OSPF Non-Broadcast Network Type over Frame-Relay

Thanks Lazaros now it is clear.

1 Like

would there be ping between spoke 1 and spoke 2 if spoke 1 is selected as DR?

Hello Jobanpreet

If Spoke 1 becomes DR, then Spoke 2 will never be able to send its OSPF routing updates to Spoke 1 because the two spokes, by default cannot communicate. Therefore, a full OSPF adjacency cannot be created between the two spokes because of the lack of broadcast functionality in the network. This is why such a configuration would fail.

For Non broadcast network types, OSPF must be configured such that the hub is the DR. In that way, each spoke will create a neighbor adjacency with the DR which is the hub, and OSPF will function, allowing for connectivity between all devices.

I hope this has been helpful!

Laz

1 Like

Hello Rene. I have a question regarding Spoke configuration. Since both spokes are set as Non-Broadcast, don’t we need to add the neighbor command under OSPF config? Just like we did for Hub OSPF config.

Thanks,
Kunj

Hello Kunj

Actually, when you have a non broadcast link between two OSPF routers, it is only necessary to enable the neighbor command on one of the OSPF routers. This allows that router to initiate the communication sending a unicast hello to the IP address in the command. The other router, when it receives this hello packet, it obtains the necessary information (such as the IP address of the sender) in order to send back a response, and establish a neighbor adjacency.

You can actually configure it on the spokes if you like, or even on both devices, the results will be the same.

I hope this has been helpful!

Laz

1 Like

Are all of the OSPF network types really in the ENCOR exam?

1 Like

Hello Jonah

The Cisco exam blueprint for ENCOR states the following exam topic:

3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)

You will also notice on the same page that Cisco also states:

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

The official Cisco Certification Guide for ENCOR also has a section on OSPF network types and this is assumed to contain all types.

Taking all of this information into account, I believe it is safer to assume that all OSPF network types may appear on the exam.

I hope this has been helpful!

Laz

1 Like

Hi Laz,

With regards to your description of NBMA and Point-to-Point, this contradicts what’s described in the following pages:

“Point to Multipoint - This is a network where the topology is the same as in the Non Broadcast Multi Access, however, the HUB router creates multiple point to point connections to each remote router, thus emulating multiple point to point connections. Each point to point connection has its own subnet. A DR/BDR is not necessary in this topology.”

But in another article it says this:

This article explains Point-to-Multipoint as being what you said Non Broadcast Multi Access is.

Now if you look at this article:

This describes Point-to-Point to be what you described as Point-to-Multipoint.

Can you please advise?

Hello Joseph

This is a very good point you bring up, and it all has to do with convention. Often terminology can be used multiple times when referring to different concepts within different contexts, and it is important for us to express this clearly. So, here’s my attempt at this…

We’re talking about two different things: OSPF network types, and frame relay topologies. As far as OSPF network types go, the descriptions given in my previous post are correct. I checked them over just to be sure. These are strictly defined, and are used in the situations described.

Now when talking about a frame relay topology, some of these terms may be used differently. For example, what OSPF calls a point to multipoint network, the frame relay topology will call it a point to point network, because it is made up of multiple point to point connections on subinterfaces of the HUB. Even so, in a frame relay point to point network, you would apply an OSPF point to multipoint network topology configuration.

So be sure to comprehend by context, whether it is the OSPF network type configuration we’re talking about or if it is the frame relay network topology we’re talking about.

I hope this has been helpful!

Laz

The

1 Like

Hi all, i have a little problem. We want to run OSPF on our of our Fortigate firewalls and connect the to two routers via a VLAN. Lets assume it is VLan 10. There is no Layer-2 connection between R1 & R2 for VLan10. Fortigate firewalls are working only with one ip address. So which network type is the right one? Point to multipoint from a Fortigate perspective and Point to Point from the Cisco Routers perspective?2020-07-28 10_58_52-Window
If we use PtP on both sides OSPF flaps. Do you have an idea?`

Hello Frederic

I’m assuming that the connections between the routers and the firewall are Ethernet? If this is the case, then no OSPF network type needs to be configured. The default broadcast type is sufficient. The various other network types of OSPF are used in topologies where broadcasts and multicast traffic are not possible, and this interferes with the operation of OSPF (sharing of routes, and DR/BDR elections).

Here you have none of these restrictions, therefore you simply use OSPF’s default network type of broadcast.

You state that there is no L2 connection between the routers, but in actuality there is. You state that there is one IP address on the firewall, but two physical connections to the two routers, which means that the two ports on the firewall are acting on L2, and the routers are on the same subnet, and they connect to each other over an L2 link.

Your topology above is (logically speaking) the same as having a switch in the middle, and connecting each device to that switch. You are creating a network segment (broadcast domain) with the subnet 10.1.2.0/29 within which all devices can communicate and can successfully exchange routes and perform DR/BDR elections.

I hope this has been helpful!

Laz

1 Like

Hi Laz,

thanks for your reply and yes you are totally right, that there is a Ethernet Layer-2 connection between R1 & R2 over the connected firewallcluster. So and this is my main problem, if i use the default settings i will the following OSPF neighborship relationsships firewall & R1, firewall & R2 and R1 & R2, but i don´t want to build up an OSPF neighborship between R1 & R2. How we can do this?
Thank you very much.
Fred

Hello Frederic

By definition, when you have two OSPF routers on the same subnet and the same Ethernet segment, they will become neighbors, that’s simply how OSPF works. However, OSPF configuration aside, if you elaborate more on why you don’t want them to be neighors, and what you actually want to achieve more generally, then maybe there are other ways and other mechanisms that are more suitable for you to get what you need.

Can you tell us a little more about what you want to achieve?

I hope this has been helpful!

Laz

1 Like

Hi Laz,
thank you very much for your support!!! So there is following As-Is situation. At the moment there are multiple subcompanies connected directly to our provider MPLS. Now there is the need to separate them and let the traffic go the firewall. So the plan is moving all subcompanies to different VRFs in the MPLS network. Lets say it is the “right-side” of R1&R2. Because of the big routing table we need a dynamic routing protocol between the VRFs and the firewall.
We have now configured the vlan interfaces on the firewall, connected them to R1&R2 and configured the vlans on Router site, configured OSPF in the separate VRFs, butwe dont want to connect R1&R2 via OSPF.


I hope you understand which we want to reach?

best regards,
Fred

Hello Fred

Now I understand why you initially wanted to take a look at the various types of OSPF networks. So you need a network type that will allow all routers (R1, R2, Firewall) to be on the same subnet, but that allows you to manually configure the neighbors, and to avoid having a DR/BDR election (so you avoid having neighor adjacnencies between R1 and R2 via DR or BDR). The type of network that you need is Point to Multipoint Non-Broadcast. This one fulfils your conditions and details about its implementation can be found here:

As the lesson states:

  • No Automatic neighbor discovery so you need to configure OSPF neighbors yourself!
  • No DR/BDR election since OSPF sees the network as a collection of point-to-point links.
  • Only a single IP subnet is used in the topology above.

So it fulfills your requirements. Even though the lesson is about frame relay, the topology is the same and should be applicable to your situation.

I’m not sure it will provide you with exactly what you’re looking for, but you can test it out and let us know your results.

I hope this has been helpful!

Laz

1 Like

Hi Laz,

I’m trying to understand the difference between the OSPF Network Types “Non-Broadcast” and “Point-to-Multipoint (Non-Broadcast)”.

I so far understand the difference is Non-Broadcast uses a DR, and P2MP doesn’t.

I understand the purpose of a DR, saves all routers sending multiple Type-1 LSAs to each other,

Is that the only difference? that the Non-Broadcast is better practice than P2MP? and that’s why it’s default?

or is there something else I’m missing?

Hello Joseph

The physical topology of a non-broadcast multi-access and a point to multipoint non-broadcast network is the same. The difference is that:

  • In the first, the network is viewed as a multi-access network. In such a scenario OSPF needs multicast to function, but it cannot. So it must emulate multicast using multiple unicast transmissions. In order to make this work, the DR must be the hub, which coordinates these mechanisms. So you ensure that the DR is the hub, and you must manually configure neighbors (since multicast cannot be used for this).
  • In the second, the network is logically viewed as multiple point to point connections, so no DR is necessary. Neighbors still have to be manually configured.

The result is the same, the topology, and even the IP address scheme remains the same. It’s simply a different way of implementing it.

Some would say the fact that you don’t need a DR makes the point to multipoint scenario better. Others would disagree.

I hope this has been helpful!

Laz

1 Like

Hello Laz, what if we use the static neighbor command of non-broadcast network for security purposes? We have OSPF neighbor authentication, passive-interface option but it wouldn’t hurt to use non-broadcast neighbor command for additional layer of security I guess? So the OSPF hello packets won’t be sent via multicast address.

1 Like

Hello Alvis

Your point is well taken and such a configuration can indeed be useful. This just goes to show that we’re always learning. I wrote that post almost four years ago. I guess it’s always best and safest to “never say never”.

Thanks for sharing your thoughts and comments that enrich the forum and make it useful for all those taking part!

Laz

2 Likes

Hello Rene.
Firstly thank you for great lessons that is really help for us.

My question: In non-broadcast Network type you said: we make clear neighbors for routers but you had not configure neighbor x.x.x.x command on Spoke routers.
Please make understandable this concept for me.
Thanks in advance