Saturday, January 08, 2011

CCNA 640-802 Study Note Open Shortest Path First (OSPF)

The previous CCNA study note, we have a look at VLSM and some benefits of using it.  But how to do we use these classless networks and move packets between different networks.  Yes, we need IP routing and that is the job of a router.  We also need to use a routing protocol that supports VLSM.  RIPv2, EIGRP and OSPF are such routing protocols.  We will be looking at implementing OSPF on routers. 

By the way, there is a difference between routing protocol and routed protocol.  Routing protocol such as RIPv2, EIGRP and OSPF is used by routers to facilitate the exchange of routing information between networks, allowing routers to build routing tables dynamically.   Routed protocol is any network protocol that provides enough information in its network layer address to allow a packet to be forwarded from one host to another host based on the addressing scheme, without knowing the entire path from source to destination.  IP is an example of routed protocol.

Okay, let’s try implementing OSPF in our simple setup here.

image

We have the 3 routers connected to each other via serial connection so we need to assign a clock rate at the DCE end.  You can use the sh controllers serial command to check which side is DCE or DTE and also the clock rate.  The example below shows that it is DCE but no clock rate set.

CoreRouter#sh controllers serial 0/0/1
Interface Serial0/0/1
Hardware is PowerQUICC MPC860
DCE V.35, no clock
idb at 0x81081AC4, driver data structure at 0x81084AC0
SCC Registers:
General [GSMR]=0x2:0x00000000, Protocol-specific [PSMR]=0x8
Events [SCCE]=0x0000, Mask [SCCM]=0x0000, Status [SCCS]=0x00
Transmit on Demand [TODR]=0x0, Data Sync [DSR]=0x7E7E

You can set the clock rate using the clock rate command.

CoreRouter(config)#int s0/0/1
CoreRouter(config-if)#clock rate 64000

Before we configured OSPF on the 3 routers (RouterA, RouterB and CoreRouter), we will do some simple ping test.

On each router, ping the directly connected interface’s IP address of the neighbour devices.  For example, on RouterA, ping 10.2.2.11 (SwitchA VLAN 1), 10.23.23.2 (RouterB s0/0/1) and 10.140.1.1 (CoreRouter s0/0/0).  The ping should be successful because they are all directly connected as shown in the routing table.

RouterA#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 3 subnets
C       10.2.2.0 is directly connected, FastEthernet0/0
C       10.23.23.0 is directly connected, Serial0/0/1
C       10.140.1.0 is directly connected, Serial0/0/0

However, if you try to ping 10.1.1.3 on RouterA, it will fail because it has no idea how to route that packet to 10.1.1.3.  That’s why we need a routing protocol to help us to find and fill in these entries in the routing table.  We will configure the OSPF routing protocol on the 3 routers to make our simple network routable.

We start by configuring loopback interfaces on each router and assigned them IP address higher than IP address of other interfaces on each router.  For example, we configure loopback interface 0 on RouterA with IP address 192.168.1.65/28.  We are doing this so that the IP address of the loopback interface will become the router ID when the OSPF process starts.  The highest IP address on an active interface at the moment of OSPF process start up, will become the router ID.

Next we will enable OSPF and configure the OSPF network using the following commands.

router ospf process-id This command enable OSPF.

process-id is an unique ID to identify the OSPF process on a router.  It does not need to match the OSPF process-id on other OSPF routers.
network address wildcard-mask area-id This command identifies which IP networks on the router are part of the OSPF network.

address is IP network to be included.
wildcard-mask identifies the part of the IP address to be matched.  0 is a match and 1 is don’t care.
area-id is the area that is to be associated with the OSPF address range.

Below is how we enable and configure OSPF on RouterA.  100 is the process-id and for simplicity, all wildcard-masks are 0.0.0.0 (match all 32 bits of the IP address).  192.168.1.65, 10.2.2.3, 10.140.1.2 and 10.23.23.1 are the IP addresses configured on the 4 interfaces of RouterA (including the loopback interface).

RouterA(config)#router ospf 100
RouterA(config-router)#network 192.168.1.65 0.0.0.0 area 0
RouterA(config-router)#network 10.2.2.3 0.0.0.0 area 0
RouterA(config-router)#network 10.140.1.2 0.0.0.0 area 0
RouterA(config-router)#network 10.23.23.1 0.0.0.0 area 0

Similar configuration will be applied on RouterB and CoreRouter.  Remember the process-id needs not be the same but for ease of remembering, we will make it the same.  The addresses will be different for each router but the area-id must be the same (in this case is 0).

Next, we are going to set on each router, the bandwidth of all the serial interfaces to be 64Kb.  Bandwidth is one of the elements which is used by routing protocols (in this case OSPF) to determine the best route.  Setting the bandwidth does not increase or decrease the speed of the physical link.  You might want to check out Clarifying the Cisco IOS bandwidth command if you are still confuse.  Below is an example of setting the bandwidth to 64Kb on the s0/0/0 of RouterA.

RouterA(config)#int s0/0/0
RouterA(config-if)#bandwidth 64

The sh int command can be used to verify the bandwidth set.

RouterA#sh int s0/0/0
Serial0/0/0 is up, line protocol is up (connected)
  Hardware is HD64570
  Internet address is 10.140.1.2/24
  MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation HDLC, loopback not set, keepalive set (10 sec)

By default, OSPF uses null authentication so routing exchanges over the network are not authenticated.  OSPF supports 2 types of authentication which are plaintext password and MD5.  Here we are going to setup plaintext password for the routing exchanges.

On each of the serial interface, we will assign a password and enable the ospf authentication.  Below is an example of setting pass-word as the password on s0/0/0 of CoreRouter.  The last command,  ip ospf authentication enable the authentication.  All the serial interfaces must have the same password and authentication setup to work.

CoreRouter(config)#int s0/0/0
CoreRouter(config-if)#ip ospf authentication-key pass-word
CoreRouter(config-if)#ip ospf authentication

The sh ip ospf int command can be used to verify that plaintext password has been enabled.

CoreRouter#sh ip ospf int s0/0/0
Serial0/0/0 is up, line protocol is up
  Internet address is 10.140.1.1/24, Area 0
  Process ID 100, Router ID 172.16.31.99, Network Type POINT-TO-POINT, Cost: 1562
  Transmit Delay is 1 sec, State POINT-TO-POINT, Priority 0
  No designated router on this network
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:08
  Index 4/4, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1 , Adjacent neighbor count is 1
    Adjacent with neighbor 192.168.1.65
  Suppress hello for 0 neighbor(s)
 
Simple password authentication enabled

Now we shall verify our OSPF configuration and test it out.

We will take a look at the routing table on each router first.  Below is an example from CoreRouter.  Those in red are entries by OSPF.  We can see that now it has routing information to networks other than those that are directly connected.  For example, to reach 10.3.3.0 network, the packet will be routed to 10.140.2.2 (IP address of s0/0/0 interface on RouterB)  from its own s0/0/1 interface.  RouterB has a direct connection to the 10.3.3.0 network.

CoreRouter#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 6 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
O       10.2.2.0 [110/1563] via 10.140.1.2, 02:35:07, Serial0/0/0
O       10.3.3.0 [110/1563] via 10.140.2.2, 02:34:57, Serial0/0/1
O       10.23.23.0 [110/3124] via 10.140.2.2, 02:34:57, Serial0/0/1
                   [110/3124] via 10.140.1.2, 02:34:57, Serial0/0/0
C       10.140.1.0 is directly connected, Serial0/0/0
C       10.140.2.0 is directly connected, Serial0/0/1
     172.16.0.0/28 is subnetted, 1 subnets
C       172.16.31.96 is directly connected, Loopback0
     192.168.1.0/32 is subnetted, 2 subnets
O       192.168.1.65 [110/1563] via 10.140.1.2, 02:35:07, Serial0/0/0
O       192.168.1.81 [110/1563] via 10.140.2.2, 02:34:57, Serial0/0/1

Next, we use the sh ip protocols command to verify the configuration of our OSFP is correct.  Below is an example from the CoreRouter.  Here we can check that the process-id is correct, the router ID is the IP address of the loopback interface and we have added all the necessary networks.

CoreRouter#sh ip protocols

Routing Protocol is "ospf 100"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Router ID 172.16.31.99
  Number of areas in this router is 1. 1 normal 0 stub 0 nssa
  Maximum path: 4
  Routing for Networks:
    172.16.31.99 0.0.0.0 area 0
    10.1.1.3 0.0.0.0 area 0
    10.140.1.1 0.0.0.0 area 0
    10.140.2.1 0.0.0.0 area 0
  Routing Information Sources: 
    Gateway         Distance      Last Update
    10.140.1.2           110      00:14:25
    10.140.2.2           110      00:14:25
  Distance: (default is 110)

Finally we can use the sh ip ospf neighbor to check the status of the neighbour.  The state should be FULL when the router and its neighbour router have successfully formed an OSPF adjacency.

CoreRouter#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
192.168.1.65      0   FULL/  -        00:00:38    10.140.1.2      Serial0/0/0
192.168.1.81      0   FULL/  -        00:00:32    10.140.2.2      Serial0/0/1

Alright, we have just implemented OSPF on our simple little network. Hurray!

No comments: