HCIP-OSPF optimization, expansion configuration and routing rules

OSPF optimization and extended configuration

  • 1. OSPF optimization
    • 1. Summary
      • Inter-domain route summary
      • Out-of-domain route summary
    • 2. Special area
      • Peripheral area
        • completely peripheral area
      • NSSA non-peripheral area
        • Totally NSSA (totally not completely peripheral area)
  • 2. Extended configuration of OSPF
    • 1. Manual authentication
    • 2. Accelerate convergence
    • 3. Silent interface
      • default route
    • 4. Route filtering
    • 5. Routing control
      • 5.1 Modify priority
      • 5.2 Modify the cost value
  • 3. OSPF routing principles
    • 1. Comparison of LSAs of the same type
    • 2. Routing principles for Type 5 and Type 7 LSAs
    • 3. Comparison of different LSAs

1. OSPF optimization

The main purpose of OSPF optimization is to reduce the amount of LSA updates. There are two ways to achieve this effect-.1. Routing summary (can reduce the amount of LSA updates in the backbone area); 2. Make OSPF special areas (can reduce the number of LSA updates in non-bone areas Updates)
The essence of OSPF optimization is to reduce the amount of LSA updates. Among the six types of LSAs we have learned, the first and second types carry topology information and spread within the area. These two types of LSAs are indispensable, while others carry routing information. What about the LSAs, are all these LSAs necessary?
If only Type 1 and Type 2 LSAs are kept in the non-backbone area, add a default link pointing to the backbone area, and send out the routing information in the area, so that the backbone area has routing information of all network segments. When the non-backbone area needs to access the unknown When routing, the message is forwarded to the backbone by default, which can reduce the amount of LSA update in non-backbone areas. And each non-backbone area can also summarize the network segments in its own area and then send it to the backbone area, which will reduce the amount of LSA updates in the backbone area.
Summary: The optimization of OSPF is to reduce the amount of LSA update in the non-backbone area by default and reduce the amount of LSA update in the backbone area by summarizing.

1. Summary

OSPF summary is different from RIP interface summary, but called area summary. Because OSPF transmits routing information between areas
The essence of OSPF summary is area summary, which is to summarize the routes in this area and then distribute them to other areas. The essence of area summary is to summarize the LSAs that transmit routing information. Unlike RIP, OSPF publishes summaries on interfaces, because OSPF interfaces are included in topology information, and only routing information can be summarized.

Inter-domain routing summary

Inter-area refers to between areas. In essence, the ABR summarizes the routing information transmitted between the areas and advertises the summarized routing information to other areas, reducing the number of three types of LSAs.
Inter-area route summarization-essentially summarizing the three types of LSAs transmitted between areas on the ABR device
[r1-ospf-1-area-0.0.0.2] abr-summary 192.168.0.0255.255.252.0
Note: The inter-domain routing summary can only summarize the routing information learned by the ABR device itself through Type 1 and Type 2 LSA information

[r1] ospf 1
[r1-ospf-1]area 1 --- Enter the area that needs to be summarized
[r1-ospf-1-area-0.0.0.1]abr-summary 192.168.0.0 255.255.254.0 -- abr-summary Enter the summarized network segment and mask

Note:
The area summarization performed on the ABR must perform the summarization operation on the routes calculated by itself through Type 1 and Type 2 LSAs.
The cost value of the summarized route is the maximum value among the detailed route cost values.

Extra-domain routing summary

The extra-area route summary is essentially to summarize the routes imported during redistribution on the ASBR, and then advertise the summarized routing information to the OSPF domain, reducing the number of five types of LSAs.

[r1] ospf 1
[r1-ospf-1]asbr-summary 172.16.0.0 255.255.254.0 -- asbr-summary summary network segment and mask
Executed in the OSPF process of the ASBR, this summary command can only take effect on the ASBR device

The cost value in the domain foreign exchange total network segment LSA:
If the cost value type is type 2, the cost value of the summary network segment is equal to the maximum cost value in the detailed route + 1.
If the cost value type is type 1, the cost value of the summary network segment is equal to the maximum cost value in the detailed route.

2. Special area

By configuring the non-backbone area as a special area, the backbone area can keep only Type 1 and Type 2 LSAs, and point to the backbone area through a default route. There are four special areas in OSPF, which are divided into two categories, and each category can be further divided into two subcategories.
Set it to The first type of condition – 1. It cannot be a backbone area; 2. It cannot have a virtual link; 3. It cannot have an ASBR device

Front area

The area that satisfies the conditions of the first type of area is called the stub area (STUB)
After a non-backbone area is configured as a stub area, this area will no longer accept Type 4 and Type 5 LSAs, and at the same time, it will automatically generate a default Type 3 pointing to the backbone.

How to configure the remote area
[r5-ospf-1-area-0.0.0.]stub – configure the stub area Note: Once a special area is set, all devices in the area must be set as a special area

[r1] ospf 1
[r1-ospf-1]area 1 --- Enter the area that needs to be a stub area
[r1-ospf-1-area-0.0.0.1]stub --- This command makes this area a stub area, and the local interface belonging to this area will carry a special area mark when sending hello. If the device
············································································································································································… And refuse the entry of other four and five categories.



R1 introduces multiple external network segments as an ASBR. If Area2 is a common area, R3 will inject Type 5 and Type 4 LSAs into this area.
After configuring Area2 as a Stub area

  • R3 does not inject Type 5 and Type 4 LSAs into Area 2.

  • R3 sends a Type 3 LSA describing the default route to Area2. Although the routers in Area2 do not know the specific route to the outside of the AS, they can reach the outside of the AS through the default route.

  • Note: Because the hello packet checks the special area mark when establishing a neighbor relationship, if the special area mark does not match, the neighbor relationship cannot be established. Therefore, it is required that all devices configured in a special area need to perform the same configuration.

Completely Peripheral Region

After setting an area as a stub area, it will still receive Type 3 LSAs from other areas. Since the default route already exists in the area, Type 3 LSAs do not need to be learned. The complete stub area is based on the stub area and further refuses to learn 3 types of LSAs, and only retains 3 types of LSAs by default.

[r1-ospf-1-area-0.0.0.1]stub no-summary
# This command only needs to be executed on the ABR device. After configuration, ABR will deny the entry of other three types of LSAs



When Area2 is configured as a Totally stub area:

  • R3 will not inject Type 5 LSA and Type 4 LSA into Area2;
  • R3 will not inject type 3 LSA into Area 2, but will inject a default route described by type 3 LSA into this area.
  • R5 reaches the AS external network and other OSPF areas through the default route.

NSSA non-peripheral area

The second type of special area: Requirements: 1. It cannot be a backbone area; 2. There cannot be a virtual link in the area; 3. There must be an ASBR. We can configure the area that meets the above requirements as NSSA (non-completely stub area). If an area becomes NASS, it will deny the entry of Type 4 and Type 5 LSAs. In order to access the routing information outside the domain normally, the NSSA area will automatically generate a default class 7 link pointing to the backbone area.

The NSSA area rejects the entry of Type 4 and Type 5, but NASS still needs to complete the task of transmitting external routes, that is, transmitting Type 5 LSAs. Therefore, ASBRs in the NSSA area advertise external routing information through Type 7 LSAs. Class-LSA is actually equivalent to five types of vests. Except for the different names, the information carried is the same. After receiving a Type 7 LSA, the ABR in the NSSA area converts the Type 7 LSA into a Type 5 LSA and advertises it to the backbone area. This ABR is equivalent to an ASBR, and one Type 4 LSA can be reduced in the backbone area.

Note: When performing the seven-to-five conversion, if the routing information carried by the seven types of LSAs can be obtained through the first and second types of LSA checks, the seven-to-five conversion will not be performed.

Type LS ID Notifier Propagation Range Information carried
Type – 1LSA:Router Notifier of all devices running ospf in the ospf domain RID Single area Topology information of local interface direct connection
Type – 2LSA:Network Interface IP of DR RID of DR in MA network Single area Single MA network topology information supplement
Type – 3LSA:Sum-net Route network segment ABR, when forwarded by other ABR, it will be modified to a new ABR Single area Routing information of other areas
Type – 5LSA:External(ase) Extra-domain routing network segment ASBR ospf intra-domain outside-domain routing
Type – 4LSA: Sum-Asbr(summary) ASBR’s RID ABR in the same area as ASBR, when forwarded by other ABR, it is changed to a new ABR OSPF single area except the area where ASBR is located Location information of ASBR
Type – 7LSA:NSSA Extra-domain routing network segment ASBR NSSA Single Area External Domain Routing 
[r4-ospf-1]area 2 --- Enter the area that needs to be NASS
[r4-ospf-1-area-0.0.0.2]nssa --- Configure the area as NSSA, all devices in the special area need to be configured, otherwise the neighbor relationship cannot be established normally

[r3]display ospf lsdb nssa 192.168.0.0 -- View a seven-type LSA

OSPF Process 1 with Router ID 3.3.3.3
Area: 0.0.0.0
Link State Database

Area: 0.0.0.1
Link State Database

  Type : NSSA
  Ls id : 192.168.0.0 --- Extra domain routing network segment
  Adv rtr : 4.4.4.4 --- Advertiser
  Ls age : 70
  Len : 36
  Options : NP Note*
  seq# : 80000002
  chksum: 0x2a14
  Net mask : 255.255.254.0 --- Subnet mask
  TOS 0 Metric: 2 --- seed metric
  E type : 2 --- Metric type
  Forwarding Address : 4.4.4.4Note*
  Tag : 1
  Priority : Low

After an area is configured as an NSSA, although the entry of Type 4 and Type 5 is rejected, the Type 5 issued by the ASBR in this area still enters the area, but the name is changed. This does not seem to reduce the amount of LSA updates, but in fact What NSSA mainly rejects are the four and five types transmitted from the backbone area.

The special mark of LSA header information is (option):
E bit – generally set to 1, which means supporting Type 5 LSA. If it is a special area, it will be set to 0.
N bit – generally set to 0, only set to 1 in the NSSA area, indicating support for type 7 LSAs.
P bit – If it is set to 1, it means that the LSA information supports 7-to-5 conversion.

Forwaing address: The main purpose is to deal with poor routing. If there is no poor route selection for Type 5 LSA, the default forwarding address is 0.0.0.0. If there is no poor route selection for Type 7 LSA by default, it will carry the maximum IP address of the loopback interface of the ASBR. If there is no loopback interface, the IP address of the physical interface will be used as the forwarding address.

In the figure above, R1 and R3 are an AS, running RIP; R2, R2, and R4 are an AS, running OSPF, R1 learns the route of R2 through RIP, redistributes it to OSPF, and R1 publishes a five Class LSA to R2; the advertiser of this five types is R1, if R2 wants to find R3, it will forward the information to R1, but R1, R2, R3 are in the same network segment, and R1 is from G 0/0/0 The port receives the information from R2, and then sends it out from the G 0/0/0 port, resulting in waste of links. Therefore, R1 carries the IP address of the interface whose forwarding address is R3 in the five-type LSA sent to R2, so that R2 does not need to go through R1 when looking for R3.

Note: Once a special area is set, all equipment in the area must be set as a special area
O_NSSA-mark of 7 types of extra-domain routing information, the default priority is also 150

Totally NSSA (totally non-completely peripheral area)


A complete NSSA area can further refuse to learn three types of LSAs, and generate a default type three pointing to the backbone area.

[r1-ospf-1-area-0.0.0.2]nssa no-summary --- Only need to be executed on the ABR device

After the complete NSSA area configuration, a Type 3 default will be automatically generated, and the Type 7 default generated by the NSSA area will be retained. However, since the priority of type 3 LSA is higher than that of type 7 LSA, when adding a table, type 3 will be selected by default to add the table.
Note: After the configuration becomes a complete NSSA area, a three-type default pointing to the backbone will be automatically generated. However, the seven-type default generated by the previous common NSSA area will still be retained, because the OSPF SA Priority, the device will choose to use the default type 3 instead of the default type 7.

(1) The ABR will automatically issue a default route of a Type-3 LSA, and other Type-3 LSAs are prohibited. (2), ABR will automatically issue a default route of Type3 LSA, other Type-3 LSAs are prohibited.

2. Extended configuration of OSPF

1. Manual authentication

During the OSPF data packet exchange process, the datagrams between neighbors will carry the authentication type and authentication password. The authentication type and authentication password on both sides are the same, which means that the identity is legal. There are three types of OSPF manual authentication:

  • Interface Authentication: After the interface is configured, the OSPF datagram sent by the interface will carry the authentication
[r1]interface gigabitethernet 0/0/0 --- Enter the interface that needs to configure authentication
[r2-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456 --- Neighbors need to be configured, otherwise the neighbor relationship cannot be established

ospf authentication-mode authentication type KEY password saved locally password
Authentication types are: null (no authentication); simple (clear text authentication); MD5 (authentication by comparing digest values)
KEY: The KEY between neighbors needs to be the same, and the combination of KEY and password is the authentication password
The password is saved locally in the form: simple (saved in plain text), MD5 (only the digest value is saved)

  • Area authentication: The essence is batch interface authentication. After the area is configured, it is equivalent to configuring interface authentication for the local interfaces belonging to the area.
[r1] ospf 1
[re-ospf-1]area 2 --- Enter the area that needs to configure area authentication
[r1-ospf-1-area-0.0.0.2] authentication-mode md5 1 cipher 123456
  • Virtual link authentication: The authentication performed during the process of establishing a virtual link is actually interface authentication in essence.
[r1-ospf-1-area-0.0.0.1]vlink-peer 2.2.2.2 md5 1 cipher 123456

2. Speed up convergence

To accelerate convergence, modify OSPF timers, such as hello time, dead time, Wating time, poll, Retransmit, Trasmit Delay and other timers.

  • hello time: After modifying the hello time, the dead time will automatically match four times the hello time
[r1]interface g 0/0/0 --- Modify the timer on the interface because OSPF works independently on the interface
[r1-GigabitEthernet0/0/0]ospf timer hello 5 --- Neighbors also need to be configured after configuration, otherwise the neighbor relationship cannot be established
  • dead time: If the dead time is modified, the hello time will not change accordingly.
[r1-GigabitEthernet0/0/0] ospf timer dead 20
  • Waiting time (waiting timer): Refers to the length of time that the router waits for the hello message from the neighbor router to announce the DR and BDR before starting to select the DR and BDR. The waiting time and dead time are equal in size and cannot be modified directly. After the dead time is modified, the waiting time will be modified synchronously.
  • Poll (polling time): In the NBMA network, when a party manually specifies a neighbor, it will send a hello packet to the other party. If it still does not receive the hello packet from the other party within 120s, it will be considered that the other party is down state. Even if it thinks that the other party is in the down state, it will send a hello packet to the other party after a period of time. This time is the polling time, and the default is 120s.
[r2-GigabitEthernet0/0/0]ospf timer poll ?
  INTEGER<1-3600> Second(s)
  • Retransmit (retransmission time): The default is 5s. When the device datagram needs to be confirmed, and the other party Meiyo replies with a confirmation packet within the retransmission time, the data will be resent.
[r2-GigabitEthernet0/0/0]ospf timer retransmit?
  INTEGER<1-3600> Second(s)
  • Transmit Delay: The default is 1s, which is related to the aging time of the LSA. The aging time of the LSA is constantly increasing, but the aging time of the LSA is sent from the local link during the link transmission. It will not increase, which leads to inconsistencies in the aging time of LSAs between neighbors, so the device will add a transmission delay time when sending out LSAs to ensure that the aging time of LSAs received by neighbors is consistent with that of the local one.
[r2-GigabitEthernet0/0/0]ospf trans-delay?
  INTEGER<1-500> Second(s)

3. Silent interface

After an interface is declared, the interface will activate the function of sending and receiving OSPF packets, and the interface connected to the user network segment will only cause the link to be occupied when sending OSPF packets. Therefore, it is necessary to configure silent interfaces on the interfaces connected to users so that these interfaces Receive data without sending OSPF.

[r1-ospf-1] silent-interface GigabitEthernet 0/0/2

Note: In RIP, a silent interface will not send multicast RIP multicast packets, but can send RIP unicast packets. The silent interface of OSPF takes effect on both unicast packets and multicast packets, so it cannot be used in some special scenarios in combination with unicast neighbors like RIP.

Default route

OSPF default routes can be divided into three types: three types of defaults, five types of defaults, and seven types of defaults.

default type generation method features
Three types of default Only when special areas are configured (stub area, complete stub area, complete NSSA area) will be automatically generated The protocol type in the routing table: OSPF, default priority: 10 The protocol type in the routing table: O_ASE, the default priority: 150
Seven types of default There are two ways to generate, one is automatically generated by the same special area (NSSA and complete NSSA), and the other is obtained through command configuration in the routing table Protocol type: O_NSSA, default priority: 150
  • Five types of default delivery
[r1-ospf-1]default-route-advertise --- In the case of a local default route, re-advertise the default route to OSPF

[r1-ospf-1]default-route-advertise always -- If there is no default route generated by other protocols in the local routing table, you can force it by adding the always parameter
  • Seven types of default distribution, seven types of defaults can be automatically distributed through special areas, but in some special cases need to be issued through commands.
[r1-ospf-1]area 1 --- enter NSSA area
[r1-ospf-1-area-0.0.0.1]nssa default-route-advertise

4. Route filtering

OSPF can filter for types 3, 5, and 7, even if ABR and ASBR cannot advertise specific routing information

[r1-ospf-1]area 1 --- Enter the area where the routing network segment needs to be filtered
[r1-ospf-1-area-0.0.0.1]abr-summary 192.168.0.0 255.255.252.0 not-advertise --- So that the three types of LSAs belonging to this network segment will not be advertised. This network segment can be either summary or Make detailed routing.

Filtering for type 3 LSAs – detailed routes can also be filtered by this method;
Note: Five types and seven types of LSAs can also be filtered in a similar way.

[r1-ospf-1]asbr-summary 192.168.0.0 255.255.255.0 not-advertise --- The three types of LSAs belonging to this network segment will not be advertised.

5. Routing control

By modifying the priority and cost value of the route, the desired route selection has been achieved.

5.1 Modify priority

The following two methods of modifying the priority only affect the priority of routing entries in the local routing table.

[r1-ospf-1]preference 50

This command mainly affects the routing information obtained by Type 1, Type 2, and Type 3 LSAs. The type field is: the priority of OSPF routes.

[r1-ospf-1]preference ase 100

This command mainly affects the routing information obtained by Type 5 and Type 7 LSAs.

5.2 Modify cost value

The algorithm of OSPF overhead is reference bandwidth/actual bandwidth, the larger the actual bandwidth, the smaller the overhead value. We can control the route selection by modifying the reference bandwidth and actual bandwidth or directly modifying the cost value of an interface.

  • By modifying the reference bandwidth, the overhead value is affected. The default reference bandwidth of Huawei equipment is 100M. Once the reference bandwidth is modified, the overhead values of all interfaces will change, and the modification of the reference loan requires that the reference bandwidth of all devices in the network require that the reference bandwidth of all devices in the network need to be modified to be the same. , so although this method can affect the cost value, it does not affect the route selection.
[r1] ospf 1
[r1-ospf-1] bandwidth-reference 1000
  • Modify the actual bandwidth of the interface. After the link is connected, the interfaces at both ends will conduct bandwidth negotiation to ensure that the sending and receiving bandwidths of both ends are consistent. The negotiation result is usually the minimum value among the maximum bandwidths of the interfaces at both ends. We can also turn off negotiation and directly specify the interface bandwidth.
[r1]interface g 0/0/0
[r1-GigabitEthernet0/0/0]undo negotiation auto --- Turn off auto-negotiation, note: this command needs to restart the interface to take effect
[r1-GigabitEthernet0/0/0]speed ? --- modify the bandwidth of the interface, note that the bandwidth of the interface can only be changed to a smaller size and not larger
10 10M port speed mode
100 100M port speed mode
1000 1000M port speed mode
  • Directly modify the cost value of the interface. Since modifying the parameterized bandwidth cannot affect the route selection, modifying the actual bandwidth can only reduce the transmission rate of the interface, so we can directly modify the interface overhead value.
[r1]interface gigabitEthernet0/0/0 --- Enter the interface whose overhead value needs to be modified. Can be a loopback interface
[r3-GigabitEthernet0/0/0] ospf cost 10

The OSPF overhead value is calculated as the overhead value of the control plane traffic inbound interface

3. OSPF routing principles

OSPF selects routes based on LSA information. The six types of LSA we have learned can be divided into inter-domain routing (type 1 and type 2 LSAs), inter-domain routing (type 3 LSAs) and extra-domain routing (type 5 and type 7 LSAs). Different types of LSAs carry the same routing information. How will OSPF choose? If two LSAs of the same type carry the same routing information, how will OSPF choose?

1. Comparison of LSAs of the same type

  • If the learned routes are intra-domain routes obtained through Type 1 and Type 2 LSAs – in this case, compare the cost values directly, and choose the route with the lowest cost value first. If the cost values of the two routes are the same , then the load is balanced.
  • If the learned routes are inter-domain routes obtained through Type 3 LSAs – in this case, the cost value is directly compared, and the route with the lower cost value is preferred. If the cost values of the two routes are the same, then Load balancing.

Routing principles of type 2, type 5 and type 7 LSA

  • On Huawei equipment, Type 5 and Type 7 LSAs can be regarded as Type 1 LSAs. According to the calculation rules of the cost value, it is also divided into type 1 and type 2
  • There is a preference rule between Type 1 and Type 2: Type 1 is always better than Type 2.
  • The route selection principle of Type 5 LSA and Type 7 LSA Type 2: first compare the seed metric value, and select the one with the smaller seed metric value; If the accumulated overhead value along the route is also the same, the load will be balanced.
  • The route selection principle of Type 5 LSA and Type 7 LSA type 1: Compare the total cost value (that is, the sum of the seed metric and the en route metric), select the one with the smaller total cost value, and load balance if they are the same.

3. Comparison of different LSAs

Priority: Intra-domain routing > Inter-domain routing > External routing, when the same routing information is learned through different routes. Choose the one with the higher priority, regardless of the cost value. Type 5 and Type 7 in extra-domain routing can be regarded as one type, and the load will be balanced when the cost value is the same.