Routing protocol-OSPF (CCNA, CCNP notes)


OSPF, or Open Shortest Path First, is a link-state, open-standard, dynamic routing protocol.  OSPF uses an algorithm known as SPF, or Dijkstra’s Shortest Path First, to compute internally the best path to any given route.


Once a router has exchanged hellos with its neighbors and captured Router IDs and cost information, it begins sending LSAs, or Link State Advertisements.  LSAs contain the RID and costs to the router’s neighbors.  LSAs are shared with every other router in the OSPF domain.  A router stores all of its LSA information (including info it receives from incoming LSAs) in the Link State Database (LSDB).

OSPF is different from EIGRP in that it uses areas to segment routing domains.  This helps partition routers into manageable groups if the layer 3 network begins to get large. It all starts with area 0.  Every OSPF network must contain an area 0, sometimes referred to as the backbone area and every additional area must be physically connected to area 0.  From there, other areas are optional.

Note that the SPF algorithm only runs within a single area, so routers only compute paths within their own area.  Inter-area routes are passed using border routers.

All link state databases must match within an OSPF area.  This means that the more OSPF-enabled routers are configured for the same area, the more LSA advertisements that must be sent out.  After you reach about 50 routers, the high levels of LSA traffic and numerous routing table entries can become a problem.  That is why Cisco recommends limiting an OSPF area to no more than 50-100 routers.



All link state databases must match within an OSPF area.  This means that the more OSPF-enabled routers are configured for the same area, the more LSA advertisements that must be sent out.  After you reach about 50 routers, the high levels of LSA traffic and numerous routing table entries can become a problem.  That is why Cisco recommends limiting an OSPF area to no more than 50-100 routers.

Router Roles

Internal: All interfaces in a single area (routers 1, 4, 5 in diagram above)

Backbone: At least one interface assigned to area 0 (routers 1, 2 ,3 in diagram above)

Area Border Router (ABR): Have interfaces in two or more areas (routers 2 and 3 in diagram above)ABRs contain a separate Link State Database, separating LSA flooding between areas, optionally summarizing routes, and optionally sourcing default routes.

Autonomous System Boundary Router (ASBR): Has at least one interface in an OSPF area and at least one interface outside of an OSPF area.


Each interface is assigned a cost value based purely on bandwidth.  The formula is:


Higher bandwidth means a lower cost.


OSPF Packet Types

Discovers neighbors and works as a keepalive.

Link State Request (LSR) 
Requests a Link State Update (LSU), see below.

Database Description (DBD) 
Contains a summary of the LSDB, including RIDs and sequence numbers.

Link State Update (LSU) 
Contains one or more complete LSAs.

Link State Acknowledgement (LSAck)
Acknowledges all other OSPF packets (except hellos). OSPF sends the five packet types listed above over IP directly, using IP port 89 with an OSPF packet header.  Multicast address is used if sending to all routers, address is used for sending to all OSPF DRs.


SPF works by mapping all paths to every destination on each router.  It uses the RID to identify hops along each path and uses bandwidth as a metric between those hops.  This whole system works really well when routers are connected with point-to-point links and OSPF traffic is simply sent using multicast address

It doesn’t work well, however, when a router is connecting to multiaccess networks like an Ethernet VLAN.  Multiaccess OSPF links require a Designated Router (DR) be elected to represent the entire segment.  Another router is then elected as the Backup Designated Router, or BDR.  On that specific multiaccess segment, routers only form adjacencies with the DR and BDR.

The DR uses type 2, network LSAs to advertise the segment over multicast address  The Non-Designated routers then use IP address to communicate directly with the DR.

1. When the OSPF process on a router starts up, it listens for hellos.  If it does not receive any within its dead time, it elects itself the DR.

2. If hellos are received before the dead time expires, the router with the highest OSPF priority is elected as the DR.  Next, the same process happens to elect the BDR. Note:  If a router’s OSPF priority is set to 0, it will not participate in the elections.

3. If two routers happen to have the same OSPF priority, the router with the highest Router ID will become DR.  The same is true for BDR.

Once a DR is elected, elections cannot take place again until either the DR or BDR go down.  This essentially means that there is no OSPF DR preemption if another router comes online with a higher OSPF priority.  In the case that the DR goes down, the BDR automatically is assigned the DR role and a new BDR election occurs.

Be aware that a router with a non-zero priority that happens to boots first can become the DR just because it did not receive any hellos when the OSPF process was started – even though it may have a low OSPF priority.

The default OSPF priority is 1 and Cisco recommends manually changing that on routers you want to become the DR and BDR.

Remember that DRs are only used on multiaccess links, so they are only significant on an interface level.  A router with two different interfaces connected to two different multiaccess links will have separate DR elections for each segment. To set the OPSF priority, use the ip ospf priority command on the interface connected to the multiaccess segment.  Values can be between 0-255.



Like EIGRP, OSPF supports the use of passive interfaces. The passive-interface interface command disables OSPF hellos from being sent out, thus disabling the interface from forming adjacencies out that interface


OSPF has strict rules around how areas connect and where they can be located.  More specifically, every area must be physically connected to area 0 and area zero must be ‘contiguous’ – meaning it cannot broken into multiple, connected area 0s.

Virtual links were developed as a band-aid to situations that temporarily must violate those requirements.  Virtual links connect areas that do not connect directly to area 0.  It can also connect two area 0s together!

Keep in mind that Cisco recommends virtual links be a temporary workaround to a short-term problem,  not a permanent design.

The diagram below illustrates an example when a virtual link could be used.  Let’s pretend Company ABC and Company XYZ just announced a merger and now their corporate networks must do the same.  In this case, both routers R1 and R2 have now become ABRs and the virtual link configuration will be applied to them. The command area area-number virtual-link router-id is applied to each ABR.

Note that the area used in the command is the transit area that the virtual link resides in.  Also, the RID identifies the RID of the OTHER router at the end of the link!

Stubby and not so Stubby Areas:

Stub areas are another way to simplify route information that gets advertised.  Area 2 in the diagram above shows an example.

The ABR in a stub area drops all external routes and instead uses a default route of (R3 in this example).  That is, they do not know about any non-OSPF route information outside their own area.

A Cisco proprietary version of a stub area is a Totally Stubby Area, or TSA.  TSAs do not accept any external routes from non-OSPF sources AND they do not accept routes from other areas within their OSPF autonomous system.  If a router needs to send traffic to a route outside of its own area, it sends the traffic using a default route.

ABRs use default routes in Stub and Totally Stubby areas.
Stubby areas are made into Totally Stubby Areas by appending the no-summary keyword.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s