1 What is OSPF in Networking – Basic OSPF Explained

1.OSPF Advantages and Disadvantages in Detail

1.1.1 Advantages of OSPF

1.1.2 Some Minor Drawbacks of OSPF

1.2 How does OSPF work?

1.3 Why an OSPF router forms a neighbor relationship with another OSPF router?

1.4 How a router forms an OSPF neighbor relationship?

1.5 OSPF Message Format

1.6 OSPF Hello Protocol

7. What is OSPF Hello-Interval?

8. What is Router Dead-Interval?

9. Can we change the Hello-Interval and make

it faster?

10.I will discuss other OSPF Topics in Upcoming Posts

1.11 Conclusion

What is OSPF in Networking –

Basic OSPF Explained
OSPF, or Open Shortest Path First, is a link-state routing protocol for Internet Protocol (IP) networks. It uses the shortest path first (SPF)
routing algorithm, is an Interior Gateway Protocol (IGP), and is used within Autonomous Systems (ASes).

In OSPF, each router maintains a complete map of the network topology. When a change occurs in the network, such as when a link goes
down or comes back up, each router updates its map accordingly and then calculates the shortest path
 to every destination using Dijkstra’s algorithm. The resulting paths are then stored in the form of routing table entries and used to
route packets accordingly.

OSPF has an Administrative Distance (AD) of 110 and uses a cost metric to determine the best route. The cost is calculated based
on the bandwidth of the link. The lower the bandwidth, the higher the cost. Therefore, a lesser cost is always preferred.

OSPF is a widely used routing protocol, especially in large enterprise networks. It is also used as a base routing protocol or as a
network backbone in some service provider networks. Most major router vendors, including Cisco, Juniper, etc., support OSPF.

OSPF is one of the oldest link-state routing protocols among the Interior Gateway Protocols (IGPs). The OSPF Working Group of
the Internet Engineering Task Force (IETF) developed it in the mid-1980s.

OSPF was initially developed in RFC 1131 and has been updated several times since then. Its latest specifications are in RFC 2328.

OSPF ADVANTAGES AND DISADVANTAGES IN DETAIL

ADVANTAGES OF OSPF
 OSPF is a standard IGP protocol that is easy to configure and widely known and accepted among network engineers in enterprise networks and service
provider networks.
 OSPF supports IPv4 and IPv6 both.
 OSPF supports plain text and MD5 authentication.
 OSPF supports multiple areas, providing improved network scalability, easier troubleshooting, and reduced routing traffic.
 OSPF offers fast convergence times, high scalability, and robustness compared to distance vector protocols like RIP.
 In addition to calculating routes, OSPF provides automatic fault detection and recovery capabilities, making it ideal for large enterprises.
 OSPF can improve your network’s speed and performance, especially for larger LANs or WANs.
 OSPF uses VLSM and discontiguous networks.
 You can manually summarize OSPF interarea routes at the ABR or ASBR.
 Open Short Path First (OSPF) uses small hello packets to verify links first and ignores transferring large tables, which reduces traffic.
 OSPF supports route tagging: Routes can be tagged to ease interoperability with arbitrary values.
 Open shortest path first (OSPF) can route packets according to their ToS (Type of Service) field.

SOME MINOR DRAWBACKS OF OSPF

 OSPF requires more configuration than other protocols like RIP or static routes.
 It is a more complicated protocol to understand and master than other simpler routing protocols like RIP.
 OSPF is a processor-intensive protocol, and you might need a router with a good amount of RAM before thinking of deploying OSPF in your
network.
 It maintains multiple copies of routing information, which is why it uses more memory.
 Adding more routers to the routing domain doesn’t scale well, especially when using MPLS and other technologies on top of OSPF.
In my opinion, you can easily overcome these cons by carefully designing/planning networks and having a robust
router.

How does OSPF work?

When configured, OSPF will listen to neighbors and collect all link state information available to build a topological map of
all available paths within its network. Then it stores the information in its topological database, the Link State Database
(LSDB).

After gathering the necessary information, it will calculate the shortest paths to each reachable subnets/network using a
Shortest Path First (SPF) algorithm.

OSPF creates three tables to store the routing information:

Neighbor Table: This table contains all discovered OSPF neighbors with which OSPF will exchange routing information.

Topology Table: It contains the entire route map of the network with the available OSPF routers as well as the calculated
best and alternative paths between any two nodes.

Routing Table: Contain the best current routes that OSPF will use to route data traffic between neighbors.

Why an OSPF router forms a neighbor relationship with another OSPF

router?
OSPF forms neighbors for two primary reasons:
 To discover all
possible/available paths
between two nodes through To ensure reliable transmission
which traffic might flow. Later, of routing information
this information is used to find throughout the network.
the best (shortest) path
between two routers.
How a router forms an OSPF neighbor relationship?
 OSPF uses a three-way handshake process to form neighbors; let
us understand this with the below example:-

• Router-1 and Router-2 have both been configured for OSPF. (And simplicity, let’s assume this is a point-to-point OSPF network.)
• Router-1 sends a Multicast (224.0.0.5) Hello to Router-2.
• Router-2 responds to the Hello to the Router-1 if all parameters (mentioned below) are matched properly.
• Router-1 also responds to the Hello message of Router-2.
• Then OSPF neighborship goes through multiple OSPF states, forms neighborship, and exchanges their OSPF Database.
• OSPF neighborship turns into Full-state.
•These parameters should match to form the OSPF neighborship:-

• The OSPF area ID

• The OSPF area type
• The link maximum transmission unit (MTU)
• The Hello interval
• The dead interval
• The OSPF link type (point to point, broadcast, and so on)
• Network masks (except Point-point links)
•The Hello packets are used to maintain neighbor relationships between routers. The OSPF neighbor is reset if a Hello packet is not received from a specific OSPF neighbor router at least once each dead
interval.

•On Cisco routers, the OSPF hello timer is set to 10 seconds and the dead interval to 30 seconds. However, some implementations allow the OSPF dead time to be set to one second (or even less) with
correspondingly short dead times.

•OSPF Message Format

•Fields in an OSPF message format are mentioned below:

• Type: 8-bit field used to identify the OSPF packet type.

• Version: 8-bit field used to specify the OSPF protocol version.
• Message: 16-bit field that defines the total length of the message, including the header.
• Source IP address: IP address of the source router from which the packets are sent.
• Area identification: OSPF area ID where routing is happening.
• Checksum: Used for error detection and correction.
  The discovery of neighbors, including the advertisement of parameters
required for two routers to become neighbors. • Authentication type: Two types of
 Sending keepalives between OSPF neighbors. authentication, 0 and 1. 0 means no
 Election of DR (Designated Router) and BDR (Backup Designated Routers) authentication, and 1 means password-
on Broadcast and NBMA networks. based authentication.
The OSPF Hello packet contains all critical information about the originating • Authentication: 32-bit field that
router, including:-
contains the real authentication data,
 The router ID, area ID, and address mask, like passwords.
 Authentication type and information,
 Hello-interval and Dead-interval, •OSPF Hello Protocol
 Router priority,
 DR and BDR information (not applicable on point-to-point networks) •There are six packet types in OSPF, including
 Five flag bits for optional capabilities. Hello protocol, Database Description Packet,
 The hello packet also contains router IDs of the originating router’s Router Advertisement, Link State Request, Link
neighbors. state Update, and Link State Acknowledgment.
Although all the above parameters do not need to match to become neighbors,
I have already discussed those required parameters to establish neighborship
in the OSPF neighbor section above. •We will discuss the OSPF Hello protocol in this
article.
What is OSPF Hello-Interval?

OSPF-speaking routers communicate with each other by periodically sending a •A Hello packet play several roles in OSPF. They
hello packet out of each OSPF-enabled interface. are responsible for:-
The default hello-interval is 10 seconds for broadcast networks and 30 seconds for non-broadcast networks.

The hello-interval can be configured on a per-interface basis with the “ip ospf hello-interval” command.

What is Router Dead-Interval?

The time after which a router will declare a neighbor down is called the dead interval. It usually does when it does not
receive any hello in response from a neighbor and the dead-interval timers expire.

The default dead-Interval is four times the hello-interval, but you can change it with the command “ip ospf dead-
interval.”

Can we change the Hello-Interval and make it faster?

One answer is the Fast-Hello packets, which configure OSPF to send hello packets within 1 second. But keep in mind that
this might be taxing on routers.

I would instead recommend BFD (Bi-Directional Forwarding Detection). BFD is a lightweight protocol and does the job
better than fast-hellos.

But in case you want to configure fast hellos:-

 Use “ip ospf dead-interval min hello-multiplier 10” – This will send 10 hello packets every 1 second with an interval of 100
ms.

I will discuss other OSPF Topics in Upcoming Posts.

 OSPF States
 Types Of OSPF Routers
 OSPF LSA Types
 OSPF Area Types
 OSPF Network Types
 OSPF Virtual Link
  OSPF Path Selection Process
 OSPF DR and BDR
 OSPF Authentication
 OSPF Configuration
 OSPF Troubleshootin
 OSPF Interview Questions

Conclusion
In conclusion, OSPF is a robust link-state routing protocol widely used in enterprise networks to improve the efficiency of
network communications. It has several advantages, including its ability to form neighbors and its support for multiple
areas, which can be very useful in larger networks. However, it also has some disadvantages, including its complexity and
the need for careful configuration.

Table Of Contents
1. The OSPF Neighbor States Explained with Infographic
o OSPF states Infographic
o What are the OSPF states, and why are they important to understand?
o Down State
o Attempt State
o Init State OSPF states Explained
o 2-Way State [with Infograhic]
o Exstart State
o Exchange State
o Loading State
o Full State
o OSPF Packet Types
 o What are DDP-Database Description Packets (type 2) or DBD (Data Base Descriptors)?
o What are LSR-Link State Request packets (type 3)?
o What are LSU-Link State Update packets (type 4)?
o What are LSAck-Link State Acknowledgement packets (type 5)?
o Conclusion

The OSPF Neighbor States Explained with Infographic

I recommend you read my previous blog post about OSPF and how it works first. This article will help you
understand different OSPF states and the importance of forming and maintaining OSPF neighbors. Let us get
started.

Let me give you an OSPF primer before we begin.

Open Shortest Path First (OSPF) is a link-state routing protocol that uses the Shortest Path First algorithm to discover the
best route between the source and the destination network. It is an Interior Gateway Protocol (IGP) and is designed to
work within an autonomous system.
OSPF has its own transport protocol number 89 and an Administrative Distance(AD) value of 110. OSPF uses multicast
address 224.0.0.5 for normal communication and 224.0.0.6 for updating Designated Router(DR) and Backup Designated
Router(BDR).

OSPF states Infographic

What are the OSPF states, and why are they important to understand?
OSPF states are the different stages an OSPF-enabled router goes through when initializing and establishing an OSPF
connection before it becomes fully adjacent to its neighbors.

There are eight states, and each has a specific purpose.

  Down
 Attempt
 Init
 2Way
 Exstart
 Exchange
 Loading
 Full
Understanding the different OSPF states is important because it can help troubleshoot problems with OSPF connections.
For example, if you see that two devices are in the down state, you know that there is no OSPF adjacency between them,
and you can begin to troubleshoot the problem.

Let us look into each state in detail.

1
Down State
As the name suggests, in the Down state, the OSPF-enabled router has no information about any other OSPF routers and
does not participate in the OSPF routing process.

This is the initial state of a neighbor, and it indicates that no hellos are heard from its neighbor till the dead interval has
expired.

If a neighbor goes into the DOWN state, the link state retransmission, database summary, and link state request lists are
cleared.
2
Attempt State
An OSPF attempt state is valid only for neighbors manually configured on NBMA networks.

Instead of sending packets to neighbors every poll interval, routers send packets to neighbors at the hello intervals. The
local router will send a unicast Hello packet to the neighbor in the set hello interval if it has not yet received a hello packet
from that neighbor.
 3
Init State
When a router is in the Init state, it is aware of the presence of another router but lacks sufficient information to exchange
routing updates with it.

In other words, when an OSPF router gets a hello packet but the local router ID isn’t specified in the received Neighbor
field, it enters the Init state. This means that during the last router dead-interval, the router received a Hello packet from
the neighbor, but 2-way communication has not yet been established.
4
2-Way State
In a 2-way state, the router knows enough about the other router to exchange routing updates, but the other router hasn’t
learned enough about this router to do the same.

This indicates that a two-way dialogue has been formed between two routers because its own router ID is visible in the
neighbor field of a neighbor’s Hello packets.

At this point, you can say that two OSPF-enabled routers are officially OSPF neighbors, but there are still many more
things to learn, like databases.

One thing to note here is that neighbors must be in a 2-way state or higher to be elected as the OSPF DR or BDR on
multi-access networks.
5
Exstart State
ExStart state is the first step in the adjacency formation process; the local router and its neighbor determine which router
is responsible for synchronizing the database.

Furthermore, to exchange Data Descriptor Packets (DDPs), an OSPF router will establish a Master/Slave connection
between itself and its neighbor.
The master is the neighbor with the highest router ID.

Please note: DDP (Data Descriptor Packets), short for DD or DBD (Data Base Descriptors), are all the same packet types
used to summarize database contents.
6
Exchange State
An OSPF router exchanges Data Descriptor Packets(DDPs) between the local router and its OSPF neighbor in the Exchange
state.

The router delivers DDPs to neighbors that summarize its whole link state database.

Link-state request packets can also be sent by the router to neighbors in this state, asking for more recent LSAs.

7
Loading State
In the loading state, OSPF routers send and receive Link State Requests (LSR) and Link State Updates (LSU) containing all
Link State Advertisements(LSA). These updates are based on neighbors’ DDP or Data Base Descriptors (DBD).

Link State Updates (LSUs) are envelopes that contain all of the Link State Advertisements (LSAs) that have been sent to
OSPF neighbors with fresh updates or new networks learned.
8
Full State
The full state is the normal functional state of OSPF, which signifies that everything is operating normally. This means all
router and network Link State Advertisements (LSAs) are exchanged periodically, and the databases of all routers are fully
synced.
It is important to note that for Broadcast networks and NBMA media, routers will only attain Full State with their DR and
BDR routers. However, for point-to-point and point-to-multipoint networks, a router should be in a full state with every
surrounding router.

OSPF Packet Types

There are six different types of packets in the OSPF protocol:

1. Hello Packet: Used to establish a connection between the routers.

2. Database Description Packet: Sent from one router to another to describe how to route traffic to the destination.

3. Router Advertisement: A router sends this packet to announce itself to the rest of the world.

4. Link State Request: Used to request routes from a remote router.

5. Link State Update: Used to inform the local router about changes in the network topology.

6. LSAck: Link State Acknowledgement packets (type 5)

In my last post, I discussed the Hello packet, which is essential to discover a neighbor; in this post, we will discuss the rest
of the packet types used to build adjacency between OSPF neighbors.

The adjacency building process uses four OSPF packet types.

What are DDP-Database Description Packets (type 2) or DBD (Data Base

Descriptors)?
These packets are used to carry a brief description or summary of each LSA in the link state database of the originating
router. However, these descriptions are only partial LSAs.
Three flags govern the adjacency-building process in the DDP:

First, I-bit, or Initial bit, denotes the initial DDP transmission when set.

When the M-bit, or More bit, is set, it indicates that this is not the final DDP transmission.

The MS-bit, also known as the Master/Slave bit, is set in the DDP sent by the master.

What are LSR-Link State Request packets (type 3)?

After two OSPF neighbor routers have exchanged all of their DD packets, each router has a complete list of LSAs known by
its neighbor. Then, any outstanding LSA can be requested.

The router analyses the sequence number of the LSA header received from the neighbor to determine if the neighbor has
a more current version of the LSA. If the sequence number is greater than its own, the router recognizes that the neighbor
has the latest version of the LSA and sends an LSR (Link State Request) packet to the neighbor to request one or more
LSAs.

What are LSU-Link State Update packets (type 4)?

A neighbor responds with an LSU (Link State Update) packet after receiving an LSR packet. Both routers are in the loading
state during this process. When the procedure is complete, the state is changed to “Full.”

What are LSAck-Link State Acknowledgement packets (type 5)?

The LSU can either be acknowledged by sending the identical LSU packet back to the transmitting router, called Implicit
Acknowledgment, or by sending an LSAck packet, which refers to Explicit Acknowledgment.

Due to the acknowledgment of received update packets, transmitting LSR/LSU packets is a reliable procedure.

Furthermore, all LSAs sent in update packets must be individually acknowledged by one of two means:
Quick Tip:-LSA (Link State Advertisement) and (Link State Acknowledgement)are two different packet types.

Conclusion
This post has covered different OSPF states and packet types used to establish OSPF adjacency. Knowing these concepts
will not only help you troubleshoot OSPF-related issues like a neighbor not coming up and out-of-sync OSPF databases,
but it will also help you design better networks.

Table Of Contents
1. OSPF Link State Advertisements – All 11 OSPF LSA Types Explained
o What is OSPF Link State Advertisement(LSA)?
o OSPF LSA Types Explained – 11 Types of LSA
o 1. What is a Type 1 LSA or OSPF Router LSA?
o 2. What is a Type 2 LSA or OSPF Network LSA?
o 3. What is a Type 3 LSA or OSPF Network Summary LSA?
o 4. What is a Type 4 LSA or OSPF ASBR Summary LSA?
o 5. What is a Type 5 LSA or OSPF AS External LSAs?
o 6. What is a Type 6 LSA or OSPF MOSPF LSA?
o 7. What is a Type 7 LSA or OSPF NSSA External LSAs?
o 8. What is type 8 LSA?
o 9. What is an Opaque LSA – Type 9,10 and 11?
o How to protect OSPF link-state Database from overload?
o How can you slow down OSPF LSA updates during times of network instability?
o What are different OSPF LSA types? -OSPF LSA Types Summary
o Conclusion

OSPF Link State Advertisements – All 11 OSPF LSA Types

Explained
An important part of OSPF is the Link State Advertisements (LSAs). LSAs are generated by every router in the AS and
contain information about the router’s links and connected networks. Other routers then use this information to calculate
the best route to a destination. There are different OSPF LSA types, each with a different purpose and function. In this
blog post, I will dig deep into all LSA types, explaining what they do and how to use appropriate commands to check
them.

A Quick Recap on OSPF:

OSPF (Open Shortest Path First) is an Internet Protocol (IP) based network dynamic ruting protocol. It is categorized as
an Interior Gateway Protocol (IGP) because of its application within a single autonomous system (AS) and its usage of a
link state routing (LSR) algorithm to calculate the shortest paths to a destination.

Check out my previous article about OSPF states.

What is OSPF Link State Advertisement(LSA)?

Link State Advertisement (LSA) is the basic building block that makes up the link state database in OSPF. Every OSPF-
enabled router generates LSA, which contains information about the bandwidth, link’s cost, MTU, ip subnet details, link
color, etc., of the router’s links and neighbors. The router uses this information to calculate the best path to each
destination in the network.

LSAs are flooded throughout the OSPF network, so all routers can view the network topology consistently. When a router
receives an LSA, it updates its link state database with the new information.

The router will add this information to its database if the LSA contains information about a new link or neighbor. Likewise,
if the LSA contains updated information about an existing link or neighbor, the router will update its database accordingly.

The OSPF routing protocol uses a link state database (LSDB) to store LSAs. The OSPF routing algorithm uses the link state
information contained within LSAs to calculate the shortest path to each reachable destination.

Because LSAs age over time, they are stored for a certain amount of time (Max-age 1 hour) before being removed from
the link state databases.
Refreshing the LSA (LSRefresh Time) with an increased sequence number and an age of zero is performed every 30
minutes by the router that created the LSA.

OSPF LSA Types Explained – 11 Types of LSA

There are 11 types of LSA in OSPF, as described in RFC 2328, and we will dive deep into each type of LSA.

There are 11 different OSPF LSA types:

1. LSA Type 1 – Router LSA

2. LSA Type 2 – Network LSA
3. LSA Type 3 – Summary LSA
4. LSA Type 4 – ASBR Summary LSA
5. LSA Type 5 – External LSA
6. LSA Type 6 – Multicast LSA
7. LSA Type 7 – NSSA External LSA
8. LSA Type 8 – Link-local LSA
9. LSA Type 9 – Opaque LSA
10. LSA Type 10 – Opaque LSA
11. LSA Type 11 – Opaque LSA
 and 3

1. What is a Type 1 LSA or OSPF Router LSA?

The OSPF Router LSA (LSA Type 1) includes information regarding locally connected links and neighbors with which a
router has a direct and full neighborship.

Each router produces its own LSA, which is sent between routers within the same area and does not leave the area of
origin.

These intra-area routes are displayed as “O” routes when you do “show ip route OSPF.”

This information includes the router’s ID, the cost of the links connected to the router, the router’s neighbors, and
other
information. Other routers use this network information to build their routing table.

You can check Type 1 LSAs on Cisco routers by the command “show ip OSPF database router.”

2. What is a Type 2 LSA or OSPF Network LSA?

DRs (Designated Routers) generate type 2 LSAs on every multi-access network to describe the attached routers, including
themselves.

Like router LSAs, network LSAs only have an intra-area flooding scope.

You can use “show ip OSPF database network” on Cisco routers to check type 2 LSAs.

3. What is a Type 3 LSA or OSPF Network Summary LSA?

A Type 3 LSA, or OSPF Network Summary LSA, is generated by an Area Border Router and has an inter-area flooding
scope.
 The OSPF network summary LSA Type 3 packets are sent to These routes are displayed as You can use “show ip OSPF
LSAs are transmitted to a single multiple areas in the network “O*IA” routes when you do database summary” on Cisco
area to advertise destinations by using summary prefixes. “show ip route OSPF.” routers to check type 3 LSAs.
(including a default route, if This makes OSPF more
configured) outside that area scalable.
but remain within the OSPF
autonomous system.
4. What is a Type 4 LSA or OSPF ASBR Summary LSA?
Area Boundary Routers (ABRs)
generate LSA Type 4 and are similar to Network Summary LSAs, except that they advertise the location of an ASBR, not
any network.

This LSA is never propagated beyond the borders of the AS and is flooded with inter-area. They also provide information
about the router, which is doing redistribution.

You can use “show ip OSPF database asbr-summary” on Cisco routers to check type 4 LSAs.

5. What is a Type 5 LSA or OSPF AS External LSAs?

Type 5 LSAs are External LSAs generated by ASBRs and have an autonomous system-wide flooding scope. They describe
routes to networks external to the OSPF AS, including an external default route.

And because they provide information external to OSPF AS, they are not associated with any area.

These routes are displayed as ‘O*E1’ or ‘O*E2’ routes when you do “show ip route OSPF.”

You can use the show command “show ip OSPF database external” on Cisco routers to check type 5 LSAs.

An important thing to note for this LSA is that an OSPF external route cannot be the next hop of another OSPF external
route.

6. What is a Type 6 LSA or OSPF MOSPF LSA?

The Multicast Open Shortest Path First (MOSPF) protocol generates Type 6 LSAs. MOSPF is an extension to the OSPF
routing protocol that allows it to support multicast routing.

Type 6 LSAs contain information about the multicast capabilities of the router that generated them.
Cisco and other network vendors no longer support MOSPF.

It is rarely used and will likely be phased out soon.

OSPF LSA

Type 7

7. What is a Type 7 LSA or OSPF NSSA External LSAs?

ASBRs generate OSPF NSSA External LSAs within an NSSA or Not So-Stubby Area. They are almost the same as Type 5
LSAs, except they can only be flooded within an NSSA area.

LSA Type 7 is used in special area types that don’t allow external distributed routes and stop LSA Type 5 packets from
flooding through them. LSA Type 7 packets act as a shield for LSA Type 5 packets, letting them move through these
special areas and get to the ABR, which can turn LSA Type 7 packets back into LSA Type 5 packets.

These routes are displayed as ‘O*N 1’ or ‘O*N2’ routes when you do “show ip route OSPF.”

You can use “show ip OSPF database nssa-external” on Cisco routers to check type 7 LSAs.
8. What is type 8 LSA?
9. What is an Opaque LSA – Type 9,10 and 11?
It was originally intended for transit
A Type 8 LSA is used to deliver Gateway Protocol to be utilized as an
AS(Autonomous Systems), where
information about link-local addresses “External-Attributes-LSA” in OSPFv2
OSPFv2 may take the role of the
and a list of IPv6 addresses on the link. (iBGP).
internal Border

LSA Type 5 carries BGP destinations,

An Opaque LSA (Type 9, 10, or 11) is
and their BGP characteristics are added
used to carry extra information about The Type 9 LSA is used for two
in LSA Type 8 in these networks.
OSPF upgrades for application-specific purposes: to advertise prefixes for stub
Unfortunately, it was never
use cases. The information carried in and transit networks and to support
standardized for OSPFv2 and was never
an Opaque LSA is dependent on the IETF NSF (Non- Stop Forwarding).
supported by most OSPFv2
Opaque type.
implementations.

Typically, 10 LSAs are used for traffic

engineering (MPLS-TE) extensions to
Type 10 Opaque LSAs contain extended Type 11 packets do the same thing as
OSPF for creating the Traffic
information that should be flooded by LSA Type 10 packets but are not
Engineering Database (TED). This
other routers, even if the router flooded into special area types (Stub
allows for more accurate routing by
cannot understand the extended areas). This makes it easier to make
flooding extra information about links
information itself. better use of network resources.
beyond just their metric, such as link
bandwidth and color.

How to protect OSPF link-state

Database from overload?
You can use the “max-lsa” command to limit the number of non-self-generated LSAs for a given OSPF process, preventing
excessive LSAs generated by other routers in the OSPF domain from draining the CPU and memory resources of a router.

Use caution as this might cause issues in the OSPF process.

Configured under router OSPF.

Router OSPF 1

max-lsa –>>type ? to check all the options available.

How can you slow down OSPF LSA updates during times of network
instability?
You can use OSPF LSA throttling (configured with “timers throttle lsa all”) to slow down LSA updates during times of
network instability. It also allows for faster OSPF convergence by providing LSA rate limiting in milliseconds.

Use caution as this might cause issues in the OSPF process.

Configured under router OSPF.

Router OSPF 1

timers throttle lsa all –>>type ? to check all the options

available.
 OSPF LSA
Types Explained with Infographic Cheat Sheet

What are different OSPF LSA types? -OSPF LSA Types Summary
Let us recap.

 Type 1 – Router LSA: Information regarding locally connected links and neighbors with which a router has a direct and full
neighborship.
 Type 2 – Network LSA: DRs (Designated Routers) generate type 2 LSAs on every multi-access network to describe the
attached routers, including themselves.
 Type 3 – Summary LSA: Is generated by an ABR (Area Border Router) and has an inter-area flooding scope.
 • Type 4 – Summary ASBR LSA: Area Boundary Routers
(ABRs) generate LSA Type 4 and are similar to Network
Summary LSAs, except that they advertise the location of
an ASBR, not any network.
• Type 5 – External LSA: Type 5 LSAs are External LSAs generated
by ASBRs and have an autonomous system-wide flooding
scope. They describe routes to networks external to the OSPF
AS, including an external default route.
• Type 6 – Multicast LSA: Not supported by Cisco and other
vendors and not used.
• Type 7 – External LSA: ASBRs generate OSPF NSSA External LSAs
within an NSSA or Not So-Stubby Area. They are almost the
same as Type 5 LSAs, except they can only be flooded within an
NSSA area.

•Conclusion

•We have discussed different OSPF LSA types in this article, used to
share different types of routing information between OSPF-enabled
devices. Ensure you understand all the types thoroughly, as the OSPF
routing process depends highly on LSA propagation, generation, and
reception.

•We will put the knowledge from this article into practical use in the
upcoming OSPF area configuration article. If you want to get this content
ahead of time, subscribe to one of our free newsletters.

• What are the OSPF Area Types?

• Why do we need OSPF Areas?
• What are the rules of OSPF Area types?
• OSPF Area Types-Explained with Infographics
• 1. Standard Area:
• 2. Backbone Area:
• 3. Stub Area
• 4. Totally Stubby Area:
• 5. Not so Stubby Area (NSSA):
• 6. NSSA Totally Stub Area:
• Single Area OSPF
• Multi-Area OSPF
• The difference between a single-area OSPF design and a
multi-area OSPF design:
• Conclusion
 o Further Study

What are the OSPF Area Types?

In my last post, we discussed OSPF building blocks, aka OSPF LSA Types. This blog post will explain what OSPF area
types are, why we need them, their benefits, how they work, and how to configure them in your network.
Let’s take a quick look at OSPF, and then we will dive straight into OSPF area types.

OSPF(Open Shortest Path First) is a link-state dynamic routing protocol that provides the shortest path between two routers
within an autonomous system.

OSPF exchanges network topology information using control packets called Link State Advertisements (LSAs). These LSAs
contain information such as the link’s cost, the number of hops required to reach each destination, and the bandwidth
available at each node. This information enables routers to calculate the shortest paths through the network.

Why do we need OSPF Areas?

The primary reason for using multiple OSPF areas is to limit the amount of routing information exchanged between OSPF
routers. By dividing the OSPF network into multiple areas, the routers only exchange summary information about the routes
in the other areas rather than exchanging the entire routing table.

Adding OSPF areas can significantly reduce the bandwidth used for routing updates and the time required to process the
updates.

There are a few reasons why you might need to configure multiple OSPF areas: –

 Your router may not be able to handle a large number of routers in one area. Your device vendor’s documentation
suggests dividing the routers into OSPF areas after a certain number has been added to a single area.
 To control the movement of OSPF LSAs across the OSPF network.
 To divide the network into logical groups or subnets. We can define these areas based on geographical locations,
business units, departments, etc.
 To improve network stability and performance.
 To reduce the size of the full routing table.
 To reduce the amount of OSPF traffic on the network.
  To isolate problems to a specific area.
 To create a hierarchy of networks, with each area representing a different level in the hierarchy. These hierarchies or
areas can make it easier to manage the network and control traffic flow between other areas.

What are the rules of OSPF Area types?

Some of the OSPF Area rules are :

 If you only need a single area network, it does not have to be area 0. For example, you can use area 1.
 All areas must have a direct physical connection to the backbone (OSPF Area 0); hence a backbone area is required
if there is more than one area.
 Routers belonging to two different areas should always communicate through area 0.
 There are some limitations on how many routers you put in a single area; please check vendor-specific documents
for this limit.
 Routers in the same area should communicate directly with each other but not with any router outside the area.
 A router’s single interface can only belong to one area.
 If a router has multiple interfaces, then each interface can belong to a different area.
 All routers in a STUB or NSSA area must agree on the STUB or NSSA flag.

OSPF Area Types-Explained with Infographics

There are mainly six types of different OSPF Area types; these are:-

1. Standard/Normal Area
2. Backbone Area
3. Stub Area
4. Totally Stubby Area
5. Not So Stubby Area (NSSA)
6.NSSA Totally Stubby Area
Let us understand each in detail.
1. Standard Area:

A standard area in the OSPF network is any normal area other than Area 0, which allows LSA 1 through 5.

If you have two areas in your OSPF network, one area must be the backbone area (area 0), and the other can be a standard
area.

Features of an OSPF Standard area are:-

 It allows LSA 1 through 5.

 It must connect directly to Area 0. However, you can use virtual links to accomplish this if direct links are not
possible to the backbone area.
  It must have an ABR (Area Border Router) to connect to Area 0 and advertise all internal routes of
that standard area into the backbone area.

ABR uses Type 3 LSAs for advertising inter-area routes. You can
configure a standard area by using the below commands.
configure terminal router OSPF 1
network 10.100.100.0 0.0.0.255 area 2 –>
Here area 2 is standard area.

2. Backbone Area:
The backbone area is a special type of
standard area which allows all LSA types
except LSA types 4 and 7.

Features of an OSPF Backbone area are:-

 It allows all LSA types except LSA types

4 and 7.
 If you have more than one area in the
OSPF network, then one area must be
Area 0 or the backbone area.
A standard area uses ABR (Area Border Router) to connect to Area 0. You
can configure the backbone area by using the below command.
configure terminal router OSPF 1
network 10.20.30.0 0.0.255 area 0
 3. Stub Area
The main reason to use the OSPF Stub area is to reduce the number of routing table entries by not flooding redistributed
prefixes from other routing protocols into an area.

Features of OSPF Stub Area are:-

 LSA types 4 & 5 are not allowed in the Stub area.

 Only LSA type 3 (Network Summary) is allowed.
 ABRs located at the edge of a stub area use type 3 LSAs to advertise a single default-route (0.0.0.0/0) into the area
for destinations external to the AS.
 The ABR will advertise this default route with a cost of 1, but you can modify the cost with the “area default-cost”
command.
 You can configure a Stub area by using the below commands.
configure terminal

router OSPF 1

area stub –> You must configure this command on all routers in that area.

4. Totally Stubby Area:

The main reason to use OSPF totally Stubby area is if you want no other route than a default route in an OSPF area.

Totally stubby is one step ahead of the Stubby area; it not only restricts LSA type 4 and 5 but also restricts type 3 LSAs.

Features of OSPF Totally Stubby Area are:-

 LSA types 3, 4, and 5 are not allowed in the totally Stubby area.
  The OSPF Totally Stub area uses a default route to reach destinations outside the OSPF domain and all destinations
outside the OSPF area.
 ABR of a totally stubby area blocks all type 3 LSAs, except a single type 3 LSA advertising a default route (0.0.0.0/0)
You can configure a Totally Stubby area by using the below commands.
configure terminal

router OSPF 1

area stub no-summary –> Only required on ABR; rest of the internal routers within that area can use default stub area
configuration.

5. Not so Stubby Area (NSSA):

The main reason to use Not So Stubby Area (NSSA) in the OSPF
network is when you want a Stub area but also want redistribution
to be allowed in that area.

The main Features of NSSA are:-

• It allows redistribution while retaining the characteristics of a stub area to the rest
of the OSPF Domain.
• The two main differences between a stub area are that redistribution is allowed
through Type 7 LSA, and no default route is sent into the NSSA.
• Type 4 and 5 LSAs are not allowed, but AS-external routes are allowed in NSSA.
And this is done by the ASBR, which originates type 7 LSAs to advertise the
external routes.
• These NSSA external LSAs (type 7) are flooded throughout the NSSA but are
blocked at the NSSA ABR.
• The NSSA ABR converts type 7 LSA to Type 5 LSA.
• The ABR does not automatically originate a default route in NSSA. You must use
the “area nssa default- originate” command to generate the default route.

You can configure an NSSA area by using the below commands.

configure terminal

router OSPF 1

area nssa –> You must configure the command on all routers in
that area.
 6. NSSA Totally Stub Area:
NSSA Totally Stubby Area is used when you want to allow redistribution but still keep the characteristics of a
Totally Stub area.

The main features of NSSA Totally Stub Area are:-

 Similar to Totally Stubby area with the added advantage of redistribution of external routes. The ASBR
in an NSSA will originate type 7 LSAs to advertise these external destinations.
 Same as an NSSA area but also blocks type 3 summary LSAs.
 Another difference to NSSA is that ABR defines an NSSA as totally stubby and originates a default as
‘O*IA.’
 LSA Type 3, 4, & 5 are not allowed but redistributed AS-external (type 7) routes are allowed.
 You can configure an NSSA Totally Stubby area by using the below commands. configure
terminal

router OSPF 1

area nssa no-summary –> Only required on ABR; rest of the internal routers use the standard NSSA area configuration.
Let us also discuss Single Area OSPF design vs. Multi Area OSPF design.

Single Area OSPF

A single area OSPF design is a network in which all routers are in the same area.

Single area OSPF design means that the OSPF network is one homogeneous network. Therefore, all the OSPF routers in
the network are in the same area.

Placing all routers in a Single Area OSPF is much simpler to configure and maintain. There is no need for Virtual Links, no
need for Area Border Routers, and no need for Backbone Routers. I always prefer this option considering device vendor
support and future requirement.

Multi-Area OSPF

A multi-area OSPF design is a network in which routers are in multiple areas.

Multi-Area OSPF design means that the OSPF network is divided into multiple areas. First, there is Area 0, which is the
backbone area. Then, the other areas (1,2,3, etc.) are connected to Area 0.

To improve scalability, we can use a hierarchical design. In this design, we divide the network into multiple areas, each with
its own ABR.

The difference between a single-area OSPF design and a multi-area OSPF design:
  In a single-area OSPF design, all routers are in the same area, and traffic is routed between all areas through a
single area. In a multi-area OSPF design, each router is assigned to a specific area, and traffic is routed between
areas through a backbone area.
 In a single-area OSPF design, all areas are equal, and traffic is routed between them without preference. However,
in a multi-area OSPF design, the backbone area is preferred for routing traffic between areas.
 All areas use the same link state database in a single-area OSPF design. However, each area has its own link state
database in a multi-area OSPF design.

Conclusion
This post has explained the different types of OSPF areas, why they are useful, how they work, and how to configure them.
OSPF areas can be a great way to organize and simplify your network, and they can provide many benefits in terms of
routing efficiency and redundancy. However, I would suggest using a single OSPF Area 0 for simplicity.

What are the types of OSPF Routers-OSPF Area Border

Routers or ABR
OSPF is the most widely used routing protocol in networking. Knowing the types of OSPF routers and, most importantly,
Area Border Routers in OSPF becomes crucial to understanding the overall design and configuration of OSPF. This article
will discuss the types of OSPF routers, the Area Border Routers in OSPF, why we need them, and how to configure them
to optimize overall OSPF and network performance. Let’s get started.
OSPF Primer:

OSPF is a link-state routing system used in Internet Protocol (IP) networks. It calculates the optimal next hop for each
packet using the shortest path first (SPF) method. OSPF is a classless routing protocol that does not use subnet masks in
its routing update packets.

Types of OSPF Routers

All OSPF router types will fall into one of the four categories:
  Internal Router – Internal routers have all interfaces configured/attached in the same area and have a single link state database. These are
also called adjacent routers or adjacent neighbors.
 Backbone Router – Backbone Routers have all interfaces configured/attached to area 0 (backbone).
 Area Border Routers or ABR – The Area Border Routers (ABRs) in OSPF are routers connecting different network areas to the backbone
(area 0). They are responsible for advertising the routes from one area to the other areas.
 Autonomous System Boundary Router or ASBR – An ASBR is a gateway to an external network. It redistributes routes from another external
protocol/network, for example, static routes, EIGRP, BGP, etc., into the OSPF domain.

What is the Area Border Routers in OSPF?

ABRs are routers with multiple interfaces connected to multiple OSPF areas. They connect two or more OSPF areas of a network, and one of the
areas must be area 0. The ABR acts as a gateway for inter-area traffic.

An ABR has at least one interface in each network area and maintains separate link state databases for each area. This feature allows the ABR to
route traffic between the different areas while providing accurate information about the state of the overall OSPF network.

Since we are discussing multiple areas here, let us look at the requirement for multiple areas in OSPF.

Why do we need areas in OSPF?

One of the most powerful features of OSPF is its ability to support multiple areas. An OSPF area is a logical grouping of OSPF routers. Areas are
connected via Area Border Routers (ABRs), and all routers within an area have the exact link-state database.

The use of areas offers several advantages:

 Areas are used to stop the explosion of link-state updates.

 Flooding and calculation of the Dijkstra algorithm on a router are limited to changes within an area, providing less CPU and memory usage
on the OSPF router.
 You can use areas to reduce the size of the routing table. You can summarize routes on ABR before entering that area.
  You can use areas to control the propagation of routing information.
 You can use areas to improve network performance.
You can use areas to provide better security by filtering out unwanted routes.
Although there are some disadvantages of using OSPF areas as well, and they are:

 Areas can make the network more complex.

 Areas can make it more difficult to troubleshoot problems.
 Multi-area design becomes more complex when used with MPLS VPN
designs.
I would personally go with a single-area design if routers are modern and they have enough memory and CPU to handle
OSPF requirements.

Returning to the ABR discussion, let’s dig deeper into Area Border Routers.
  ABRs generate Network Summary LSA type 3 and have an inter-area flooding scope.
 Internal routes that are not part of an OSPF area but part of the OSPF routing domain are
advertised using Link State Advertisements (LSAs) type 3.
 LSA type 3 are displayed as ‘O*IA’ routes in the routing table.
 Use the “show ip OSPF database summary” command to check type 3 LSAs.
 ABR also generates an ASBR Summary Type 4 LSA, and you can check that by using the
“show ip OSPF database
asbr-summary” command on Cisco routers.

What type of Features of Area Border Router

Link State  The ABR is responsible for generating summar LSAs (Link State advertisement) into the

Advertisement
backbone area. Summary LSAs are used for advertising a non-backbone area’s routes
to the backbone area. By doing this, the ABR allows the routes of a non-backbone

or LSA is
area to be propagated throughout the OSPF domain.
 The ABR is also responsible for maintaining a separate LSDB for each area to which it
is connected. The LSDB is a database that contains all the link state information for
produced by an area. By maintaining a separate LSDB for each area, the ABR can ensure that the
routing information for each area is up-to-date and accurate.

ABR?  ABRs can be configured to act as virtual links. Virtual links are used to connect OSPF
areas that are not physically connected.
 If you have more than one ABR per area, then they can be configured to perform load
balancing. Load balancing is useful to distribute traffic evenly across multiple links.
 ABRs play an important role in Stub, Totally Stub, NSSA (Not-So-Stubby Areas), and
Totally NSSA Areas by injecting default routes or filtering out required LSAs. For
example, ABR in the stub area injects the default route into the stub area, while ABR in
the totally stubby area blocks types 3 LSA from being flooded into the stub area.
 In the NSSA and Totally NSSA areas, ABR converts type 7 LSAs to type 5 LSAs.
 In a STUB or NSSA, all neighbor routers must agree on the STUB or NSSA flag. By
adding the keyword “no- summary” to the “stub or nssa” command, the ABR of the
stub or NSSA area decides if it is totally stubby or totally NSSA.
 An OSPF stub configuration explicitly filters type 5 LSAs but also implicitly filters type
4 LSAs since the ABR doesn’t
need to generate type 4 LSAs.
How to Use ABRs to Improve Overall Network Performance and Security
One of the biggest advantages of ABR is that you can configure ABRs to filter and summarize routes before entering an
area.

Let us look at filtering first:-

Filtering:-

You should always be aware that filtering only occurs between areas according to RFC standards: “All neighboring routers
within an area need to have the same link state database.”

You can only filter inter-area routes and cannot filter intra-area routes within an area.

Filter-Lists
•You can use ABRs to filter type 3 LSAs into or out of an area.

•There are two types of filter-list:-

• In-lists – Filter LSAs before sending them into an area.

•Out-lists – Filter LSAs leaving an area to prevent them from entering other areas. router OSPF 1

•area 0 filter-list prefix DONT_SEND out –> Filters ip subnets matched by the prefix- list DONT_SEND leaving out of ( from) area 0, and it applies to all
areas that the local advertising router is connected to

•area 2 filter-list prefix DONT_RCV in –> Filters traffic matched by DONT_RCV prefix list received into area 2 only
•Summarization:-

•Per best practice, IP subnets of a non-backbone area should be summarized into the backbone area by the area’s own
•ABR.

•Below are the key points of doing summarization on ABR in OSPF:-

• You should always do inter-area summarization on ABR.

• It summarizes type 3 LSAs.
• They are used at ABRs to summarize internal OSPF area routes. It does not apply to external routes (Type-5 LSAs) not part of the OSPF domain.
• The OSPF router automatically adds a route to Null0 to the routing table; however, you can deactivate it with “no
• discard-route.”
• This “area-range” command specifies the area to which the summary address belongs.
• The “area range” command will only advertise the supplied summary and suppress the rest of the routes. However, sometimes it is not required,
and you can prevent this behavior using the ‘no-advertise’ command.
•Router OSPF 1
•area 2 range 20.0.0.0 255.0.0.0 [advertise|not-advertise|cost] no discard-route
 In conclusion, OSPF is the most widely used routing protocol in
networking because of its stability and scalability. The Area Border
Routers play a crucial role in OSPF by providing the connection between
different areas. They are also responsible for the summarization and
filtering of routes. Therefore, the proper configuration of Area Border
Routers can optimize overall OSPF and network performance

Why do we need OSPF Network Types?

 The OSPF network types are designed to give the best routing
results in different topologies. For example, the point-to- point
network type is intended for use in networks with only two routers.
The broadcast network type is designed for use in networks with
multiple routers.
Conclusion  You can also use Network types to control which interfaces will
form adjacencies with each other. By default, OSPF will only form
adjacencies with interfaces on the same network type.
 Each type of interface on an OSPF router has its own data
structure. So, if you change the network type, OSPF will make the
necessary changes to the hello and dead timer.
 We need OSPF network types to help us create a more efficient
and reliable network. By using different types of OSPF networks
in different network topologies, we can better control the overall
design and how data is routed through our network.

What are the Different Types of OSPF Networks?

When it comes to networking, OSPF is one of the most commonly

used protocols. OSPF is a link-state routing protocol that uses
information about the state of the network links to determine the
best route for data packets. One of the key concepts in OSPF is the
network type. The network type determines how OSPF will route
data packets across the network.
• The three core OSPF network types are :

• Broadcast
• Point to Point
• Non-Broadcast
• Two more network types are Cisco proprietary.

• Point to Multipoint
• Point to Multipoint Non-Broadcast
• Bonus:-There is also a sixth network type
known as “Virtual links.” We will discuss the
OSPF Virtual Link in the next post.
 What is the OSPF Broadcast Network type?
The OSPF broadcast network type is used on networks with multiple OSPF routers connected to a single shared broadcast
medium, such as an Ethernet LAN. For example, the broadcast network is the default network type on Ethernet interfaces.

Broadcast networks are the most common type of OSPF network. They are used when all routers in a network need to be
able to communicate with each other.

OSPF Broadcast Network Key points:-

 Broadcast OSPF networks always elect a DR and a BDR.

 It uses the multicast MAC 224.0.0.5 (0 100.5E00.0005) for all Routers and 224.0.0.6 (0 100.5E00.0006) for DR and BDR.
 There is NO next-hop modification, which means the next-hop IP remains that of the originating router.
 Layer3 to layer2 resolution is required.
 Broadcast networks can’t have unicast neighbors configured.
 The hello and dead interval is 10 seconds and 40 seconds, respectively.

How to configure OSPF network type to Broadcast

Interface Fastethernet0/0

ip OSPF network Broadcast –> You should always use under Interface config, and make sure another side has the same
network type defined.

What are the advantages and disadvantages of the OSPF Broadcast Network type?

Advantages

 One of the main advantages of using a broadcast network type is that it’s very easy to configure. You need to specify the
IP addresses with the wildcard mask under the OSPF router configuration of the devices you want to include in the
network, and the OSPF broadcast network type will take care of the rest. It can be a big time saver compared to other
types of network topologies where you have to define each neighbor manually.
 It scales well for medium-to-large networks.
 It converges quickly after a link or node failure.
Disadvantages

 The disadvantage of using an OSPF broadcast network type is that it is more vulnerable to network attacks and can
generate a lot of network traffic.

What is the OSPF Point-to-Point Network type?

OSPF point-to-point network type is used on networks with two OSPF routers connected by a single point-to-point link,
such as a leased line or T1.

OSPF Point to Point Network Key points:-

 OSPF P2P network type is Default on T1, DS-3, and SONET links and on frame-relay point-to-point sub-interfaces.
 There is no DR/BDR election.
 Uses the multicast destination to AllSPFRouters (224.0.0.5), except for retransmitted LSAs, which are sent as unicast.
 The IP of the advertising router is the next-hop IP.
 On point-to-point links, OSPF doesn’t care if the subnet mask doesn’t match.
 The hello interval is 10 seconds, and the dead interval is 40 seconds.
 ip OSPF network point-to-point
–> You should always use under What are the advantages and
How to configure OSPF network
Interface Fastethernet0/0 Interface config and make sure disadvantages of the OSPF
type to Point-to-Point
the other side has the same Point-to-Point Network type?
network type defined.

Reduced complexity: Point-to-

The advantage of using a point- point networks are much
Increased stability: Point-to-
to-point network type is that it simpler to configure and
point networks are also more
reduces router traffic because Advantages: manage than other types of
stable than other types of OSPF
there is no need for multicast OSPF networks. It is a big
networks because there are
broadcasts. advantage if you work with a
large network.

Better performance: Point-to-

It reduces router traffic because
fewer potential “failure points” point networks typically “chatter” on the network, and
there is no need for multicast
in the network. perform better than other OSPF traffic can flow more smoothly.
broadcasts. Disadvantages:
networks because there is less

Lower redundancy: Another More expensive: Point-to-point

Limited flexibility: One of the big
disadvantage of point-to-point networks can also be more
disadvantages of point-to-point You can only have two nodes in
networks is that they have lower expensive than other types of
networks is that they can be a point-to-point network, so if
redundancy than other types of OSPF networks because you
inflexible because you need to you need to connect more than
OSPF networks. If one link goes need to purchase dedicated
have a dedicated link between two nodes, you’ll need to
down, the other end will be links for each router in the
each router in the network.
affected. network.

use a different network type and

more intermediate devices.
What is OSPF Non-Broadcast Network Type?

OSPF non-broadcast network type is used on networks with multiple OSPF routers connected by point-
to-point links, such as Frame Relay or ATM virtual circuits. However, they are not widely used these
days as frame-relay, and ATMs are considered to be obsolete technology.

OSPF Non-Broadcast Network Key points:-

 This network can connect more than two routers but can’t broadcast by default.
 It is the default network type for multipoint frame-relay interfaces.
 OSPF routers on N BMA networks choose a DR and a BDR, but all OSPF packets are unicast between each neighbor
specified with the “neighbor” command.
 The next-hop IP doesn’t change. It stays the same as the IP address of the router that sent the packet.
 The default priority is 1, and it should be turned off (=0) on ALL SPOKES to stop a spoke from becoming a blackhole
DR/BDR.
 The hello interval is 30 seconds, and the dead interval is 120 seconds.

How to configure OSPF network type to Non-Broadcast

Interface Serial0/0

ip OSPF network non-broadcast –> You should always use under Interface config and make sure the other side has the
same network type defined.

What are the advantages and disadvantages of the OSPF Non-Broadcast Network type?

Advantages:

 It can be easier to control traffic flow on the network. It can be helpful, for example, if you want to limit the amount of
traffic that goes through a particular link.
 Non-Broadcast network types are more secure since hackers can intercept broadcasts.
Disadvantages:

 It can be more difficult to configure since it requires manual neighbor configuration.

 It can be more difficult to scale an NBMA network than other types of OSPF networks.
 Not all OSPF features are available when using this network type.
 NBMA networks can be more susceptible to certain types of faults.

What is OSPF Point-to-Multipoint Network Type?

Point to Multipoint networks are used when there are multiple routers in the network, but they only need to be able to
communicate with one router. Point to Multipoint network is typically used when multiple subnets are in the network.
• It is a Cisco proprietary option that isn’t the default, but it might be the best choice for NBMA
networks. It is useful when
• NBMA networks are set up in a special way and treated as a group of point-to-point links.

• OSPF Point-to-Multipoint Network Type Key Points

• It does not choose a DR and BDR, and OSPF packets are sent to all known neighbors
simultaneously using a 224.0.0.5 multicast address.
• The next-hop IP is that of the neighbor who is advertising.
• You only need Layer3 to Layer2 resolution for neighbors that are directly connected.
• Recursive layer 3 IP routing is used for neighbors who are not connected directly.
• The endpoints of point-to-multipoint networks are also advertised as host routes (/32).
• The hello interval is 30 seconds, and the dead interval is 120 seconds.

• How to configure OSPF network type to Point-to-Multipoint

• Interface Serial0/0

• ip OSPF network point-to-multipoint –> You should always use under Interface config, and make
sure the other side has the same network type defined.

• What are the advantages and disadvantages of the OSPF Point-to-Multipoint Network Type?

• Advantages

• Less complex as it has no DR BDR election.

• Better than OSPF Non-broadcast network
type in certain situations. Disadvantages

• It is only used on cisco devices.

• Not widely used.

• What is the OSPF Point-to-Multipoint

Non-Broadcast Network type?
• Point to Multipoint Non-Broadcast networks are used when there
are multiple routers in the network, but they don’t need to be able
to communicate with all of the other routers. Point to Multipoint
Non-Broadcast networks are typically used when multiple subnets
are in the network.

• Point-to-Multipoint Non-Broadcast Network is also Cisco

proprietary. It is the same as the point-to-multipoint discussed
• before, but it is set up with the extra keyword “non-broadcast.”

• OSPF Point-to-Multipoint Non-Broadcast Network Type Key Points

• There is no DR/BDR election, and each neighbor is given unicast

instead of multicast.
• As a result, the “neighbor” command must be used to define the
directly connected neighbor. You only need to configure
• one side, but it is best to do it on both.
• The next-hop IP is that of the neighbor who is advertising.
• At layer2, OSPF will use IP routing to connect devices that aren’t
connected directly.
• This network was made so that you could assign the cost per
neighbor instead of using the interface cost.
• The cost is based on the bandwidth of the “incoming” interface,
not the “outgoing” interface of the neighbor.
• The hello interval is 30 seconds, and the dead interval is 120
seconds.

• How to configure OSPF network type to Point-to-Multipoint Non-

Broadcast

• Interface Serial0/0

• ip OSPF network point-to-multipoint non-broadcast–> You

should always use under Interface config, and make sure
another side has the same network type defined.

• What are the advantages and disadvantages of OSPF Point-to-

Multipoint Non-Broadcast Network Type?

• Advantages

• Less complex as it has no DR BDR election.

• Better
than
OSPF
 Only used on cisco devices.
 Not widely used.

Conclusion
In conclusion, the five different types of OSPF networks each have their own special configuration requirements and are
used in different scenarios. Therefore, depending on your needs, you must be familiar with all five types of networks to
make the best choices for your network.

OSPF Path Selection Process Explained

Having a clear understanding of how OSPF determines the best path to a destination network is very important. In this
article, we will discuss the steps that OSPF takes to determine the optimal path to each destination network and how you
can manipulate some of the OSPF parameters to affect the overall behavior of the OSPF path selection process.

What is the OSPF path selection process?

The OSPF path selection process is a set of rules that determine the best path to use when multiple paths are available
between two nodes in a network. The process considers factors such as path type, path cost, longest prefix match, etc.
 How many types of OSPF route entry OSPF has?
To understand the OSPF path selection process, we need to understand the different types of route entries in an OSPF
routing table.

OSPF route entries are classified based on their destination type, which can be either “network” or “router.”

 Network entries are the addresses of networks that packets can be routed to and are potential candidates for insertion
into the routing table. This information can be seen using the command “show ip route OSPF.”
 Router entries are routes to ABRs and ASBRs, which are kept in a separate internal OSPF router table. This information can
be seen using the command “show ip OSPF border-routers.”

How does OSPF select the best route?

 OSPF selects the best path to a destination based on the following criteria, and guess what? The OSPF cost is not the first
criterion, but you might have guessed that.

OSPF Path Selection Process :

1. The longest match:- The longest match is always preferred inside Cisco and almost all vendor devices, no matter what.
2. Most to least preferred path type :
o Intra-Area (O) –> Intra-area routes are local to an area and are always preferred the most.
o Inter-Area (O IA) –> Then comes Inter-area routes, which are routes between two OSPF areas and within the OSPF AS
(Autonomous system).
o External Type 1 (E1) –> Then comes routes to external destination. E1 takes External costs + internal costs both into
consideration.
o NSSA Type 1 (N1) –> Then comes N1.
o External Type 2 (E2) –> Then comes E2, which is also an external route to external destinations. Although, unlike E1, it only
considers external costs to the destination. The default classification for OSPF external routes is E2.
o NSSA Type 2 (N2) –> Then comes N2.
3. Then comes the OSPF cost, and OSPF uses the lowest cost metric to decide the best routes, for example, between two O
IA (Inter-Area routes), unless equal-cost paths exist.

Let us look into the external routes (E1, N1, E2, and N2) in more depth and see how you can use them to manipulate
the OSPF path selection process:-

 The E1 and N1 metrics are both cumulative, meaning they consider the ASBR’s advertised cost and the internal OSPF cost
to the ASBR. And that is the reason E1 and N1 are often called ‘metrics that increase hop-by-hop.
 On the other hand, the E2 and N2 metrics are static, as advertised by ASBR.
 Use the E1 metrics when packets should exit the network at the closest exit point (within your OSPF AS).
 Use the E2 metric when packets must exit the network at the closest point to the external destination (Outside your OSPF
AS).
 If two or more E2 routes have the same external cost, the internal cost is used as a deciding factor.

How are OSPF Costs calculated?

 The OSPF metric is a 16-bit integer that ranges from 1 to 65535 and expresses cost.
 Cisco’s default cost is 10^8 / BW of an interface in bits per second, expressed as a whole number. For example, an
interface with a bandwidth of 100MB has a metric of 1 because 100000000/100000000 is 1. At the same time, an interface
with a bandwidth of 10 Mb has a metric of 10.
 BW is the configured bandwidth in kbps of the interface, and 10^8 is the reference bandwidth.
 Nowadays, almost all modern media have bandwidths that exceed 100M, which creates a problem given the reference
bandwidth of 10^8.
 You can fix this by changing the default reference by using the “auto-cost reference-bandwidth” command. – Default
Cost
= Reference-BW/Interface-BW.

How can I modify OSPF Cost to influence OSPF path selection rules?

You can modify the OSPF cost with the following commands :

 Inside an Interface by using the command “bandwidth.” For example:- interface

F0/1

bandwidth 10000 kbps

Note: This will change the interface bandwidth in real-time, so make sure you
use it wisely.

 You can also straight change cost inside an Interface using the “ip OSPF cost”
command.
interface F0/1

ip OSPF cost 10
Note: This command changes the outgoing interface cost for packets, not
incoming.

 You can even manipulate the reference bandwidth, which in turn will change the
bandwidth and the cost of the interface.
Use “auto-cost reference-bandwidth” inside the OSPF process to change it.
router OSPF 1

auto-cost reference-bandwidth 1000000000

 Lastly, you can adjust the cost inside the OSPF process with the command
“neighbor x.x.x.x cost.”
router OSPF 1
neighbor X.X.X.X priority 10 cost 1
Note: This command will only work on point-to-multipoint non-broadcast areas.

How can the OSPF path computation process be improved?

You can use iSPF to improve OSPF path computation. OSPF is more efficient than the full SPF algorithm, allowing slightly faster
convergence. This is because iSPF lets the system only recalculate the part of the SPF tree that has changed.

You can enable iSPF inside the OSPF process by:- router OSPF 1

iSPF –> It enables iSPF.

Conclusion
In this article, we’ve looked at the OSPF path selection process and
how you can change some parameters to change the
OSPF paths to a destination network. We have also looked into how
to use iSPF to improve OSPF path computation.

What is OSPF Virtual Link, when to use it, and how to configure it?
An OSPF virtual link is a shortcut that allows an isolated OSPF area to connect to the backbone area 0. The virtual link helps
network administrators extend their OSPF network while maintaining OSPF design requirements. In this article, we will discuss OSPF
virtual link, when you should use it, requirements, key points, and how to configure it. As a bonus, we will also discuss an alternative
option for the OSPF virtual link.
What is a Virtual link in OSPF, and When to use it?
An OSPF virtual link is a connection between two ABRs. The ABR connects the isolated area to the OSPF backbone area 0
through a transit area or a non-backbone area.

This helps administrators extend their OSPF network while maintaining OSPF design requirements.
When to use a Virtual Link in Your Network?

There are several scenarios where you may want to use a virtual link in your network. The following are some examples:

 You want to connect an isolated OSPF area to the backbone area 0.

 To connect two parts of a partitioned backbone.
 To link an area to the backbone through a non-backbone area (also known as a transit area).

OSPF Virtual link Requirements

To configure a Virtual link in OSPF, you must meet the following requirements:

 Must be configured between two ABRs, of which one must be connected to area 0.
 The transit area may not be a stub area and must have full routing information.
 The virtual link will transition to the fully functional point-to-point interface state when a route to the neighboring ABR is
found in the routing table.
 The maximum path cost in the transit area should not exceed 65535; else, the virtual link will not come up.
 To see the cost of using the transit area, “show ip OSPF virtual-link” and refer to ‘cost of using.

OSPF Virtual Link Key Points

There are several key points to consider when configuring a Virtual link:

 OSPF ignores subnet mask mismatch on point-to-point links.

 A virtual link is seen as an interface in area 0.
 All area 0 attributes are inherited by routers attached to the virtual link, including summarization and authentication.
 The cost of the virtual link is the cost of the route to the neighboring ABR interface via the transit area.
 Virtual-links are only used for control traffic, i .e. flooding Type- 1, Type-2, Type-3, and Type-4 OSPF LSAs. No traffic
is sent over virtual links because it’s not a tunnel.

How To Configure OSPF Virtual Link?

Once you have identified the OSPF ABRs you need to configure them using the below command on both ends:

router OSPF 1

area (transit-area) virtual-link (ABR-Router-ID) —> You need a similar command on the other ABR as well.

Alternative of OSPF Virtual Link

One of the major drawbacks of OSPF Virtual links is that OSPF virtual links cannot transit stub areas. If a virtual link over a stub area is
required, then a GRE tunnel between ABRs is the only viable option.

OSPF over GRE works similarly to OSPF Virtual links. You have to make sure that the tunnel interface’s IP address must be
advertised in area 0 and have a network statement in area 0.

Conclusion

In a nutshell, through OSPF virtual link, you connect an isolated OSPF area to the OSPF backbone area 0, and you must configure
Virtual links on Area Border Routers.

Now that you have learned about the OSPF Virtual Link and its functionality, you are ready to begin configuring an OSPF Virtual link.
In summary, there are three main steps:

Step 1: Identify an isolated area that needs to connect to area 0.

Step 2: Identify appropriate ABRs and make sure the above requirements are met. Step 3: Configure
under the OSPF process using the above command on both ABRs.

OSPF Troubleshooting Commands Cheat

Sheet
In this blog post, you • After writing a series of blog posts on OSPF, I thought it would be great to put together a
list of OSPF troubleshooting commands that any network engineer can use in real-
will find a world situations. These OSPF commands will help you in your daily job when solving
OSPF network issues. This post is written based on my experience with medium to large
comprehensive list of Data Center and Service Provider networks.
OSPF troubleshooting • I would recommend you go through these posts to grasp a solid understanding of OSPF.
commands network
What is OSPF in Networking
engineers can utilize •
• OSPF States
in real-world • Types of OSPF Routers
scenarios. •
•
OSPF LSA Types
OSPF Area Types
• OSPF Network Types
 OSPF Virtual Link
 OSPF Path Selection Proccess
Let’s start.

How to Troubleshoot OSPF – OSPF Troubleshooting Commands Cisco

You can use these OSPF troubleshooting commands to solve real-world OSPF issues.

I have divided the troubleshooting method into use case basis. I would advise you to start/check with the basics as
explained in use-case 1 and then check for more complex scenarios as explained in later use cases.

The commands mentioned in this article have been tested on Cisco devices. Still, once you understand the concept and
troubleshooting method, you can diagnose and solve OSPF issues on any vendor equipment.

For easiness, I have presented the commands in table form so that you can print them out and use them as an OSPF
cheatsheet.

1. Use case 1 – When looking at the configuration of a single router, think about the following:
2. Use case 2 – When analyzing a huge OSPF area-wide problem, check the design
3. Use Case 3 – When checking OSPF neighbor adjacencies, look at the following things:
4. Use Case 4 – When trying to fix problems with authentication, think about the following:
5. Use Case 5 – Troubleshooting LSDB (Link state Database) related problems in OSPF:

Use case 1 – When looking at the configuration of a single router, think about the
following:

What to Check Command to use

Are all the needed interfaces in a state of UP, UP (not admin show ip int brief
shut)?
Have the IP addresses and corresponding subnet masks for
show int | include Inter | line
all the interfaces been set up correctly?
 What to Check Commands to use

Check if network area statements under OSPF and IP show int | include Inter|line|network
addresses for the interfaces match up.
Are the inverse or wildcard masks in the network area show ip ospf int brief
statements under OSPF correct and match with the OSPF
Interfaces subnet mask?
Do the network area statements put the interfaces in the right show ip ospf int brief
areas?
Because of the “passive-interface default global statement,” show ip ospf int | i line | Hello
are there any OSPF interfaces that should not be in passive
mode?
Does every router have the right OSPF Router ID? Are show ip ospf | inc ID
there duplicates on the network?
If address summarization is set up, is it applied to the right show run | i area range | summary-add
areas?

Use case 2 – When analyzing a huge OSPF area-wide problem, check the design:

What to Check Commands to use

Check if OSPF area 0 (backbone area) is contiguous, it No Commands; check the existing design and
must not be segregated. diagrams. If required, validate existing documents.
Check if all OSPF areas are connected to the backbone
area. Even if you use virtual links or GRE tunnels, ensure No Commands; check the existing design and
all areas connect to OSPF area 0. diagrams. If required, validate existing documents.

Check if all routers in an area are configured with the No Commands; check the existing design and
same area types (Normal, stub, NSSA, etc.) diagrams. If required, validate existing documents.
Are ABRs configured with the correct role for Totally
Stub and Totally NSSA areas? For example, you must
configure an ABR with the “area stub no-summary” show run | section ospf
command for a totally stubby area.
 What to Check Commands to use

Is there a virtual link that goes through a stub area, or is set up

No Commands; check the existing design and diagrams. If
there? If this is the case, then configure the GRE tunnel instead.
required, validate existing documents.
Is there a default summary LSA that lets unknown/external
subnets leave an area? For example, an NSSA area always needs
a manual default route on ABR. Show ip route

Does the OSPF domain have an external LSA? show ip OSPF database external

Check if the forwarding address is known as an OSPF internal sh ip route [forwarding address ip]
route.
Are you able to reach the forwarding address? ping [forwarding address ip]

When doing redistribution between two protocols:

–Check if you have the “subnet” keyword in the
redistribution statement. – show run | section router ospf
– For BGP only, check if the “external” keyword has
been used.

Use Case 3 – When checking OSPF neighbor adjacencies, look at the following
things:
What to Check Commands to use

Always log the neighbor adjacency changes while troubleshooting. OSPF log-adjacency-changes

Check layer 2 ( mac addresses, ARP, etc.) and Layer3 ping [neighbor ip address]
reachability (ping, routes, etc.)

Are both OSPF neighbors sending and getting hellos from each debug ip OSPF hello show ip OSPF int brief
other?
– If hellos are not exchanged, check the network statements and
interface
 What to Check Commands to use

addresses.
– Check the passive-interface default config or if any OSPF show run | inc passive
interface has been put in passive mode accidentally.
-If you are using different OSPF network types, are they compatible? show ip ospf int | i line |Type

-Neighbors’ hello/dead interval should match. show ip OSPF int | i line | Dead

-Optional capability value should match between neighbors. show ip OSPF neighbor detail | include Option

-Interfaces must be configured on the same subnet. P2p links show ip ospf int brief
are an exception.
-Is a router trying to form a neighbor to another router’s sh run | i netw | area
secondary IP address?
-Is OSPF protocol 89 being blocked by any access lists? sh ip interface | i line | list

In the case of the layer2/3 switch, are the MTUs compatible/match? debug ip ospf adj

Debug if you think the neighbors are unstable or have no other choice. debug ip ospf adj

Use Case 4 – When trying to fix problems with authentication, think about the
following:
What to Check Commands to use

Is authentication configured on all routers in a certain area? show ip ospf | i Area

Check authentication type (plain/md5) between OSPF neighbors. It show ip ospf int {int} | i auth | line
must be of the same type.
 What to Check Commands to use

With clear-text authentication, are the passwords for show run | i auth . *key
neighboring interfaces the same?

Are the digest keys for MD5 authentication the same show run | i digest-key
between neighboring interfaces?

Is authentication set up on all the virtual links?

Note: If authentication is set up for Area 0, then show run | i virtual-link
authentication is also needed for virtual links.

Debug adjacency to find out why authentication failed. debug ip ospf adj

Use Case 5 – Troubleshooting LSDB (Link state Database) related problems in

OSPF:
What to Check Commands to use

Check if the local router is generating the expected LSAs. show ip ospf database self-originate

Check if the local router is receiving the expected show ip ospf database adv-router [ip address]
LSAs from a neighbor.
Check if any filters are configured to deny LSAs before show run | i filter-list
entering an area. For example, ABRs are configured to
filter type-3 LSAs.
Check if any distribute list is configured to deny entry in the show run | i distribute-list
local RIB (Routing Information Base).
Is summarization the reason why LSAs aren’t seen? show run | i area range | summary-add

Do all the routers in a certain area have the same number of show ip ospf database database-summary
LSAs? – show run | i database-filter
– If not, do any interfaces prevent LSAs from being sent out?
Do the checksums for every LSA in each router’s database show ip ospf database
match?
 What to Check Commands to use

Look at the Seq# in the show ip ospf database command to see if

any LSAs have a higher number than others. show ip ospf database
– This could mean the link is unstable because of all the LSA
– show int {int} | i error| drops
advertisements. – show ip ospf neighbor detail | i Neighbor
–Multiple LSAs with high sequence numbers might mean that there
is a problem with a neighbor.

Are there many SPF calculations? Check if this is the cause. show ip ospf statistics

Check the memory and CPU utilization of a router. Check recent sh process CPU history
alarms on your monitoring software.

OSPF Troubleshooting Cheat Sheet

Here is a handy OSPF troubleshooting command cheat sheet for reference. The details of the commands are provided in
the article, so this is just a quick way to come to grips with the most basic and commonly used OSPF commands.

I will be adding the OSPF troubleshooting cheat sheet for download soon.

What Are Some Common OSPF Troubleshooting Questions Asked in Interviews?

What are some common ospf interview questions? Employers often ask candidates about troubleshooting OSPF
networks.
These questions assess the candidate’s understanding of OSPF concepts and their ability to resolve issues.

Conclusion
So, the next time you’re facing an OSPF problem or you need to verify that an OSPF configuration works, pull out this
cheat sheet for a quick reference on the most common OSPF commands. If you find the cheat sheet helpful, share it with
your network engineer and CCIE buddies, too!

1. What is OSPF Authentication, Why should you always use it, and How do you Configure and troubleshoot it?
 o What is OSPF authentication?
o Why use OSPF authentication?
o OSPF Authentication Key Points:-
o Which type of authentication is used by the OSPF protocol?
o How does OSPF authentication work?
o How to configure ospf authentication in a cisco router
o How to check ospf authentication
o OSPF Authentication Troubleshooting
o Conclusion
o FAQs:

What is OSPF Authentication, Why should you always use

it, and How do you Configure and troubleshoot it?
This article provides comprehensive coverage of OSPF authentication, including an explanation of what it is, why you
should actively use it, and how to configure and troubleshoot it.

I would recommend you go through these posts to grasp a solid understanding of OSPF.

 What is OSPF in Networking

 OSPF States
 Types of OSPF Routers
 OSPF LSA Types
 OSPF Area Types
 OSPF Network Types
 OSPF Virtual Link
 OSPF Path Selection Process

What is OSPF authentication?

OSPF authentication is a security measure that you can use to protect OSPF routing information from being modified or
tampered with. When OSPF authentication is enabled, each router must authenticate itself before exchanging routing
information with other routers. This authentication can be done using a simple clear-text password, or it can be done
using more sophisticated methods such as MD5 cryptographic checksums.

Why use OSPF authentication?

One of the main reasons to use OSPF authentication is to prevent unauthorized devices from forming an OSPF
neighborship, which in turn prohibits accessing and manipulating the network. By authenticating devices, OSPF can ensure
that only authorized devices can establish an OSPF neighborship, access the network, and make changes. This can help to
improve security and prevent unauthorized access and modifications.

OSPF authentication can also help improve performance by making sure that only approved devices can connect to the
network. This can help reduce traffic and improve overall performance.

OSPF Authentication Key Points:-

 If authentication for an area is set up, it must be set up for the whole area.
 Don’t overlook virtual links. One interface is always in Area 0 when a virtual link is set up.
 Passwords for interfaces don’t have to be the same everywhere, but they must be the same between neighbors.
 OSPF is set up to use NULL authentication by default.
 MD5 is more secure than clear text, and you should always consider using MD5 over a simple password.

Which type of authentication is used by the OSPF protocol?

The following authentication types are used and supported by OSPF:

 Type 0 – Null authentication (Means no authentication, Default settings)

 Type 1 – Clear-text passwords
 Type 2 – MD5 cryptographic checksums
How does OSPF authentication work?
The Open Shortest Path First (OSPF) is a link-state routing protocol for Internet Protocol (IP) networks. It uses the “shortest
path first” (SPF) technique to calculate the best path through a network. OSPF is a widely used interior gateway protocol
(IGP).

One of the key features of OSPF is that it supports authentication. This means each router can verify the identity of the
other routers it communicates with. Two types of authentication can be used with OSPF: simple password authentication
and MD5 authentication.

OSPF plain text authentication (Type 1) is the most basic form. With this method, each router has a clear-text password
configured that it uses to authenticate with other routers. The problem with this authentication method is that the
password is shown in the configuration and in OSPF messages. This is not a secure way to configure devices.

OSPF MD5 authentication (Type-2) is more secure than simple text authentication. This approach computes a hash value
from the contents of an OSPF packet and a password using the MD5 algorithm (or key). This hash value is delivered
alongside a key ID and a non-decreasing sequence number in the packet.

How to configure ospf authentication in a cisco router

There are two ways to configure authentication.

Step-1

You can enable OSPF authentication area-wide by using the below commands. Then, as mentioned in Step 2, you must
configure a clear-text password OR message digest key under an OSPF-enabled interface.

router OSPF 1

area 1 authentication –> enables type 1 clear-text password authentication.

area 2 authentication message-digest –> enables type 2 or md5 authentication

Step-2

Next, you have to enable OSPF authentication on a per-interface basis.

For Type-1 – Simple Authentication

Interface Gig0/1

ip ospf authentication –> enables type 1 authentication

ip ospf authentication-key password –> Make sure the password/key should match between two neighbors.
For Type-2 – Md5 Authentication

Interface Gig0/1

ip ospf authentication message-digest –> enables type 2 or md5 authentication on an interface

ip ospf message-digest-key 1 md5 password –> Key should always match between neighbors.

How to check ospf authentication

You can use the following command to check OSPF authentication on Cisco devices.

1. Show ip OSPF interface Gig0/1 –> Check if OSPF authentication is enabled on an

interface.
2. Show ip OSPF | inc Area –> Check if authentication is configured for the entire OSPF
area.

OSPF Authentication Troubleshooting

OSPF authentication troubleshooting can be tricky, but you can follow the below approach to
make it easier.
 What to Check Commands To use

Do all routers in a certain OSPF area have authentication show ip ospf | i Area
configured?
The authentication types (Type 0, 1, 2) between OSPF neighbors show ip ospf int {int} | i auth | line
must match.
Do the passwords for neighboring interfaces match when show run | i auth . *key
using clear-text authentication?
Do the MD5 authentication digest keys match between two show run | i digest-key
neighboring interfaces?
Do all the virtual links have authentication set up?
Note: If authentication is set up for Area 0, then authentication is show run | i virtual-link
also needed for virtual links.
Use the debug OSPF adjacency command to find out why debug ip ospf adj
authentication failed.

Conclusion
As we’ve seen, OSPF authentication is well worth the effort that goes into configuring it. Not only does it mitigate a
number of well-known security threats, but it’s also easy to set up and simple to troubleshoot. Unfortunately, the
networking world has been suffering from a lack of security for too long; with OSPF authentication, you can do your part
to reverse this trend.

OSPF Cost Manipulation

======================
The equation used for cost manipulation in OSPF is :-

OSPF Cost=Reference Bandwidth/Interface Bandwidth

It simply means that we can manipulate any one of the three parameters to
adjust our OSPF cost.
First of all we can apply the OSPF cost straight by the “ip ospf cost [1-65535]”
to the particular interface.Example:-
R1#conf t
R1(conf)#interface Serial0/0
R1(conf-if)#ip ospf cost 20

Second way to accomplish this by changing the Reference Bandwidth and this is done
under OSPF process:-
R1(conf)#router ospf 1
R1(config-router)#auto-cost reference bandwidth 20000

By default,OSPF calculates the cost of an interface by dividing the bandwidth

of the interface into 100 million(10 to the power 8).
So now our formula look like this:-

OSPF Cost=100000000/interface BW in BPS

NOTE:-Whenever you change Reference Bandwidth make sure it should be same across

all routers in your OSPF domain,also the router will prompt for this:-

R1(config-router)#auto-cost reference-bandwidth 20000

% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R1(config-router)#end

Also by default router will take auto-cost reference bandwidth in MBPS.

Rack1R1(config-router)#auto-cost reference-bandwidth ?
<1-4294967> The reference bandwidth in terms of Mbits per second

So thus using the default value and your network has interfaces with the bandwidth
greater than 100 million is not recommended,the reason is simple because OSPF
cannot differentiate between 100 mbps interface and an interface greater than
100 mbps,as in the above example “ip ospf cost”command enables you to change the
OSPF cost for an interface,but the better way to do this is to change the default
reference value.But always change the default behaviour of any protocol with
caution, so here in our scenario we need to change the default Reference cost in
every OSPF router in our routing domain.

The third way is also simple as here we need to manipulate the interface bandwidth,
to get our desired OSPF cost,it is simply done by the command:-
R1(conf)#interface Serial 0/0
R1(conf-if)#bandwidth [the numerical value]

Some Common OSPF Costs:-

56k=1785
64k=1562
T1(1544)=64

E1(2048)=48
Ethernet=10
Fast Ethernet=1
Gig Ethernet=1
10 Gig Ethernet=1