How to configure OSPF for CCNA students


(Hussein Samir) #21

Hi Rene,

What are the “Wait” and “Retransmit” timers used for ?

thanks


(Rene Molenaar) #22

Hi Hussein,

While the router is in the “waiting” state it will be listening to hello packets from other routers to figure our who the DR/BDR should be. Once the waiting state is over, then we will do the DR/BDR election. The wait timer indicates how long we remain in the waiting state (40 seconds by default).

OSPF sends acknowledgments for each new LSA that it receives. A LSA will be retransmitted if the router didn’t receive an acknowledgment. By default we wait 5 seconds between retransmissions.

Rene


(John M) #23

Rene

Thanks for this lesson. Well thought out. Plenty of theory beforehand and good workout with the keyboard putting in exercises. I did run into the same issues as someone else above about changing the Router ID’s but a reboot or removal of the ip address from original interface then save then re-configuring that same interface afterwards solved the issue. Its probably a but in the IOS…


(Jason W) #24

What if an OSPF route sat behind a EIGRP network which was the only access out to the internet… in other words… OSPF network had to go through a EIGRP network to exit the internal network and go to the internet (BGP, Static, etc)… would you use the default-information originate command on the Autonomous System Border Router (connecting OSPF to EIGRP) to tell all the OSPF routers – hey…go this way to get out.


(Andrew P) #25

Jason, you are exactly right. Suppose your ASBR is 10.0.0.1, and it has a default route in its RIB (it doesn’t matter whether that route came from EIGRP, or is a static route). From the ASBR, under your OSPF process, you would issue
(config-router)#default-information originate

Now, if you went to another OSPF router in the same area as the ASBR, you would see the following in its routing table:

Gateway of last resort is 10.0.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.0.0.1, 00:00:01, FastEthernet0/0

So the ASBR is advertising an External Type-2 route by default to OSPF (using a Type-5 LSA).

By the way, the ASBR doesn’t have to have a default route in order to do this. If you modified the command just slightly with
(config-router)#default-information originate always
the “always” keyword will have the ASBR advertise a default route to OSPF whether or not the ASBR actually has a default route of its own.


(PALANIAPPAN M) #26

Hi Rene

In the DR election involving the router Hearts and Spade, Hearts and clubs I think that this router will win the DR election in both the cases because it has the highest RID. Can you please check and let me know why this is not the case for Hearts and Spade.

If I am wrong please let me know why between Heart & Spade router, how Spade won the election for the DR

Thanks
Palani


(Andrew P) #27

Hi Palani,

As you probably know, the order in which a DR election is decided is:

  1. Highest Priority
  2. Highest Router-ID
  3. Highest Loopback IP
  4. Highest Interface IP (interface must be up/up)

You are right that Heart should win the election should one occur between Spade and Heart, because they are both priority 1, and Heart has the highest router-id.

The reason that Heart is not the DR is because in reality elections happen very rarely. The timing between two routers has to be almost perfect where neither router has gotten past the “Wait” timer while the OSPF process initializes. One important thing to remember about OSPF is that in most circumstances, there is no DR preemption meaning that once a DR is elected, it stays the DR even if another router that would have been the DR otherwise later comes online. For the purposes of CCNA, just think of there being no preemption (it is actually possible, but we won’t get into that here).

When the OSPF process starts up, it sends OSPF Hello messages to 224.0.0.5 and listens for Hellos. During this first startup, the router will wait to hear Hellos back in for the “Wait” timer period (which is equal to the DEAD timer by default). If the router receives Hellos, and those Hellos contain information about an existing DR and BDR, the router will immediately accept these values, and an election will not occur.

All of this means that ultimately who is actually the DR mostly comes down to the order in which you power on the routers! In this lesson, it was probably the case that Spade started up before Hearts.


(sims) #28

Hi rene
I did " clear ip ospf process " after adding loopback ip .But my router ID did not change

R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#
R1#show ip protocols
*** IP Routing is NSF aware ***

Routing Protocol is "ospf 1"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Router ID 192.168.23.2
  Number of areas in this router is 1. 1 normal 0 stub 0 nssa
  Maximum path: 4
  Routing for Networks:
    192.168.23.0 0.0.0.255 area 0
  Routing Information Sources:
    Gateway         Distance      Last Update
  Distance: (default is 110)

Thanks


(Andrew P) #29

Sims,
When you add a loopback, OSPF won’t automatically change the router-id even if you clear the process. Since you have already created the OSPF instance, you will have to issue the command
(config-router)#router-id <A.B.C.D>
Where A.B.C.D is what you want the ID to become, and after that, clear the OSPF process.

The other much more difficult option would be (once you already have your loopback created) to remove OSPF and add it back, via:

(config)#no router ospf 1
(config)#router ospf 1

But you would have to re-enter your configuration parameters doing it that way.

Note: There does not have to be a corresponding IP address to match an ID. You can make this ID to 123.123.123.123 if you want, and even if you don’t have any IP like that, OSPF will still work fine. The Router-ID is the node identifier and is independent of any IP space.


(sims) #30

Hi,

Why both neighbour is BDR

Hearts#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
3.3.3.3           1   FULL/BDR        00:00:36    192.168.13.3    GigabitEthernet0/1
2.2.2.2           1   FULL/BDR    
00:00:35    192.168.12.2    GigabitEthernet0/0

Thanks


(Rene Molenaar) #31

Hi Sims,

The DR/BDR election is done on each multi-access segment, not per area.

Rene


(sims) #32

Hi,

I have the same topology as in your document

But Both are showing ‘BDR’

Clubs#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/BDR        00:00:39    192.168.23.2    GigabitEthernet0/2
192.168.13.1      1   FULL/BDR        00:00:33    192.168.13.1    GigabitEthernet0/1

Thanks


(Rene Molenaar) #33

The DR/BDR election is done per multi-access segment. In this topology, our Ethernet interfaces are multi-access.

This means there is an election on the segment between Spade/Clubs, Spade/Hearts and Hearts/Clubs.

The election is also non-preemptive which means that once a DR/BDR has been elected, it remains this role unless you reset the OSPF process. If you add a new loopback interface on a router or change its router ID, you might want to reset all routers on the segment to ensure that the DR/BDR election is done again properly.


(sims) #34

Hi,
The DR/BDR election is done per multi-access segment. In this topology, our Ethernet interfaces are multi-access.

Can you explain " our Ethernet interfaces are multi-access."

Thanks


(Andrew P) #35

Sims,
Think of multi-access as the opposite of point-to-point. Where Point-to-Point has only one destination at the other end of the line, multi-access could have multiple destinations–like any device plugged into a hub or switch.


(Networklessons Admin) split this topic #36

19 posts were merged into an existing topic: How to configure OSPF for CCNA students


(Heng S) #37

Hello Rene!
I’m not clear about authentication for entire area:

R3(config-if)#router ospf 1
R3(config-router)#area 0 authentication

This command use for set authentication for entire area but where is the password ? This command seem like just tell router to use authentication to perform neighbor.
Please kindly help !
Thank and best regard
Sovandara


(Rene Molenaar) #38

Hi Sovandara,

Authentication can be enabled globally for an area but you still have to configure the password on the interface. You can’t configure the password globally. Here’s a complete example:

R1(config)#router ospf 1
R1(config-router)#area 0 authentication 

R1(config)#interface FastEthernet 0/0
R1(config-if)#ip ospf authentication-key CISCO

(Heng S) #39

Hi Rene
But if i configure twos password different from each other on different interface, When i enable authentication for entire area, Which password it will choose ?


(Rene Molenaar) #40

It will always use the password on the interface. For example, if you have something like this:

R1(config)#router ospf 1
R1(config-router)#area 0 authentication 

R1(config)#interface FastEthernet 0/0
R1(config-if)#ip ospf authentication-key CISCO

R1(config)#interface FastEthernet 0/1
R1(config-if)#ip ospf authentication-key NWL

Then it will use password CISCO on the F0/0 interface and NWL on the F0/1 interface.