Thank you for your question. At a high level, your design issue is not specific to OSPF as much as how to design a fault tolerant network.
If your clients are connected to an OSPF enabled router/switch in your distribution layer, the minimum requirement is for a default route to be known by that router. You have achieved this by originating a default route from at least one of your core routers that is connected to your ISP (or aware of a route to your ISP). Congratulations, you have already done most of the hard work; anything extra is optimisation :-).
Static routes are normally used to enforce some sort of local policy on a specific router so they may not make sense to share in the rest of the network. This is a general point about redistribution; itâs normally best not to do it unless you really need it. If you do decide to redistribute, use care to only redistribute routes you really need using filtering and also consider redistributing only one way if possible (e.g. EIGRP ==> OSPF but not OSPF ==> EIGRP).
Lets take an example. You decide to redistribute connected routes into OSPF and so advertise the L3 interconnection link between the edge router and the firewall. This adds complexity but is unlikely to change any traffic flows or increase resilience as traffic from distribution routers is already flowing to the core switch due to the default route. Also routers in certain OSPF Areas (e.g. Totally Stubby) will not receive this routing information anyway so will be unable to act on it.
My question was if I have many subnets directly connected to my core router I want to distribute that subnets into OSPF can I use the âredistribute connected subnetsâ or is not the best practice so I have to configure inside OSPF all that networks.
Many thanks for the clarification on your question. I can see why you might want to redistribute static routes but connected subnets can be easily added to OSPF by using network statements.
Recall the network statements perform two tasks:
Advertise the networks that fall within this range in OSPF.
Activate OSPF on the interface(s) that fall within this range. This means that OSPF will send hello packets on the interface.
As your device is a core router, itâs likely you will want OSPF to start sending hello packets on most interfaces anyway and you will advertise those connected routes at the same time with no additional configuration required.
I donât recommend to use redistribution unless you have a specific requirement and I believe it would be more normal to not use it in this case.
Some quick terminology. We should normally say âredistribute X into Yâ so that we understand always the direction the routes are moving.
In every case of redistribution we should ask ourselves what we wish to achieve. If we are connecting two organisations after a company merger and they use two different routing protocols, we might need to use redistribution to connect those two organisations. However if we are connecting two Autonomous Systems (routing systems that are managed by different people) we might wish to use a very simple BGP configuration with a small number of summary routes; we donât need to share our detailed internal routing with a 3rd party.
If you would like to advertise routes learned using BGP into OSPF so that other areas in your organisation can see changes then yes this would be a good example of where to use redistribution. You can redistribute BGP into OSPF. There would be no requirement for mutual redistribution. As always, consider using some form of route filtering so that you can not place âbadâ routes into the core even if your BGP peer advertises them to you.
I already did what you told me for static routes and I will do the same to redistribute BGP prefix list to OSPF.
If I already have BGP filters (prefix-list) can I use the same prefix-lilst to create a route-map to filter the networks announce by BGP to OSPF?
example
router bgp 65533
neighbor 6.6.6.6 remote-as 65533
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 prefix-list PRUEBA in
ip prefix-list PRUEBA permit ip 10.250.20.0/24 --> ( I have a lot of prefix list for filtering but that is for that example)
route-map BGP-TO-OSPF permit 10
match ip address prefix-list PRUEBA
router ospf 1
redistribute BGP 64518 route-map BGP-TO-OSPF
You approach looks great and will work with a couple of very small tweaks.
In your prefix-list itâs common to define a mask and then also use the âleâ lesser-than-or-equal-to parameter to allow through routes that are more specific but still fall within the range.
ip prefix-list PRUEBA permit ip 10.250.20.0/24
will only allow through one exact route â10.250.20.0/24â.
What we probably want to use is:
ip prefix-list PRUEBA permit ip 10.250.20.0/24 le 32
which will also allow through more specific matches such as 10.250.20.128/25 and 10.250.20.93/32.
When you redistribute BGP into OSPF you will probably want to use the âsubnetsâ parameter to select additional routes for redistribution. Instead of using:
Word of advice buy Rene book on CCNP Route. Study the chapters such as I read all of the OSPF chapters through twice. Then I come to the web pages which I buy a year subscription to at a time as its a little cost savings.
On the web pages especially one like this where Rene has video its great to watch those as added reinforcement.
For example, First video Rene is talking about all the areas and how OSPF works. he shows you a ABR and ASBR. When he is doing this if you have studied the book first you are seeing LSA type 3 summary network LSA so it knows where to find the ABR. Then when he mentioned the ASBR I was thinking and oh yah there is a type 4 LSA so it can find the ASBR, and finally that linked into him giving example of Redistributed route and there I though oh yah there will be a LSA type 5 for redistribution and all these things link together so even when he may not mention it in the video because that video is explain something slightly different but related you think about it in your head and see it because you have studied the CCNP Route book first.
On the another video same lesson he talks about what is contained in a hello packet its small thing but he mentions when talking about DR and BDR that routers have a default priority but if you read through he book first you know that is default of 1 and that leads your brain down related stories such as donât want something to become DR or BDR then choose 0 or if you want it to be something else he specifically mentions in the video as he did in book you can increase the priority.
So each thought about something leads you to things related to that thought. While the material Is also covered in-depth on these web pages its slightly different and the videos are sound instead of visual so another type as well.
I am telling you this really reinforces the information so buy the book read it get basic understanding and then study the web lessons it will cement the knowledge or at least it does for me!
Hello Rene,
Thank you for the wonderful and simple description of OSPF.
I would like to know what is the meaning of the below -
In OSPF load balancing
- > 4 equal cost paths will be placed in routing table.
Maximum of 16 paths.
When OSPF has more than one path to a destination and the cost of those paths are equal, it will place up to four of those paths into the routing table. Because OSPF is a routing protocol that keeps a topology of the whole network, it âknowsâ of all possible paths to a destination. So, in the unlikely event that you have a network with more than 16 equal cost paths to a specific destination, up to 16 will be maintained within the topology, and from those 16 up to 4 will be placed within the routing table.
Hi Rene, I have question about Ospf cost. Can two different costs values be assigned to a link connecting the two routers? If yes, then what could be the implications overall in terms of spf calculations since cost of the link connecting the two routers donât have to match on the 2 routers connected via the link in question? Please advise. Thanks!
Each router can change the cost of its interface(s) and it can be a different value. Each router runs SPF with itself as the ârootâ of the shortest path tree so itâs possible that if you have two routers, theyâll use a different path to get to a certain destination because of the cost you configured on the interface. Thatâs no problem at all.
Hello Rene,
I did a packet capture and was studying Hello packet in ospf.
My setup here is like this R1------------------------------R2
192.1681.1.1 192.168.1.2
I enabled OSPF on R2 first so it started sending Hello packet, then next I configured OSPF on R1 so now R1 also started sending hello packet. Now as soon as R2 got the hello from R1 then it did an ARP saying who is 192.168.1.1 tell 192.168.1.2. So why this ARP happens at first place and I see this ARP happening on R2 only not on R1, my second question.
I am also attaching the packet capture.hello.pcapng (13.0 KB)
This is an excellent question, it shows that you are thinking analytically and very deeply about these issues.
When a router sends an OSPF hello packet, it sends it to the 224.0.0.5 multicast address. When R2 receives this packet, one of the pieces of information it receives in the OSPF header is the IP address of the router that sent it.
Now the next step to establishing a neighbour adjacency is for R2 to respond with a unicast packet sending its router ID and its neighbour list. However, in order to do this, it must encapsulate the response, which is an IP packet, into a frame. In order to do that, it must learn the destination MAC address, something it does not yet have in its ARP table since the initial communication was a multicast packet. So it initiates an ARP request for the IP address of R1 and receives the MAC address. It can then further encapsulate the frame and send it on its way.
When we configure OSPF on a Router then it starts sending Hello packets. But how did it get all those information first of all. For example, how it knows the DR, BDR IP Address.
When a router is configured with OSPF, it begins sending Hello packets. These packets have a destination of 224.0.0.5 which is the multicast address used by OSPF. All OSPF routers receive such multicast packets. These exchanges allow the formation of neighbour relationships. Once these neighbor relationships are formed, the unicast IP addresses of neighbours are known and exchanges occur in unicast. When a DR and BDR election takes place, packets are exchanged until the DR and BDR are elected. An OSPF router can communicate with the DR and BDR using the multicast address 224.0.0.6. The DR and BDR can respond using unicast.
So in this way, all routers find out about their neighbours as well as the DR and BDR.
There isnât really a hard limit, it mostly depends on the resources of your router. The number of neighbors might not be the limitation btw, there are some other factors like the number of interfaces, networks, area types, etc.
Some things worth knowing about OSPF load balancing:
Paths must have an equal cost.
4 equal cost paths will be placed in routing table.
Maximum of 16 paths.
To make paths equal cost, change the âcostâ of a link
The third point states about a maximum of 16 paths but on the second it states about 4 equal cost paths⌠so i wonder if i have 6 OSPF equal route metrics, these 6 OSPF path will be installed on the RiB ??