OSPF Comprehensive Exam Notes

Overview

Dynamic, link-state Interior Gateway Protocol (IGP) for TCP/IP networks.
Two standards
- OSPF v2 – IPv4 only, RFC 2328.
- OSPF v3 – IPv6 (& optional IPv4) transport, RFC 5340 + RFC 5838.
Key capabilities
- Authentication (simple/MD5 for v2; IPSec or auth-trailer for v3).
- IP multicast for control traffic.
- Very fast convergence on topology change.
- Hierarchical design with areas, supports route summarisation & ECMP.
Algorithms/terminology
- Disseminates Link-State Advertisements (LSAs).
- Each router builds a Link-State DataBase (LSDB).
- Best paths computed with Dijkstra Shortest Path First (SPF).

Distance-Vector vs Link-State

Distance-vector (e.g. RIP) forwards entire routing table to neighbours.
Link-state (e.g. OSPF, IS-IS) floods local state, every router recomputes full topology.

How OSPF Works (high-level cycle)

"Say Hello" – discover neighbours, check compatibility fields.
Exchange topology – DBD, LSR, LSU, LSAck.
Build LSDB & run SPF for best routes.

Version Comparison

Transport: v2 over IPv4, v3 over IPv6.
Address families: v2 ➜ IPv4; v3 ➜ IPv6 + (via RFC 5838) IPv4.
Auth: v2 built-in (Null, Simple, MD5/HMAC); v3 none – rely on IPSec or authentication trailer.
LSA types: v2 = 7, v3 = 9.

Typical Roles

Service-Provider Core

Flat Area 0; OSPF supplies loopback reachability for BGP/MPLS.
No customer/Internet routes – kept in BGP.
Tuned for sub-second convergence (QoS, FRR, TE, etc.).

Enterprise

Small/medium: OSPF as sole routing protocol (LAN, WAN, default to ISP).
Large: OSPF for IGP + BGP at edge; may use multiple areas for scaling (summaries, smaller SPF).

Router ID (RID)

32-bit unique number per router.
Manual config recommended; else chosen automatically:
- Cisco IOS – highest loopback IPv4, else highest active physical IPv4.
- Juniper Junos – lowest loopback IPv4, else lowest physical.
- MikroTik – lowest active interface IPv4.

OSPF Interfaces

Active – participate in Hello, adjacencies, LSAs.
Passive – advertise prefix but suppress Hellos.

Interface Cost

Metric used in SPF. Default reference 100\,\text{Mb\/s}\to \text{cost}=1 (Cisco/Juniper/Huawei).
\text{Cost}=\left\lfloor \frac{\text{Reference Bandwidth}}{\text{Interface Bandwidth (Mb\/s)}} \right\rfloor
Manually tune or globally change reference so every router matches.

Packet Types

1 Hello, 2 Database-Description (DBD), 3 Link-State-Request (LSR), 4 Link-State-Update (LSU), 5 LSA-Ack (common); identical idea for v3.

Network Types & Parameters

Type	DR/BDR?	Neigh discovery	Hello/Dead	Multicast?
Broadcast (Ethernet, DC fabrics)	Yes	Auto	$10/40\,\text{s}$	224.0.0.5/6
Point-to-Point (PPP, HDLC)	No	Auto	$10/40$	224.0.0.5
NBMA (ATM, FR, X.25)	Yes	Manual	$30/120$	Unicast
Point-to-Multipoint (Hub-Spoke)	No	Auto	$30/120$	Mix (Hello multicast, LSUs unicast)

DR / BDR Election (Broadcast & NBMA)

Highest priority (0–255) wins; tie ➜ highest RID.
DR & BDR act as central LSDB synchronisation points, reducing adjacencies.
Traffic classes:
- Hello, LSU, LSAck – multicast.
- DBD, LSR – unicast to peer.

Neighbour & Adjacency States

Down → Attempt (NBMA only) → Init → Two-Way (final for DROTHER↔DROTHER) → ExStart (master/slave based on RID) → Exchange → Loading → Full (final for full adjacencies).

Detailed Operational Checklist

Neighbour prerequisites: same Area ID, Hello/Dead, options bits, auth, MTU; v2 also subnet mask, v3 instance ID.
SPF run per area after LSDB sync.

Areas & Hierarchy

Area = collection of routers/networks running a separate SPF copy.
Purposes: contain LSDB size, limit LSA flooding, enable summaries.
Area ID – 32-bit; backbone = 0.0.0.0.
Router categories
- Internal (IR) – all interfaces in one area.
- Area-Border (ABR) – interfaces in ≥2 areas + separate LSDB per area.
- Backbone (BR) – interface in backbone.
- AS Boundary (ASBR) – redistributes external routes.

LSA Types (v2 / v3)

1 Router, 2 Network, 3 Network-Summary, 4 ASBR-Summary, 5 AS-External, 6 Group-Membership, 7 NSSA, (v3 adds) 8 Link-LSA, 9 Intra-Area-Prefix.

Scopes
- Link-local, Area, AS-wide.
Best paths computed from LSAs via SPF.

Single-Area Behaviour Example

Every router floods one Type-1 Router-LSA.
DR additionally floods Type-2 Network-LSA.
External prefixes learned via Type-5 () or Type-7 (NSSA).

Configuration (Cisco-style snippets)

Enable process: router ospf 1 (v2) or ipv6 router ospf 1 (v3).
Set RID: router-id 10.0.0.1.
Interface activation: ip ospf 1 area 0 or ipv6 ospf 1 area 0.
Passive: passive-interface loopback0.
Manual cost: ip ospf cost 10.
Verification commands: show ip ospf, show ip ospf neighbor, show ip ospf database, same for IPv6.

Route Redistribution & External Metrics

Done by an ASBR. Sources: connected, static, other IGPs, BGP (not recommended for Internet table).
External LSAs:
- Type-5 (AS-External) or Type-7 (inside NSSA).
Metric types
1 (E1): $\text{Total Cost}=\text{Internal path to ASBR}+\text{External Cost}$ .
2 (E2, default): $\text{Total Cost}=\text{External Cost}$ (internal cost only for tie-break).

Example (Type 1) – R3: $10+10+10+20=50$ ; compute similarly for R1/R2.

Default Route Origination

default-information originate – injects $0.0.0.0/0$ (v2) or ::/0 (v3).
- installed (default) – only if present in RIB.
- always – unconditional.
Appears as Type-5 (or Type-7 in NSSA).

Route Filtering (Cisco)

ip prefix-list PL seq 10 permit 10.1.0.32/30
route-map RM permit 10
  match ip address prefix-list PL
router ospf 1
  redistribute connected subnets metric-type 1 route-map RM

Multi-Area & Summarisation

ABRs can advertise summary LSAs:
- area 0 range 10.3.0.0 255.255.252.0 (=> $10.3.0.0/22$ ).
ASBRs summarise externals: summary-address 192.0.2.0 255.255.255.0.
Advantages: less flooding, reduced LSDB & RIB, lower CPU/memory.

Special Area Types & Allowed LSAs

Area	Allowed LSAs
Backbone (0)	1-7 (no restriction)
Standard	Same as backbone but local scope
Stub	1,2,3, (default) + default summary; blocks 5.
Totally-Stubby	1,2 (from within), default-route only; blocks 3,5.
NSSA	1,2,3,7 (+translation 7→5 by ABR)

Virtual Links

Used when backbone becomes discontiguous.
Configured between two ABRs through a transit area (must be non-stub and fully connected).
Design guidance: avoid if possible (adds complexity/delay).

Authentication

OSPF v2

Null (Type 0), Plain-text (Type 1), Cryptographic (Type 2 – MD5/HMAC-SHA).
Interface level: ip ospf authentication message-digest, ip ospf message-digest-key 1 md5 <pw>.
Area level: area 0 authentication message-digest.

OSPF v3

Uses IPv6 IPSec AH/ESP or authentication trailer.

ipv6 ospf authentication ipsec spi 1010201 sha1 <key>

Troubleshooting Checklist

Passive interface set by mistake.
IPv4 subnet / IPv6 link-local mismatch.
Hello/Dead timers inconsistent.
Duplicate Router ID.
MTU mismatch (seen during ExStart – DD seq errors).
Network type mismatch (broadcast vs p2p) causes DR issues.

Commands Cheat-Sheet (IOS)

show ip ospf interface brief – active interfaces & type/cost.
show ip ospf neighbor [detail] – state & timers.
show ip ospf database [router|network|external] – LSDB.
debug ip ospf adj – trace state machine.

Practical Examples Recap

Single-area v2 & v3 configurations (RID via loopback, passive L0+LAN, cost 10 on every interface).
Redistribution scenario: R4 redistributes connected as E1 & static as E2, R5 default route via R4, R3 verifies LSDB & ping to host H5.
Default route injection from dual ISPs (R1/R2) with metric-type 1.
Multi-area lab (Area 0,1,2) with ABRs R1/R2, ASBR R4; static $10.2.5.0/24$ redistributed by R4.

Summary of Major Points

OSPF is link-state, fast, hierarchical, supports dual stack (v3).
Neighbour compatibility, network types & DR process are foundational.
LSAs are building blocks; understanding scopes is key to area design.
ABRs and ASBRs enable scaling (summaries) and policy (redistribution).
Stub/Totally-Stub/NSSA areas trade off external visibility for simplicity.
Authentication: MD5/HMAC for v2, IPSec/Trailer for v3.
Proper cost tuning, summarisation, and filtering keep large deployments efficient and stable.