OSPF Router Protocol
IGP protocol Link Status Protocol OSPF region structure problems in large OSPF networks the Shortest Path priority (SPF) algorithm frequently computes the route table large link status database (LSDB) the computing frequency of OSPFSPF after a large division is lower. The route table is smaller, which reduces the link state Update (LSU) overhead. In the backbone area, the conventional area is divided into OSPF areas. Cisco recommends the following: the number of vrouters protected in each region should not exceed 50. The number of vrouters in each region should not exceed 3 or 5 types of packets. Hello, the system periodically sends 10 S, 30 aging times 40 S, 120, and VPN 5. s, 60 S aging time 15 S, 180 SDatabase Description (DBD) description topology information Link-state request (LSR) Link state request Link-state update (LSU) Link update Link-state Acknowledgment (LSACK) link ACK explicit confirmation and implicit confirmation (serial number-based confirmation mechanism) for OSPF Paceket Current number + Type + message length + R-ID + Area-ID + Chck-sum + authentication type + authentication information + DataRouter-ID election 1. Manual configuration 2. select the largest IP address in the loopback. 3. Select the largest IP address (UP) for the physical interface) hello packets establish neighbor condition hello and dead * Area ID * authentication * Stub area flag * establish the process of joining 1. When the initial state is Down, the interface is declared as OSPF, no message is sent. 2. Init sends a hello3 packet through the interface. Two-Way receives a copy through the interface. The neighbor field contains its own RID hello everyone 4 and Exstart Exchange 3 without LSA. the DBD of the header selects Master/Slave5, Exchange is initiated by the Master with LSA DBD information interaction in the header ------------------------------------------------------ 6. Loading interaction lsr lsu and LSAck for LSDB synchronization 7. Full once LSDB synchronization. When the joining relationship reaches Full, each status does not arrive at the same time by the router. It is the election principle of DR and BDR when the first arrival and the second arrival arrive at the establishment of OSPF joining relationship in the MA network segment. 1: the OSPF priority of the router interface that participates in the MA network segment. The higher the priority, the better (0-255). The default value is 12: The RID of the router connected to the MA network segment, the higher the better, the higher the OSPF priority of the Wait 40 S 120 sospf ma network segment interface. If the value is 0, it indicates that the OSPF priority is not the minimum priority, but this interface is not eligible to be used for DR and BDR in this network segment, only DRother1, DR, and BD can be preemptible. 2. If DR fails to be BDR, it will immediately become a new DR, the new BDR re-elect all DRother to conclude that 3. Both DR and BDR are router interface concepts, the DR and BDR of each network segment are independently elected through the same mechanism. 4. We recommend that you have DR and BDR for backup in an Ethernet environment. In the FR Environment, only the Hub node can be used as the DR, no spoke node can be a DR And BDR5, there is no DR and BDR in a MA network segment, there is no adjacent update, there will be no LSA transfer a router running OSPF, as long as the OSPF process is enabled on an interface, this interface will immediately listen to the multicast traffic sent to 224.0.0.5, and only when one node becomes DR or BDR, this interface listens to multicast traffic destined for 224.0.0.5 and 224.0.0.6 in one MA network segment at the same time. The destination addresses of all the packets sent to DR and BDR by routers are 224.0.0.6, after integrating LSA, DR sends the 224.0.0.5 address to all other routers in the CIDR block to ensure that all routers in the network make consistent routing decisions, each vro must record the following information to directly connect the adjacent vro network or other vrouters in the region and their connected networks to the optimal network for each destination. Class 11 LSA mainly uses 1 ~ 5. OSPF V2 in Class 7 LSA Cisco does not support Class 6 and Class 8 LSA1, Router LSAs2, Network LSAs3or4, Summary LSAs5, Autonomous system external LSAs6, Multicast LSAs7, Defined for not-so -stubby ares8 and Border Gateway Protocol (BGP) class 10 or 11 external properties of LSA9, opaque LSALSA Type: Transmission range, what kind of router will happen, what information LSA contains Class 1: point-to-point network transmission range: it can only be transmitted in one region, but cannot be transmitted through the ABR. Notification body: Each vro in the same region will advertise a Class 1 LSA based on the region. Content: topology information, the following describes the prefix, mask, network type, and measurement value of all the links that the Router declares in the region. Link-ID: The RIDADV Router of the Router that advertises the LSA: advertise RID2 of the router of the LSA Class: MA network transmission range: it can only be transmitted in one region and cannot be passed through the ABR advertised by: DR router in the MA network segment contains the content: Pure topology information, contains the RID information of all routers directly connected to the MA network segment. The mask Link-ID of the MA network segment is the IP address of the DR interface of the MA network segment. ADV Router: this DR's RID3 type ABR router transmits the Inter-Domain route propagation scope: all regions except the region advertised by: ABR contains content: A 3 type LSA contains an OSPF Inter-Domain route, O IALink-ID: Class 3 LSA route prefix ADV Router: when the lsa of the RID.3 class of the ABR is transmitted in the OSPF route selection domain, in order to ensure the accessibility, each time it crosses an API, it is automatically rewritten to the RID4 class of the API: Summary asb lsa propagation range: except for the region where the ASBR is located, the whole route selection domain advertiser: The ABR router in the same region as the ASBR contains the pure topology information, which describes the location of the ASBR Link- ID: RIDADV Router of the asbr: The RID of the API of the notifier, and the value is automatically changed every time it crosses an API. The same value applies to three types of LSA5: External (External) LSA: the entire OSPF route selects the domain advertiser: ASBR contains the pure route information. An OSPF outer route corresponds to one of the five LSALink-ID: outer route prefix ADV Router: ASBR's RID. When the LSA is transmitted in the OSPF domain, the ADV Router will not change. O ia Inter-Domain Routing O E1 and O E2 out-of-Domain Routing 6 categories: multicast ospf lsa these LSA are used in OSPF multicast applications 7 categories: LSA for NSSA these LSA are used for eight types of NSSA: BGP external properties LSA these LSA are used to interconnect OSPF and BGP9, 10 or 11: Opaque LSA these LSA are used to upgrade to OSPF, the purpose is to distribute application-specific information in the OSPF domain. For example, Cisco uses Class 9 opaque LSA to Implement MPLS Traffic Engineering in OSPF. Standard LSDB diffusion mechanism is used to distribute opaque LSA. The diffusion ranges of the three types of LSA are different. The 9 types of LSA only spread in the local network or subnet, and the 10 types of LSA only spread in the current domain, the class 11 LSA spreads to The entire Autonomous System (The same as The class 5 LSA). The Opaque LSA is defined in RFC5250 (The OSPF Opaque LSA Option. Seed Metric: SeedMetric. For OSPF, if BGP routes are redistributed, SeedMetric is 1 by default, all other external routes are indeed Seed Metric 20. Modifying O E1 and O E2 on the ASBR will generate a route domain summary pointing to the NULL0 interface the same as the summary route: you need to deploy the backload balancer instance on the backload balancer instance to implement the aggregation and transmission of the three types of LSA instances in the OSPF process. After the cross-region deployment, You need to configure an out-of-domain summary on each backload balancer instance, the summary of five types of LSA is transmitted and configured in the OSPF process, and the ospf lsdb overload protection is configured. If other routers are not correctly configured, a large number of prefixes of the channel length will be re-distributed, and a large number of LSA will be generated, this will consume local CPU and memory resources. You can use the routing configuration command MAX-LSA to configure ospf lsdb overload protection to prevent this problem from being received by the router after the command function is enabled (not self-generated) and the number of LSAs stored in LSDB. If this quantity reaches the configured threshold, an error message will be written to the log and a notification will be sent when it exceeds the threshold. If the number of LSAs exceeds the threshold in one minute, the OSPF process terminates all the adjacent links and clears the OSPF database. This is called the ignore state. When the OSPF process is ignored, the interface that belongs to the OSPF process cannot accept or has an OSPF group.
During the time specified by the ignore-time parameter, the OSPF process will be ignored. The ignore-time parameter specifies how many times the OSPF process enters the ignore State continuously and will be permanently disabled. manual intervention must be performed to keep the ospf process in normal state after the time specified by Reset-time, the ignore status counter is reset to 0. There are two ways to advertise the default route to the standard area. 1. Advertise 0.0.0.0 to the OSPF domain (the condition is that the notified router already has a default route). Use the default-information originate command to implement this. 2. Advertise 0.0.0.0, regardless of whether the router with the error notification has a default route, this is achieved by specifying the keyword always in the Command default-information originate. An external default route is generated and imported to the OSPF domain, you can use the router configuration command default-information originate [always] [metric] [metric-type] [route-map] OSPF route Summary Area route summary: use the vro configuration command area-id range address mask [advertise | not-advertise | cost] external route summary: Use the vro configuration command summary-address ip-address ma Sk [not-advertise] [tag] OSPF region: Stud region: All routers in this region must be changed to stub region. If you deploy an OSPF region as stud, the ABR in this region filters out Class 4 and Class 5 LSA in the reverse direction of the inbound region, at the same time, this ABR will take the initiative to take an o ia 0.0.0.0/0 three default routes to the region, seed metric is 1 Totally Stud (full detail) Region: based on the Stub area, the ABR route filters out Class 3, Class 4, and Class 5 incoming requests to the passed LSA at the same time, at the same time, a default route of 0.0.0.0/0 of o ia will be injected to the region. If seed metric is 1, a router can generate 5 types of LSA, the vro is ASBRNot-So-Stubby (NSSA is not a complete region): The vro that can have ASBR In The NSSA region and resend the vro to OSPF exists in the form of LSA 7, this type of LSA can only exist in the NNSA region, and all the BRS in this region will elect a converter (the largest one) by comparing the RID, the converter will be the internal ABR will Filter the four or five types of LSA that enter the region from the outside. However, no API in the region will automatically route the default route to the region. To achieve internal Internet accessibility, You need to manually route the default route O N2 0.0.0 on the region's API. /0 Seed Metric = 1 Totally NSSA (completely non-full detail area) based on the concept of the NSSA region, the ABR will take the initiative to prevent 3, 4, 5, class LSA from entering the region, in addition, the ABR will take the initiative to delegate o ia 0.0.0.0/00.0.0 to the region. /0 Seed Metric = 1 default route O> o ia> O E1/E2 = O N1/N2 irregular region: 1. Non-backbone areas away from the backbone areas 2. segmented Area0 solutions: 1. On the faulty ABR (not directly connected to Area0 ), use the dual-OSPF process and perform single-point bidirectional redistribution. 2. Create a Tuunel link on the faulty ABR and connect it to the ABR router in Area0 nearest to it. Configure the IP address of the Tuunel to the same IP subnet segment on the two backends, in addition, deploy and enable Link-level plaintext authentication on the O3 in the OSPF region and the abr in the Area0 closest to the faulty ABR using Virtual-Link: enable link-level plaintext authentication for Ip ospf authentication-key ciscoIp ospf authentication under the interface: Enable hierarchical plaintext authentication for Ip ospf message-digest-key 13 md5 ciscoIp ospf authentication message-digest under the interface: enable protocol-level ciphertext authentication for Area 0 authentication in the Ip ospf authentication-key cisco process under the interface: interface Ip ospf message-digest-key 13 md5 Ip ospf authentication message-digest in cisco process enable plaintext authentication of Virtual-Link Area 2 Virtual-Link 91.1.1.1 authentication-key ciscoArea 2 Virtual- link 91.1.1.1 authentication takes effect only when Virtual-Link is initialized to establish an adjacent relationship. Virtual-Link ciphertext authentication Area 2 Virtual-Link 91.1.1.1 message-digest-key md5 ciscoArea 2 Virtual-Link 91.1.1.1 is enabled. authentication message-digestOSPF network type: 1. Loopback advertise with/32-bit Host Routing regardless of the interface mask. 2. Point-to-Point Serial/isdn bri/supports multicast, p2P sub-interfaces without DRFR 3. Broadcast Ethernet interfaces support multicast. Multi-point interfaces with Master interfaces of DR4 and nbma fr/FR do not support multicast, DR5, Point-to-Multipoint ----------- multicast \ no DR \ 32-bit direct connection interface routing 6, Point-to-Multipoint Non-Broadcast ----- unicast \ no DR \ 32-bit direct connection interface route No frame-relay inverse-arpNO arp frame-relay deploy OSPF in the FR environment: 1. The network type uses NBMA. In order to establish a Neighbor, you need to manually refer to Neighbor on the Hub node. To ensure that route transmission is normal, you need to manually modify the OSPF priority of the interface to ensure that the Hub becomes a DR, spoke does not mean anything to ensure that the PCs in the downstream network segment connected to the Spoke node can communicate with each other. The Spoke nodes need to manually map to each other. 2. The network type uses Broadcast because it supports multicast transmission, therefore, you do not need to manually specify Neighbor (FR Map enables the pseudo broadcast function) you need to manually configure the FR ing to change the DR location for the OSPF priority of the interface to achieve mutual access between Spoke nodes. 3. To use P2MP Non-Broadcast for the network type, you need to manually specify Neighbor for Neighbor building without manual modification. interface OSPF priority, no manual Frame Relay ing is required because no DR/BDR is required, because/32 Host Routing 4. Manual Neighbor is not required when P2MP is used for network types.