Versions Compared

Old Version 58

changes.mady.by.user Māris B.

Saved on

compared with

New Version Current

changes.mady.by.user Olga Ļ.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Link state database describes the routers and links that interconnect them and are appropriate for forwarding. It also contains the cost (metric) of each link. This metric is used to calculate the shortest path to the destination network.
Each router can advertise a different cost for the router's own link direction, making it possible to have asymmetric links (packets to the destination travel over one path, but the response travels a different path). Asymmetric paths are not very popular, because it makes it harder to find routing problems.
The Cost in RouterOS is set to 10 on all interfaces by default. Value value of the cost can be changed in the OSPF interface template configuration menu, for example, to add an ether2 interface with a cost of 100:

...

As you can see from the image above multiple shortest paths have been found to the 172.16.1.0 network, allowing load balancing of the traffic to that destination called equal-cost multipath (ECMP). After the shortest-path tree is built, a router starts to build the routing table accordingly. Networks are reached consequently to the cost calculated in the tree.Routing table calculation looks quite simple, however, when some of the OSPF extensions are used or OSPF areas are calculated, routing calculation gets more complicated.-path tree is built, a router starts to build the routing table accordingly. Networks are reached consequently to the cost calculated in the tree.

Routing table calculation looks quite simple, however, when some of the OSPF extensions are used or OSPF areas are calculated, routing calculation gets more complicated.

Forwarding Address

OSPF router can set the forwarding-address to something other than itself which indicates that an alternate next-hop is possible. Mostly forwarding address is set to 0.0.0.0 suggesting that the route is reachable only via the advertising router.

The forwarding address is set in LSA if the following conditions are met:

  • OSPF must be enabled on the next-hop interface
  • Next-hop address falls into the network provided by OSPF networks

A router that receives such LSA can use a forwarding address if OSPF is able to resolve the forwarding address. If forwarding address is not resolved directly - router sets nexthop for forwading address from LSA as a gateway, if forwarding address is not resolved at all - the gateway will be originator-id. Resolve happens only using OSPF instance routes, not the whole routing table.


Let's look at the example setup below:

Image Added

Router R1 has a static route to the external network 192.168.0.0/24. OSPF is running between R1, R2, and R3, and the static route is distributed across the OSPF network.

The problem in such a setup is obvious, R2 can not reach the external network directly. Traffic going to the LAN network from R2 will be forwarded over the router R1, but if we look at the network diagram we can see that more R2 can directly reach the router where the LAN network i located.


So knowing the forwarding address conditions, we can make router R1 to set the forwarding address. We simply need to add 10.1.101.0/24 network to OSPF networks in the router's R1 configuration:

Code Block
languageros
/routing/ospf/interface-template add area=backbone_v2 networks=10.1.101.0/24


Now lets verify that forwarding address is actually working: 

Code Block
languagetext
themeFadeToGrey
[admin@r2] /ip/route> print where dst-address=192.168.0.0/24
Flags: D - DYNAMIC; A - ACTIVE; o, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
    DST-ADDRESS       GATEWAY            DISTANCE
DAo 192.168.0.0/24    10.1.101.1%ether1       110


On all OSPF routers you will see LSA set with forwarding address other than 0.0.0.0 

Code Block
languagetext
themeFadeToGrey
[admin@r2] /routing/ospf/lsa> print where id=192.168.0.0
Flags: S - self-originated, F - flushing, W - wraparound; D - dynamic 

 1  D instance=default_ip4 type="external" originator=10.1.101.10 id=192.168.0.0 
      sequence=0x80000001 age=19 checksum=0xF336 body=
        options=E
        netmask=255.255.255.0
        forwarding-address=10.1.101.1
        metric=10 type-1
        route-tag=0


Note

OSPF adjacency between routers in the 10.1.101.0/24 network is not required



Neighbour Relationship and Adjacency

...

Section


Column
width400px


Column


FieldDescription
network maskThe IP mask of the originating router's interface IP address.
hello intervalthe period between Hello packets (default 10s)
optionsOSPF options for neighbor information
router priorityan 8-bit value used to aid in the election of the DR and BDR. (Not set in p2p links)
router dead intervaltime interval has to be received before considering the neighbor is down. ( By default four times bigger than the Hello interval)
DRthe router-id of the current DR
BDRthe router-id of the current BDR
Neighbor router IDsa list of router ids for all the originating router's neighbors




...

Automatic neighbor discovery by multicasting or broadcasting Hello packets. Less bandwidth usage compared to other subnet types. On the broadcast segment, there are n*(n-1)/2 neighbor relations, but those relations are maintained by sending only n Hellos. If the broadcast has the multicast capability, then OSPF operates without disturbing non-OSPF nodes on the broadcast segment. If the multicast capability is not supported all routers will receive broadcasted Hello packet packets even if the node is not an OSPF router.

...

Non-broadcast multiaccess (NBMA) segments are similar to broadcast. Support more than two routers, the only difference is that NBMA does not support a data-link broadcast capability. Due to this limitation, OSPF neighbors must be discovered initially through configuration. On RouterOS static neighbor configuration is set in the /routing ospf static-neighbor menu. To reduce the amount of Hello traffic, most routers attached to the NBMA subnet should be assigned a Router Priority of 0 (set by default in RouterOS). Routers that are eligible to become Designated Routers should have priority values other than 0. It ensures that during the election of DR and BDR Hellos are sent only to eligible routers.

...

Before database synchronization can begin, a hierarchy order of exchanging information must be established, which determines which router sends Database Descriptor (DD) packets first (Master). The master router is elected based on the highest priority and if priority is not set then the router ID will be used. Note that it is a router priority-based relation to arranging the exchanging data between neighbors which does not affect DR/BDR election (meaning that DR does not always have to be Master).

...

The image on the right illustrates adjacency formations on broadcast subnets. Routers R1 and R2 are Designated Routers and Backup Designated routers respectively. For example, if R3 wants to flood Link State Update (LSU) to both R1 and R2, a router sends LSU to the IP multicast address AllDRouters (224.0.0.6) and only DR and BDR listen to this multicast address. Then Designated Router sends LSU addressed to AllSPFRouters, updating the rest of the routers.

...

Database synchronization on NBMA networks is similar to that on broadcast networks. DR and BDR are elected, databases initially are exchanged only with DR and BDR routers and flooding always goes through the DR. The only difference is that Link State Updates must be replicated and sent to each adjacent router separately.

...

A distinctive feature of OSPF is the possibility to divide AS into multiple routing Areas which contain their own set of neighbors.
Imagine a large network with 300+ routers and multiple links between them. Whenever link flaps or some other topology change happens in the network, this change will be flooded to all OSPF devices in the network resulting in a quite heavy load on the network and even downtime since network convergence may take some time for such a large network. 

A large single-area network can produce serious issues:

...

OSPF area has unique 32-bit identification (Area ID) and the area with an Area ID of 0.0.0.0 (called the Backbone area) is the main one where any other area should connect. Routers that connect to more than one area are called ABR (Area Border Routers), and their main responsibility is summarization and update suppression between connected areas. The router connecting to another routing domain is called ASBR (Autonomous System Boundary Router).

Each area has its own link-state database, consisting of router-LSAs and network-LSAs describing how all routers within that area are interconnected. Detailed knowledge of the area's topology is hidden from all other areas; router-LSAs and network-LSAs are not flooded beyond the area's borders. Area Border Routers (ABRs) leak addressing information from one area into another in OSPF summary-LSAs. This allows one to pick the best area border router when forwarding data to destinations from another area and is called intra-area routing.

Routing information exchange between areas is essentially a Distance Vector algorithm and to prevent algorithm convergence problems, such as counting to infinity, all areas are required to attach directly to the backbone area making a simple hub-and-spoke topology. AreaThe area-ID of the backbone area is always 0.0.0.0 and can not be changed.

...

Simple multi-area network using default area. In this example, all networks from area1 are flooded to the backbone and all networks from the backbone are flooded to area1.
R1:

Code Block
languageros

/ip address add address=10.0.3.1/24 interface=ether1
/ip address add address=10.0.2.1/24 interface=ether2
/routing ospf instance
add name=v2inst version=2 router-id=1.0.0.1
/routing ospf area
add name=backbone_v2 area-id=0.0.0.0 instance=v2inst
add name=area1 area-id=1.1.1.1 type=default instance=v2inst
/routing ospf interface-template
add networks=10.0.2.0/24 area=backbone_v2
add networks=10.0.3.0/24 area=area1

...

The main purpose of stub areas is to keep such areas from carrying external routes. Routing from these areas to the outside world is based on a default route. Stub A stub area reduces the database size inside an area and reduces the memory requirements of routers in the area.

...

Since redistribution is controlled by "originate-default" and "redistribute" parameter, it introduces some corner-cases for default route filtering. 

  • if redistribute is enabled, then pick all routes matching redistribute parameters
  • If originate-default=never, a default route will be rejected
  • run selected routes through out-select-chain (if configured)
  • run selected routes through out-filter-chain (if configured)
  • if originate-default is set to always or if-installed:
    • OSPF creates a fake default route without attributes;
    • runs this route through out-filter-chain where attributes can be applied, but action is ignored (always accept);

...

It is better to summarise in the direction of the backbone. That way the backbone receives all the aggregated routes and injects them into other areas already summarisedsummarized. There are two types of summarization: inter-area and external route summarization.

...

Inter-area route summarization can be configured from from the OSPF area range menu.

Let's consider that we have two areas backbone and area1, area1 has several /24 routes from the 10.0.0.0/16 range and there is no need to flood the backbone area with each /24 subnet if it can be summarisedsummarized. On the router connecting area1 with the backbone we can set up the area range:

Code Block
languageros
/routing ospf area range
add prefix=10.0.0.0/16 area=area1 advertise=yes cost=10

...

There are two common scenarios when virtual links can be used:

  • to glue together the fragmented backbone area
  • to connect remote are without direct connection to the backbone

...

Sub-menu: /routing/ospf/instance

PropertyDescription
domain-id (Hex | Address)MPLS-related parameter. Identifies the OSPF domain of the instance. This value is attached to OSPF routes redistributed in BGP as VPNv4 routes as BGP extended community attribute and used when BGP VPNv4 routes are redistributed back to OSPF to determine whether to generate inter-area or AS-external LSA for that route. By default Null domain-id is used, as described in RFC 4577.
domain-tag (integer [0..4294967295])if set, then used in route redistribution (as route-tag in all external LSAs generated by this router), and in route calculation (all external LSAs having this route tag are ignored). Needed for interoperability with older Cisco systems. By default not set.
in-filter (string)name of the routing filter chain used for incoming prefixes
mpls-te-address (string)the area used for MPLS traffic engineering. TE Opaque LSAs are generated in this area. No more than one OSPF instance can have mpls-te-area configured.
mpls-te-area (string)the area used for MPLS traffic engineering. TE Opaque LSAs are generated in this area. No more than one OSPF instance can have mpls-te-area configured.
originate-default (always | if-installed | never; Default: never)Specifies default route (0.0.0.0/0) distribution method.
out-filter-chain (name)name of the routing filter chain used for outgoing prefixes filtering. Output operates only with "external" routes.
out-filter-select (name)name of the routing filter select chain, used for output selection. Output operates only with "external" routes.
redistribute (bgp,connected,copy,dhcp,fantasy,modem,ospf,rip,static,vpn; )Enable redistribution of specific route types.
router-id (IP | name; Default: main)OSPF Router ID. Can be set explicitly as an IP address, or as the name of the router-id instance.
version (2 | 3; Default: 2)OSPF version this instance will be running (v2 for IPv4, v3 for IPv6).
vrf (name of a routing table; Default: main)the VRF table this OSPF instance operates on
use-dn (yes | no)Forces to use or ignore DN bit. Useful in some CE PE scenarios to inject intra-area routes into VRF. If a parameter is unset then the DN bit is used according to RFC. Available since v6rc12.


Notes

OSPF protocol supports two types of metrics:

  • type1 - OSPF metric is the sum of the internal OSPF cost and the external route cost
  • type2 - OSPF metric is equal only to the external route cost.
Note

Type 1 external paths are always preferred over type 2 external paths. When all paths are type 2 external paths, the paths with the smallest advertised type 2 metric are always preferred. (RFC2328)


Area

Sub-menu: /routing/ospf/area

PropertyDescription
area-id (IP address; Default: 0.0.0.0)OSPF area identifier. If the router has networks in more than one area, then an area with area-id=0.0.0.0 (the backbone) must always be present. The backbone always contains all area border routers. The backbone is responsible for distributing routing information between non-backbone areas. The backbone must be contiguous, i.e. there must be no disconnected segments. However, area border routers do not need to be physically connected to the backbone - connection to it may be simulated using a virtual link.
default-cost (integer; unset)Default cost of injected LSAs into the area. If the value is not set, then stub area type-3 default LSA will not be originated.
instance (name; mandatory)Name of the OSPF instance this area belongs to.
no-summaries ()Flag parameter, if set then the area will not flood summary LSAs in the stub area.
name (string)the name of the area
nssa-translate (yes | no | candidate)The parameter indicates which ABR will be used as a translator from type7 to type5 LSA. Applicable only if area type is NSSA
  • yes - the router will be always used as a translator
  • no - the router will never be used as a translator
  • candidate - OSPF elects one of the candidate routers to be a translator
type (default | nssa | stub; Default: default)The area type. Read more on the area types in the OSPF case studies.

...

PropertyDescription

interfaces (name)

Interfaces to match. Accepts specific interface name names or the name of the interface list.

network (IP prefix)the network prefix associated with the area. OSPF will be enabled on all interfaces that have at least one address falling within this range. Note that the network prefix of the address is used for this check (i.e. not the local address). For point-to-point interfaces, this means the address of the remote endpoint.

...

PropertyDescription
area (name; mandatory)The OSPF area to which the matching interface will be associated.
auth (simple | md5 | sha1 | sha256 | sha384 | sha512)Specifies authentication method for OSPF protocol messages.
  • simple - plain text authentication
  • md5 - keyed Message Digest 5 authentication
  • sha - HMAC-SHA authentication RFC5709

If the parameter is unset, then authentication is not used.

auth-id (integer)The key id is used to calculate message digest (used only when MD5 or SHA authentication is enabled). The value should match all OSPF routers from the same region.
authentication-key (string)The authentication key is to be used for simple or MD5 authentication methods, should match on all the neighbors of the network segment.
comment(string)
cost(integer [0..65535])Interface cost expressed as link state metric.
dead-interval (time; Default: 40s)Specifies the interval after which a neighbor is declared dead. This interval is advertised in hello packets. This value must be the same for all routers on a specific network, otherwise, adjacency between them will not form
disabled(yes | no)
hello-interval (time; Default: 10s)The interval between HELLO packets that the router sends out this interface. The smaller this interval is, the faster topological changes will be detected, the tradeoff is more OSPF protocol traffic. This value must be the same for all the routers on a specific network, otherwise, adjacency between them will not form.
instance-id (integer [0..255]; Default: 0)
passive ()If enabled, then do not send or receive OSPF traffic on the matching interfaces
prefix-list (name)Name of the address list containing networks that should be advertised to the v3 interface.
priority (integer: 0..255; Default: 128)

Router's priority. Used to determine the designated router in a broadcast network. The router with the highest priority value takes precedence. Priority value 0 means the router is not eligible to become a designated or backup designated router at all.

Warning

ROS v7 default value is 128 (defined in RFC), and the default value in ROS v6 was 1, keep this in mind when if you had strict priorities set for DR/BDR election.


retransmit-interval (time; Default: 5s)Time interval the lost link state advertisement will be resent. When a router sends a link state advertisement (LSA) to its neighbor, the LSA is kept until the acknowledgment is received. If the acknowledgment was not received in time (see transmit-delay), the router will try to retransmit the LSA.
transmit-delay (time; Default: 1s)Link-state transmit delay is the estimated time it takes to transmit a link-state update packet on the interface.
type (broadcast | nbma | ptp | ptmp | ptp-unnumbered | virtual-link; Default: broadcast)the OSPF network type on this interface. Note that if interface configuration does not exist, the default network type is 'point-to-point' on PtP interfaces and 'broadcast' on all other interfaces.
  • broadcast - network type suitable for Ethernet and other multicast capable link layers. Elects designated router
  • nbma - Non-Broadcast Multiple Access. Protocol packets are sent to each neighbor's unicast address. Requires manual configuration of neighbors. Elects designated router
  • ptp - suitable for networks that consist only of two nodes. Do not elect designated router
  • ptmp - Point-to-Multipoint. Easier to configure than NBMA because it requires no manual configuration of a neighbor. Do not elect a designated router. This is the most robust network type and as such suitable for wireless networks, if 'broadcast' mode does not work well enough for them
  • ptp-unnumbered - works the same as ptp, except that the remote neighbor does not have an associated IP address to a specific PTP interface. For example, in case an IP unnumbered is used on Cisco devices.
  • virtual-link - for virtual link setups.
vlink-neighbor-id (IP)Specifies the router-id of the neighbor which should be connected over the virtual link.
vlink-transit-area (name)A non-backbone area the two routers have in common over which the virtual link will be established. Virtual links can not be established through stub areas.

...

PropertyDescription
address (IP)An IP address of the OSPF neighbor router
adjacency (time)Elapsed time since adjacency was formed
area (string)
bdr (string)An IP address of the Backup Designated Router
comment (string)
db-summaries (integer)
dr (IP)An IP address of the Designated Router
dynamic (yes | no)
inactive (yes | no)
instance (string)
ls-requests (integer)
ls-retransmits (integer)
priority (integer)Priority configured on the neighbor
router-id (IP)neighbor router's RouterID
state (down | attempt | init | 2-way | ExStart | Exchange | Loading | full)
  • Down - No Hello packets have been received from a neighbor.
  • Attempt - Applies only to NBMA clouds. The state indicates that no recent information was received from a neighbor.
  • Init - Hello packet received from the neighbor, but bidirectional communication is not established (Its own RouterID is not listed in the Hello packet).
  • 2-way - This state indicates that bi-directional communication is established. DR and BDR elections occur during this state, routers build adjacencies based on whether the router is DR or BDR, and the link is point-to-point or a virtual link.
  • ExStart - Routers try to establish the initial sequence number that is used for the packets packet information exchange. The router with a higher ID becomes the master and starts the exchange.
  • Exchange - Routers exchange database description (DD) packets.
  • Loading - In this state actual link state information is exchanged. Link State Request packets are sent to neighbors to request any new LSAs that were found during the Exchange state.
  • Full - Adjacency is complete, and neighbor routers are fully adjacent. LSA information is synchronized between adjacent routers. Routers achieve the full state with their DR and BDR only, an exception is P2P links.
state-changes (integer)Total count of OSPF state changes since neighbor identification

...

PropertyDescription
address (IP%iface; mandatory )The unicast IP address and an interface, that can be used to reach the IP of the neighbor. For example, address=1.2.3.4%ether1 indicates that a neighbor with IP 1.2.3.4 is reachable on the ether1 interface.
area (name; mandatory )Name of the area the neighbor belongs to.
comment (string)
disabled (yes | no)
instance-id (integer [0..255]; Default: 0)
poll-interval (time; Default: 2m)How often to send hello messages to the neighbors which are in a "down" state (i.e. there is no traffic from them)

...