and Type 2 LSAs from one area into another area
      •   ABRs generate a Type 3 LSA for each subnet in one area, and advertise each Type 3 LSA into the other areas.
      •   Used to model interarea routes
    •    Type 4: Summary LSA (ASBR summary route)
      •   Identifies ASBR
    •    Type 5: External LSA (ASBR summary route)
      •   Created when ASBR sends external routes into OSPF domain
    •    Type 7: Used in stub areas in place of a type 5 LSA
  •           Types of areas:
    •    Stubby area: Blocks type 5 LSAs from entering
      •   Under ospf configuration, use command area <area #> stub
    •    Totally stubby: Blocks type 3,4, and 5 LSAs from entering (Cisco proprietary)
      •   Under ospf configuration, use command area <area#> stub no-summary
    •    Not-so-stubby-area: Passes external routes through via type 7 LSA; these convert back to type 5 once they reach the backbone.
      •   Under ospf configuration, use command area <area#> nssa
  •          Passive-interface <interface> within OSPF config, will keep hello updates from being sent.
    •    Can use passive-interface default to turn on passive-interface on all interfaces of the router.  
  •          Area <area #> authentication message-digest – configures authentication for OSPF, with this method it requires all routers in <area#> to have authentication turned on.  Cannot enter keys, simply verifies md5 enabled.  Better method is to turn authentication on interface by interface, and enter keys in that way.
  •          Ip ospf authentication message-digest – turns on md5 authentication
  •          Ip ospf authentication message-digest-key <key ID> md5 <key name> -- turns on md5 authentication for a particular interface.
  •          Ip ospf authentication – turns on clear text authentication
  •          Ip ospf authentication-key  <key name> - configures key name for clear text authentication
  •          Debug ip ospf adj – Command used to display ospf neighbor relationship changes, and useful for troubleshooting OSPF authentication issues
  •          Area <area> stub – co nfigured under ospf configuration
  •          Area <area#> default-cost <cost number> -  Sets initial cost of X

No comments:

Post a Comment