Sie sind auf Seite 1von 54

OSPF

OSPF 4-1 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
OSPF 4-1 Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net

4-1

Copyright © 2005 Juniper Networks, Inc.

Proprietary and Confidential

www.juniper.net

OSPF Review

Link-state protocol

Neighbors use hello packets to form adjacencies

Routers flood LSAs within their area LSAs are placed into a link-state database

OSPF packet types

HelloType 1

Database descriptionType 2 Link-state requestType 3

Link-state updateType 4

Link-state acknowledgementType 5

Hierarchical design uses areas connected to a backbone

Routers on a broadcast segment elect a DR

© 2008 Juniper Networks, Inc. All rights reserved.

to a backbone  Routers on a broadcast segment elect a DR © 2008 Juniper Networks,

2

Hierarchical Design

Backbone (Area 0 or 0.0.0.0)

Area 1
Area 1

Area 2

Area 3
Area 3

© 2008 Juniper Networks, Inc. All rights reserved.

Hierarchical Design Backbone (Area 0 or 0.0.0.0) Area 1 Area 2 Area 3 © 2008 Juniper

3

Link-State Update Packets

Carry one or more link-state advertisements Packets consist of:

(24-byte) OSPF header

(4-byte) Number of advertisements (Variable) Link-state advertisements

Field length,

in bytes

1

1

2

4

4

2

2

8

Variable

Version

Type

Packet

Router ID

Area ID

Check-

Authent-

ication

Authentication

Data

number

length

sum

type

4 20 Variable 20 Variable # of LSAs LSA Data LSA Data … LSA Header
4
20
Variable
20
Variable
# of LSAs
LSA Data
LSA Data
LSA Header
LSA Header
rights reserved.

© 2008 Juniper Networks, Inc. All

4

LSA Types

Link-state advertisement types:

Router LSAsType 1

Network LSAsType 2

Summary LSAsTypes 3 and 4

AS external LSAsType 5 Group membership LSAsType 6

NSSA LSAsType 7

External attributes LSAsType 8 Opaque LSAsTypes 9, 10, and 11

Each LSA type describes a portion of the OSPF routing

domain Types 6, 8, and 11 are not supported

© 2008 Juniper Networks, Inc. All rights reserved.

the OSPF routing domain  Types 6, 8, and 11 are not supported © 2008 Juniper

5

LSA Header

20 bytes of information that identify the LSA uniquely and consist of:

(2-byte) LS age

(1-byte) Options (1-byte) LS type

(4-byte) Link-state ID

(4-byte) Advertising router (4-byte) LS sequence number (2-byte) LS checksum (2-byte) Length

© 2008 Juniper Networks, Inc. All rights reserved.

LS sequence number • (2-byte) LS checksum • (2-byte) Length © 2008 Juniper Networks, Inc. All

6

Router LSA (Type 1)

Originated by each router in an area

Has area scope Describes the state and cost of the router’s interfaces

Consists of the standard LSA header plus:

(1-byte) Five 0 bits followed by the V, E, and B bits

(1-byte) Reserved (set to 0)

(2-byte) Number of links

(4-byte) Link ID

(4-byte) Link data

(1-byte) Link type

(1-byte) Number of ToS metrics

(2-byte) Metric

(4-byte) Additional ToS data

© 2008 Juniper Networks, Inc. All rights reserved.

ToS metrics • (2-byte) Metric • (4-byte) Additional ToS data © 2008 Juniper Networks, Inc. All

7

Link ID and Link Data Fields

Interpretation depends on value of the link type field

Link Type

Link ID

Link Data

Point-to-point (Type 1)

Neighbor’s router ID

Local router’s interface IP address

Transit

DR’s

Local router’s

(Type 2)

interface IP address

interface IP address

Stub

   

(Type 3)

Network number

Subnet mask

Virtual link

Neighbor’s

Local router’s interface IP address

(Type 4)

router ID

© 2008 Juniper Networks, Inc. All rights reserved.

Local router’s interface IP address (Type 4) router ID © 2008 Juniper Networks, Inc. All rights

8

Router LSA Example

user@host> show ospf database router extensive OSPF link state database, area 0.0.0.0

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Router

*192.168.16.1

192.168.16.1

0x80000004

947

0x2

0xd45b 60

bits 0x3, link count 3 id 192.168.24.1, data 10.222.28.1, type PointToPoint (1) TOS count 0, TOS 0 metric 1 id 10.222.28.0, data 255.255.255.0, type Stub (3) TOS count 0, TOS 0 metric 1

id 192.168.16.1, data 255.255.255.255, type Stub (3)

TOS count 0, TOS 0 metric 0 Gen timer 00:30:56 Aging timer 00:44:13 Installed 00:15:47 ago, expires in 00:44:13, sent 00:15:47 ago

Ours
Ours

Router

192.168.36.1

192.168.36.1

0x80000003

173

0x2 0xfa6

60

bits 0x3, link count 3 id 192.168.24.1, data 10.222.4.2, type PointToPoint (1) TOS count 0, TOS 0 metric 1 id 10.222.4.0, data 255.255.255.0, type Stub (3) TOS count 0, TOS 0 metric 1 id 192.168.36.1, data 255.255.255.255, type Stub (3)

TOS count 0, TOS 0 metric 0

Aging timer 00:57:06 Installed 00:02:47 ago, expires in 00:57:07, sent 19:55:19 ago

© 2008 Juniper Networks, Inc. All rights reserved.

Installed 00:02:47 ago, expires in 00:57:07, sent 19:55:19 ago © 2008 Juniper Networks, Inc. All rights

9

Build a NetworkType 1 LSA

Area 0 192.168.24.1 192.168.16.1 192.168.36.1 .1 .2 10.222.28.0/24 10.222.4.0/24
Area 0
192.168.24.1
192.168.16.1
192.168.36.1
.1
.2
10.222.28.0/24
10.222.4.0/24

© 2008 Juniper Networks, Inc. All rights reserved.

192.168.16.1 192.168.36.1 .1 .2 10.222.28.0/24 10.222.4.0/24 © 2008 Juniper Networks, Inc. All rights reserved. 1 0

10

Network LSA (Type 2)

Originated by designated routers (DR)

Has area scope

Describes all routers attached to a network segment

Consists of the standard LSA header plus:

(4-byte) Network mask

(4-byte) Attached router

© 2008 Juniper Networks, Inc. All rights reserved.

plus: • (4-byte) Network mask • (4-byte) Attached router © 2008 Juniper Networks, Inc. All rights

11

Network LSA Example

user@host> show ospf database network extensive

OSPF link state database, area 0.0.0.1

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Network 10.222.1.1

192.168.20.1

0x80000002

813

0x2

0x6876 32

mask 255.255.255.0 attached router 192.168.20.1 attached router 192.168.40.1 Aging timer 00:46:27 Installed 00:13:32 ago, expires in 00:46:27, sent 1w5d 01:07:09 ago

© 2008 Juniper Networks, Inc. All rights reserved.

00:13:32 ago, expires in 00:46:27, sent 1w5d 01:07:09 ago © 2008 Juniper Networks, Inc. All rights

12

Build a NetworkType 2 LSA

Area 0 192.168.24.1 192.168.16.1 192.168.36.1 .1 .2 10.222.28.0/24 10.222.4.0/24 192.168.20.1 192.168.40.1 .1
Area 0
192.168.24.1
192.168.16.1
192.168.36.1
.1
.2
10.222.28.0/24
10.222.4.0/24
192.168.20.1
192.168.40.1
.1
10.222.1.0/24
Area 1

© 2008 Juniper Networks, Inc. All rights reserved.

192.168.20.1 192.168.40.1 .1 10.222.1.0/24 Area 1 © 2008 Juniper Networks, Inc. All rights reserved. 1 3

13

Summary LSA (Type 3)

Originated by ABRs

Has area scope

Describes networks external to the area

Consists of the standard LSA header plus:

(4-byte) Network mask

(1-byte) Reserved (set to 0)

(3-byte) Metric

(1-byte) ToS

(3-byte) ToS metric

© 2008 Juniper Networks, Inc. All rights reserved.

• (3-byte) Metric • (1-byte) ToS • (3-byte) ToS metric © 2008 Juniper Networks, Inc. All

14

Summary LSA Example

user@host> show ospf database netsummary extensive

OSPF link state database, area 0.0.0.0

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Summary 10.222.44.0 mask 255.255.255.0

192.168.36.1

0x80000004 1011

0x2

0x8530 28

TOS 0x0, metric 1

Aging timer 00:43:08

Installed 00:16:49 ago, expires in 00:43:09, sent 1w5d 01:08:42 ago

Summary 192.168.32.1 mask 255.255.255.255 TOS 0x0, metric 1 Aging timer 00:37:25

192.168.36.1

0x80000001 1355

0x2

0x49f9 28

Installed 00:22:33 ago, expires in 00:37:25, sent 1w5d 01:08:42 ago

Summary *192.168.40.1 mask 255.255.255.255 TOS 0x0, metric 2 Gen timer 00:14:18 Aging timer 00:34:33

192.168.16.1

0x80000001 1527

0x2

0x87c6 28

Installed 00:25:27 ago, expires in 00:34:33, sent 00:25:27 ago

Ours

© 2008 Juniper Networks, Inc. All rights reserved.

00:25:27 ago, expires in 00:34:33, sent 00:25:27 ago Ours © 2008 Juniper Networks, Inc. All rights

15

Build a NetworkType 3 LSA

192.168.20.1

Build a Network — Type 3 LSA 192.168.20.1 .1 © 2008 Juniper Networks, Inc. All rights

.1

© 2008 Juniper Networks, Inc. All rights reserved.

192.168.16.1 .1
192.168.16.1
.1

192.168.40.1

10.222.1.0/24

Area 1

Area 0

192.168.24.1

.1 192.168.40.1 10.222.1.0/24 Area 1 Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24

10.222.28.0/24

10.222.1.0/24 Area 1 Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24 192.168.32.1

10.222.4.0/24

192.168.36.1 .2
192.168.36.1
.2

10.222.44.0/24

Area 1 Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24 192.168.32.1 Area ? 1 6

192.168.32.1

Area ?

16

ASBR Summary LSA (Type 4)

Originated by ABRs

Has area scope

Describes ASBRs external to the area

Consists of the standard LSA header plus:

(4-byte) Network Mask

(1-byte) Reserved (set to 0)

(3-byte) Metric

(1-byte) ToS

(3-byte) ToS Metric

© 2008 Juniper Networks, Inc. All rights reserved.

• (3-byte) Metric • (1-byte) ToS • (3-byte) ToS Metric © 2008 Juniper Networks, Inc. All

17

ASBR Summary LSA Example

user@host> show ospf database asbrsummary extensive

OSPF link state database, area 0.0.0.0

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

ASBRSum 192.168.32.1 192.168.36.1 mask 0.0.0.0

0x80000001 1477

0x2

0x3b07 28

TOS 0x0, metric 1

Aging timer 00:35:22 Installed 00:24:35 ago, expires in 00:35:23, sent 1w5d 01:10:44 ago

ASBRSum *192.168.40.1 192.168.16.1 mask 0.0.0.0

0x80000001 1649

0x2

0x79d3 28

TOS 0x0, metric 2

Gen timer 00:14:36 Aging timer 00:32:30 Installed 00:27:29 ago, expires in 00:32:31, sent 00:27:29 ago Ours

© 2008 Juniper Networks, Inc. All rights reserved.

00:27:29 ago, expires in 00:32:31, sent 00:27:29 ago Ours © 2008 Juniper Networks, Inc. All rights

18

Build a NetworkType 4

192.168.20.1

Build a Network — Type 4 192.168.20.1 .1 192.168.16.1 .1 192.168.40.1 10.222.1.0/24 A r e a

.1

192.168.16.1

.1

Build a Network — Type 4 192.168.20.1 .1 192.168.16.1 .1 192.168.40.1 10.222.1.0/24 A r e a

192.168.40.1

10.222.1.0/24

Area 1

© 2008 Juniper Networks, Inc. All rights reserved.

Area 0

192.168.24.1

Networks, Inc. All rights reserved. Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24

10.222.28.0/24

Inc. All rights reserved. Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24 192.168.32.1

10.222.4.0/24

192.168.36.1 .2
192.168.36.1
.2

10.222.44.0/24

rights reserved. Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.36.1 .2 10.222.44.0/24 192.168.32.1 Area ? 1 9

192.168.32.1

Area ?

19

AS External LSA (Type 5)

Originated by ASBRs

Has domain scope

Describes networks external to the OSPF domain

Consists of the standard LSA header plus:

(4-byte) Network mask

(1-byte) E-bit followed by seven 0 bits

(3-byte) Metric

(4-byte) Forwarding address

(4-byte) External route tag

(4-byte) Optional ToS fields

© 2008 Juniper Networks, Inc. All rights reserved.

(4-byte) External route tag • (4-byte) Optional ToS fields © 2008 Juniper Networks, Inc. All rights

20

AS External LSA Example

user@host> show ospf database extern extensive

OSPF external link state database

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Extern *192.168.17.0

192.168.16.1

0x80000001 1919

0x2

0x3812 36

mask 255.255.255.0 Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0

Gen timer 00:00:32 Aging timer 00:28:01 Installed 00:31:59 ago, expires in 00:28:01, sent 00:31:58 ago

Ours

Extern

192.168.33.0

192.168.32.1

0x80000001 1878

0x2

0x1713 36

mask 255.255.255.0

Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0 Aging timer 00:28:42 Installed 00:31:15 ago, expires in 00:28:42, sent 00:31:15 ago

0x80000002 1287 0x2

mask 255.255.255.0 Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0

Aging timer 00:38:33 Installed 00:21:25 ago, expires in 00:38:33, sent 00:21:25 ago

0x80000001 1708 0x2

mask 255.255.255.0

Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0

Aging timer 00:31:34 Installed 00:28:25 ago, expires in 00:31:32, sent 00:28:25 ago

Extern

192.168.37.0

192.168.36.1

Extern

192.168.41.0

192.168.40.1

© 2008 Juniper Networks, Inc. All rights reserved.

192.168.36.1 Extern 192.168.41.0 192.168.40.1 © 2008 Juniper Networks, Inc. All rights reserved. 0xcc54 36 0x8693 36

0xcc54 36

0x8693 36

21

Build a NetworkType 5

192.168.17.0/24

192.168.20.1

Build a Network — Type 5 192.168.17.0/24 192.168.20.1 .1 192.168.16.1 .1 Area 0 192.168.24.1 10.222.28.0/24

.1

192.168.16.1

.1
.1

Area 0

192.168.24.1

192.168.20.1 .1 192.168.16.1 .1 Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.40.1 10.222.1.0/24 A r

10.222.28.0/24

10.222.4.0/24

.1 Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.40.1 10.222.1.0/24 A r e a 1 192.168.41.0/24

192.168.40.1

10.222.1.0/24

Area 1

10.222.4.0/24 192.168.40.1 10.222.1.0/24 A r e a 1 192.168.41.0/24 192.168.33.0/24 © 2008 Juniper Networks,

192.168.41.0/24

192.168.33.0/24

© 2008 Juniper Networks, Inc. All rights reserved.

© 2008 Juniper Networks, Inc. All rights reserved. 192.168.36.1 .2 192.168.37.0/24 10.222.44.0/24 192.168.32.1
192.168.36.1 .2
192.168.36.1
.2

192.168.37.0/24

10.222.44.0/24

2008 Juniper Networks, Inc. All rights reserved. 192.168.36.1 .2 192.168.37.0/24 10.222.44.0/24 192.168.32.1 Area ? 2 2

192.168.32.1

Area ?

22

NSSA External LSA (Type 7)

Originated by ASBR within the NSSA

Has same format as an AS external LSA (Type 5) Has area scope Describes networks external to the OSPF domain

Translated into an AS external LSA (Type 5) by the ABR

at the NSSA border

NSSA/Propagate bit in the options field indicates whether translation should take place

A value of 1 means translate and propagate

A value of 0 means do not translate

When multiple ABRs exist, the ABR with the highest RID

performs the translation

© 2008 Juniper Networks, Inc. All rights reserved.

ABRs exist, the ABR with the highest RID performs the translation © 2008 Juniper Networks, Inc.

23

NSSA LSA Example

user@host> show ospf database nssa extensive

OSPF link state database, area 0.0.0.2

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

NSSA

192.168.33.0

192.168.32.1

0x80000003 1639

0x8

0x7c19 36

mask 255.255.255.0 Type 1, TOS 0x0, metric 20, fwd addr 192.168.32.1, tag 0.0.0.0 Aging timer 00:32:47 Installed 00:27:12 ago, expires in 00:32:41, sent 1w5d 01:13:35 ago

© 2008 Juniper Networks, Inc. All rights reserved.

00:27:12 ago, expires in 00:32:41, sent 1w5d 01:13:35 ago © 2008 Juniper Networks, Inc. All rights

24

Build a NetworkType 7

192.168.17.0/24

192.168.20.1

Build a Network — Type 7 192.168.17.0/24 192.168.20.1 .1 192.168.16.1 .1 192.168.40.1 10.222.1.0/24 Area 1 ©

.1

192.168.16.1 .1
192.168.16.1
.1

192.168.40.1

10.222.1.0/24

Area 1

© 2008 Juniper Networks, Inc. All rights reserved.

Area 0

192.168.24.1

Networks, Inc. All rights reserved. Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.41.0/24 192.168.33.0/24

10.222.28.0/24

10.222.4.0/24

reserved. Area 0 192.168.24.1 10.222.28.0/24 10.222.4.0/24 192.168.41.0/24 192.168.33.0/24 192.168.36.1 .2

192.168.41.0/24

192.168.33.0/24

10.222.28.0/24 10.222.4.0/24 192.168.41.0/24 192.168.33.0/24 192.168.36.1 .2 192.168.37.0/24 10.222.44.0/24 192.168.32.1
192.168.36.1 .2
192.168.36.1
.2

192.168.37.0/24

10.222.44.0/24

192.168.41.0/24 192.168.33.0/24 192.168.36.1 .2 192.168.37.0/24 10.222.44.0/24 192.168.32.1 A r e a 2 NSSA 2 5

192.168.32.1

Area 2

NSSA

25

Opaque LSA (Types 911)

Allows for the future extensibility of OSPF

JUNOS software uses Type 9 for graceful restart capability

JUNOS software uses Type 10 for MPLS traffic engineering

Type 11 is currently not supported

The difference is in flooding scope

Type 9 has link-local scope

Type 10 has area scope

Type 11 has

domain scope

Consist of a standard LSA header followed by

application-specific information

OSPF or other applications can use information field directly

© 2008 Juniper Networks, Inc. All rights reserved.

• OSPF or other applications can use information field directly © 2008 Juniper Networks, Inc. All

26

LSA Flooding Scopes

Backbone

(0.0.0.0)

Area 0

LSA 1

Area 0

LSA 2

Area 0

LSA 5

Backbone (0.0.0.0) Area 0 LSA 1 Area 0 LSA 2 Area 0 LSA 5 Area 3

Area 3Backbone (0.0.0.0) Area 0 LSA 1 Area 0 LSA 2 Area 0 LSA 5 LSA 3

LSA 3 (0.0.0.0) Area 0 LSA 1 Area 0 LSA 2 Area 0 LSA 5 Area 3 Area

Area 0 LSA 1 Area 0 LSA 2 Area 0 LSA 5 Area 3 LSA 3

Area 3

LSA 5

Area 3 Area 3 LSA 1 LSA 2
Area 3
Area 3
LSA 1
LSA 2

Area 0

Area 0

LSA 4

LSA 3

Area 1

Area 1 Area 2

Area 2

LSA 3

LSA 3

Area 1

Area 2

LSA 3

LSA 3

Area 3

LSA 4

External

Routes

Injected

LSA 3 Area 3 LSA 4 External Routes Injected Area 1 Area 1 Area 2 Area

Area 1

Area 1

Area 2

Area 2

LSA 1

LSA 2

LSA 1

LSA 2

Area 0

Area 0

Area 0

Area 0

LSA 3

LSA 4

LSA 3

LSA 4

Area 2

Area 2 Area 3 Area 1 Area 3

Area 3

Area 1

Area 3

LSA 3

LSA 4

LSA 3

LSA 3 LSA 4 LSA 3 LSA 4

LSA 4

Area 3

Area 3

LSA 3

LSA 3

Area 0

Area 3

Area 0

Area 3

LSA 5

LSA 5

LSA 5

LSA 5

Area 1

Area 2

Area 0

Area 3

LSA 5

LSA 5

Area 3

© 2008 Juniper Networks, Inc. All rights reserved.

Area 3 LSA 5 LSA 5 Area 3 © 2008 Juniper Networks, Inc. All rights reserved.

External

Routes

Injected

27

Sample OSPF Database

user@host> show ospf database

OSPF link state database, area 0.0.0.0

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Router *192.168.16.1

192.168.16.1

0x80000004

177

0x2

0xd45b 60

Router 192.168.36.1

192.168.36.1

0x80000005

305

0x2

0xda47

60

Summary *10.222.1.0

192.168.16.1

0x80000002

412

0x2

0xfafa 28

Summary *10.222.29.0

192.168.16.1

0x80000002

631

0x2

0xbb1f 28

Summary *192.168.20.1

192.168.16.1

0x80000001

412

0x2

0x87c6 28

ASBRSum 192.168.32.1

192.168.36.1

0x80000001

240

0x2

0x3b07 28

OSPF link state database, area 0.0.0.1

 

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Router *192.168.16.1

192.168.16.1

0x80000007

39

0x2

0xcc62

60

Router

192.168.20.1

192.168.20.1

0x80000002

415

0x2

0xd7d9 48

Network 10.222.1.1

192.168.20.1

0x80000001

418

0x2

0x6a75 32

Summary *192.168.32.1

192.168.16.1

0x80000001

238

0x2

0xe96b 28

Summary *192.168.36.1

192.168.16.1

0x80000002

631

0x2

0xb19f 28

ASBRSum *192.168.32.1

192.168.16.1

0x80000001

238

0x2

0xdb78 28

ASBRSum *192.168.36.1

192.168.16.1

0x80000001

574

0x2

0xa5ab 28

OSPF external link state database

 

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Extern *192.168.17.0

192.168.16.1

0x80000001

631

0x2

0x3812 36

Extern

192.168.21.0

192.168.20.1

0x80000001

420

0x2

0x8693 36

Extern

192.168.33.0

192.168.32.1

0x80000001

590

0x2

0x1713 36

Extern

192.168.37.0

192.168.36.1

0x80000001

576

0x2

0xce53 36

© 2008 Juniper Networks, Inc. All rights reserved.

192.168.36.1 0x80000001 576 0x2 0xce53 36 © 2008 Juniper Networks, Inc. All rights reserved. 2 8

28

Shortest-Path-First Algorithm

Based on the Dijkstra algorithm

Link-state database Candidate database Tree database

Run on a per-area basis on each router

Independent calculation of the topology

Result is passed to the JUNOS software routing table

Decision as to whether or not the route is marked active is made there

© 2008 Juniper Networks, Inc. All rights reserved.

as to whether or not the route is marked active is made there © 2008 Juniper

29

SPF Example (1 of 6)

RTR-A

1 2 3 4 3 4 RTR-B RTR-C 1 2
1 2
3
4
3
4
RTR-B
RTR-C
1
2

RTR-D

© 2008 Juniper Networks, Inc. All rights reserved.

2 RTR-D © 2008 Juniper Networks, Inc. All rights reserved. Link-state (A, A, 0) (A, B,
Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)

30

SPF Example (2 of 6)

Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)

© 2008 Juniper Networks, Inc. All rights reserved.

C, 2) © 2008 Juniper Networks, Inc. All rights reserved. Candidate LS Entry Cost to Root
Candidate LS Entry Cost to Root (A, A, 0) 0
Candidate
LS Entry
Cost to Root
(A, A, 0)
0
Tree (A, A, 0) - 0
Tree
(A, A, 0) - 0
Juniper Networks, Inc. All rights reserved. Candidate LS Entry Cost to Root (A, A, 0) 0

RTR-A

Juniper Networks, Inc. All rights reserved. Candidate LS Entry Cost to Root (A, A, 0) 0

31

SPF Example (3 of 6)

Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)
A, 3) (B, D, 3) (C, A, 4) (C, D, 4) (D, B, 1) (D, C,

© 2008 Juniper Networks, Inc. All rights reserved.

Candidate LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A,
Candidate
LS Entry
Cost to Root
(A, A, 0)
0
(A, B, 1)
1
(A, C, 2)
2
LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A, C, 2)
LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A, C, 2)
Tree (A, A, 0) - 0 (A, B, 1) - 1
Tree
(A, A, 0) - 0
(A, B, 1) - 1

RTR-A

1
1

RTR-B

32

SPF Example (4 of 6)

Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)
Candidate LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A,
Candidate
LS Entry
Cost to Root
(A, A, 0)
0
(A, B, 1)
1
(A, C, 2)
2
(B, A, 3)
4
(B, D, 3)
4

© 2008 Juniper Networks, Inc. All rights reserved.

D, 3) 4 © 2008 Juniper Networks, Inc. All rights reserved. Tree (A, A, 0) -
D, 3) 4 © 2008 Juniper Networks, Inc. All rights reserved. Tree (A, A, 0) -
Tree (A, A, 0) - 0 (A, B, 1) - 1 (A, C, 2) -
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2

RTR-A

1 2 RTR-B RTR-C
1
2
RTR-B
RTR-C

33

SPF Example (5 of 6)

Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)
Candidate LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A,
Candidate
LS Entry
Cost to Root
(A, A, 0)
0
(A, B, 1)
1
(A, C, 2)
2
(B, A, 3)
4
(B, D, 3)
4
(C, A, 4)
6
(C, D, 4)
6

© 2008 Juniper Networks, Inc. All rights reserved.

D, 4) 6 © 2008 Juniper Networks, Inc. All rights reserved. Tree (A, A, 0) -
Tree (A, A, 0) - 0 (A, B, 1) - 1 (A, C, 2) -
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2
(B, D, 3) - 4
RTR-A
1
2
RTR-B
3
RTR-C

RTR-D

34

SPF Example (6 of 6)

Link-state (A, A, 0) (A, B, 1) (A, C, 2) (B, A, 3) (B, D,
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, B, 1)
(D, C, 2)
A, 3) (B, D, 3) (C, A, 4) (C, D, 4) (D, B, 1) (D, C,

© 2008 Juniper Networks, Inc. All rights reserved.

Candidate LS Entry Cost to Root (A, A, 0) 0 (A, B, 1) 1 (A,
Candidate
LS Entry
Cost to Root
(A, A, 0)
0
(A, B, 1)
1
(A, C, 2)
2
(B, A, 3)
4
(B, D, 3)
4
(C, A, 4)
6
(C, D, 4)
6
(D, B, 1)
5
(D, C, 2)
6
4 (C, A, 4) 6 (C, D, 4) 6 (D, B, 1) 5 (D, C, 2)
Tree (A, A, 0) - 0 (A, B, 1) - 1 (A, C, 2) -
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2
(B, D, 3) - 4

RTR-A

1 2 RTR-B 3 RTR-C
1
2
RTR-B
3
RTR-C

RTR-D

35

Controlling SPF Calculations

Three consecutive SPF runs can occur before a

mandatory hold-down occurs

Keeps the network stable during change 5-second timer is not configurable

A 200-millisecond delay is preconfigured between the

back-to-back SPFs

Altered with the spf-delay knob Possible values range from 50 to 1000 ms

[edit protocols ospf] user@host# set spf-delay 100

© 2008 Juniper Networks, Inc. All rights reserved.

50 to 1000 ms [edit protocols ospf] user@host# set spf-delay 100 © 2008 Juniper Networks, Inc.

36

OSPF Router ID

Each OSPF router selects a 32-bit value to use as its router ID

Populated within the LSAs sent out by each router

Uniquely identifies the router within the network

Used by the link-state database to run SPF

When rpd initiates, the primary interface of the router

is chosen as the source of the router ID

Normally the loopback interface when a non-Martian route IPv4 address is configured

You can set the RID explicitly within [edit

routing-options]

Stub route to RID is no longer advertised by default

[edit routing-options]

user@host# set router-id 192.168.1.1

© 2008 Juniper Networks, Inc. All rights reserved.

[edit routing-options] user@host# set router-id 192.168.1.1 © 2008 Juniper Networks, Inc. All rights reserved. 3 7

37

Advertising Your Loopback

Your loopback address is likely equal to your router ID

Occurs when a non-127/8 address is configured

JUNOS software automatically advertises the loopback address into the link-state database

When interface lo0 is not configured within OSPF, it is advertised within all router LSAs When interface lo0 is configured in a specific area, it is only advertised in the router LSA of that area

Stops when you set the RID with the router-id command

© 2008 Juniper Networks, Inc. All rights reserved.

area • Stops when you set the RID with the router-id command © 2008 Juniper Networks,

38

Graceful Restart (1 of 2)

A restarting router can ask its neighbors to not alter

their database

Restarting router must continue to forward packets The network topology must be stable The neighbors must support this functionality

Three modes of operation:

Restart candidate router Possible helper router Helper router

© 2008 Juniper Networks, Inc. All rights reserved.

candidate router • Possible helper router • Helper router © 2008 Juniper Networks, Inc. All rights

39

Graceful Restart (2 of 2)

Enabled globally within [edit routing-options]

routing-options { graceful-restart;

}

Four options to further control graceful restart operation

Grace LSA used for communications

Link-local opaque LSA format (Type 9)

lab@host> show ospf database link-local extensive

OSPF Link-Local link state database, interface at-0/2/0.0

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

OpaqLoc

3.0.0.0

192.168.20.1

0x80000001

29

0x22 0xdc4

36

Grace 210 Reason 1 Aging timer 00:59:31 Installed 00:00:26 ago, expires in 00:59:31

Change count: 0

© 2008 Juniper Networks, Inc. All rights reserved.

Installed 00:00:26 ago, expires in 00:59:31 Change count: 0 © 2008 Juniper Networks, Inc. All rights

40

Bidirectional Forwarding Detection

A protocol that provides millisecond-level failure detection of a neighboring router’s forwarding plane

Support for OSPF, IS-IS, and static routing

Support for RSVP-TE and LDP-signaled LSPs

Defined in draft-katz-ward-bfd, draft-katz-ward-bfd-v4v6-

1hop,

and draft-ietf-bfd-mpls

Enabled on a per-interface basis:

[edit protocols ospf area 0.0.0.0] user@host# show interface all {

bfd-liveness-detection {

minimum-interval 100;

}

}

interface fxp0.0 {

disable;

}

© 2008 Juniper Networks, Inc. All rights reserved.

{ minimum-interval 100; } } interface fxp0.0 { disable; } © 2008 Juniper Networks, Inc. All

41

OSPF Cost

Cost, or metric, of an interface indicates the overhead required to send packets out a particular interface Default OSPF cost for all links is 10 8 /bandwidth (bps)

Links with a bandwidth 100 Mbps have a cost of 1 Cost calculation results in a value <1, so it is rounded up

Cost can be set on a per-interface basis

[edit protocols ospf] user@host# show

area 0.0.0.0 {

interface so-0/0/0.0 {

metric 12;

}

interface at-1/0/1.100 {

metric 73;

}

}

© 2008 Juniper Networks, Inc. All rights reserved.

so-0/0/0.0 { metric 12; } interface at-1/0/1.100 { metric 73; } } © 2008 Juniper Networks,

42

Reference Bandwidth

You can change the 10 8 value in the cost calculation

Automatically alters the cost of interfaces

Allows for a consistent change across all interfaces

Use the reference-bandwidth command within [edit protocols ospf]

[edit protocols ospf] user@host# set reference-bandwidth 1g

[edit protocols ospf]

user@host# show

reference-bandwidth 1g;

area 0.0.0.0 { interface so-0/0/0.0 { metric 12;

}

interface at-1/0/1.100;

}

© 2008 Juniper Networks, Inc. All rights reserved.

{ interface so-0/0/0.0 { metric 12; } interface at-1/0/1.100; } © 2008 Juniper Networks, Inc. All

43

Effects of Altering Metrics

Metric values are advertised in Type 1 or Type 2 LSAs and populate link-state database As each router runs the SPF algorithm, each LSA is

examined individually for the cost of the outgoing

interface

The final metric calculation uses that cost

Routers can disagree about the cost on a network link

Can result in asynchronous routing in the network Hong Kong sees a cost of 45 to reach the Amsterdam router Amsterdam sees a cost of 60 to reach the Hong Kong router

Amsterdam sees a cost of 60 to reach the Hong Kong router 5 1 0 15
Amsterdam sees a cost of 60 to reach the Hong Kong router 5 1 0 15
Amsterdam sees a cost of 60 to reach the Hong Kong router 5 1 0 15
Amsterdam sees a cost of 60 to reach the Hong Kong router 5 1 0 15

5

10

15

20

25

30

Hong Kong

San Jose

Montreal

Amsterdam

© 2008 Juniper Networks, Inc. All rights reserved.

Hong Kong S a n J o s e M o n t r e a

44

OSPF Per-Area Authentication

Authentication occurs within an individual area

Three types are supported: none, simple, and MD5

Each interface requires an authentication key

Multiple interfaces can use the same key

Keys are always obfuscated in the configuration

By default, the authentication type is set to none

Effectively means no authentication is performed

Type simple uses a plain-text password

[edit protocols ospf] lab@Sydney# show area 0.0.0.20 {

authentication-type simple;

interface fe-0/0/2.0 {

authentication { simple-password "$9$vxr8X-Djqz39s24ZDjf5"; ## SECRET-DATA

}

}

}

© 2008 Juniper Networks, Inc. All rights reserved.

"$9$vxr8X-Djqz39s24ZDjf5"; ## SECRET-DATA } } } © 2008 Juniper Networks, Inc. All rights reserved. 4 5

45

MD5 Per-Area Authentication

Includes an encrypted checksum with all packets

Provides better security than type simple

Each interface requires an authentication key

Multiple interfaces can use the same key Keys are always encrypted in the configuration

Each key requires a key ID value ranging from 0 to 255

[edit protocols ospf]

lab@Sydney# show

area 0.0.0.20 {

authentication-type md5;

interface fe-0/0/2.0 {

authentication {

md5 30 key "$9$wc24ZzF/O1h"; ## SECRET-DATA

}

}

}

© 2008 Juniper Networks, Inc. All rights reserved.

{ md5 30 key "$9$wc24ZzF/O1h"; ## SECRET-DATA } } } © 2008 Juniper Networks, Inc. All

46

Interface Level Authentication

Different authentication types can be configured on a

per-interface basis

Omit authentication-type from the area hierarchy

Configure the authentication hierarchy under the interface Type simple uses the simple-password command MD5 authentication allows for multiple key ID values

Highest value used by default For easy transition, assign each key ID a start time

[edit protocols ospf area 0.0.0.1] lab@Sydney# show interface fe-0/0/0.0 {

authentication {

md5 1 key "$9$fQF/SyK7-w"; ## SECRET-DATA md5 2 key "$9$fQz69CuBRS" start-time 2006-7-4.17:07:06; ## SECRET-DATA

}

}

interface fe-0/0/1.0 { authentication {

simple-password "$9$ChkJpORreW-VYhSVYgojiAp0"; ## SECRET-DATA

}

© 2008 Juniper Networks, Inc. All rights reserved.

}

"$9$ChkJpORreW-VYhSVYgojiAp0"; ## SECRET-DATA } © 2008 Juniper Networks, Inc. All rights reserved. } 4 7

47

Verifying Authentication

Authentication information available with the show

ospf interface detail command

Type of authentication is displayed Key ID values shown if appropriate

user@host> show ospf interface detail

Interface

State

Area

DR ID

BDR ID

Nbrs

fe-0/0/2.0

DR

0.0.0.0

192.168.36.1

192.168.24.1

1

Type LAN, address 10.222.4.2, mask 255.255.255.0, MTU 1500, cost 1 DR addr 10.222.4.2, BDR addr 10.222.4.1, adj count 1, priority 128 Hello 10, Dead 40, ReXmit 5, Not Stub

 

Auth type MD5, Active key id 4, Start time 2003 Apr 14 11:05:00 UTC

fe-0/0/3.0

DRother 0.0.0.0

0.0.0.0

0.0.0.0

0

Type LAN, address 1.1.1.2, mask 255.255.255.0, MTU 1500, cost 1 adj count 0, priority 128

Hello 10, Dead 40, ReXmit 5, Not Stub

Auth type Password

© 2008 Juniper Networks, Inc. All rights reserved.

128 Hello 10, Dead 40, ReXmit 5, Not Stub Auth type Password © 2008 Juniper Networks,

48

Virtual Links

Virtual links can connect remote OSPF areas together

Used for an area not physically connected to the backbone Used for a discontiguous backbone

Configuration always occurs within area 0.0.0.0

Creates a virtual ABR out of the remote router

Tunnels OSPF protocol packets through a transit area Both ends must configure the link towards each other

Route summarization should not be performed over virtual links

Area 0
Area 0
Virtual Link Area 1
Virtual Link
Area 1
Area 2
Area 2
performed over virtual links Area 0 Virtual Link Area 1 Area 2 © 2008 Juniper Networks,
performed over virtual links Area 0 Virtual Link Area 1 Area 2 © 2008 Juniper Networks,
performed over virtual links Area 0 Virtual Link Area 1 Area 2 © 2008 Juniper Networks,
performed over virtual links Area 0 Virtual Link Area 1 Area 2 © 2008 Juniper Networks,

© 2008 Juniper Networks, Inc. All rights reserved.

performed over virtual links Area 0 Virtual Link Area 1 Area 2 © 2008 Juniper Networks,

49

Virtual Link Configuration

Configuration requires two values

The transit-area is the area to be tunneled through

The neighbor ID is the 32-bit router ID of the router at the far

end of the link

Virtual link appears as an operational OSPF interface

[edit protocols ospf]

user@host# show area 0.0.0.1 { interface fe-0/2/2.0;

}

area 0.0.0.0 {

virtual-link neighbor-id 192.168.0.1 transit-area 0.0.0.1;

}

[edit protocols ospf]

user@host# run show ospf interface

Interface

State

Area

DR ID

BDR ID

Nbrs

vl-192.168.0.1

PtToPt

0.0.0.0

0.0.0.0

0.0.0.0

1

© 2008 Juniper Networks, Inc. All rights reserved.

vl-192.168.0.1 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1 © 2008 Juniper Networks, Inc. All rights reserved. 5 0

50

Overload Settings

Used for transit traffic only if no other path is available

Sets metric to 65,535 in router LSA on all transit links Flooding of changed LSA causes SPF calculations in network

Can be set permanently or with a timeout value

Timer is between 60 and 1800 seconds

Timer only runs after RPD starts

[edit protocols ospf]

user@host# show

overload;

area 0.0.0.0 { interface so-0/0/0.0; interface ge-0/1/0.0;

}

user@host> show ospf database router extensive

OSPF link state database, area 0.0.0.3

Type

ID

Adv Rtr

Seq

Age

Opt

Cksum Len

Router 192.168.56.1 192.168.56.1

0x80000005

71

0x2

0x540b 60

id 192.168.48.1, data 10.222.61.1, type PointToPoint (1)

TOS count 0, TOS 0

metric 65535

© 2008 Juniper Networks, Inc. All rights reserved.

type PointToPoint (1) TOS count 0, TOS 0 metric 65535 © 2008 Juniper Networks, Inc. All

51

Prefix Limits for External Routes

JUNOS software built to handle large numbers of

external routes (Type 5 LSAs)

You normally do not want Internet routes in OSPF

Usually occurs due to configuration mistake Can leave a portion of your network unusable

Limit can be placed on the number of routes allowed

using a routing policy

Type 5 LSAs purged when the limit is reached

Overload state initiated when the limit is reached

Requires manual action to correct the problem

[edit protocols ospf]

user@host# show

prefix-export-limit 500;

area 0.0.0.0 { interface so-0/0/0.0;

interface ge-0/1/0.0;

}

© 2008 Juniper Networks, Inc. All rights reserved.

500; area 0.0.0.0 { interface so-0/0/0.0; interface ge-0/1/0.0; } © 2008 Juniper Networks, Inc. All rights

52

Multiarea OSPF Configuration

Configured at the [edit protocols ospf]

hierarchy level

Each area is listed along with the interfaces associated with that area:

protocols {

ospf { area area-id {

interface interface-name;

interface interface-name;

interface interface-name;

}

area area-id {

interface interface-name;

}

area area-id {

interface interface-name;

}

}

}

© 2008 Juniper Networks, Inc. All rights reserved.

; } area area-id { interface interface-name ; } } } © 2008 Juniper Networks, Inc.

53