Configuring OSPF in multiple areas¶
The need for using multiple areas is dictated by scalability issues. A single area OSPF network with many routers implies frequent SPF calculations, large routing tables, large link-state tables, and so on…
The design of the OSPF protocol is hierarchical, that is why OSPF scales well. OSPF v2 achieves this through the use of many areas.
OSPF operation across multiple areas¶
In an OSPF v2 multiple area environnement the route to a specified destination is calculated as follows:
If the destination is in the same area, the normal SPF calculation is performed
If the destination is a network in another area, the route to the destination will be the route to the best ABR. Thus, packets addressed to the network will be received by an ABR, which will route them through the backbone area up to an ABR of the remote area. Finally, the remote ABR will forward the packets within the remote area up to the destination.
Configuration procedure¶
Below drawing illustrates how to configure a backbone network with 2 devices. At each side of the 2 devices, other area are defined. As you can see, all areas have one direct link connection to area 0.
rt1
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 172.16.1.0/24 area 1
..
..
interface
physical eth0_0
ipv4 address 172.16.1.1/24
..
physical eth1_0
ipv4 address 10.1.1.1/30
..
..
rt2 (ABR between the areas 1 and 0)
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 172.16.1.4/30 area 0
..
..
interface
physical eth0_0
ipv4 address 10.1.1.5/30
..
physical eth1_0
ipv4 address 10.1.1.2/30
..
..
rt3 (ABR between the areas 0 and 2)
vrf main
routing ospf
network 10.1.1.4/30 area 0
network 192.168.1.0/24 area 2
..
..
interface
physical eth0_0
ipv4 address 10.1.1.6/30
..
physical eth1_0
ipv4 address 192.168.1.1/24
..
..
rt4
vrf main
routing ospf
network 192.168.1.0/24 area 2
..
..
interface
physical eth1_0
ipv4 address 192.168.1.2/24
..
..
Verifying OSPF multi-area operation¶
In this type of configuration, the most important thing to check is the OSPF v2 database.
Area 1 ABR
rt2> show ospf database default
OSPF Router with ID (10.1.1.5)
Router Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum Link count
10.1.1.5 10.1.1.5 53 0x80000004 0x7d84 1
192.168.1.1 192.168.1.1 53 0x80000004 0xfe4d 1
Net Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum
10.1.1.6 192.168.1.1 54 0x80000001 0x550e
Summary Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum Route
10.1.1.0 10.1.1.5 62 0x80000001 0x9c9c 10.1.1.0/30
172.16.1.0 10.1.1.5 62 0x80000001 0x1c5e 172.16.1.0/24
192.168.1.0 192.168.1.1 75 0x80000001 0xf983 192.168.1.0/24
Router Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Link count
10.1.1.5 10.1.1.5 62 0x80000003 0x21e8 1
172.16.1.1 172.16.1.1 75 0x80000003 0xeceb 2
Net Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum
10.1.1.1 172.16.1.1 77 0x80000001 0x467b
Summary Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Route
10.1.1.4 10.1.1.5 53 0x80000001 0x74c0 10.1.1.4/30
192.168.1.0 10.1.1.5 43 0x80000001 0xefdd 192.168.1.0/24
rt2 has two databases: one in area 1, the other in area 0.
rt1
rt1> show ospf database default
OSPF Router with ID (172.16.1.1)
Router Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Link count
10.1.1.5 10.1.1.5 100 0x8000000a 0x1fe9 1
172.16.1.1 172.16.1.1 200 0x8000000b 0xeaec 2
Net Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum
10.1.1.1 172.16.1.1 200 0x80000005 0x447c
Summary Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Route
10.1.1.4 10.1.1.5 96 0x80000002 0x72c1 10.1.1.4/30
192.168.1.0 10.1.1.5 93 0x80000001 0xefdd 192.168.1.0/24
Route summarization¶
Summarization is the aggregation of multiple routes into one advertisement. The functionality of route summarization has the obvious advantage of reducing routing tables, and positively affects the amount of bandwidth and CPU consumed, but proper summarization operation requires a contiguous network address space.
There are two types of summarization:
- Inter-area route summarization
Done on ABR routers.
- External route summarization
Done on ASBR routers, this type of summarization is specific to external routes redistributed from BGP, static, or other external routing information.
Inter-area Route summarization configuration¶
Example: inter-area route summarization configuration
Above figure 6 example (Figure 6 - OSPF v2 router configuration in multi-area environment) illustrates an inter-area configuration example. Assuming that prefix 10.2.1.0/24 has been delegated to area 1, then the area 1 administrator may want to advertise a summarized route to all sub-networks of this prefix.
In the previous example, the ABR router rt2 is now configured to advertise the aggregated prefix 10.2.1.0/24, and rt1 is configured to announce network 10.2.1.0/28.
Added configuration lines are written below:
rt1
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 172.16.1.0/24 area 1
network 10.2.1.0/30 area 1
..
..
interface
physical eth0_0
ipv4 address 172.16.1.1/24
..
physical eth1_0
ipv4 address 10.1.1.1/30
ipv4 address 10.2.1.1/28
..
..
rt2
ABR between the areas 1 and 0:
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 172.16.1.4/30 area 0
area 1 range 10.2.1.0/24
..
..
interface
physical eth0_0
ipv4 address 10.1.1.5/30
..
physical eth1_0
ipv4 address 10.1.1.2/30
..
..
Check OSPF v2 routes.
rt1
rt1> show ospf route
============ OSPF network routing table ============
N 10.1.1.0/30 [100] area: 0.0.0.1
directly attached to eth1_0
N IA 10.1.1.4/30 [200] area: 0.0.0.1
via 10.1.1.2, eth1_0
N 10.2.1.0/28 [100] area: 0.0.0.1
directly attached to eth0_0
N 172.16.1.0/24 [100] area: 0.0.0.1
directly attached to eth0_0
N IA 192.168.1.0/24 [300] area: 0.0.0.1
via 10.1.1.2, eth1_0
============ OSPF router routing table =============
R 10.1.1.5 [100] area: 0.0.0.1, ABR
via 10.1.1.2, eth1_0
============ OSPF external routing table ===========
On rt1, which is in area 1, the new route to the 10.2.1.0/28 prefix has appeared in the OSPF RIB.
rt2
rt2> show ospf route
============ OSPF network routing table ============
N 10.1.1.0/30 [100] area: 0.0.0.1
directly attached to eth1_0
N 10.1.1.4/30 [100] area: 0.0.0.0
directly attached to eth0_0
D IA 10.2.1.0/24 Discard entry
N 10.2.1.0/28 [200] area: 0.0.0.1
via 10.1.1.1, eth1_0
N 172.16.1.0/24 [200] area: 0.0.0.1
via 10.1.1.1, eth1_0
N IA 192.168.1.0/24 [200] area: 0.0.0.0
via 10.1.1.6, eth0_0
============ OSPF router routing table =============
R 192.168.1.1 [100] area: 0.0.0.0, ABR
via 10.1.1.6, eth0_0
============ OSPF external routing table ===========
On rt2, which is the ABR of area 1, the new route to the 10.2.1.0/28 prefix has appeared in the OSPF RIB. This route will not be advertised beyond area 1. The summary route will instead be advertised. To avoid routing loops (since the 10.2.1.0/24 address space has not be entirely assigned to networks), a reject route will be injected in the ABR forwarding table (hence a discard entry appears in the OSPF RIB).
rt3
rt3> show ospf route
============ OSPF network routing table ============
N IA 10.1.1.0/30 [200] area: 0.0.0.0
via 10.1.1.5, eth0_0
N 10.1.1.4/30 [100] area: 0.0.0.0
directly attached to eth0_0
N IA 10.2.1.0/24 [300] area: 0.0.0.0
via 10.1.1.5, eth0_0
N IA 172.16.1.0/24 [300] area: 0.0.0.0
via 10.1.1.5, eth0_0
N 192.168.1.0/24 [100] area: 0.0.0.2
directly attached to eth1_0
============ OSPF router routing table =============
R 10.1.1.5 [100] area: 0.0.0.0, ABR
via 10.1.1.5, eth0_0
============ OSPF external routing table ===========
The rt3 router, does not belong to area 1. Its OSPF RIB only contains a route to the summary route 10.2.1.0/24.
OSPF virtual links overview¶
When configuring OSPF in multi-area environnement, one area must be defined as a backbone area, this is the area 0. All communications between two areas go through the backbone area, what means that all other areas must be directly connected to the backbone area.
In some situations, a new area is added after the OSPF network has been designed, and it is not possible to have direct connection between the backbone area and the newly added area. The concept of virtual link enables to create this direct connection.
Virtual links cannot be configured over stub area.
The virtual link has two requirements:
It must be established between two routers in the same area
At least one of the two routers must have a connection to the backbone area.
Virtual links configuration example¶
A multi-area environment will be configured, and two routers will form the virtual link. Those two routers must be ABRs, with one router connected to the backbone area.
rt11
vrf main
routing ospf
network 172.16.1.0/24 area 3
..
..
interface
physical eth0_0
ipv4 address 172.16.1.2/24
..
..
rt1
vrf main
routing ospf
area 1 virtual-link 10.1.1.5
network 172.16.1.0/24 area 3
network 10.1.1.0/24 area 1
..
..
interface
physical eth0_0
ipv4 address 172.16.1.1/24
..
physical eth1_0
ipv4 address 10.1.1.1/30
..
..
rt2
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 10.1.1.4/30 area 0
area 1 virtual-link 172.16.1.1
..
..
interface
physical eth0_0
ipv4 address 10.1.1.5/30
..
physical eth1_0
ipv4 address 10.1.1.2/30
..
..
Verifying virtual link operation¶
Check on both routers (rt1 and rt2) that the virtual link interface is up:
rt1> show ospf interface [...] VLINK0 is up ifindex 0, MTU 1500 bytes, BW 0 Mbit <UP> Internet Address 10.1.1.1/30, Peer 10.1.1.2, Area 0.0.0.0 MTU mismatch detection: enabled Router ID 172.16.1.1, Network Type VIRTUALLINK, Cost: 100 Transmit Delay is 1 sec, State Point-To-Point, Priority 1 No backup designated router on this network No designated router on this network Multicast group memberships: <None> Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5 Hello due in 9.760s Neighbor Count is 1, Adjacent neighbor count is 1
Check the OSPF LSA advertisement. That is to say that
rt1
, which is in area 3, should receive summmary link states from other areas.rt11> show ospf database default OSPF Router with ID (172.16.1.1) Summary Link States (Area 0.0.0.0) Link State ID ADV Router Age Seq# CkSum Route 10.1.1.0 10.1.1.5 1145 0x80000001 0x9c9c 10.1.1.0/30 10.1.1.0 172.16.1.1 324 0x80000001 0x8407 10.1.1.0/30 172.16.1.0 172.16.1.1 1148 0x80000001 0x9f37 172.16.1.0/24 192.168.1.0 192.168.1.1 1142 0x80000001 0xf983 192.168.1.0/24 [...] Summary Link States (Area 0.0.0.1) Link State ID ADV Router Age Seq# CkSum Route 10.1.1.4 10.1.1.5 1145 0x80000001 0x74c0 10.1.1.4/30 172.16.1.0 172.16.1.1 132 0x80000002 0x9d38 172.16.1.0/24 192.168.1.0 10.1.1.5 1094 0x80000001 0xefdd 192.168.1.0/24 [...] Summary Link States (Area 0.0.0.3) Link State ID ADV Router Age Seq# CkSum Route 10.1.1.0 172.16.1.1 324 0x80000001 0x8407 10.1.1.0/30 10.1.1.4 172.16.1.1 140 0x80000001 0xc0bc 10.1.1.4/30 192.168.1.0 172.16.1.1 140 0x80000001 0x3cd9 192.168.1.0/24
Moreover, this database contains the entries of the backbone area.
OSPF stub area overview¶
In some ASes, the majority of the link-state database may consist of AS-external-LSAs. An OSPF AS-external-LSA is usually flooded throughout the entire AS. However, OSPF allows certain areas to be configured as “stub areas”. AS-external-LSAs are not flooded into/throughout stub areas; routing to AS external destinations in these areas is based on a default route. This reduces the link-state database size, and therefore the memory requirements, for a stub area’s internal routers.
To configure a stub area, enter for example:
routing ospf
area 1 stub
Totally stubby area overview¶
This feature prevents the ospf ABR from injecting inter-area summary into the considered area.
A Stub Area restricts the LSA types being injected into a stub area from other areas to Type 3 Summary LSA’s. Type 4’s and 5’s are represented by a default route to the Area Border Router. A totally stubby area takes this further by restricting Type 3’s as well, so all traffic being injected into a totally stubby area are represented by a default route.
To sum up, this means that the AS-external-LSAs (Type-5 LSA) and ASBR-Summary-LSA (Type-4 LSA) and Network summary LSA (Type-3 LSA) are not flooded into a totally stub areas.
Example
vrf main
routing ospf
area 1 stub summary false
OSPF NSSA overview¶
Turbo IPsec software supports the OSPF NSSA. This concept was first described in RFC 1587. An OSPF area is said to be NSSA if it can send some external links to other areas. These routes are said to be LSA type 7, which carry essentially type 5 LSA. Then, at the ASBR, it is converted in LSA type 5, which can flood the information to the rest of other areas networks.
Example
vrf main
routing ospf
area 1 nssa
OSPF options configuration example¶
In this example, the routers will be configured so that rt1 and rt2 will have a virtual-link. Route summarization will be configured on rt1. rt2 and rt3 will be ABRs. Also, OSPF priority on rt2 will be changed. The last device, rt3, will be configured in area 2. It will be checked how routes announced by rt1 will be propagated.
rt11
vrf main
routing ospf
network 172.16.0.0/22 area 3
..
..
interface
physical eth0_0
ipv4 address 172.16.1.2/24
..
physical eth1_0
ipv4 address 172.16.0.2/24
..
..
rt1
vrf main
routing ospf
area 1 virtual-link 10.1.1.5
area 3 range 172.16.0.0/22
network 172.16.0.0/22 area 3
network 10.1.1.0/24 area 1
..
..
interface
physical eth0_0
ipv4 address 172.16.1.1/24
..
physical eth1_0
ipv4 address 10.1.1.1/30
..
..
rt2
vrf main
routing ospf
network 10.1.1.0/30 area 1
network 10.1.1.4/30 area 0
area 1 virtual-link 172.16.1.1
..
..
routing interface eth1_0
ip ospf priority 3
..
..
interface
physical eth0_0
ipv4 address 10.1.1.5/30
..
physical eth1_0
ipv4 address 10.1.1.2/30
..
..
rt3
vrf main
routing ospf
network 10.1.1.4/30 area 0
network 192.168.1.0/24 area 2
..
interface
physical eth0_0
ipv4 address 10.1.1.6/30
..
physical eth1_0
ipv4 address 192.168.1.1/24
..
..
rt4
vrf main
routing ospf
network 192.168.1.0/24 area 2
..
..
interface
physical eth1_0
ipv4 address 192.168.1.2/24
..
..
Check the state of the multi-area OSPF domain.
rt1
Check the OSPF neighbors’ status:
rt1> show ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
RXmtL RqstL DBsmL
10.1.1.5 3 Full/DR 35.432s 10.1.1.2 eth1_0:10.1.1.1
0 0 0
10.1.1.5 1 Full/DROther 34.433s 10.1.1.2 VLINK0
0 0 0
172.16.1.2 1 Full/DR 31.642 172.16.1.2 eth0_0:172.16.1.1
0 0 0
rt2
Check the OSPF neighbors’ status:
rt2> show ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
172.16.1.1 1 Full/Backup 38.325s 10.1.1.1 eth1_0:10.1.1.2 0 0 0
192.168.1.1 1 Full/DR 38.635s 10.1.1.6 eth0_0:10.1.1.5 0 0 0
172.16.1.1 1 Full/DROther 38.405s 10.1.1.1 VLINK0 0 0 0
rt3
Check the OSPF neighbors’ status:
rt3> show ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
192.168.1.2 1 Full/DR 36.257s 192.168.1.2 eth1_0:192.168.1.1 0 0 0
10.1.1.5 1 Full/Backup 32.532s 10.1.1.5 eth0_0:10.1.1.6 0 0 0
rt2
Display the OSPF database:
rt2> show ospf database default
OSPF Router with ID (10.1.1.5)
Router Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum Link count
10.1.1.5 10.1.1.5 601 0x8000001b 0x827f 2
172.16.1.1 172.16.1.1 598 0x80000010 0x5844 1
192.168.1.1 192.168.1.1 649 0x80000010 0xe45a 1
Net Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum
10.1.1.6 192.168.1.1 653 0x80000001 0x550e
Summary Link States (Area 0.0.0.0)
Link State ID ADV Router Age Seq# CkSum Route
10.1.1.0 10.1.1.5 990 0x80000005 0x94a0 10.1.1.0/30
10.1.1.0 172.16.1.1 979 0x80000005 0x7c0b 10.1.1.0/30
172.16.0.0 172.16.1.1 657 0x80000001 0x9b3f 172.16.0.0/22
192.168.1.0 192.168.1.1 626 0x80000006 0xef88 192.168.1.0/24
Router Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Link count
10.1.1.5 10.1.1.5 602 0x80000004 0x35ce 1
172.16.1.1 172.16.1.1 603 0x80000005 0x3e6a 1
Net Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum
10.1.1.2 10.1.1.5 611 0x80000001 0x541a
Summary Link States (Area 0.0.0.1)
Link State ID ADV Router Age Seq# CkSum Route
10.1.1.4 10.1.1.5 649 0x80000001 0x74c0 10.1.1.4/30
172.16.0.0 172.16.1.1 657 0x80000001 0x9b3f 172.16.0.0/22
172.16.0.255 172.16.1.1 596 0x80000001 0x0fbe 172.16.0.0/24
172.16.1.0 172.16.1.1 596 0x80000001 0x9f37 172.16.1.0/24
192.168.1.0 10.1.1.5 639 0x80000001 0xefdd 192.168.1.0/24
On above show command, a summary LSA exists for networks 172.16.0.0/24 and 172.16.0.1/24 in area 1 (although these networks are in area 3), thanks to the virtual link between rt1 and rt2. The LSAs for these two networks are aggregated in area 0 as a summary link state, thanks to route summarization on router rt1, hence only a route to network 172.16.0.0/22 is advertised on the backbone area.
rt3
Display the OSPF routes received by rt3:
rt3> show ospf route
============ OSPF network routing table ============
N IA 10.1.1.0/30 [200] area: 0.0.0.0
via 10.1.1.5, eth0_0
N 10.1.1.4/30 [100] area: 0.0.0.0
directly attached to eth0_0
N IA 172.16.0.0/22 [310] area: 0.0.0.0
via 10.1.1.5, eth0_0
N 192.168.1.0/24 [100] area: 0.0.0.2
directly attached to eth1_0
============ OSPF router routing table =============
R 10.1.1.5 [100] area: 0.0.0.0, ABR
via 10.1.1.5, eth0_0
R 172.16.1.1 [200] area: 0.0.0.0, ABR
via 10.1.1.5, eth0_0
=========== OSPF external routing table ===========
The aggregated route to network 172.16.0.0/22 is received by rt3 thanks to the virtual link and route summarization.
rt1
On rt1, the OSPF routes are as follows:
rt1> show ospf route
============ OSPF network routing table ============
N 10.1.1.0/30 [100] area: 0.0.0.1
directly attached to eth1_0
N 10.1.1.4/30 [200] area: 0.0.0.0
via 10.1.1.2, eth1_0
D IA 172.16.0.0/22 Discard entry
N 172.16.0.0/24 [110] area: 0.0.0.3
via 172.16.1.2, eth0_0
N 172.16.1.0/24 [100] area: 0.0.0.3
directly attached to eth0_0
N IA 192.168.1.0/24 [300] area: 0.0.0.0
via 10.1.1.2, eth1_0
============ OSPF router routing table =============
R 10.1.1.5 [100] area: 0.0.0.1, ABR
via 10.1.1.2, eth1_0
[100] area: 0.0.0.0, ABR
via 10.1.1.2, eth1_0
R 192.168.1.1 [200] area: 0.0.0.0, ABR
via 10.1.1.2, eth1_0
============ OSPF external routing table ===========
The routes to area 3 networks (172.16.0.0/24 and 172.16.1.0/24) appear in the RIB, as well as a reject route to the aggregated network (172.16.0.0/22), to avoid routing loops. Only the aggregated route will be advertised to other areas. Routes to networks in remote areas have also been received by rt1.
Routes are now installed on all routers, so that packets can flow from rt11 to rt4.