EIGRP/OSPF LAB: The Merger

In this update I will explore how to merge an existing OSPF network with an existing EIGRP network and also touch on some other subjects which you can read about in the objectives below.

Scenario:

Company A has bought Company B and must merge its network into its own. Company A runs the EIGRP routing protocol and Company B runs the OSPF routing protocol. The engineer will also need to take several other objectives into account such as route summarization, redistribution and the actual connection between the two companies over a leased line.

This lab comes with different objectives that we’ll have to research and try to complete.

Topology:

Preliminary configuration:

  1. Configure all interfaces and the Frame Relay connection.
  2. Configure all Loopback interfaces on each router.
  3. Configure EIGRP AS 10 for Company A.
  4. Configure OSPF 10 for Company B.
  5. Configure OSPF router ID’s for Company B.

Objectives:

  1. Before starting, verify proper operations for each network with the use of a Tcl script.
  2. Summarize the loopback networks on R2 as efficient as possible.
  3. Investigate and implement authentication between R3 & R4.
  4. Redistribute OSPF routes into the EIGRP network.
Instead of going step by step through the preliminary configuration, I will just give you an overview of each router and its base configuration.
If you’d like to know how to configure Frame Relay, base EIGRP or OSPF settings, please refer to my previous updates.

Now that is done, we can get started on our objectives.

Objective one; verify proper operations for each network with the use of a Tcl script.

I will use TCL scripting to check if each configured IP address is reachable for each router.
I have prepared the Tcl script for both companies’ networks in notepad as you can see below. This will then be easy to paste into each router’s cli to test inter-connectivity.

Interestingly enough, after the running the script I saw that everything was reachable, except for R3 and R4 Se 0/0 interface, and this only from its own network or locally on the router itself.

I did some research and it seems that on a connection like this, even when pinging its own local interface, the ping address will still transverse the serial link, which is weird if you ask me!

This can be solved by adding a frame-relay map pointing to the router’s own serial interface IP address. After adding this (and advertising the 10.1.1.3/27 on R3) , the Tcl script was showing full connectivity across the grid for Company A.

Now let’s take a look at Company B. I’ve made the same mistake with the frame relay map on R4, so let’s fix that first.

And now to run the Company B script that I prepared.

Seems like everything is working as should so let’s move on to objective #2; Summarize the loopback networks on R2 as efficient as possible.
I explained how to do manual summarization in this update, so you can click that link if you’re interested in learning how to do this. For now I’ll just calculate the best summary and configure it. Here is how it will end up looking for R2:

On to Objective #3, authentication between R3 and R4.
This is kind of a vague objective, what kind of authentication do they want? I’ll just decide for myself and go with route authentication, also because we will have to set up an OSPF relationship between R3 and R4 anyway for the route redistribution in Objective #4 so I will do both objectives in one go.

First I’ve set up an OSPF relationship between R3 and R4. You can also see that R3 is now aware of the OSPF routes of Company B.

And now we can configure OSPF redistribution into our EIGRP network on R3 with the router process command “redistribute OSPF 10“. You should also set the default-metric with the command “default-metric 10000 100 255 1 1500” or your routes will not be redistributed properly.

We will need to also configure R4’s equivalent and redistribute the EIGRP routes into the OSPF or else they will not be able to communicate. You would need to set up an EIGRP relationship between R4 and R3, and then use the command “redistribute EIGRP 10” under R4’s OSPF router process.

We can test proper functioning by checking the routing table and general reachability with the Company B Tcl script on R2.

Routing Table:
Note how you can see the External (EX) routes showing up now.

And let’s test reachability to Company B’s network from R2 with the prepared script.

Great, that seems to work aswell. Now I just need to configure authentication.
OSPF Authentication is implemented with the router OSPF command “area 1 authentication message-digest” and the interface Serial 0/0 command “ip ospf message-digest-key 1 md5 myospfkey” on both R 3 and R4.

You can verify proper operation of this authentication by seeing that the neighbor relationships come back up after setting the key on both sides.

OSPF – Stub Areas

In this update I will explore the different kinds of stub areas for OSPF.

Now, what is this all about and why would you want to use something called a stub anyway?

It’s quite simple really;

A stub area in OSPF is an area that will not learn external routes.
Instead, external routes are replaced, by means of a Type 3 LSA, with a single default route pointing to that area’s ABR.

If you’d like to learn more about the different types of LSA, Wikipedia has a very good entry on them.
Also, you might to refer to the drawing below, where we have different area types interacting with eachother with each area showing the allowed LSA types.

Clever, right? This way you can keep router resources free for areas that do not really need such a detailed routing table. Now, ofcourse they could not keep it as simple as this and had to come up with a bunch of extra types of stubs.

Atleast they gave them funny names.

Here are three kinds we will be exploring in this update.

  1. OSPF Stub area
  2. OSPF Totally Stubby area
  3. OSPF Not-so-Stubby area

Here is the topology we will be working with.

A simple topology, but it will serve our needs for this lab.
You can see that Area 0 is ofcourse present, and another area, Area 1, which we will be making different flavors of stub.
Also note that each router has a loopback interface and router ID reflecting its hostname.

Here is the initial configuration.

R1#sh run int se 0/0
Building configuration…

Current configuration : 83 bytes
!
interface Serial0/0
ip address 100.0.0.1 255.255.255.0
clock rate 2000000
end

R1#sh run int lo 1

Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
ip ospf network point-to-point

end

R1#sh run | sec ospf
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 100.0.0.0 0.0.0.255 area 0
R2#sh run int se 0/0

Building configuration…

Current configuration : 83 bytes
!
interface Serial0/0
ip address 100.0.0.2 255.255.255.0
clock rate 2000000
end

R2#sh run int se 0/1
Building configuration…

Current configuration : 83 bytes
!
interface Serial0/1
ip address 200.0.0.2 255.255.255.0
clock rate 2000000
end

R2#sh run int lo 1
Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 2.2.2.2 255.255.255.0
ip ospf network point-to-point
end

R2#sh run | sec ospf
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 1
network 100.0.0.0 0.0.0.255 area 0
network 200.0.0.0 0.0.0.255 area 1

R3#sh run int se 0/1

Building configuration…

Current configuration : 83 bytes
!
interface Serial0/1
ip address 200.0.0.1 255.255.255.0
clock rate 2000000
end

R3#sh run int lo 1
Building configuration…

Current configuration : 61 bytes
!
interface Loopback1
ip address 3.3.3.3 255.255.255.0
ip ospf network point-to-point
end

R3#sh run | sec ospf
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 1
network 200.0.0.0 0.0.0.255 area 1

Everything is on the default configuration, so R1 and R3 are seeing the full routing tables.

R1#sh ip route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
O IA 2.2.2.0 [110/65] via 100.0.0.2, 00:00:02, Serial0/0
100.0.0.0/24 is subnetted, 1 subnets
C 100.0.0.0 is directly connected, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
O IA 3.3.3.0 [110/129] via 100.0.0.2, 00:00:02, Serial0/0

R3#sh ip route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:00:22, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:00:22, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:00:22, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1

We will now make Area 1 a Stub Area.

R2(config)#router ospf 10
R2(config-router)#area 1 stub

*Mar  1 00:49:27.987: %OSPF-5-ADJCHG: Process 10, Nbr 3.3.3.3 on Serial0/1 from FULL to DOWN, Neighbor Down: Adjacency forced to reset

R3(config)#router ospf 10
R3(config-router)#area 1 stub

We have configured the stub with the command “Area x stub” and it seems our OSPF Adjacency was reset because of it.

Let’s take another look at R3’s routing table.

R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:01:28, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:01:28, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:01:28, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:01:28, Serial0/1

Here we can see a default Inter-Area route has been added towards the Area 1 ABR, R2.
If for example, Area 0 knew about an ASBR distributing RIPv2 routes, these routes would not be redistributed to Area 1 but would instead be encompassed in the default route we are now seeing.

To verify this, let’s add a RIP route to R1 and enable redistribution with the OSPF router process command “redistribute rip subnets“.

R1(config)#int lo 80
R1(config-if)#ip address 80.0.0.1 255.255.255.0
R1(config)#router rip
R1(config-router)#network 80.0.0.0
R1(config)#router ospf 10
R1(config-router)#redistribute rip subnets

Okay, let’s see if R2 sees the redistributed route.

R2#sh ip route 80.0.0.0
Routing entry for 80.0.0.0/24, 1 known subnets

O E2 80.0.0.0 [110/20] via 100.0.0.1, 00:02:27, Serial0/0

There it is, External type 2 via R1.

And what about our stubby friend, R3?

R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:06:03, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:06:07, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:06:07, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:06:08, Serial0/1

As it should be, it knows only the default route for external routes.
With the “Show IP OSPF” command, you will see that this is indeed a stub area.

R3#sh ip ospf | begin Area 1
Area 1
Number of interfaces in this area is 2 (1 loopback)
It is a stub area
Area has no authentication
SPF algorithm last executed 00:08:13.540 ago
SPF algorithm executed 2 times
Area ranges are
Number of LSA 5. Checksum Sum 0x04C935
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

Now let’s turn this Stub Area into a TOTALLY STUB AREA!
Wait, why does this have such an exciting sounding name?

First of all, this is only configured on the stub area’s ABR and will allow only a single default route from the backbone area.

This can be done with the command “area 1 stub no-summary” on the ABR R2.

R2(config)#router ospf 10
R2(config-router)#area 1 stub no-summary

I’ve reset the OSPF process to be sure.
Now we’ll look at R3’s current routing table.

 R3#sh ip route

Gateway of last resort is 200.0.0.2 to network 0.0.0.0

2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:01:25, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 200.0.0.2, 00:01:25, Serial0/1

You can see now that all Inter-Area routes are also gone, except for the default one.
2.0.0.0 is still showing up because I configured it to be in Area 1 earlier, instead of 0. It’s too bad because this is kinda ruining the effect.

In any case, our Totally Stub area is working as intended.

Next up, Not-So-Stubby Areas.

A Not-So-Stubby Area  (NSSA) is similar to a regular stub area, except that it will allow routes to be redistributed from an ASBR into that area with a special LSA type, which gets converted to a normal extended route at the ABR.

A real life situation is where you might have a stub area on the edge of your network which suddenly needs to be connected to another external network in turn. Being a stub, it will not be able to redistribute the routes from the new network. In this case we could configure it as a NSSA, allowing it to do the redistribution, but keeping the benefits of a stub area.

Let’s first remove our config from the previous test.

R2(config)#router ospf 10
R2(config-router)#no area 1 stub no-summary
R2(config-router)#no area 1 stub

R3(config)#router ospf 10
R3(config-router)#no area 1 stub

And take another look at our current routing tables.

R1#sh ip route | begin Gate
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
O IA 2.2.2.0 [110/65] via 100.0.0.2, 00:09:23, Serial0/0
100.0.0.0/24 is subnetted, 1 subnets
C 100.0.0.0 is directly connected, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
O IA 3.3.3.0 [110/129] via 100.0.0.2, 00:05:15, Serial0/0
O IA 200.0.0.0/24 [110/128] via 100.0.0.2, 00:09:23, Serial0/0
80.0.0.0/24 is subnetted, 1 subnets
C 80.0.0.0 is directly connected, Loopback80

R3#sh ip route | begin Gate
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
O IA 1.1.1.0 [110/129] via 200.0.0.2, 00:05:27, Serial0/1
2.0.0.0/24 is subnetted, 1 subnets
O 2.2.2.0 [110/65] via 200.0.0.2, 00:05:27, Serial0/1
100.0.0.0/24 is subnetted, 1 subnets
O IA 100.0.0.0 [110/128] via 200.0.0.2, 00:05:27, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback1
C 200.0.0.0/24 is directly connected, Serial0/1
80.0.0.0/24 is subnetted, 1 subnets
O E2 80.0.0.0 [110/20] via 200.0.0.2, 00:00:01, Serial0/1

I will now configure the Not-So-Stubby area with the OSPF router process command “area 1 nssa“. To make R3 an ASBR I will also add the loopback 3 interface and redistribute it with the command “redistribute connected subnets”

R2(config)#router ospf 10
R2(config-router)#area 1 nssa

R3(config)#interface loopback 3
R3(config-if)#ip address 192.168.1.1 255.255.255.0
R3(config)#router ospf 10
R3(config-router)#area 1 nssa
R3(config-router)#redistribute connected subnets

If you look at the routing table for R2, you can see the external route for the 192.168.1.0/24 subnet comes in as a Type N2 from R3. This is because it is a special NSSA external route.

R2#sh ip route | begin 192
O N2 192.168.1.0/24 [110/20] via 200.0.0.1, 00:01:00, Serial0/1

If we now look at R1’s routing table, we can see that this same route has ended up as an external type 2 route

R1#sh ip route | begin 192
O E2 192.168.1.0/24 [110/20] via 100.0.0.2, 00:03:28, Serial0/0

NSSA does Type 7 LSA to Type 5 translation. We can see this in the output below from our ABR, R2.

R2#sh ip ospf | begin Area 1
Area 1
Number of interfaces in this area is 2 (1 loopback)
It is a NSSA area
Perform type-7/type-5 LSA translation
Area has no authentication
SPF algorithm last executed 00:04:04.992 ago
SPF algorithm executed 16 times
Area ranges are
Number of LSA 5. Checksum Sum 0x0326BD
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

In this update, I explored some (but not all) types of Stub areas for OSPF.

References:
OSPF Stub area animated
LSA Types
Cisco Learning network
Link-State Advertisement

OSPF – Detached Backbone

If there is one thing I’ve always been sure about OSPF since my CCNA, it is that all areas need to be connected to the backbone area or “Area 0”

So what if you come across a real life situation where this is just not possible?

This could happen in a number of circumstances but I will explain the two most common;

1. A new area needs to be added to your existing network, however, the connection for this area should be a low cost link with no clear way of implementing the much needed connection to the backbone area.

2. Two companies merge, each with their own OSPF design and their own backbone area. It might be more convenient and/or cost-effective to connect these two networks through an existing non-backbone area. In this case you will end up with two “Area 0″‘s which is not allowed.

For OSPF each area should be contiguous and each non-backbone area should connect to the backbone area through an ABR.
In the above two cases, the network will not meet the requirement and the engineers will have to redesign the network bringing with it costs and downtime.

Enter “Virtual Links”.

OSPF provides provides an alternate tool for the above situations called an OSPF Virtual Link.
Using this Virtual Link, you can create a point-to-point connection between two ABRs, either merging the two backbone area’s from the second scenario or creating a “transit” link through a non-backbone area for the first scenario.

In this update, I will explore how to configure a Virtual Link for the first scenario.

In this topology, we can see that R1’s Loopback interface resides in Area 0 and R3’s in Area 2, causing it to be detached from the backbone area.

Here’s the initial configuration of all three routers.

R1#sh run int fa 0/0

interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto

R1#sh run int lo 1

interface Loopback1
ip address 192.168.0.1 255.255.255.0
ip ospf network point-to-point

R1#sh run | sec ospf
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 1
network 192.168.0.0 0.0.0.255 area 0

R2#sh run int fa 0/0

interface FastEthernet0/0
ip address 10.0.0.2 255.255.255.0
duplex auto
speed auto

R2#sh run int fa 0/1

interface FastEthernet0/1
ip address 20.0.0.2 255.255.255.0
duplex auto
speed auto

R2#sh run | sec ospf
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 1
network 20.0.0.0 0.0.0.255 area 1

R3#sh run int fa 0/1

interface FastEthernet0/1
ip address 20.0.0.1 255.255.255.0
duplex auto
speed auto

R3#sh run int lo 1

interface Loopback1
ip address 192.168.2.1 255.255.255.0
ip ospf network point-to-point

R3#sh run | sec ospf
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 20.0.0.0 0.0.0.255 area 1
network 192.168.2.0 0.0.0.255 area 2

Looking at R1’s OSPF Database, we can see the loopback on R3 is not showing up even though R2 is advertising it.

R1#sh ip ospf database

OSPF Router with ID (1.1.1.1) (Process ID 10)

Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         281         0x80000002 0x003A84 1

Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.0.0.0        1.1.1.1         841         0x80000001 0x004DD7
20.0.0.0        1.1.1.1         793         0x80000001 0x002FE1

Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         808         0x80000002 0x001AEE 1
2.2.2.2         2.2.2.2         804         0x80000003 0x0009B2 2
3.3.3.3         3.3.3.3         809         0x80000002 0x0029BD 1

Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.0.0.2        2.2.2.2         807         0x80000001 0x0043D6
20.0.0.1        3.3.3.3         812         0x80000001 0x000104

Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
192.168.0.0     1.1.1.1         279         0x80000001 0x00C30B

This is because all data coming from non-backbone areas must eventually move through the backbone area.

So for example: OSPF Traffic from Area 2 to Area 1 must go through Area 2 until it reaches an Area 2 Border Router. It then travels only within the backbone Area 0 until it reaches an Area 1 Border Router. It then travels within Area 1 to its destination.

So what our OSPF traffic flow should look like;
Source Area 2 –> Area 2 ABR –> Area 0 –> Area 1 ABR -> Destination Area 1

As you can see there’s no way in our topology to get from Area 0 to Area 2 ABR so we will implement a virtual link to “bridge the gap”.

We can do this with the OSPF router process command “Area transit-area Virtual-Link Remote-RID“.

R1(config)#router ospf 10
R1(config-router)#area 1 virtual-link 3.3.3.3

R3(config)#router ospf 10
R3(config-router)#area 1 virtual-link 1.1.1.1

After entering the Virtual Link configuration, we can see the following log message.

*Mar  1 00:35:03.255: %OSPF-5-ADJCHG: Process 10, Nbr 3.3.3.3 on OSPF_VL0 from LOADING to FULL, Loading Done

Looking at the neighbours on R1, R3 is now showing up as if configured over a real point-to-point link.

R1#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
3.3.3.3           0   FULL/  –           –        20.0.0.1        OSPF_VL0
2.2.2.2           1   FULL/DR         00:00:31    10.0.0.2        FastEthernet0/0

Let’s take a look at this Virtual Link interface “OSPF_VL0

R1#sh ip ospf interface
OSPF_VL0 is up, line protocol is up
Internet Address 10.0.0.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type VIRTUAL_LINK, Cost: 20
Configured as demand circuit.
Run as demand circuit.
DoNotAge LSA allowed.
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:04
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 2/3, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 3.3.3.3  (Hello suppressed)
Suppress hello for 1 neighbor(s)

Okay, we can see a Network Type of VIRTUAL_LINK with a cost of 20.
The cost for this link is 20 because the virtual link is taking all connections into account that its point-to-point link is comprised off, which in this case, are two fast ethernet links.

If need be, you can also configure authentication for your Virtual Link.
More information about this can be found here.

References:
Introducing OSPF
Virtual Link Config

Hub and Spoke Redux #2

Continuing from a previous update, I will now explore OSPF over Frame-Relay Point-to-Multipoint non-broadcast networks.

I have configured R1 as the HUB router, R2 and R3 will represent the spoke sites.
As this is a non-broadcast point-to-multipoint configuration, we will have to configure OSPF as such and make sure that R2 and R3 will be able to communicate and exchange routes through R1.

First up, here’s the initial configuration that we start out with.

hostname R1
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
!
interface Serial0/0
ip address 10.0.0.1 255.255.255.0
encapsulation frame-relay
clock rate 2000000
no frame-relay inverse-arp
!
router ospf 10
log-adjacency-changes

hostname R2
!
interface Loopback1
ip address 2.2.2.2 255.255.255.0
!
interface Serial0/0
ip address 10.0.0.2 255.255.255.0
encapsulation frame-relay
clock rate 2000000
no frame-relay inverse-arp
!
router ospf 10
log-adjacency-changes

hostname R3
!
interface Loopback1
ip address 3.3.3.3 255.255.255.0
!
interface Serial0/0
ip address 10.0.0.3 255.255.255.0
encapsulation frame-relay
clock rate 2000000
no frame-relay inverse-arp
!
router ospf 10
log-adjacency-changes

As this is a non-broadcast network I will configure the interface’s “frame-relay map” commands without the broadcast keyword and instead configure it with the command “ip ospf network point-to-multipoint non-broadcast“.

Two important facts about these kind of networks:

1. We can statically configure neighbours and even define a cost per-neighbour with the OSPF process command “neighbour ip-address cost 100“. This command is useful in case you have multipe paths and want one preferred over the other.

2. As these links will be treated as point-to-point links, we will not require a DR/BDR on any router.

Let’s get this going;

R1(config)#interface serial 0/0
R1(config-if)#frame-relay map ip 10.0.0.2 102
R1(config-if)#frame-relay map ip 10.0.0.3 103
R1(config)#router ospf 10
R1(config-router)#network 10.0.0.0 0.0.0.255 area 0
R1(config-router)#network 1.1.1.1 0.0.0.255 area 0

R2(config)#int se 0/0
R2(config-if)#frame-relay map ip 10.0.0.1 201
R2(config-if)#frame-relay map ip 10.0.0.3 201
R2(config)#router ospf 10
R2(config-router)#network 10.0.0.0 0.0.0.255 area 0
R2(config-router)#network 2.2.2.2 0.0.0.255 area 0

R3(config)#int se 0/0
R3(config-if)#frame-relay map ip 10.0.0.1 301
R3(config-if)#frame-relay map ip 10.0.0.2 301
R3(config)#router ospf 10
R3(config-router)#network 10.0.0.0 0.0.0.255 area 0
R3(config-router)#network 3.3.3.3 0.0.0.255 area 0

Let’s check how our network is now behaving;

R1#ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/28 ms
R1#ping 10.0.0.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/10/32 ms

R1 seems to have full connectivity, how about R2 and R3 ?

R2#ping 10.0.0.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/10/40 ms
R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)

Looks like all routers have interconnectivity but the networks are not being advertised.

R2#sh ip route
Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback1
10.0.0.0/24 is subnetted, 1 subnets
C       10.0.0.0 is directly connected, Serial0/0

R2#sh ip ospf 10 neighbor
R2

Let’s configure our interfaces with the command “ip ospf network point-to-multipoint non-broadcast

R1(config)#int se 0/0
R1(config-if)#ip ospf network point-to-multipoint non-broadcast

R2(config)#int se 0/0
R2(config-if)#ip ospf network point-to-multipoint non-broadcast

R3(config)#int se 0/0
R3(config-if)#ip ospf network point-to-multipoint non-broadcast

And statically assign our neighbours under R1’s OSPF router process.
There’s no need to configure neighbour statements on the other two routers because R1 will initiate the neighbour process.

R1(config-router)#neighbor 10.0.0.2
R1(config-router)#neighbor 10.0.0.3

Now when doing a “show ip ospf neighbours” you can see the relationships have formed with a state of FULL/-.
As stated earlier, they will not form DR/BDR relationships because of the point-to-point topology.

Looking at the interface, we can see it’s indeed on the correct network type, with the non-broadcast timers configured.

R1# sh ip ospf interface se 0/0
Serial0/0 is up, line protocol is up
Internet Address 10.0.0.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type POINT_TO_MULTIPOINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5

Let’s look at the routing table on R2.

R2#sh ip route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/65] via 10.0.0.1, 00:04:12, Serial0/0
2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback1
3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/129] via 10.0.0.1, 00:03:30, Serial0/0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       10.0.0.3/32 [110/128] via 10.0.0.1, 00:03:30, Serial0/0
C       10.0.0.0/24 is directly connected, Serial0/0
O       10.0.0.1/32 [110/64] via 10.0.0.1, 00:04:13, Serial0/0
R2#
R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/11/44 ms

And we can now ping the loopback address on R3 from R2.
One thing that you might have noticed is that the other router’s loopback addresses are being advertised as /32 routes.
This is because OSPF knows it is a loopback address.

R1#sh ip ospf 10 interface loopback 1
Loopback1 is up, line protocol is up
Internet Address 1.1.1.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host

For lab purposes, you can force OSPF to recognize this as an actual network with the interface command “ip ospf network point-to-point”.

R1(config)#int lo 1
R1(config-if)#ip ospf network point-to-point

And when we now look at R2’s routing table again;

R2#sh ip route 2.2.2.2 longer-prefixes

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback1

This route is now being advertised as a /24 and looks like an actual network.

References:
OSPF Point-to-Multipoint Networks with Neighbors
Configuring OSPF

Hub and Spoke Redux #1

The intent of this update is to explore the different OSPF network types that you can come across in a hub-and-spoke or partial mesh topology.

To start out with, I will set up Frame-Relay for the above topology, using R1 as the HUB router.
R2 through R4 are spoke routers. There is a connection between R3 and R4 but it will not be actively used in this lab.

First I configure the ip addresses and encapsulation type on all routers.
I will also set up the OSPF router process and network statements.

R1(config)#int se 0/0
R1(config-if)#no shut
R1(config-if)#ip address 10.0.0.1 255.255.255.0
R1(config-if)#encapsulation frame-relay
R1(config-if)#int loopback 1
R1(config-if)#ip add 1.1.1.1 255.255.255.0

R1(config)#router ospf 10
R1(config-router)#network 10.0.0.0 0.0.0.255 area 0
R1(config-router)#network 1.1.1.1 0.0.0.255 area 0

I have done a similar config for all other routers.
Let’s check what our network looks like with these default settings.

We can see our DLCI mappings are already discovered by the routers using Inverse-ARP with the command “Show frame-relay map
As you can see in the graphic below, there is alot of similarity between an Ethernet ARP request and a Frame-Relay Inverse ARP.

R1#sh frame-relay map
Serial0/0 (up): ip 10.0.0.2 dlci 102(0x66,0x1860), dynamic,
broadcast,, status defined, active
Serial0/0 (up): ip 10.0.0.3 dlci 103(0x67,0x1870), dynamic,
broadcast,, status defined, active
Serial0/0 (up): ip 10.0.0.4 dlci 104(0x68,0x1880), dynamic,
broadcast,, status defined, active

R4#sh frame-relay map
Serial0/0 (up): ip 10.0.0.1 dlci 401(0x191,0x6410), dynamic,
broadcast,, status defined, active
Serial0/0 (up): ip 10.0.0.3 dlci 403(0x193,0x6430), dynamic,
broadcast,, status defined, active

We can even ping the other routers;

R1#ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/8/28 ms

Yet, no OSPF neighbourships seem to have formed.

R1#sh ip ospf 10 neighbor
R1#

This is because for OSPF a Serial interface by default is non broadcast.
You can check this with the command “show ip ospf interface se 0/0“.

R1#sh ip ospf interface serial 0/0
Serial0/0 is up, line protocol is up
Internet Address 10.0.0.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 1.1.1.1, Interface address 10.0.0.1
No backup designated router on this network

Because OSPF relies on broadcast (multicast) traffic it will not work in this situation.
I’ll now explore how to solve this + for fun we’ll disable inverse-ARP on all routers.

Here’s the command example for R1;

R1(config)#int se 0/0
R1(config-if)#no frame-relay inverse-arp

I’ll clear the inverse-ARP table with the command “clear frame-relay inarp

R1#clear frame-relay inarp
R1#
R1#sh frame-relay map

R1#
R1#ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
…..

And now we no longer have the automatic mappings and my routers
are no longer able to communicate.

If we can not rely on inverse ARP to map the DLCI’s we will have to
do it manually with the interface command “Frame-relay map

Here’s the example for R1.

R1(config-if)#frame-relay map ip 10.0.0.2 102

We tell it that, for the ip address 10.0.0.2, traffic should go through DLCI 102.
Looking at the frame-relay map, we can see it’s now statically defined

R1#sh frame-relay map
Serial0/0 (up): ip 10.0.0.2 dlci 102(0x66,0x1860), static,
broadcast,
CISCO, status defined, active

This is what the current config looks like after I have created frame-relay maps for all routers.
Note that spoke routers need to go through R1 in order to reach eachother. The mapping reflects this.

R1

interface Serial0/0
ip address 10.0.0.1 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 10.0.0.4 104
frame-relay map ip 10.0.0.3 103
frame-relay map ip 10.0.0.2 102
no frame-relay inverse-arp

R2

interface Serial0/0
ip address 10.0.0.2 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 10.0.0.4 201
frame-relay map ip 10.0.0.3 201
frame-relay map ip 10.0.0.1 201
no frame-relay inverse-arp

R3

interface Serial0/0
ip address 10.0.0.3 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 10.0.0.4 301
frame-relay map ip 10.0.0.2 301
frame-relay map ip 10.0.0.1 301
no frame-relay inverse-arp

R4

interface Serial0/0
ip address 10.0.0.4 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 10.0.0.3 401
frame-relay map ip 10.0.0.2 401
frame-relay map ip 10.0.0.1 401
no frame-relay inverse-arp

Let’s check that my mappings are working and try to reach R4 from R2

R2#traceroute 10.0.0.4

Type escape sequence to abort.
Tracing the route to 10.0.0.4

1 10.0.0.1 20 msec 16 msec 8 msec
2 10.0.0.4 20 msec *  28 msec

Looking good, now we just need to tell ospf that it’s on a non-broadcast type network.

R1(config)#router ospf 10
R1(config-if)#ip ospf network ?
broadcast            Specify OSPF broadcast multi-access network
non-broadcast        Specify OSPF NBMA network
point-to-multipoint  Specify OSPF point-to-multipoint network
point-to-point       Specify OSPF point-to-point network

R1(config-if)#ip ospf network non-broadcast

And then statically define the neighbours for each router.

R1#sh run | sec ospf
ip ospf network non-broadcast
router ospf 10
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 10.0.0.0 0.0.0.255 area 0
neighbor 10.0.0.2
neighbor 10.0.0.3
neighbor 10.0.0.4

R1#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           1   FULL/DROTHER    00:01:40    10.0.0.2        Serial0/0
3.3.3.3           1   FULL/DROTHER    00:01:48    10.0.0.3        Serial0/0
4.4.4.4           1   FULL/DR         00:01:37    10.0.0.4        Serial0/0

You can see the neighbourships are now up and running.
However, R4 has become the DR which is not advisable, as this is not the hub router.

I’ll enter the following configuration to make sure R1 becomes and stays the DR.
On the other hand, spoke routers should never become the DR/BDR so I’ll enter a priority of 0 for those.

R1(config)#int se 0/0
R1(config-if)#ip ospf priority 200

R2(config)#int se 0/0
R2(config-if)#ip ospf priority 0

R3(config)#int se 0/0
R3(config-if)#ip ospf priority 0

R4(config)#int se 0/0
R4(config-if)#ip ospf priority 0

I’ve restarted the OSPF process with the command “clear ip ospf process” and can now see that the
neighbourships have formed as they should.

R1#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/DROTHER    00:01:46    10.0.0.2        Serial0/0
3.3.3.3           0   FULL/DROTHER    00:01:45    10.0.0.3        Serial0/0
4.4.4.4           0   FULL/DROTHER    00:01:48    10.0.0.4        Serial0/0

Additionally, when we look at the interface, we can see this router has become the DR and there is no backup router as intended.
Also of note is that the hello timer is set to 30 seconds and the dead timer to 120. This is the default for non-broadcast networks.
Should this have been a broadcast network type, the hello timer would have been 10 seconds and the dead timer 30.

R1#sh ip ospf interface
Serial0/0 is up, line protocol is up
Internet Address 10.0.0.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 200
Designated Router (ID) 1.1.1.1, Interface address 10.0.0.1
No backup designated router on this network
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:01
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 2/2, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 3, maximum is 3
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 3, Adjacent neighbor count is 3
Adjacent with neighbor 2.2.2.2
Adjacent with neighbor 3.3.3.3
Adjacent with neighbor 4.4.4.4
Suppress hello for 0 neighbor(s)

We have explored that you can statically assign DLCI maps and how to statically configure and verify OSPF neighbours.
For the next updates I plan to explore the point-to-point and point-to-multipoint links and their relation with OSPF further.

OSPF LAB # 2 : OSPF Over NBMA

Network Diagram:

Topology

Objectives:

  1. Configure OSPF for the network diagram. You will need to configure OSPF for the area 0 and area 24 Frame Relay network using the default OSPF network mode (no ip ospf network statements may be used on any router in these areas). R3’s interface connecting to Area 356 needs to be configured for the OSPF RFC standard point-to-multipoint mode. R5 and R6 must use the default OSPF mode (no ip ospf network statements may be used on R5 or R6).
  2. Each OSPF router has a single loopback interface. They will reflect the hostnames. (R1 has 1.1.1.1 as a loopback interface ip for example). These should be advertised through the OSPF network. THe loopback interfaces of the ABR’s can be included in either area.
  3. Ensure only appropriate routers have DR/BDR status.
  4. In order to achieve full connectivity, you may need to add additional Frame-Relay maps to your routers. However, the initial Frame Relay switch configuration may not be modified.
  5. To test your configuration, R4 should be able to ping the loopback interfaces of R5 and R6.

GNS Frame-Relay Switch connections and DLCI config:

R1 Se 0/0 102 (Port 1) <-> 201 R2 Se 0/0 (Port 10)
R1 Se 0/0 103 (Port 1) <-> 301 R3 Se 0/0 (Port 11)
R2 Se 0/1 204 (Port 2) <-> 402 R4 Se 0/0 (Port 12)
R3 Se 0/0 305 (Port 3) <-> 503 R5 Se 0/0 (Port 13)
R3 Se 0/1 306 (Port 3) <-> 603 R6 Se 0/0 (Port 14)

Let’s see what needs to be done for Frame Relay.

I have not yet done any mappings for Frame Relay but with the command “Show frame-relay pvc” we can already see which DLCIs we should configure on our interface.

R1#sh frame-relay pvc | sec DLCI
DLCI = 102, DLCI USAGE = UNUSED, PVC STATUS = ACTIVE, INTERFACE = Serial0/0
DLCI = 103, DLCI USAGE = UNUSED, PVC STATUS = ACTIVE, INTERFACE = Serial0/0

As we can see from the diagram, this will be a multipoint interface, so I’ll configure it as such.

R1(config)#int se 0/0
R1(config-if)#encapsulation frame-relay
R1(config)#int se 0/0.1 multipoint
R1(config-subif)#frame-relay map ip 10.12.3.2 102
R1(config-subif)#frame-relay map ip 10.12.3.3 103

First I told se 0/0 to use an encapsulation for Frame Relay. Then I have created a multipoint subinterface with two DLCI mappings to R2 and R3.

Earlier I had assigned the IP addresses to the physical interfaces but I noticed that I need to assign them to the sub interfaces and not the physical ones. So let’s fix that.

R1(config)#int se 0/0
R1(config-if)#no ip address
R1(config-if)#int se 0/0.1 multi
R1(config-subif)#ip address 10.12.3.1 255.255.255.0

R2 uses point-to-point links so let’s configure those now.

R2(config)#int se 0/0
R2(config-if)#no ip address
R2(config-if)#encapsulation frame-relay
R2(config-if)#int serial 0/0.1 point-to-point
R2(config-subif)#ip address 10.12.3.2 255.255.255.0

When trying to enter the “frame-relay map” command, I get the following error.

R2(config-subif)#frame-relay map ip 10.12.3.1 201
Only frame-relay interface-dlci command should be used on point-to-point interfaces not frame-relay map

For point-to-point links we need to use the command “frame-relay interface-dlci“.

R2(config-subif)#frame-relay interface-dlci 201

It makes sense. When there’s only one way to go, why would you need a map?

R2#ping 10.12.3.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.12.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/11/28 ms

And I can ping R1 so its verified that Frame-Relay is working.

R2(config)#int se 0/1
R2(config-if)#no ip address
R2(config-if)#encapsulation frame-relay
R2(config-if)#int se 0/1.1 point-to-point
R2(config-subif)#ip address 10.24.0.2 255.255.255.0
R2(config-subif)#frame-relay interface-dlci 204

R3 will use one point-to-point link for area 0 and one multi-point link for area 356

R3(config)#int se 0/0
R3(config-if)#no ip address
R3(config-if)#encap frame-relay
R3(config-if)#int se 0/0.1 point
R3(config-subif)#ip address 10.12.3.3 255.255.255.0
R3(config-subif)#frame-relay interface-dlci 301

R3(config)#int se 0/1
R3(config-if)#no ip address
R3(config-if)#encapsulation frame-relay
R3(config-if)#int se 0/1.1 multi
R3(config-subif)#ip address 10.35.6.3 255.255.255.0
R3(config-subif)#frame-relay map ip 10.35.6.5 305
R3(config-subif)#frame-relay map ip 10.35.6.6 306

The rest of the devices will all be point-to-point.

R4(config)#int se 0/0
R4(config-if)#no ip address
R4(config-if)#encapsulation frame-relay
R4(config-if)#int se 0/0.1 point
R4(config-subif)#ip address 10.24.0.4 255.255.255.0
R4(config-subif)#frame-relay interface-dlci 402

R5(config)#int se 0/0
R5(config-if)#no ip address
R5(config-if)#encap frame
R5(config-if)#int se 0/0.1 point
R5(config-subif)#ip address 10.35.6.5 255.255.255.0
R5(config-subif)#frame-relay interface-dlci 503

R6(config)#int se 0/0
R6(config-if)#no ip address
R6(config-if)#encapsulation frame
R6(config-if)#int se 0/0.1 point
R6(config-subif)#ip address 10.35.6.6 255.255.255.0
R6(config-subif)#frame-relay interface-dlci 603

I did some ping tests and everything seems reachable the way it should be.
Let’s try starting on the OSPF configuration.

First I will input the command “Router ospf 10” on each router to start the OSPF process.
For example:

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#Router ospf 10
R1(config-router)#

This will be repeated for each router in the topology.

The process seems to be running but there is not much happening at the moment. We do not even have areas yet.

R1#sh ip protocols
Routing Protocol is “ospf 10”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 1.1.1.1
Number of areas in this router is 0. 0 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
Reference bandwidth unit is 100 mbps
Routing Information Sources:
Gateway         Distance      Last Update
Distance: (default is 110)

I did some research and (ofcourse) this being a Non-Broadcast Multi-Access network we can not rely on OSPF’s multicast messages to form neighbours. In this case we will need to add the keyword “broadcast” to the “frame-relay map” command. This will enable something called “pseudo-broadcasts

Pseudo-broadcast will make the router literally send fake broadcasts over the PVC’s as unicast.
The router will make a copy of the multicast frame that is normally used for OSPF.

So, we will need to go back and reconfigure our multipoint links.

R1(config-subif)#frame-relay map ip 10.12.3.3 103 broadcast
R1(config-subif)#frame-relay map ip 10.12.3.2 102 broadcast

R3(config-subif)#frame-relay map ip 10.35.6.6 306 broadcast
R3(config-subif)#frame-relay map ip 10.35.6.5 305 broadcast

I will now configure the “network” commands on each router so neighbourships can form.

For example I will show the config for R2 and R3. It’s similar for all other routers.

R2(config)#router ospf 10
R2(config-router)#network 10.12.3.2 0.0.0.255 area 0
R2(config-router)#network 2.2.2.2 0.0.0.255 area 0
R2(config-router)#network 10.24.0.2 0.0.0.255 area 24

R3(config-router)#network 10.12.3.3 0.0.0.255 area 0
R3(config-router)#network 3.3.3.3 0.0.0.255 area 0
R3(config-router)#network 10.35.6.3 0.0.0.255 area 356

Okay, network statements on all routers have been done. We should now be able to see those neighbours come up, right?

Nope, It seems I’m still missing some configuration. It looks like we should enter the interface command “ip ospf network broadcast” but our objectives specifically state that these commands are not allowed.

So the next best thing would be to statically assign our neighbours with the router command “neighbour ip-address”  which I’ll do.

R1(config)#router ospf 10
R1(config-router)#neighbor 10.12.3.3 ?
cost             OSPF cost for point-to-multipoint neighbor
database-filter  Filter OSPF LSA during synchronization and flooding for
point-to-multipoint neighbor
poll-interval    OSPF dead-router polling interval
priority         OSPF priority of non-broadcast neighbor
<cr>

R1(config-router)#neighbor 10.12.3.3 priority 0
R1(config-router)#neighbor 10.12.3.2 priority 0

I’ve gone ahead and add the priority 0 keyword because we do not want R2 or R3 to become a DR/BDR as per objective #3. This is default behavior, so I could have just entered “neighbour ip-address” instead.
I gave R1 a priority of 200 because we want it become the DR for area 0.

Neighbourships still do not seem to form on R1. I can ping both routers from R1 though …

R1# sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
N/A               0   ATTEMPT/DROTHER    –        10.12.3.3       Serial0/0.1
N/A               0   ATTEMPT/DROTHER    –        10.12.3.2       Serial0/0.1

After some research it looks like the Area 0-side links on R2 and R3 should also be multipoint and not point-to-point. I wrongly thought that point-to-point would work as point-to-multipoint aswell.

So I will reconfigure the interfaces for R2, R3, R5 and R6 . The difference is minimum so I will not paste the entire output.

Note to self: In the future, do not update blog while working on labs but after.

R1#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/DROTHER    00:01:49    10.12.3.2       Serial0/0.1
3.3.3.3           0   FULL/DROTHER    00:01:45    10.12.3.3       Serial0/0.1

There we go. These relationships took some time to form. I’m seeing some other weird behavior aswell when looking at the packets with wireshark. I am starting to think GNS can not handle a frame-relay switch with multiple connections like these very well.

For R3 I will also use the command “ip ospf network point-to-multipoint” as per objective #1

R3(config)#int se 0/1.1
R3(config-subif)#ip ospf network point-to-multipoint

And we can see the neighbour relationships have formed correctly.

R3#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1         200   FULL/DR         00:01:57    10.12.3.1       Serial0/0.1
5.5.5.5           0   FULL/  –        00:01:51    10.35.6.5       Serial0/1.1
6.6.6.6           0   FULL/  –        00:01:35    10.35.6.6       Serial0/1.1

R4 and R2 have a point-to-point link so that neighbourship has also correctly come up:

R4#sh ip ospf neighb

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/  –        00:00:34    10.24.0.2       Serial0/0.1

Area 24 really is the best behaving area of this lab.

As I’ve been doing things kinda randomly, let’s take a look at the objectives and see what there is left that needs to be done.

… Oh wow, It seems only the last one remains.

To test your configuration, R4 should be able to ping the loopback interfaces of R5 and R6.

Let’s try it! Very exciting.

R4#ping 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
….
Success rate is 0 percent (0/4)
R4#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)

Well, that figures! Let’s see what is going wrong here.

Checking on R2, it seems it we still need to tell it how to get to R3.

R2(config-subif)#frame-relay map ip 10.12.3.3 201 broadcast

There we go. It now knows to use DLCI 201 to get to R3. (Through R1).

Ping tests are however still failing. That is because we also need a way back from R3.

R3(config)#int se 0/0.1
R3(config-subif)#frame-relay map ip 10.12.3.2 301 broadcast

And now the pings are going through!

This lab has been based on Jeremy Cioara’s “OSPF Over NBMA” videos over at cbtnuggets.com
Further References used are:
GNS3 Frame relay
Running OSPF Over NBMA
Point-to-multipoint networks

OSPF LAB # 1 : “Basic” Implementation

Network Diagram

Network Diagram

Objectives

  1. Configure OSPF for the above network diagram. R1 will act as an ASBR by redistributing a series of static routes into theOSPF network. These routes should NOT increment their metric as they pass through the network and should have an initial OSPF cost of 200. All routers should have a router-id reflecting their hostname. You should be able to ping each router throughthe entire OSPF network.
  2. R1 Should become the DR for Area 0. R2 and R3 should neither become the DR or BDR. Check what type of neighbour relationship exists between R1 and R2. What about R2 and R3?
  3. Implement summarization at the ABRs R2 and R3 to make the routing tables as efficient as possible.
  4. Implement summarization at the ASBR R1. The summary route should have the same attributes as the original, individual routes redistributed into the network.
  5. We plan to upgrade to Gigabit Ethernet connections in the future. OSPF should accurately calculate its metric assuming Gigabit Ethernet will be the fastest link in the network.

Let’s take a look at the first Objective.

1. Configure OSPF for the above network diagram. R1 will act as an ASBR by redistributing a series of static routes into the OSPF network. These routes should NOT increment their metric as they pass through the network and should have an initial OSPF cost of 200. All routers should have a router-id reflecting their hostname. You should be able to ping each router through the entire OSPF network.

First we must ofcourse configure our interfaces and set up the OPSF neighbour relationships and areas. At the same time I will also configure the router IDs to reflect the hostnames.

Console logging will be disabled during this configuration to keep everything clean and readable.
This can be done with the global config command “no logging console“.
All interfaces have also been already enabled with the interface config command “no shutdown“.

R1>
R1>en
R1#conf t
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 172.30.0.1 255.255.255.0
R1(config-if)#end
R1#conf t
R1(config)#router ospf 10

I will be using OSPF process-id 10 on all routers for ease of config. The process-id does not need to match on all routers like the Autonomous System number needs to in EIGRP.

“From Cisco tech notes: The OSPF process-id is a numeric value local to the router. It does not have to match process-ids on other routers. It is possible to run multiple OSPF processes on the same router, but is not recommended as it creates multiple database instances that add extra overhead to the router.”
 

R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 172.30.0.0 0.0.0.255 area 0

That’s done, now on to R2.

R2>
R2>en
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#int fa 0/0
R2(config-if)#ip address 172.30.0.2 255.255.255.0
R2(config-if)#int se 0/0
R2(config-if)#ip address 172.30.10.2 255.255.255.0
R2(config-if)#clock rate 64000
R2(config-if)#end
R2#conf t
R2(config)#router ospf 10
R2(config-router)#network 172.30.0.0 0.0.0.255 area 0
R2(config-router)#network 172.30.10.0 0.0.0.255 area 10
R2(config-router)#router-id 2.2.2.2

On to R3

R3>
R3>en
R3#conf t
R3(config)#int fa 0/0
R3(config-if)#ip address 172.30.0.3 255.255.255.0
R3(config-if)#int se 0/0
R3(config-if)#ip address 172.30.20.3 255.255.255.0
R3(config-if)#clock rate 64000
R3(config-if)#end
R3#conf t
R3(config)#router ospf 10
R3(config-router)#network 172.30.0.0 0.0.0.255 area 0
R3(config-router)#network 172.30.20.0 0.0.0.255 area 20
R3(config-router)#router-id 3.3.3.3

On to R4

R4>
R4>en
R4#
R4#conf t
R4(config)#interface serial 0/0
R4(config-if)#ip address 172.30.20.4 255.255.255.0
R4(config-if)#end
R4#conf t
R4(config)#router ospf 10
R4(config-router)#network 172.30.20.0 0.0.0.255 area 20
R4(config-router)#router-id 4.4.4.4

And finally R5

R5>
R5>en
R5#conf t
R5(config)#interface serial 0/0
R5(config-if)#ip address 172.30.10.5 255.255.255.
R5(config-if)#end
R5#conf t
R5(config)#router ospf 10
R5(config-router)#network 172.30.10.0 0.0.0.255 area 10
R5(config-router)#router-id 5.5.5.5

There, my base configuration is ready. You can verify that the neighbourships have formed with the command “show ip ospf 10 neighbor“. Also try a few ping tests to make sure you have full connectivity.

R1#ping 172.30.20.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.30.20.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/40 ms

Seems ok to me !
Now, what’s left for our first objective?

R1 will act as an ASBR by redistributing a series of static routes into the OSPF network. These routes should NOT increment their metric as they pass through the network and should have an initial OSPF cost of 200.
 

Okay, let’s go on R1 and get this done.
First I’ll create the static routes.

R1#conf t
R1(config)#ip route 172.16.0.0 255.255.255.0 Null0
R1(config)#ip route 172.16.1.0 255.255.255.0 Null0
R1(config)#ip route 172.16.2.0 255.255.255.0 Null0
R1(config)#ip route 172.16.3.0 255.255.255.0 Null0

These routes are pointing towards the Null 0 interface meaning all packets sent here will be discarded.
That is okay because we are only using these routes to test redistribution.

And the redistribution of these static routes;

R1(config)#router ospf 10
R1(config-router)#redistribute static metric 200 subnets

I’m adding “subnets” to the command because When redistributing routes into OSPF, only routes that are not subnetted are redistributed if the subnets keyword is not specified.
I’m adding the “Metric 200” part because the objective is asking for an OSPF cost of 200 for these routes.

NOTE: You can also define the metric-type for these routes.

R1(config-router)#redistribute static metric 200 subnets metric-type ?
1  Set OSPF External Type 1 metrics
2  Set OSPF External Type 2 metrics

“From Cisco tech notes: External routes fall under two categories, external type 1 and external type 2. The difference between the two is in the way the cost (metric) of the route is being calculated. The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route. A type 1 cost is the addition of the external cost and the internal cost used to reach that route. A type 1 route is always preferred over a type 2 route for the same destination.”
 

The default metric-type is 2 which is also our objective.
We can verify this config with the priviliged mode command “show ip protocols

R1#sh ip protocols
Routing Protocol is “ospf 10”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 1.1.1.1
It is an autonomous system boundary router
Redistributing External Routes from,
static with metric mapped to 200, includes subnets in redistribution
Number of areas in this router is 1. 1 normal 0 stub 0 nssa

This is a cool command. You can see its router-ID, The fact that it has become an ASBR (because of the static route redistribution) and the way it is redistributing the routes.
And that’s it for objective 1. Now on to the second objective.

2. R1 Should become the DR for Area 0. R2 and R3 should neither become the DR or BDR. Check what type of neighbour relationship exists between R1 and R2. What about R2 and R3?
 

Easy enough. We need to use the interface config command “IP OSPF Priority

First I’ll make sure R1 has the highest priority.

R1(config)#int fa 0/0
R1(config-if)#ip ospf priority 200

I will set the priority for R2 and R3 to 0 because we do not want them to become the DR/BDR.

R2(config)#int fa 0/0
R2(config-if)#ip ospf priority 0

R3(config)#int fa 0/0
R3(config-if)#ip ospf priority 0

It’s possible you need to clear the OSPF process before you can see the changes.
You can do this with the priviliged mode command “clear ip ospf 10 process

R1#clear ip ospf 10 process
R2#clear ip ospf 10 process
R3#clear ip ospf 10 process

Now let’s check our neighbour relationships.

R1#sh ip ospf 10 neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/DROTHER    00:00:34    172.30.0.2      FastEthernet0/0
3.3.3.3           0   FULL/DROTHER    00:00:35    172.30.0.3      FastEthernet0/0

We can see the other two routers are set as “DROTHER” because they are neither the DR or BDR.
Let’s check if R1 has become the DR like we wanted with the command “show ip ospf 10 interface“.

R1#sh ip ospf 10 interface
FastEthernet0/0 is up, line protocol is up
Internet Address 172.30.0.1/24, Area 0
Process ID 10, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 100
Transmit Delay is 1 sec, State DR, Priority 200
Designated Router (ID) 1.1.1.1, Interface address 172.30.0.1
No backup designated router on this network

Looking good, we can see it has priority 200, it has a state of DR and that there are no BDRs on this network.

Now what is the relationship between R2 and R3?

R2#sh ip ospf 10 neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1         200   FULL/DR         00:00:30    172.30.0.1      FastEthernet0/0
3.3.3.3           0   2WAY/DROTHER    00:00:35    172.30.0.3      FastEthernet0/0

A “Full” state has been established with R1 because it is the DR.
A “2way” state has been established with R3 because it is a “DROTHER”.

Check these Cisco tech notes for more information on the OSPF Neighbour states.

And with that, we have finished objective 2 and are feeling good about ourselves!

Let’s take a look at the third objective.

3. Implement summarization at the ABRs R2 and R3 to make the routing tables as efficient as possible.
 
 

Okay, this is talking about those loopback interfaces on R4 and R5 you can see in the diagram.
I have not yet created those so let’s do that first and also enter the network commands.

R4(config)#interface loopback 1
R4(config-if)#ip address 10.20.0.1 255.255.255.0
R4(config-if)#interface loopback 2
R4(config-if)#ip address 10.20.1.1 255.255.255.0
R4(config-if)#interface loopback 3
R4(config-if)#ip address 10.20.2.1 255.255.255.0
R4(config-if)#interface loopback 4
R4(config-if)#ip address 10.20.3.1 255.255.255.0

R4(config)#router ospf 10
R4(config-router)#network 10.20.0.0 0.0.0.255 area 20
R4(config-router)#network 10.20.1.0 0.0.0.255 area 20
R4(config-router)#network 10.20.2.0 0.0.0.255 area 20
R4(config-router)#network 10.20.3.0 0.0.0.255 area 20

R5(config)#interface loopback 1
R5(config-if)#ip address 10.10.0.1 255.255.255.0
R5(config-if)#interface loopback 2
R5(config-if)#ip address 10.10.1.1 255.255.255.0
R5(config-if)#interface loopback 3
R5(config-if)#ip address 10.10.2.1 255.255.255.0
R5(config-if)#interface loopback 4
R5(config-if)#ip address 10.10.3.1 255.255.255.0

R5(config)#router ospf 10
R5(config-router)#network 10.10.0.0 0.0.0.255 area 10
R5(config-router)#network 10.10.1.0 0.0.0.255 area 10
R5(config-router)#network 10.10.2.0 0.0.0.255 area 10
R5(config-router)#network 10.10.3.0 0.0.0.255 area 10

Okay, those are configured and ready.

For the summarization we can look at the range of the loopback addresses at R4 and R5.
If you do some calculations, you will see that a mask of /20 will encompass all needed ranges.

Now let’s move to R2 and R3 to implement the Summarization.
Note that R4 and R5 can not do summarization because they are “internal” routers to their area.

We can do this with the router ospf config command “Area 10 range ip-address mask“.

R2(config)#router ospf 10
R2(config-router)#area 10 range 10.10.0.0 255.255.252.0

R3(config)#router ospf 10
R3(config-router)#area 20 range 10.20.0.0 255.255.252.0

Okay, that is configured. Now let’s look what R1 thinks about our configuration.

R1#sh ip route
10.0.0.0/22 is subnetted, 2 subnets
O IA    10.10.0.0 [110/748] via 172.30.0.2, 01:07:05, FastEthernet0/0
O IA    10.20.0.0 [110/748] via 172.30.0.3, 01:07:04, FastEthernet0/0

It looks pretty content with what we have done. All those routes are being nicely summarized.
We can also see “IA” which tells us this is an “inter-area route” because it’s coming from area 10 and 20.

What’s next?

4. Implement summarization at the ASBR R1. The summary route should have the same attributes as the original, individual routes redistributed into the network.

Alright, this is for the static routes that we redistributed earlier.
At the moment they are showing up like so;

R5#sh ip route 172.16.0.0
Routing entry for 172.16.0.0/24, 4 known subnets

O E2    172.16.0.0 [110/200] via 172.30.10.2, 00:02:48, Serial0/0
O E2    172.16.1.0 [110/200] via 172.30.10.2, 00:02:53, Serial0/0
O E2    172.16.2.0 [110/200] via 172.30.10.2, 00:02:53, Serial0/0
O E2    172.16.3.0 [110/200] via 172.30.10.2, 00:02:53, Serial0/0

We can see they’re E2 routes like we wanted but this table could be shortened.

Let’s go to R1 and do exactly that with the router ospf command “summary-address“.

R1(config)#router ospf 10
R1(config-router)#summary-address 172.16.0.0 255.255.252.0

Et voila, now let’s go check back on R5;

R5#sh ip route

172.16.0.0/22 is subnetted, 1 subnets
O E2    172.16.0.0 [110/200] via 172.30.10.2, 00:01:29, Serial0/0

Alright. It went from four to just one entry and we can also see the metric has remained the same.
So summarizing routes like this, did not change our previous metric configuration, neat.
This meets our goals for objective numero quatro.

The final objective.

5. We plan to upgrade to Gigabit Ethernet connections in the future. OSPF should accurately calculate its metric assuming Gigabit Ethernet will be the fastest link in the network. Check if costs are correctly being calculated after implementing this.

This can be done with the router ospf command “auto-cost reference-bandwidth
We are changin the reference bandwidth to 1000 because our gigabit links will be the fastest in our network.

R1(config-router)#auto-cost reference-bandwidth ?
<1-4294967>  The reference bandwidth in terms of Mbits per second
R1(config-router)#auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.

We get a warning that this must be configured on all routers. This is just copy-pasting again so I’m not going to put that entire process in here.

After the reference bandwidth has been changed, you can see this reflected in the calculated metric for each route.
Note that the original reference was 100 (Fast ethernet) and is now changed to 1000 (Gigabit ethernet)

For example, on R5 we see;

O IA    172.30.20.0 [110/1394] via 172.30.10.2, 01:24:23, Serial0/0

Administrative distance is 110 (OSPF) but a metric or “cost” of 1394 you say? Let’s see how it calculated that.

The formula is as following: “reference bandwidth divided by interface bandwidth”

First, the bandwidth for a serial link;

R5#sh int se 0/0 | incl BW
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

So that is (in kilobit) 1000000/1544 = 647
I’ll do 647 x 2 because there are two serial links involved.

647 * 2 = 1294 + 100 (for the 100 mpbs link between R2 and R3) = 1394.

All objectives have been completed.
The end.

Startup-config of each router used in this lab can be downloaded here.

This lab has been based on Jeremy Cioara’s “Implementing Basic OSPF” video over at cbtnuggets.com
Further References used are:
OSPF FAQ
OSPF Design guide