feeds2read
  Home  RSS Directory  F.A.Q  Try Custom Feed  Sonneries Portable  
Latest Flows from this sub-category:
Free Ebooks Download - Download Free Ebooks

RChase Computer Consulting

bitmindframes

data recovery blog, hard drive recovery utility,access repair tips, data recovery software resources

TutorialPro.net - General RSS Feeds - All Categories

CCNA Blog

Belajar SEO

Impart Labs - Complete Training Solutions

SurfnLearn.com: Latest 20 Tutorials

Diverse Technology Solutions

random selection from this sub-category:
Business Cards on the Web

Blogger Buster

TutorialPro.net - General RSS Feeds - All Categories

Tricks for New Bloggers

Windows XP Vista Tips and IT Knowledge Network Wireless

Fair Backup

1001 Checkmate Styles

Creative E-MU Encyclopaedia

Jhuo's blog

Belajar SEO
Rss Directory > Computer > Tutorials > Impart Labs - Complete Training Solutions


Impart Labs is a personal vlog which is intended to provide simple and interactive Training Products which are best suited for Individuals who need Practical Skills for a Competitive World.
 
  Fri, 06 Jun 2008 07:04:00 +0200
ARTICLES
+ Updates
In the following month we would be following our review on the OSPF routing protocol and discovering the potential outcome on configuring stub networks and areas for OSPF networks.
+ OSPF ConFiguration
Open Shortest Path Protocol is one of the most widely used routing protocols introduced for optimal packet routing in IP networks, in this article we would be reviewing the configuration of OSPF in a virtual environment using VMware Workstation and Vyatta OFR.(PDF Available for download) read more
+ Scratch Subnetting
In this article we would be commonly reviewing classful IPv4 Subnetting, Virtual Length Subnet Masking (VLSM) , Classless Inter Domain Routing (CIDR), Route Aggregation and Summarization and a quick summary on the history of IPv4 addresses.(PDF Available for download) read more
upcoming videos
+ Scratch Subnetting
Impart Labs - Scratch Subnetting
+ VMware Workstation 6.0
VMware Workstation 6.0
[announcement]
Following the huge response we had on the Windows Workgroup video, users were asking for a complementary video explaining the concepts of ip addressing in a small sized environment covering less than ten workstations such as a workgroup. read more
  Fri, 21 Mar 2008 11:32:00 +0100
OSPF Network Scenario

Figure 1 - Network Scenario


In cases which we cannot have all of our areas directly attached to the backbone area we accomplish this by creating a virtual link from that area through another area which is directly connected to the backbone area, for example in this scenario we have 3 different areas whereas area 2 is not connected directly to the backbone, with certain configurations we would be able to convert area 1 to a transit area so that area 2 would be directly virtually connected to the backbone area zero, routing updates in the transit area are tunneled while data packets are sent over the medium natively without no tunneling overhead, note that ospf transit areas cannot be implemented on any kind of stub areas e.g. totally stub, normal stub, NSSA areas.

Configuring the virtual link should be done on routers which have connectivity to backbone area and the area which is not connected directly to the backbone, in this case R2 is the router connected to the backbone and R5 is connected to area 2 which is not connected to the backbone area.

vyatta@v5# configure
vyatta@v5# set protocols ospf area 1 virtual-link 127.2.2.2
vyatta@v5# commit
vyatta@r2# configure
vyatta@r2# set protocols ospf area 1 virtual-link 127.5.5.5
vyatta@r2# commit

Make sure that after you make the configurations the state of R5 reads area border router and if it doesn’t check for your configurations.
vyatta@v5:~$ show ip ospf
OSPF Routing Process, Router ID: 127.5.5.5
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 31m54s ago
SPF timer is inactive
Refresh timer 10 secs
This router is an ABR, ABR type is: Alternative Cisco
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 3
Adjacency changes are logged

Execute the ospf neighbor command on r2 and r5 to view the new virtual link that is created between r2 and r5
Both routers believe that they access each other over a virtual interface (VLINK0) additional to the ethernet connections.

vyatta@v5:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.2.2.2 1 Full/Backup 34.675s 50.50.50.2 eth0:50.50.50.5 0 0 0
127.4.4.4 1 Full/Backup 35.059s 20.20.20.4 eth1:20.20.20.5 0 0 0
127.2.2.2 1 Full/DROther 36.751s 50.50.50.2 VLINK0

vyatta@r2:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DROther 31.386s 10.10.10.1 eth0:10.10.10.2 0 0 0
127.3.3.3 1 Full/DR 34.691s 10.10.10.3 eth0:10.10.10.2 0 0 0
127.5.5.5 1 Full/DR 36.239s 50.50.50.5 eth1:50.50.50.2 0 0 0
127.5.5.5 1 Full/DROther 38.383s 50.50.50.5 VLINK0 0 0 0

Let’s take a look at our OSPF databases:
As you see R1 believes that r2, r3 and r5 are connected to the backbone area and they have advertised router link states in this area, apart from r1, r2 and r3 reside in this area but r5 is connected to this virtually through the transit area we configured on area 1. It also has received some summary type 3 LSA’s form R2 and R5 the area border routers which connect area 2 and 1 to area 0.

vyatta@r3:~$ show ip ospf database
OSPF Router with ID (127.3.3.3)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 23 0x8000000c 0xb544 1
127.2.2.2 127.2.2.2 1353 0x8000000f 0x4765 2
127.3.3.3 127.3.3.3 25 0x80000005 0x737f 1
127.5.5.5 127.5.5.5 1358 0x80000002 0x9374 1
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 20 0x80000003 0xb564
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 1392 0x80000001 0x1870 20.20.20.0/24
50.50.50.0 127.2.2.2 365 0x80000002 0x191d 50.50.50.0/24
50.50.50.0 127.5.5.5 1392 0x80000001 0xdb52 50.50.50.0/24
60.60.60.0 127.5.5.5 1392 0x80000001 0xd62f 60.60.60.0/24

R4 still remains with the same LSA entries and believes that R5 is its only neighbor, it also has received some summary link states from R5 which is acting as the area border router between area 0 and 2 through the transit area.

vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 0.0.0.2)
Link ID ADV Router Age Seq# CkSum Link count
127.4.4.4 127.4.4.4 1625 0x80000007 0xfdde 2
127.5.5.5 127.5.5.5 1471 0x80000004 0x9610 1
Net Link States (Area 0.0.0.2)
Link ID ADV Router Age Seq# CkSum
20.20.20.5 127.5.5.5 1626 0x80000001 0xbeb1
Summary Link States (Area 0.0.0.2)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.5.5.5 321 0x80000002 0xe3b7 10.10.10.0/24
50.50.50.0 127.5.5.5 1473 0x80000001 0xdb52 50.50.50.0/24

Finally let’s take a look at the ospf database of r2 and the new generated LSA’s:

vyatta@v5:~$ show ip ospf database
OSPF Router with ID (127.5.5.5)
Router Link States (Area 0.0.0.0)  ++++++++++++++++++++++++++++++++++++
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 398 0x8000000c 0xb544 1
127.2.2.2 127.2.2.2 1726 0x8000000f 0x4765 2
127.3.3.3 127.3.3.3 401 0x80000005 0x737f 1
127.5.5.5 127.5.5.5 1730 0x80000002 0x9374 1
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 396 0x80000003 0xb564
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 372 0x80000002 0x1671 20.20.20.0/24
50.50.50.0 127.2.2.2 739 0x80000002 0x191d 50.50.50.0/24
50.50.50.0 127.5.5.5 1764 0x80000001 0xdb52 50.50.50.0/24
60.60.60.0 127.5.5.5 1764 0x80000001 0xd62f 60.60.60.0/24
Router Link States (Area 0.0.0.1) ++++++++++++++++++++++++++++++++++++
Link ID ADV Router Age Seq# CkSum Link count
127.2.2.2 127.2.2.2 1731 0x80000007 0x24db 1
127.5.5.5 127.5.5.5 1730 0x80000005 0xaf3d 1
Net Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq# CkSum
50.50.50.5 127.5.5.5 117 0x80000002 0x4ad0
Summary Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.2.2.2 2197 0x80000001 0xc0ee 10.10.10.0/24
20.20.20.0 127.5.5.5 502 0x80000002 0x1671 20.20.20.0/24
60.60.60.0 127.5.5.5 1764 0x80000001 0xd62f 60.60.60.0/24
Router Link States (Area 0.0.0.2) ++++++++++++++++++++++++++++++++++++
Link ID ADV Router Age Seq# CkSum Link count
127.4.4.4 127.4.4.4 119 0x80000008 0xfbdf 2
127.5.5.5 127.5.5.5 1762 0x80000004 0x9610 1
Net Link States (Area 0.0.0.2)
Link ID ADV Router Age Seq# CkSum
20.20.20.5 127.5.5.5 116 0x80000002 0xbcb2
Summary Link States (Area 0.0.0.2)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.5.5.5 612 0x80000002 0xe3b7 10.10.10.0/24
50.50.50.0 127.5.5.5 1764 0x80000001 0xdb52 50.50.50.0/24

As you see based on the configurations we made r5 is now directly virtually tunneled to the backbone area thus LSA entries for area 0 have been added to our database. This router is now known as an area border router and is injecting summary routes to its attached network into the backbone area.
  Thu, 20 Mar 2008 11:28:00 +0100
OSPF Network Scenario

Figure 1 - Network Scenario

We made a bit of changes to our network scenario, follow the changes and proceed ahead to the configurations for the NSSA area.
This could get probably really confusing but to prevent that let’s just make a review on what kind of areas we could define in an ospf network.
Normal areas: normal ospf areas which have no limitations, all advertised routes are accepted in this type of area.
Stub areas: no type 5 autonomous system LSA’s are allowed to be advertised in this area, we’re also not allowed to have ASBR’s defined in this area.
Totally Stub area: additional to type 5 LSA’s (not allowed in stub areas), type 3 (ABR Summary LSA’s) and type 4 LSA’s (ASBR summary LSA’s) are not allowed to propagate into this area.
Not So Stubby area (NSSA): no type 5 LSA’s (ASBR external LSA’s) are allowed but type 7 LSA’s (NSSA external LSA’s) are allowed to be translated into type 5 (ABR external LSA’s) and traverse the ABR router.
Totally Not So Stubby area (TNSSA): no type 5 LSA’s (ASBR external LSA’s), no type 3 (ABR Summary LSA’s) and finally no type 4 LSA’s (ASBR summary LSA’s) are allowed to propagate into this area but type 7 LSA’s (NSSA external LSA’s) are allowed to be translated into type 5 (ABR external LSA’s) and traverse the ABR router.
From where we configured stub areas we were not able to have any autonomous system border router included to our stub areas and we were also not able to advertise ASBR external LSA’s into the stub area, to overcome these limitations the not so stubby area was introduced in the RFC 1587 so that we could have kept the specifications of a stub area while we could have inserted the type 5 LSA’s we needed into the area in a limited fashion. In this case we are still not able to redistribute type 5 external routes but instead the NSSA ASBR would create a new generation of LSA’s called type 7 LSA’s where after on at the NSSA-ABR (R2) these routes would be translated back to type 5 LSA’s and would be redistributed into the OSPF network in the 0.0.0.0 area.
In this chapter we would only be configuring the TNSSA area, the NSSA is just simply the same with the difference that the summary LSA’s show up in the ospf database but in the case of TNSSA the default route of 0.0.0.0 would be replaced instead of all the summary type 3 and type 4 LSA’s.
To get a better view the following ospf databases would show the change before the configurations and after we configure the 1.1.1.1 as a NSSA area.
Let’s take a look at R1, R2 and also R5 ospf databases.

vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1377 0x80000003 0x1a4c 2
127.2.2.2 127.2.2.2 1374 0x80000003 0xf466 2
127.3.3.3 127.3.3.3 1376 0x80000004 0xee62 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1376 0x80000002 0xb763
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
50.50.50.0 127.2.2.2 448 0x80000001 0x1b1c 50.50.50.0/24
127.5.5.5 127.2.2.2 433 0x80000001 0x6fc5 127.5.5.5/32
ASBR-Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
127.5.5.5 127.2.2.2 433 0x80000001 0xfc41
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 242 0x80000001 0xf3ff E2 20.20.20.0/24 [0x0]
60.60.60.0 20.20.20.5 1376 0x80000002 0x3196 E2 60.60.60.0/24 [0x0]
60.60.60.0 127.5.5.5 445 0x80000001 0x4e2d E2 60.60.60.0/24 [0x0]


In our ospf database on R1 we have AS external link states already generated by the ASBR (R5), since R5 is our autonomous system border router and since we already have configured R5 to redistribute connected and also RIP routes it would be advertising these type of LSA’s into our 0.0.0.0 area, later on after we configure 1.1.1.1 as the TNSSA area these link states would be advertised by R2, in better words the external routes injected into the 1.1.1.1 by R5 would be translated into type 5 LSA’s by the TNSSA area border router.

Let’s take a look at R2:

vyatta@r2:~$ show ip ospf database
OSPF Router with ID (127.2.2.2)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1424 0x80000003 0x1a4c 2
127.2.2.2 127.2.2.2 1420 0x80000003 0xf466 2
127.3.3.3 127.3.3.3 1423 0x80000004 0xee62 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1423 0x80000002 0xb763
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
50.50.50.0 127.2.2.2 494 0x80000001 0x1b1c 50.50.50.0/24
127.5.5.5 127.2.2.2 479 0x80000001 0x6fc5 127.5.5.5/32
ASBR-Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
127.5.5.5 127.2.2.2 479 0x80000001 0xfc41

Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.2.2.2 127.2.2.2 488 0x80000006 0x1aea 1
127.5.5.5 127.5.5.5 489 0x80000003 0xd573 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
50.50.50.5 127.5.5.5 490 0x80000001 0x4ccf
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.2.2.2 208 0x80000002 0xbeef 10.10.10.0/24
127.1.1.1 127.2.2.2 1420 0x80000001 0xf34d 127.1.1.1/32
127.3.3.3 127.2.2.2 1420 0x80000001 0xb189 127.3.3.3/32
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 287 0x80000001 0xf3ff E2 20.20.20.0/24 [0x0]
60.60.60.0 20.20.20.5 1422 0x80000002 0x3196 E2 60.60.60.0/24 [0x0]
60.60.60.0 127.5.5.5 490 0x80000001 0x4e2d E2 60.60.60.0/24 [0x0]

Since we yet haven’t configured the area 1.1.1.1 as a TNSSA area we still have summary link states in our R2 ospf database, and as we mentioned before the AS external routes are advertised by R5.
Let’s take a look at R5 (same description goes for R5 as well):

vyatta@v5:~$ show ip ospf database
OSPF Router with ID (127.5.5.5)
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.2.2.2 127.2.2.2 576 0x80000006 0x1aea 1
127.5.5.5 127.5.5.5 576 0x80000003 0xd573 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
50.50.50.5 127.5.5.5 576 0x80000001 0x4ccf
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.2.2.2 296 0x80000002 0xbeef 10.10.10.0/24
127.1.1.1 127.2.2.2 6 0x80000002 0xf14e 127.1.1.1/32
127.3.3.3 127.2.2.2 1508 0x80000001 0xb189 127.3.3.3/32
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 374 0x80000001 0xf3ff E2 20.20.20.0/24 [0x0]
60.60.60.0 20.20.20.5 1509 0x80000002 0x3196 E2 60.60.60.0/24 [0x0]
60.60.60.0 127.5.5.5 576 0x80000001 0x4e2d E2 60.60.60.0/24 [0x0]

Let’s make the configurations and see the changes:

vyatta@v5# configure
vyatta@v5# set protocols ospf area 1.1.1.1 area-type nssa no-summary
vyatta@v5# commit

vyatta@r2# configure
vyatta@r2# set protocols ospf area 1.1.1.1 area-type nssa no-summary
vyatta@r2# commit


Let’s see the changes (if your ospf database doesn’t read what’s written below be patient there are possibly some routes which would age out after an hour 3600s):

vyatta@r2:~$ show ip ospf database
OSPF Router with ID (127.2.2.2)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1180 0x80000005 0x164e 2
127.2.2.2 127.2.2.2 1277 0x80000005 0xf660 2
127.3.3.3 127.3.3.3 1180 0x80000006 0xea64 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1180 0x80000004 0xb365
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
50.50.50.0 127.2.2.2 1484 0x80000002 0x191d 50.50.50.0/24
127.5.5.5 127.2.2.2 172 0x80000003 0x6bc7 127.5.5.5/32
ASBR-Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
127.5.5.5 127.2.2.2 1033 0x80000002 0xfa42

Router Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Link count
127.2.2.2 127.2.2.2 1275 0x8000000a 0xbd3b 1
127.5.5.5 127.5.5.5 1276 0x80000007 0x73cb 2
Net Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum
50.50.50.5 127.5.5.5 1281 0x80000002 0xef25
Summary Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
0.0.0.0 127.2.2.2 833 0x80000002 0xebeb 0.0.0.0/0
NSSA-external Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 1274 0x80000003 0x99bf E2 20.20.20.0/24 [0x0]
60.60.60.0 127.5.5.5 1114 0x80000004 0xf1ed E2 60.60.60.0/24 [0x0]
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.2.2.2 1273 0x80000003 0x6dfe E2 20.20.20.0/24 [0x0]
60.60.60.0 127.2.2.2 1113 0x80000004 0xc52d E2 60.60.60.0/24 [0x0]

On R2 the summary link states have been removed and instead a default route of 0.0.0.0 has been replaced (we expected this to happen since in a totally not so stubby area ospf summary link states are replaced by the default route – using the no summary parameter excludes these routes), we also have generated new NSSA-external link stated which are normally generated by the ASBR (R5), and we also have generated two similar routes to what we had in the previous entries of our database but with a little difference where they are advertised by the TNSSA border router (R2), as we stated, the link states injected by the ASBR into the 1.1.1.1 area once they get to the TNSSA ABR are translated back to type 5 LSA’s and are advertised to the 0.0.0.0 backbone area.

Let’s take a look at R1:

vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1276 0x80000005 0x164e 2
127.2.2.2 127.2.2.2 1375 0x80000005 0xf660 2
127.3.3.3 127.3.3.3 1276 0x80000006 0xea64 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1276 0x80000004 0xb365
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
50.50.50.0 127.2.2.2 1581 0x80000002 0x191d 50.50.50.0/24
127.5.5.5 127.2.2.2 270 0x80000003 0x6bc7 127.5.5.5/32
ASBR-Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
127.5.5.5 127.2.2.2 1130 0x80000002 0xfa42
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.2.2.2 1371 0x80000003 0x6dfe E2 20.20.20.0/24 [0x0]
60.60.60.0 127.2.2.2 1211 0x80000004 0xc52d E2 60.60.60.0/24 [0x0]

As you see on R1 we no longer have our AS external link states generated by the R5 ASBR router instead they are advertised as type 5 LSA’s while translated from type 7 LSA’s into the 0.0.0.0 area (these LSA’s are self originated by the ABR router, in order to view the self originated routes by the router run the show ip ospf database command with the self originate parameter) .

Let’s take a look at R5:

vyatta@v5:~$ show ip ospf database
OSPF Router with ID (127.5.5.5)
Router Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Link count
127.2.2.2 127.2.2.2 461 0x8000000c 0x9b5e 1
127.5.5.5 127.5.5.5 450 0x80000008 0x2f12 2
Net Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum
50.50.50.2 127.2.2.2 461 0x80000001 0x4fd2
Summary Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
0.0.0.0 127.2.2.2 1711 0x80000002 0xebeb 0.0.0.0/0
NSSA-external Link States (Area 1.1.1.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.5.5.5 455 0x80000005 0x95c1 E2 20.20.20.0/24 [0x0]
60.60.60.0 127.5.5.5 455 0x80000006 0xedef E2 60.60.60.0/24 [0x0]
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 20.20.20.5 3600 0x80000001 0xd868 E2 20.20.20.0/24 [0x0]
20.20.20.0 127.5.5.5 455 0x80000005 0xeb04 E2 20.20.20.0/24 [0x0]
60.60.60.0 127.5.5.5 455 0x80000006 0x4432 E2 60.60.60.0/24 [0x0]

On R5 we have both type 5 and also type 7 LSA’s the type 5 LSA’s are self originated by the router itself (shown as AS-external Link States) but are injected as type 7 LSA’s into the 1.1.1.1 TNSSA area (these routes are self originated and advertised in the 1.1.1.1 area).
What we just configured was a totally not so stubby area, since we added the no-summary option to the NSSA area, the summary routes area replaced by the 0.0.0.0 default route and the area is considered to be a totally not so stubby area, to regenerate the summary type 3 and type 4 link states remove the no-summary parameter and only configure the area as a NSSA area.
You could also manage the translation process by using the following commands:

vyatta@v5# set protocols ospf area 1.1.1.1 area-type nssa translate
possible completions:
always Configure NSSA-ABR to always translate
candidate Configure NSSA-ABR for translate election (default)
never Configure NSSA-ABR to never translate


CONTINUE TO PART 9 - VIRTUAL LINKS
  Wed, 19 Mar 2008 11:25:00 +0100
OSPF Network Scenario

Figure 1 - Network Scenario

Well first we changed our configuration based on the network scenario provided up above the only fact is that we yet have not defined the area 1.1.1.1 as a stub network so before we do that lets just take a look out our databases on r2 and r5.
On R5:
vyatta@v5:~$ show ip ospf database
OSPF Router with ID (50.50.50.5)
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
50.50.50.5 50.50.50.5 553 0x80000003 0x7db6 2
127.2.2.2 127.2.2.2 559 0x80000004 0xff0a 1
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
50.50.50.2 127.2.2.2 559 0x80000002 0xbe5b
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.2.2.2 243 0x80000002 0xbeef 10.10.10.0/24
127.1.1.1 127.2.2.2 423 0x80000002 0xf14e 127.1.1.1/32
127.3.3.3 127.2.2.2 263 0x80000002 0xaf8a 127.3.3.3/32
ASBR-Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
127.3.3.3 127.2.2.2 623 0x80000002 0x3d06
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 20.20.20.3 3296 0x80000001 0xe45e E2 20.20.20.0/24 [0x0]
20.20.20.0 127.3.3.3 1359 0x80000004 0x18de E2 20.20.20.0/24 [0x0]
60.60.60.0 127.3.3.3 1407 0x80000004 0x720c E2 60.60.60.0/24 [0x0]

This is the router which is going to be acting as the interior router in the stub area, based on the changes and configurations we make to this area the ospf database belonging to this router would change relevantly. In the following lines you see the current ospf routes including the network inter-area routes advertised by r2 which namely is the ABR between the 0.0.0.0 and 1.1.1.1 areas.

vyatta@v5:~$ show ip ospf route
============ OSPF network routing table ============
N IA 10.10.10.0/24 [20] area: 1.1.1.1
via 50.50.50.2, eth0
N 50.50.50.0/24 [10] area: 1.1.1.1
directly attached to eth0
N IA 127.1.1.1/32 [30] area: 1.1.1.1
via 50.50.50.2, eth0
N IA 127.3.3.3/32 [30] area: 1.1.1.1
via 50.50.50.2, eth0
============ OSPF router routing table =============
R 127.2.2.2 [10] area: 1.1.1.1, ABR
via 50.50.50.2, eth0
R 127.3.3.3 IA [20] area: 1.1.1.1, ASBR
via 50.50.50.2, eth0
============ OSPF external routing table ===========
N E2 20.20.20.0/24 [20/20] tag: 0
via 50.50.50.2, eth0
N E2 60.60.60.0/24 [20/20] tag: 0
via 50.50.50.2, eth0

vyatta@v5:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O>* 10.10.10.0/24 [110/20] via 50.50.50.2, eth0, 00:40:00
O>* 20.20.20.0/24 [110/20] via 50.50.50.2, eth0, 00:39:59
O 50.50.50.0/24 [110/10] is directly connected, eth0, 00:40:05
C>* 50.50.50.0/24 is directly connected, eth0
O>* 60.60.60.0/24 [110/20] via 50.50.50.2, eth0, 00:39:59
O>* 127.1.1.1/32 [110/30] via 50.50.50.2, eth0, 00:40:00
O>* 127.3.3.3/32 [110/30] via 50.50.50.2, eth0, 00:40:00
C>* 127.5.5.0/24 is directly connected, lo

vyatta@r2:~$ show ip ospf database
OSPF Router with ID (127.2.2.2)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1561 0x80000005 0x164e 2
127.2.2.2 127.2.2.2 786 0x80000007 0xec6a 2
127.3.3.3 127.3.3.3 1559 0x80000004 0xf45a 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1559 0x80000003 0xb564
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
50.50.50.0 127.2.2.2 804 0x80000002 0x191d 50.50.50.0/24
127.5.5.5 127.2.2.2 1385 0x80000002 0x6dc6 127.5.5.5/32
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
50.50.50.5 50.50.50.5 667 0x80000003 0x7db6 2
127.2.2.2 127.2.2.2 671 0x80000004 0xff0a 1
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
50.50.50.2 127.2.2.2 671 0x80000002 0xbe5b
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.2.2.2 354 0x80000002 0xbeef 10.10.10.0/24
127.1.1.1 127.2.2.2 534 0x80000002 0xf14e 127.1.1.1/32
127.3.3.3 127.2.2.2 374 0x80000002 0xaf8a 127.3.3.3/32
ASBR-Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
127.3.3.3 127.2.2.2 734 0x80000002 0x3d06
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 20.20.20.3 3408 0x80000001 0xe45e E2 20.20.20.0/24 [0x0]
20.20.20.0 127.3.3.3 1470 0x80000004 0x18de E2 20.20.20.0/24 [0x0]
60.60.60.0 127.3.3.3 1518 0x80000004 0x720c E2 60.60.60.0/24 [0x0]
vyatta@r2:~$ show ip ospf route
============ OSPF network routing table ============
N 10.10.10.0/24 [10] area: 0.0.0.0
directly attached to eth0
N 50.50.50.0/24 [10] area: 1.1.1.1
directly attached to eth1
N 127.1.1.1/32 [20] area: 0.0.0.0
via 10.10.10.1, eth0
N 127.3.3.3/32 [20] area: 0.0.0.0
via 10.10.10.3, eth0
N 127.5.5.5/32 [20] area: 1.1.1.1
via 50.50.50.5, eth1

============ OSPF router routing table =============
R 127.3.3.3 [10] area: 0.0.0.0, ASBR
via 10.10.10.3, eth0

============ OSPF external routing table ===========
N E2 20.20.20.0/24 [10/20] tag: 0
via 10.10.10.3, eth0
N E2 60.60.60.0/24 [10/20] tag: 0
via 10.10.10.3, eth0

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:58:23
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.3, eth0, 00:57:33
O 50.50.50.0/24 [110/10] is directly connected, eth1, 00:44:41
C>* 50.50.50.0/24 is directly connected, eth1
O>* 60.60.60.0/24 [110/20] via 10.10.10.3, eth0, 00:57:33
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:57:34
C>* 127.2.2.0/24 is directly connected, lo
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:57:34
O>* 127.5.5.5/32 [110/20] via 50.50.50.5, eth1, 00:42:39

In the previous scenario where we defined the asbr connecting to different autonomous systems together
We had connectivity from the ospf network to all interfaces of the rip network only because we redistributed rip routes to our ospf network on the r3 router
But here is the tricky part: the only reason we had connectivity from the rip network to the ospf network (although we didn’t redistribute ospf routes into the rip network)is that while we configured r3 to be the ASBR the only and only ospf network which was the 10.10.10.0 was attached directly to r3 so when we turned on rip on its other interface the route to that network was distributed as a rip route on the rip network whereas if we had another network such as the 60.60.60.0 network like the scenario we have right now connectivity back and forth to the rip network wouldn’t have been possible, therefore in order to establish the connectivity between the new network and the rip network we have to redistributed the ospf routes to the rip network as well.

vyatta@r3# set protocols rip redistribute ospf

Let’s check for connectivity form R5 to the RIP network.

vyatta@v5:~$ ping 60.60.60.4
PING 60.60.60.4 (60.60.60.4) 56(84) bytes of data.
64 bytes from 60.60.60.4: icmp_seq=1 ttl=62 time=10.1 ms
64 bytes from 60.60.60.4: icmp_seq=2 ttl=62 time=5.05 ms
64 bytes from 60.60.60.4: icmp_seq=3 ttl=62 time=4.61 ms
64 bytes from 60.60.60.4: icmp_seq=4 ttl=62 time=4.23 ms
64 bytes from 60.60.60.4: icmp_seq=5 ttl=62 time=4.30 ms
--- 60.60.60.4 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 4.233/5.680/10.192/2.275 ms

Now we have connectivity! Keep in mind that we yet have not configured the stub network were just preparing for complete connectivity over the network.
Let’s configure the area 1.1.1.1 as a stub area both on r2 and r5, make sure that you make the configurations on both of the routers so that when they want to exchange routes they would be able to realize each other that they reside in a stub area , when they exchange routes there’s a certain flag which shows that you’re residing in a stub area , so in order for them to become stub neighbors they have to be both configured as stub areas in the ospf configuration.

vyatta@v5# set protocols ospf area 1.1.1.1 area-type stub
vyatta@r2# set protocols ospf area 1.1.1.1 area-type stub

Now let’s take a look at our information on r2 and r5 after configuring the area as a stub area

vyatta@v5:~$ show ip ospf database
OSPF Router with ID (50.50.50.5)
Router Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum Link count
50.50.50.5 50.50.50.5 1745 0x80000013 0x7baa 2
127.2.2.2 127.2.2.2 1751 0x80000013 0xfffc 1
Net Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum
50.50.50.2 127.2.2.2 1746 0x8000000f 0xc24c
Summary Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum Route
0.0.0.0 127.2.2.2 1083 0x80000002 0xebeb 0.0.0.0/0
10.10.10.0 127.2.2.2 953 0x8000000f 0xc2e0 10.10.10.0/24
127.1.1.1 127.2.2.2 1033 0x8000000f 0xf53f 127.1.1.1/32
127.3.3.3 127.2.2.2 633 0x8000000f 0xb37b 127.3.3.3/32


As you see the AS routes which used to be in our ospf database are no longer there and instead of all those routes the default 0.0.0.0 route has been advertised by R2 which would forward packets which don’t match other routes with a lower priority to the 50.50.50.2 interface of R2. The following lines show that we only have a couple of inter-area routes advertised by the area border router in our ospf routing table.

vyatta@v5:~$ show ip ospf route
============ OSPF network routing table ============
N IA 0.0.0.0/0 [11] area: 1.1.1.1
via 50.50.50.2, eth0
N IA 10.10.10.0/24 [20] area: 1.1.1.1
via 50.50.50.2, eth0
N 50.50.50.0/24 [10] area: 1.1.1.1
directly attached to eth0
N IA 127.1.1.1/32 [30] area: 1.1.1.1
via 50.50.50.2, eth0
N IA 127.3.3.3/32 [30] area: 1.1.1.1
via 50.50.50.2, eth0
============ OSPF router routing table =============
R 127.2.2.2 [10] area: 1.1.1.1, ABR
via 50.50.50.2, eth0
============ OSPF external routing table ===========


vyatta@v5:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O>* 0.0.0.0/0 [110/11] via 50.50.50.2, eth0, 00:59:59
O>* 10.10.10.0/24 [110/20] via 50.50.50.2, eth0, 00:59:59
O 50.50.50.0/24 [110/10] is directly connected, eth0, 07:20:03
C>* 50.50.50.0/24 is directly connected, eth0
O>* 127.1.1.1/32 [110/30] via 50.50.50.2, eth0, 00:59:59
O>* 127.3.3.3/32 [110/30] via 50.50.50.2, eth0, 00:59:59
C>* 127.5.5.0/24 is directly connected, lo

Most of the changes are done on the R5 router and R2 still remains as it used to be.
LET’S JUST CHECK WE HAVE CONNECTIVITY FROM R5 TO 60.60.60.0/24

vyatta@v5:~$ ping 60.60.60.4
PING 60.60.60.4 (60.60.60.4) 56(84) bytes of data.
64 bytes from 60.60.60.4: icmp_seq=1 ttl=62 time=20.3 ms
64 bytes from 60.60.60.4: icmp_seq=2 ttl=62 time=4.09 ms
64 bytes from 60.60.60.4: icmp_seq=3 ttl=62 time=3.59 ms
64 bytes from 60.60.60.4: icmp_seq=4 ttl=62 time=3.26 ms
64 bytes from 60.60.60.4: icmp_seq=5 ttl=62 time=3.57 ms
--- 60.60.60.4 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 3.266/6.977/20.355/6.694 ms

\\*\\ NOW LET’S CONFIGURE THE AREA AS A TOTALLY STUBBY AREA

To be a little bit more granular about the routes which are injected in our ospf database in the stub area we could further more configure the area as a totally stub area, in this case summary routes which used to be in our ospf database would be removed and the default route of 0.0.0.0 via 50.50.50.2 would be used for packets which do not match the existing lower priority routes.
Totally stub areas do not allow routes other than intra-area and the default routes to be propagated within the area. The ABR injects a default route into the area and all the routers belonging to this area use the default route to send any traffic outside the area.

vyatta@r2# set protocols ospf area 1.1.1.1 area-type stub no-summary

This additional no-summary parameter informs the ABR not to send summary updates from other areas into the totally stub area this parameter needs to be configured only on the area border router where its the only router responsible for summary advertisement link state flooding.
Let’s take a look at the changes made upon the configurations we made:

vyatta@v5:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>* 0.0.0.0/0 [110/11] via 50.50.50.2, eth0, 00:37:38
O 50.50.50.0/24 [110/10] is directly connected, eth0, 00:38:15
C>* 50.50.50.0/24 is directly connected, eth0
C>* 127.5.5.0/24 is directly connected, lo

vyatta@v5:~$ show ip ospf database
OSPF Router with ID (50.50.50.5)
Router Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum Link count
50.50.50.5 50.50.50.5 502 0x80000017 0x73ae 2
127.2.2.2 127.2.2.2 478 0x80000018 0xf502 1
Net Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum
50.50.50.2 127.2.2.2 478 0x80000002 0xdc3f
Summary Link States (Area 1.1.1.1 [Stub])
Link ID ADV Router Age Seq# CkSum Route
0.0.0.0 127.2.2.2 1091 0x80000005 0xe5ee 0.0.0.0/0

vyatta@v5:~$ show ip ospf route
============ OSPF network routing table ============
N IA 0.0.0.0/0 [11] area: 1.1.1.1
via 50.50.50.2, eth0
N 50.50.50.0/24 [10] area: 1.1.1.1
directly attached to eth0
============ OSPF router routing table =============
R 127.2.2.2 [10] area: 1.1.1.1, ABR
via 50.50.50.2, eth0
============ OSPF external routing table ===========

vyatta@v5:~$ ping 60.60.60.4
PING 60.60.60.4 (60.60.60.4) 56(84) bytes of data.
64 bytes from 60.60.60.4: icmp_seq=1 ttl=62 time=32.3 ms
64 bytes from 60.60.60.4: icmp_seq=2 ttl=62 time=4.88 ms
64 bytes from 60.60.60.4: icmp_seq=3 ttl=62 time=5.33 ms
64 bytes from 60.60.60.4: icmp_seq=4 ttl=62 time=3.84 ms
64 bytes from 60.60.60.4: icmp_seq=5 ttl=62 time=5.56 ms
--- 60.60.60.4 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 3.843/10.397/32.358/10.996 ms

vyatta@v5:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
RXmtL RqstL DBsmL
127.2.2.2 1 Full/DR


CONTINUE TO PART 8 - NOT SO STUBBY AREAS
  Tue, 18 Mar 2008 11:23:00 +0100
OSPF Network Scenario

Figure 1 - Network Scenario

We configured r1 (only eth 1) r2 (eth0) and r3 (only eth0) with ospf and we configured R3 (eth1) and R4 (eth0 and eth1) with RIP and redistributed the connected routes lets take a look at our rip configuration and also a quick review on all of our route tables on all of our routers, we are not going to go through all of the details of the rip protocol we have a separate article for that

vyatta@r4# configure
vyatta@r4# set protocols rip interface eth0
vyatta@r4# set protocols rip interface eth1
vyatta@r4# set protocols rip redistribute connected
vyatta@r4# commit

vyatta@r4:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
R>* 10.10.10.0/24 [120/2] via 20.20.20.3, eth0, 00:08:38
C>* 20.20.20.0/24 is directly connected, eth0
C>* 60.60.60.0/24 is directly connected, eth1
C>* 127.4.4.0/24 is directly connected, lo

vyatta@r3:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:28:41
C>* 10.10.10.0/24 is directly connected, eth0
C>* 20.20.20.0/24 is directly connected, eth1
R>* 60.60.60.0/24 [120/2] via 20.20.20.4, eth1, 00:09:41
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:26:18
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:27:45
C>* 127.3.3.0/24 is directly connected, lo

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:28:44
C>* 10.10.10.0/24 is directly connected, eth0
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:26:33
C>* 127.2.2.0/24 is directly connected, lo
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:27:55

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 192.168.1.1, eth0
O 10.10.10.0/24 [110/10] is directly connected, eth1, 00:26:40
C>* 10.10.10.0/24 is directly connected, eth1
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth1, 00:26:40
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth1, 00:26:40
C>* 192.168.1.0/24 is directly connected, eth0

Now lets where do we have connectivity
From r1 to r2 and r3 (eth0) and in reverse we have, since we haven’t configured ospf on eth0 on R1 we can’t ping from anywhere to it, the only reason we added this interface is so that we could connect to our network for configuration changes through a Telnet/SSH client

vyatta@r3:~$ ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data.
64 bytes from 10.10.10.1: icmp_seq=1 ttl=64 time=4.54 ms
64 bytes from 10.10.10.1: icmp_seq=2 ttl=64 time=1.21 ms
64 bytes from 10.10.10.1: icmp_seq=3 ttl=64 time=1.12 ms
64 bytes from 10.10.10.1: icmp_seq=4 ttl=64 time=1.15 ms
64 bytes from 10.10.10.1: icmp_seq=5 ttl=64 time=0.928 ms
--- 10.10.10.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 0.928/1.793/4.542/1.377 ms

We also have connectivity from R3 to R4 (since we have RIP configured we can ping both interfaces on R4 from R3 and vice versa)

vyatta@r3:~$ ping 60.60.60.4
PING 60.60.60.4 (60.60.60.4) 56(84) bytes of data.
64 bytes from 60.60.60.4: icmp_seq=1 ttl=64 time=4.13 ms
64 bytes from 60.60.60.4: icmp_seq=2 ttl=64 time=0.934 ms
64 bytes from 60.60.60.4: icmp_seq=3 ttl=64 time=0.769 ms
64 bytes from 60.60.60.4: icmp_seq=4 ttl=64 time=1.17 ms
64 bytes from 60.60.60.4: icmp_seq=5 ttl=64 time=1.30 ms
--- 60.60.60.4 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 0.769/1.663/4.133/1.249 ms


but we yet don’t have connectivity between the autonomous systems (RIP network and the OSPF network) or vice versa so what we have to redistribute RIP routes generated in the rip network and deliver them to the ospf network so that peers on the ospf network would be aware of the rip network as well, in the first case we would redistribute rip routes into our ospf network on R3

vyatta@r3# set protocols ospf redistribute rip

Now let’s take a look at our routing tables on r1 r2 and r3 and also to check for connectivity between them. (RIP routes injected into the OSPF network have the red color in the routing tables)

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 192.168.1.1, eth0
O 10.10.10.0/24 [110/10] is directly connected, eth1, 00:37:12
C>* 10.10.10.0/24 is directly connected, eth1
O>* 60.60.60.0/24 [110/20] via 10.10.10.3, eth1, 00:01:46
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth1, 00:37:12
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth1, 00:37:12
C>* 192.168.1.0/24 is directly connected, eth0

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:40:46
C>* 10.10.10.0/24 is directly connected, eth0
O>* 60.60.60.0/24 [110/20] via 10.10.10.3, eth0, 00:03:04
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:38:35
C>* 127.2.2.0/24 is directly connected, lo
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:39:57

Now that the rip routes have been injected in to the ospf network we would be able to ping the 60.60.60.0/24 network from the ospf network lets ping R4 eth1 (60.60.60.4) from R2:

vyatta@r2:~$ ping 60.60.60.4
PING 60.60.60.4 (60.60.60.4) 56(84) bytes of data.
64 bytes from 60.60.60.4: icmp_seq=1 ttl=63 time=13.4 ms
64 bytes from 60.60.60.4: icmp_seq=2 ttl=63 time=2.08 ms
64 bytes from 60.60.60.4: icmp_seq=3 ttl=63 time=2.36 ms
64 bytes from 60.60.60.4: icmp_seq=4 ttl=63 time=2.27 ms
64 bytes from 60.60.60.4: icmp_seq=5 ttl=63 time=2.31 ms
--- 60.60.60.4 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4009ms
rtt min/avg/max/mdev = 2.089/4.490/13.411/4.461 ms

so we have connectivity from R1 to the 60.60.60.0/24 network (same goes for R1), now to get a better view try running a ping command to the 20.20.20.0/24 network see if you succeed(following the configurations we made to the network you shouldn’t get a reply), the question might come up is that : how come we have connectivity to the 60.60.60.0/24 and we are actually passing the 20.20.20.0/24 network but we cannot ping to that network? Well we don’t have any routes available to us guiding us to the 20.20.20.0/24 network in the OSPF network so we have to redistribute connected routes from the rip network into ospf as well, let’s do that see what comes up:

vyatta@r3# set protocols ospf redistribute connected
vyatta@r3# commit

Let’s see if we could ping the 20.20.20.0/24 network from r1 or r2
vyatta@r2:~$ ping 20.20.20.4
PING 20.20.20.4 (20.20.20.4) 56(84) bytes of data.
64 bytes from 20.20.20.4: icmp_seq=1 ttl=63 time=3.43 ms
--- 20.20.20.4 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 2.175/2.496/3.432/0.476 ms

Let’s see the changes made based upon our configurations in the route tables of r1, r2 and r3:

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:46:54
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.3, eth0, 00:01:10
O>* 60.60.60.0/24 [110/20] via 10.10.10.3, eth0, 00:09:12
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:44:43
C>* 127.2.2.0/24 is directly connected, lo
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:46:05

vyatta@r3:~$ show ip route NOTHING CHANGED
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:47:41
C>* 10.10.10.0/24 is directly connected, eth0
C>* 20.20.20.0/24 is directly connected, eth1
R>* 60.60.60.0/24 [120/2] via 20.20.20.4, eth1, 00:28:41
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:45:18
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:46:45
C>* 127.3.3.0/24 is directly connected, lo


vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 192.168.1.1, eth0
O 10.10.10.0/24 [110/10] is directly connected, eth1, 00:45:44
C>* 10.10.10.0/24 is directly connected, eth1
O>* 20.20.20.0/24 [110/20] via 10.10.10.3, eth1, 00:02:15
O>* 60.60.60.0/24 [110/20] via 10.10.10.3, eth1, 00:10:18
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth1, 00:45:44
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth1, 00:45:44
C>* 192.168.1.0/24 is directly connected, eth0

Now let’s see if we are able to ping from the rip network into the ospf network

vyatta@r4:~$ ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data.
64 bytes from 10.10.10.1: icmp_seq=1 ttl=63 time=3.56 ms
64 bytes from 10.10.10.1: icmp_seq=2 ttl=63 time=2.54 ms
64 bytes from 10.10.10.1: icmp_seq=3 ttl=63 time=2.08 ms
64 bytes from 10.10.10.1: icmp_seq=4 ttl=63 time=2.10 ms

--- 10.10.10.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 2.083/2.575/3.562/0.600 ms


Well yes we have connectivity ,
Let’s take a look at the route table on R4 to see the route we choose to reach the ospf network

vyatta@r4:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
R>* 10.10.10.0/24 [120/2] via 20.20.20.3, eth0, 00:31:21
C>* 20.20.20.0/24 is directly connected, eth0
C>* 60.60.60.0/24 is directly connected, eth1
C>* 127.4.4.0/24 is directly connected, lo

Well as you see we choose the rip route to ping the ospf network
Let’s take a look at some changes in our OSPF network

vyatta@r3:~$ show ip ospf database
OSPF Router with ID (127.3.3.3)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1230 0x80000006 0xec76 2
127.2.2.2 127.2.2.2 1234 0x80000005 0xed6c 2
127.3.3.3 127.3.3.3 899 0x80000008 0xec5e 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 1233 0x80000003 0xb564
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.3.3.3 415 0x80000001 0x1edb E2 20.20.20.0/24 [0x0]
60.60.60.0 127.3.3.3 901 0x80000001 0x7809 E2 60.60.60.0/24 [0x0]

We’ve got AS external routes injected by the autonomous system border router into the ospf network, since this database is unique throughout the ospf network we are able to ping any interface in the rip network from the ospf network.

vyatta@r3:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DROther 38.071s 10.10.10.1 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/Backup 38.384s 10.10.10.2 eth0:10.10.10.3 0 0 0

You could also check the ip ospf command on R3 just to view the state of the router which would state that this router is acting as an ASBR.


CONTINUE TO PART 7 - STUB AREAS | TOTALLY STUB AREAS
  Mon, 17 Mar 2008 19:08:00 +0100
In order to demonstrate the efficient usage of OSPF areas we would make quite a change to the previous scenario we
had, we would remove the eth1 interface on R2 pointing to the 20.20.20.0 network.

OSPF Network Scenario

Figure 1 - Network Scenario

In this scenario R4 would be in area 1.1.1.1 and R1 and R2 would be residing on area 0.0.0.0 (backbone area) and
finally R3 would be our area border router which connects the two areas 0.0.0.0 and 1.1.1.1 together. Remember
that all other areas excluding area zero (which is the backbone area itself) should be directly connected to the
backbone area, so if you plan to extend the network and create more areas make sure all areas are directly
connected to the backbone via an area border router.
Lets configure eth0 and lo (loopback interface) on R4 to be in area 1.1.1.1 and also eth1 on R3 to be configured
as an interface in the 1.1.1.1 area, if you have followed the steps from the very beginning you should possibly
change some configurations before proceeding to the next step so lets take a look at our prerequisites
Removing the eth1 interface on R2
In case of using Vyatta and VMware you can disable the interface or even remove it while the router is in shutdown
mode, remove the relevant interface from ospf:

vyatta@r2# delete protocols ospf area 0.0.0.0 network 10.10.10.0/24
vyatta@r2# commit

Let’s configure R3 and R4 with the new area:

vyatta@r4# set protocols ospf area 1.1.1.1
vyatta@r4# set protocols ospf area 1.1.1.1 network 20.20.20.0/24
vyatta@r4# set protocols ospf area 1.1.1.1 network 127.4.4.0/24
vyatta@r4#commit

vyatta@r3# set protocols ospf area 1.1.1.1 network 20.20.20.0/24
vyatta@r3# commit

Now after we have configured our network with the new area let’s take a look at our databases on R3 and see the
effect it would have to simplify our database. (You may well know that the reason we use areas in OSPF is to limit
the scope of route information distribution thus reducing the size of our LSA databases over the network.)
We have printed out the ospf database on R4 in 5 different intervals:
First: right after we configured the R4 router with the new area 1.1.1.1
Second: quite a couple of minutes later which we just left the network idle to see how the LSADB would react
Third: normally LSA entries age out after 3600 seconds, in this interval LSA’s not being used anymore are going to
be aged-out.
Fourth: previous router LSA’s have aged out but there is one remaining LSA which belongs to the loopback interface
of R4 and is considered to be in the 0.0.0.0 area, well although we know that this loopback interface is no longer
in this area and there are no links attached to it, this LSA would remain in the LSA DB until the next reboot in
case any changes occur.
Fifth: after the final reboot

FIRST INTERVAL
vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
10.10.10.2 10.10.10.2 1457 0x80000001 0xb7cb 1
127.1.1.1 127.1.1.1 1389 0x80000004 0x0463 2
127.2.2.2 127.2.2.2 1389 0x80000005 0xc19a 2
127.3.3.3 127.3.3.3 1382 0x80000003 0xd1e9 3
127.4.4.4 127.4.4.4 923 0x80000006 0xa79f 0
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.1 127.1.1.1 1389 0x80000002 0xf52d
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 868 0x80000003 0xd4e2 1
127.4.4.4 127.4.4.4 863 0x80000002 0x1fed 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.3 127.3.3.3 869 0x80000001 0xbac3
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 1112 0x80000001 0xab01 10.10.10.0/24
127.1.1.1 127.3.3.3 1112 0x80000001 0xde5f 127.1.1.1/32
127.2.2.2 127.3.3.3 1112 0x80000001 0xbd7d 127.2.2.2/32

SECOND INTERVAL
vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
10.10.10.2 10.10.10.2 1983 0x80000001 0xb7cb 1
127.1.1.1 127.1.1.1 1915 0x80000004 0x0463 2
127.2.2.2 127.2.2.2 1914 0x80000005 0xc19a 2
127.3.3.3 127.3.3.3 1908 0x80000003 0xd1e9 3
127.4.4.4 127.4.4.4 1449 0x80000006 0xa79f 0
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.1 127.1.1.1 1915 0x80000002 0xf52d
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 1394 0x80000003 0xd4e2 1
127.4.4.4 127.4.4.4 1389 0x80000002 0x1fed 2

Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.3 127.3.3.3 1395 0x80000001 0xbac3
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 94 0x80000002 0xa902 10.10.10.0/24
27.1.1.1 127.3.3.3 525 0x80000002 0xdc60 127.1.1.1/32
127.2.2.2 127.3.3.3 295 0x80000002 0xbb7e 127.2.2.2/32


THIRD INTERVAL
vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 3600 0x80000004 0x0463 2
127.2.2.2 127.2.2.2 3600 0x80000005 0xc19a 2
127.3.3.3 127.3.3.3 3600 0x80000003 0xd1e9 3
127.4.4.4 127.4.4.4 1343 0x80000007 0xa5a0 0
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.1 127.1.1.1 3600 0x80000002 0xf52d
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 1289 0x80000004 0xd2e3 1
127.4.4.4 127.4.4.4 1283 0x80000003 0x1dee 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.3 127.3.3.3 1289 0x80000002 0xb8c4
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 1789 0x80000002 0xa902 10.10.10.0/24
127.1.1.1 127.3.3.3 468 0x80000003 0xda61 127.1.1.1/32
127.2.2.2 127.3.3.3 158 0x80000003 0xb97f 127.2.2.2/32

FOURTH INTERVAL
vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.4.4.4 127.4.4.4 1430 0x80000007 0xa5a0 0
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 1376 0x80000004 0xd2e3 1
127.4.4.4 127.4.4.4 1370 0x80000003 0x1dee 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.3 127.3.3.3 1376 0x80000002 0xb8c4
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 15 0x80000003 0xa703 10.10.10.0/24
127.1.1.1 127.3.3.3 555 0x80000003 0xda61 127.1.1.1/32
127.2.2.2 127.3.3.3 245 0x80000003 0xb97f 127.2.2.2/32

FIFTH INTERVAL
vyatta@r4:~$ show ip ospf database
OSPF Router with ID (127.4.4.4)
Router Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 146 0x8000000b 0xcedf 1
127.4.4.4 127.4.4.4 146 0x80000008 0x29dc 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.4 127.4.4.4 146 0x80000001 0x9bde
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 345 0x80000005 0xa305 10.10.10.0/24
127.1.1.1 127.3.3.3 855 0x80000005 0xd663 127.1.1.1/32
127.2.2.2 127.3.3.3 625 0x80000005 0xb581 127.2.2.2/32


Now as you see our database only includes LSA entries in the 1.1.1.1 area and we also have 3 new link state
advertisements which are type 3 LSA known as the summary LSA’s these LSA’s are generated by the ABR’s (area border
routers) namely R3 which is actually connecting the 1.1.1.1 area to the 0.0.0.0 area.
As you see the entries in our routing table have reduced significantly (from 9 entries to 6 entries and we don’t
need to include all LSA’s in other areas in our database) and therefore resulting into a remarkable decrease in
CPU usage, network traffic and local resources.

Now let’s take a look at R3 OSPF database (lines which should draw your attention have been marked with a bold
font-size)
vyatta@r4:~$ show ip ospf
OSPF Routing Process, Router ID: 127.4.4.4
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 2
SPF algorithm last executed 10m24s ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Adjacency changes are logged
Area ID: 1.1.1.1
Shortcutting mode: Default, S-bit consensus: no
Number of interfaces in this area: Total: 2, Active: 2
Number of fully adjacent neighbors in this area: 1
Area has no authentication
Number of full virtual adjacencies going through this area: 0
SPF algorithm executed 5 times
Number of LSA 6
Number of router LSA 2. Checksum Sum 0x0000f8bb
Number of network LSA 1. Checksum Sum 0x00009bde
Number of summary LSA 3. Checksum Sum 0x00022ee9
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000

Now that we have 2 different areas, executing the border-routers command in any area should result to R3 where it
acts as the ABR.
From R4
vyatta@r4:~$ show ip ospf border-routers
============ OSPF router routing table =============
R 127.3.3.3 [10] area: 1.1.1.1, ABR
via 20.20.20.3, eth0

From R1
vyatta@r1:~$ show ip ospf border-routers
============ OSPF router routing table =============
R 127.3.3.3 [10] area: 0.0.0.0, ABR
via 10.10.10.3, eth0
First take a look at the DR/BDR election and then see which routers have been elected as DR’s & BDR’s
vyatta@r3:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DR 30.939s 10.10.10.1 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/DROther 37.851s 10.10.10.2 eth0:10.10.10.3 0 0 0
127.4.4.4 1 Full/DR 31.348s 20.20.20.4 eth1:20.20.20.3 0 0 0

vyatta@r2:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DR 38.925s 10.10.10.1 eth0:10.10.10.2 0 0 0
127.3.3.3 1 Full/Backup 30.363s 10.10.10.3 eth0:10.10.10.2 0 0 0

Now as you see based on the re-elections states have been changed R1is now known as the designated router in the
0.0.0.0 area R4 is also the designated router but in the 1.1.1.1 area R2 remains as DROther and R3 has changed its
state to serving both areas as the backup designated router.
For example on R1 this is what we had as the database before we created the 1.1.1.1 area

vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 258 0x8000000a 0x0c53 2
127.2.2.2 127.2.2.2 908 0x80000012 0x981e 3
127.3.3.3 127.3.3.3 907 0x8000000b 0xcbe6 3
127.4.4.4 127.4.4.4 903 0x8000000e 0x07f9 2

Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 251 0x80000003 0xb564
20.20.20.3 127.3.3.3 907 0x80000006 0xbb34


After we created the 1.1.1.1 area things were about to change, our DR/BDR’s changed relatively, the LSA entries
changed as well, in the new ospf database of R1 we discovered 3 different types of link states, lets take a look
at them:
vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 1100 0x80000008 0xfb67 2
127.2.2.2 127.2.2.2 1097 0x80000009 0xb99e 2
127.3.3.3 127.3.3.3 820 0x80000009 0xbb91 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.1 127.1.1.1 1100 0x80000006 0xed31
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.3.3.3 822 0x80000001 0x424c 20.20.20.0/24
127.4.4.4 127.3.3.3 808 0x80000001 0x7bb9 127.4.4.4/32

first ones are the router link states which are advertised by the routers in the area 0.0.0.0 which are namely R1,
R2 & R3 we also have the network link states which have been generated by the designated router in area 0.0.0.0
which is R1 and also some summary link states which have been advertised by the area border router which namely is
R3 and allows the router to calculate routes to 1.1.1.1 area.
at that moment the R3 router was responsible to be the DR so it was advertising the network link state
advertisements but based on the new area structure and the new re-election R3 is no longer the DR and its state
has changed to BDR, in this case R1 and R4 are the DR’s relatively in each area and would advertise network link
states
Let’s take a look at the R3 database which includes both databases on area 0.0.0.0.0 and also area 1.1.1.1

vyatta@r3:~$ show ip ospf database
OSPF Router with ID (127.3.3.3)
-----------------------------Router Link States (Area 0.0.0.0) ----------------------------------------------------
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 321 0x80000011 0xe970 2
127.2.2.2 127.2.2.2 317 0x80000012 0xa7a7 2
127.3.3.3 127.3.3.3 39 0x80000012 0xa99a 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.1 127.1.1.1 321 0x8000000f 0xdb3a
Summary Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Route
20.20.20.0 127.3.3.3 1456 0x80000009 0x3254 20.20.20.0/24
127.4.4.4 127.3.3.3 385 0x8000000a 0x69c2 127.4.4.4/32
-----------------------------Router Link States (Area 1.1.1.1)----------------------------------------------------
Link ID ADV Router Age Seq# CkSum Link count
127.3.3.3 127.3.3.3 36 0x80000014 0xbce8 1
127.4.4.4 127.4.4.4 30 0x80000011 0x17e5 2
Net Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum
20.20.20.4 127.4.4.4 30 0x8000000a 0x89e7
Summary Link States (Area 1.1.1.1)
Link ID ADV Router Age Seq# CkSum Route
10.10.10.0 127.3.3.3 305 0x8000000e 0x910e 10.10.10.0/24
127.1.1.1 127.3.3.3 895 0x8000000e 0xc46c 127.1.1.1/32
127.2.2.2 127.3.3.3 485 0x8000000e 0xa38a 127.2.2.2/32

Now as you see in area 0.0.0.0 R1 (127.1.1.1) has attempted to advertise link states in its own area and
relatively R4 (127.4.4.4) in the 1.1.1.1 area has advertised the network link state advertisement.
Let’s take a look at the ospf route command on R4 and discuss some of the new entries.
N: marks the Network Routes - R: marks the Router Routes - IA: marks the Inter-Area Routes: When a route crosses
an OSPF Area Border Router (ABR), the route is known as an OSPF Inter-Area route.

vyatta@r4:~$ show ip ospf route
============ OSPF network routing table ============
N IA 10.10.10.0/24 [20] area: 1.1.1.1
via 20.20.20.3, eth0
N 20.20.20.0/24 [10] area: 1.1.1.1
directly attached to eth0
N IA 127.1.1.1/32 [30] area: 1.1.1.1
via 20.20.20.3, eth0
N IA 127.2.2.2/32 [30] area: 1.1.1.1
via 20.20.20.3, eth0
============ OSPF router routing table =============
R 127.3.3.3 [10] area: 1.1.1.1, ABR
via 20.20.20.3, eth0
============ OSPF external routing table ============


CONTINUE TO PART 6 - AUTONOMOUS SYSTEM BORDER ROUTERS
  Sun, 16 Mar 2008 21:17:00 +0100

We also could authenticate routers which attempt to exchange routes over the network by simply using several authentication methods.
In general we have 3 OSPF authentication methods:

A – NULL: as we performed the OSPF configuration in the latter pages we didn’t use any sort of authentication in case we don’t use authentication in order to exchange routes the OSPF protocol uses a default value of null for our authentication whereas routes from any router in the network are accepted this type of authentication is called NULL authentication and is insecure.

B – CLEAR TEXT | SIMPLE PASSWORD: the second authentication method which is further more secure than the previous one is called the plain-text password authentication method this model of authentication uses simple password with a maximum number of 8 characters to authenticate the routes exchanged among ospf routers in a network, although using a password (sent over the network in clear text) in order to authenticate exchanged routes between routers is more secure than not using any kind of authentication it still makes the network vulnerable to passive attacks where an intruder would be able to use a link analyzer such as wireshark and get his hands on the password, normally plain-text authentication is used for router reconfiguration and not for secure authentication purposes.

Let’s see how we can configure the network with plain-text authentication
Each area should be configured with a unique authentication method as well as a unique password since we only have one area which is the 0.0.0.0 area we would be configuring the type of authentication on this area.

Before configuring the R1 interfaces with OSPF authentication lets take a look at its routing table.

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:41:28
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.2, eth0, 00:41:28
* via 10.10.10.3, eth0, 00:41:28
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:41:28
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:41:28
O>* 127.4.4.4/32 [110/30] via 10.10.10.2, eth0, 00:22:22
* via 10.10.10.3, eth0, 00:22:22

Well as you see all of the routes from the previous section still remain in our routing table now let’s go ahead and configure our router with OSPF authentication
First of all we have to set the area to use a specific method of authentication .

vyatta@r1# set protocols ospf area 0.0.0.0 authentication plaintext-password

and the interfaces.

vyatta@r1# set interfaces loopback lo ip ospf authentication plaintext-password NEWPASS
vyatta@r1# set interfaces ethernet eth0 ip ospf authentication plaintext-password NEWPASS

Now let’s take a look at the routing table:

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:12:21
C>* 10.10.10.0/24 is directly connected, eth0
C>* 127.1.1.0/24 is directly connected, lo

As you see we no longer have the ospf routes we used to have in our routing table, since we have configured the area 0.0.0.0 with the plain-text password authentication we would only be receiving routes from neighbors which authenticate to us, at this point if you run the “show ip ospf neighbors” command no results would be shown.
Let’s move a step further and configure R2 interfaces with the authentication method we set for the area 0.0.0.0.

vyatta@r1# set protocols ospf area 0.0.0.0 authentication plaintext-password
vyatta@r1# set interfaces loopback lo ip ospf authentication plaintext-password NEWPASS
vyatta@r1# set interfaces ethernet eth0 ip ospf authentication plaintext-password NEWPASS
vyatta@r1# set interfaces ethernet eth1 ip ospf authentication plaintext-password NEWPASS

Now let's take a look at the routing tables:

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 03:13:56
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.2, eth0, 03:01:51
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 03:01:51

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 03:13:30
C>* 10.10.10.0/24 is directly connected, eth0
O 20.20.20.0/24 [110/10] is directly connected, eth1, 03:13:30
C>* 20.20.20.0/24 is directly connected, eth1
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 03:01:41
C>* 127.2.2.0/24 is directly connected, lo


Now lets look at the neighbors on each router:

vyatta@r2:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DR 33.303s 10.10.10.1 eth0:10.10.10.2 0 0 0

vyatta@r1:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.2.2.2 1 Full/Backup 30.814s 10.10.10.2 eth0:10.10.10.1 0 0 0

vyatta@r3:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.4.4.4 1 Full/DR 35.984s 20.20.20.4 eth1:20.20.20.3 0 0 0

vyatta@r4:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.3.3.3 1 Full/Backup 30.365s 20.20.20.3 eth0:20.20.20.4 0 0 0a

Let’s configure R3 with OSPF authentication

vyatta@r1# set protocols ospf area 0.0.0.0 authentication plaintext-password
vyatta@r3# set interfaces loopback lo ip ospf authentication plaintext-password NEWPASS
vyatta@r3# set interfaces ethernet eth0 ip ospf authentication plaintext-password NEWPASS
vyatta@r3# set interfaces ethernet eth1 ip ospf authentication plaintext-password NEWPASS

Lets take a look at routing table on R1 and neighbors on R3

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 03:35:49
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.2, eth0, 00:05:33
* via 10.10.10.3, eth0, 00:05:33
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:06:05
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:06:05


vyatta@r3:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/DROther 30.252s 10.10.10.1 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/Backup 31.860s 10.10.10.2 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/DR 33.191s 20.20.20.2 eth1:20.20.20.3 0 0 0

And finally configuring R4 with the OSPF authentication would lead to the same results we had in the previous part and we would have an area authenticated by the Plain-text password “NEWPASS”.

vyatta@r3:~$ show ip ospf
OSPF Routing Process, Router ID: 127.3.3.3
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 14m45s ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Adjacency changes are logged

Area ID: 0.0.0.0 (Backbone)
Number of interfaces in this area: Total: 3, Active: 3
Number of fully adjacent neighbors in this area: 3
Area has simple password authentication
SPF algorithm executed 17 times
Number of LSA 7
Number of router LSA 4. Checksum Sum 0x00014184
Number of network LSA 3. Checksum Sum 0x0001db39
Number of summary LSA 0. Checksum Sum 0x00000000
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000

C – MD5 Authentication:
Message digest authentication is one of the most widely used cryptographic hash functions as described in RFC1321 the algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
In order to configure MD5 authentication follow as below

vyatta@r1# set protocols ospf area 0.0.0.0 authentication md5
vyatta@r1# set interfaces loopback lo ip ospf authentication md5 key-id 1 md5-key NEWPASSMD5
vyatta@r1# set interfaces ethernet eth0 ip ospf authentication md5 key-id 1 md5-key NEWPASSMD5

Key-id: Key used to identify the password. The range of values is 1 to 255. All interfaces attached to a common network must use the same key and password.
Password: Password to be used for authentication on the interface. The password is an alphanumeric string from 1 to 16 characters.

vyatta@r1:~$ show ip ospf
OSPF Routing Process, Router ID: 127.1.1.1
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 2h24m31s ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Adjacency changes are logged

Area ID: 0.0.0.0 (Backbone)
Number of interfaces in this area: Total: 2, Active: 2
Number of fully adjacent neighbors in this area: 2
Area has message digest authentication
SPF algorithm executed 18 times
Number of LSA 5
Number of router LSA 3. Checksum Sum 0x0001f8b7
Number of network LSA 2. Checksum Sum 0x0001375f
Number of summary LSA 0. Checksum Sum 0x00000000
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000

CONTINUE TO PART 5 - OSPF AREAS & ABR's
  Sat, 15 Mar 2008 22:04:00 +0100

R3 Configuration
Let’s configure R3 interfaces with the OSPF protocol and see the effect it has on R1 and R2 routing tables and as well as the link state database

vyatta@r3:~$ show ip ospf interface
eth0 is up
ifindex 2, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 10.10.10.3/24, Broadcast 10.10.10.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.3.3.3, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 127.3.3.3, Interface Address 10.10.10.3
Backup Designated Router (ID) 127.1.1.1, Interface Address 10.10.10.1
Multicast group memberships: OSPFAllRouters OSPFDesignatedRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 0.165s
Neighbor Count is 2, Adjacent neighbor count is 2
eth1 is up
ifindex 3, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 20.20.20.3/24, Broadcast 20.20.20.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.3.3.3, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 127.3.3.3, Interface Address 20.20.20.3
Backup Designated Router (ID) 127.2.2.2, Interface Address 20.20.20.2
Multicast group memberships: OSPFAllRouters OSPFDesignatedRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 0.474s
Neighbor Count is 1, Adjacent neighbor count is 1
lo is up
ifindex 1, MTU 16436 bytes, BW 0 Kbit <UP,LOOPBACK,RUNNING>
Internet Address 127.3.3.3/24, Broadcast 127.3.3.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.3.3.3, Network Type LOOPBACK, Cost: 10
Transmit Delay is 1 sec, State Loopback, Priority 1
No designated router on this network
No backup designated router on this network
Multicast group memberships: <None>
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in inactive
Neighbor Count is 0, Adjacent neighbor count is 0

Latest changes : because a change of network we have DR & BDR re-election taking place, and since all routers have same priorities the router with the highest IP which would be R3 is chosen as DR and the next candidate for BDR remains R1 and Neighbor Count on eth0 is 2 which would be R2 and R1 and oneth1 is 1 which would only be R2 (the number of OSPF neighbor routers),Adjacent neighbor count is 2(the number of DR&BDR neighbors).


vyatta@r1:~$ show ip ospf interface
eth0 is up
ifindex 2, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 10.10.10.1/24, Broadcast 10.10.10.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.1.1.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State Backup, Priority 1
Designated Router (ID) 127.3.3.3, Interface Address 10.10.10.3
Backup Designated Router (ID) 127.1.1.1, Interface Address 10.10.10.1
Multicast group memberships: OSPFAllRouters OSPFDesignatedRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 6.046s
Neighbor Count is 2, Adjacent neighbor count is 2
lo is up
ifindex 1, MTU 16436 bytes, BW 0 Kbit <UP,LOOPBACK,RUNNING>
Internet Address 127.1.1.1/24, Broadcast 127.1.1.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.1.1.1, Network Type LOOPBACK, Cost: 10
Transmit Delay is 1 sec, State Loopback, Priority 1
No designated router on this network
No backup designated router on this network
Multicast group memberships: <None>
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in inactive
Neighbor Count is 0, Adjacent neighbor count is 0

vyatta@r2:~$ show ip ospf interface
eth0 is up
ifindex 2, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 10.10.10.2/24, Broadcast 10.10.10.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.2.2.2, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DROther, Priority 1
Designated Router (ID) 127.3.3.3, Interface Address 10.10.10.3
Backup Designated Router (ID) 127.1.1.1, Interface Address 10.10.10.1
Multicast group memberships: OSPFAllRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 6.995s
Neighbor Count is 2, Adjacent neighbor count is 2
eth1 is up
ifindex 3, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 20.20.20.2/24, Broadcast 20.20.20.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.2.2.2, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State Backup, Priority 1
Designated Router (ID) 127.3.3.3, Interface Address 20.20.20.3
Backup Designated Router (ID) 127.2.2.2, Interface Address 20.20.20.2
Multicast group memberships: OSPFAllRouters OSPFDesignatedRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 7.583s
Neighbor Count is 1, Adjacent neighbor count is 1
lo is up
ifindex 1, MTU 16436 bytes, BW 0 Kbit <UP,LOOPBACK,RUNNING>
Internet Address 127.2.2.2/24, Broadcast 127.2.2.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.2.2.2, Network Type LOOPBACK, Cost: 10
Transmit Delay is 1 sec, State Loopback, Priority 1
No designated router on this network
No backup designated router on this network
Multicast group memberships: <None>
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in inactive
Neighbor Count is 0, Adjacent neighbor count is 0

vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 310 0x80000009 0x0e52 2
127.2.2.2 127.2.2.2 306 0x8000000a 0xa816 3
127.3.3.3 127.3.3.3 301 0x80000006 0xd5e1 3
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 306 0x80000002 0xb763
20.20.20.3 127.3.3.3 306 0x80000001 0x780c


And finally our ospf database in general after configuring the ospf interfaces on R3, as you see we have 3 routers which have advertised their router-id these link state advertisements are router LSA’s namely type 1link state advertisements these advertisements describe the active links on each router and they are advertised by all of the ospf routers in the network, the other type of LSA entries are the network link state advertisements which in our case we only have 2 of them these advertisements are flooded across the network by DR’s (designated routers – in our case R3is the DR) and explain their links and attached neighbors.

R4 Configuration
Let’s configure R4 ethernet interfaces with the OSPF protocol and view its overall effect on our network

vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 258 0x8000000a 0x0c53 2
127.2.2.2 127.2.2.2 908 0x80000012 0x981e 3
127.3.3.3 127.3.3.3 907 0x8000000b 0xcbe6 3
127.4.4.4 127.4.4.4 903 0x8000000e 0x07f9 2
Net Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum
10.10.10.3 127.3.3.3 251 0x80000003 0xb564
20.20.20.3 127.3.3.3 907 0x80000006 0xbb34

R4ID has been added to the ospf database on R1 so advertisements are complete, R3 remained the DR, R1 has been chosen as the BDR in the10.10.10.0/24 network and R4 has been chosen as the BDR in the 20.20.20.0/24network, R2 is chosen to be the DROther whereas its nor a DR nor a BDR.


Let’s take a look at each router and the ospf neighbors they have encountered:

vyatta@r1:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.2.2.2 1 Full/DROther 31.973s 10.10.10.2 eth0:10.10.10.1 0 0 0
127.3.3.3 1 Full/DR 31.756s 10.10.10.3 eth0:10.10.10.1 0 0 0


vyatta@r2:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/Backup 36.849s 10.10.10.1 eth0:10.10.10.2 0 0 0
127.3.3.3 1 Full/DR 34.139s 10.10.10.3 eth0:10.10.10.2 0 0 0
127.3.3.3 1 Full/DR 39.288s 20.20.20.3 eth1:20.20.20.2 0 0 0
127.4.4.4 1 Full/Backup 34.575s 20.20.20.4 eth1:20.20.20.2 0 0 0

vyatta@r3:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.1.1.1 1 Full/Backup 33.286s 10.10.10.1 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/DROther 30.804s 10.10.10.2 eth0:10.10.10.3 0 0 0
127.2.2.2 1 Full/DROther 34.260s 20.20.20.2 eth1:20.20.20.3 0 0 0
127.4.4.4 1 Full/Backup 31.012s 20.20.20.4 eth1:20.20.20.3 0 0 0


vyatta@r4:~$ show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
127.2.2.2 1 Full/DROther 37.823s 20.20.20.2 eth0:20.20.20.4 0 0 0
127.3.3.3 1 Full/DR 39.270s 20.20.20.3 eth0:20.20.20.4 0 0 0

Let’s take a look at each routers routing table and the routes they have calculated:

vyatta@r2:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:40:12
C>* 10.10.10.0/24 is directly connected, eth0
O 20.20.20.0/24 [110/10] is directly connected, eth1, 00:40:05
C>* 20.20.20.0/24 is directly connected, eth1
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:39:57
C>* 127.2.2.0/24 is directly connected, lo
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:39:57
* via 20.20.20.3, eth1, 00:39:57
O>* 127.4.4.4/32 [110/20] via 20.20.20.4, eth1, 00:20:52


vyatta@r4:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O>* 10.10.10.0/24 [110/20] via 20.20.20.2, eth0, 00:21:05
* via 20.20.20.3, eth0, 00:21:05
O 20.20.20.0/24 [110/10] is directly connected, eth0, 00:21:05
C>* 20.20.20.0/24 is directly connected, eth0
O>* 127.1.1.1/32 [110/30] via 20.20.20.2, eth0, 00:21:05
* via 20.20.20.3, eth0, 00:21:05
O>* 127.2.2.2/32 [110/20] via 20.20.20.2, eth0, 00:21:05
O>* 127.3.3.3/32 [110/20] via 20.20.20.3, eth0, 00:21:05
C>* 127.4.4.0/24 is directly connected, lo


vyatta@r3:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:41:09
C>* 10.10.10.0/24 is directly connected, eth0
O 20.20.20.0/24 [110/10] is directly connected, eth1, 00:40:48
C>* 20.20.20.0/24 is directly connected, eth1
O>* 127.1.1.1/32 [110/20] via 10.10.10.1, eth0, 00:40:53
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:40:48
* via 20.20.20.2, eth1, 00:40:48
C>* 127.3.3.0/24 is directly connected, lo
O>* 127.4.4.4/32 [110/20] via 20.20.20.4, eth1, 00:21:43

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route

O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:41:28
C>* 10.10.10.0/24 is directly connected, eth0
O>* 20.20.20.0/24 [110/20] via 10.10.10.2, eth0, 00:41:28
* via 10.10.10.3, eth0, 00:41:28
C>* 127.1.1.0/24 is directly connected, lo
O>* 127.2.2.2/32 [110/20] via 10.10.10.2, eth0, 00:41:28
O>* 127.3.3.3/32 [110/20] via 10.10.10.3, eth0, 00:41:28
O>* 127.4.4.4/32 [110/30] via 10.10.10.2, eth0, 00:22:22
* via 10.10.10.3, eth0, 00:22:22

Router LSA Database:

vyatta@r2:~$ show ip ospf database router
OSPF Router with ID (127.2.2.2)
Router Link States (Area 0.0.0.0)
LS age: 508
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
Flags: 0x0
LS Type: router-LSA
Link State ID: 127.1.1.1
Advertising Router: 127.1.1.1
LS Seq Number: 8000000a
Checksum has been incremented since our first configuration and has reached8000000a
Checksum: 0x0c53
Length: 48
Number of Links: 2
Eth0 is considered to be a transit network
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.10.3
(Link Data) Router Interface address: 10.10.10.1
Number of TOS metrics: 0
TOS 0 Metric: 10
All loopback interfaces remain stub networks
Link connected to: Stub Network
(Link ID) Net: 127.1.1.1
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metric: 10

LS age: 1154
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x1
Flags: 0x0
LS Type: router-LSA
Link State ID: 127.2.2.2
Advertising Router: 127.2.2.2
LS Seq Number: 80000012
Checksum: 0x981e
Length: 60
Number of Links: 3
Number of active links connected to R2 and their detail; remember the fact of router LSA’s is so that they get to introduce themselves on the network
Link connected to: Stub Network
(Link ID) Net: 127.2.2.2
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metric: 10

Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.10.3
(Link Data) Router Interface address: 10.10.10.2
Number of TOS metrics: 0
TOS 0 Metric: 10

Link connected to: a Transit Network
(Link ID) Designated Router address: 20.20.20.3
(Link Data) Router Interface address: 20.20.20.2
Number of TOS metrics: 0
TOS 0 Metric: 10

LS age: 1155
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
Flags: 0x0
LS Type: router-LSA
Link State ID: 127.3.3.3
Advertising Router: 127.3.3.3
LS Seq Number: 8000000b
Checksum: 0xcbe6
Length: 60
Number of Links: 3

Link connected to: Stub Network
(Link ID) Net: 127.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metric: 10

Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.10.3
(Link Data) Router Interface address: 10.10.10.3
Number of TOS metrics: 0
TOS 0 Metric: 10

Link connected to: a Transit Network
(Link ID) Designated Router address: 20.20.20.3
(Link Data) Router Interface address: 20.20.20.3
Number of TOS metrics: 0
TOS 0 Metric: 10

LS age: 1150
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
Flags: 0x0
LS Type: router-LSA
Link State ID: 127.4.4.4
Advertising Router: 127.4.4.4
LS Seq Number: 8000000e
Checksum: 0x07f9
Length: 48
Number of Links: 2

Link connected to: Stub Network
(Link ID) Net: 127.4.4.4
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metric: 10

Link connected to: a Transit Network
(Link ID) Designated Router address: 20.20.20.3
(Link Data) Router Interface address: 20.20.20.4
Number of TOS metrics: 0
TOS 0 Metric: 10

Network LSA Database:
if you reckon network LSA were flooded by DR’s and introduced their links and neighbors.

vyatta@r2:~$ show ip ospf database network
OSPF Router with ID (127.2.2.2)
Net Link States (Area 0.0.0.0)

LS age: 529
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
LS Type: network-LSA
Link State ID: 10.10.10.3 (address of Designated Router)
Advertising Router: 127.3.3.3
LS Seq Number: 80000003
Checksum: 0xb564
Length: 36
Network Mask: /24
Attached Router: 127.1.1.1
Attached Router: 127.2.2.2
Attached Router: 127.3.3.3

LS age: 1184
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
LS Type: network-LSA
Link State ID: 20.20.20.3 (address of Designated Router)
Advertising Router: 127.3.3.3
LS Seq Number: 80000006
Checksum: 0xbb34
Length: 36
Network Mask: /24
Attached Router: 127.2.2.2
Attached Router: 127.3.3.3
Attached Router: 127.4.4.4



OSPF Protocol Configuration Detail:
We’ll discuss this preferably on R2:

vyatta@r2:~$ show ip ospf
OSPF Routing Process, Router ID: 127.2.2.2
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
when RFC1583Compatibility flag is enabled in case of choosing between similar routes between AS LSA's and External LSA's cost would be considered and while it is disabled path would be the preferred factor to calculate optimized routes. this RFC could be enabled via the "set protocols ospf parameters rfc1583-compatibility" command
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 22m46s ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
we only have one routing protocol defined in our network so we shouldn't have any external lsa’s either
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Adjacency changes are logged

Area ID: 0.0.0.0 (Backbone)
area 0 or 0.0.0.0 marked as backbone
Number of interfaces in this area: Total: 3, Active: 3
Total number of interfaces active on R2 which belong to the area 0.0.0.0 these are lo, eth0 and eth1
Number of fully adjacent neighbors in this area: 4
number of neighbors discovered by the hello packets
Area has no authentication
we would set clear-text and also md5 authentication for ospf later in part 4
SPF algorithm executed 24 times
Number of LSA 6
Number of Link State Advertisements in the OSPF Database, the following is a detail of each type of LSA
Number of router LSA 4. Checksum Sum 0x00017850
Number of network LSA 2. Checksum Sum 0x00017098
Number of summary LSA 0. Checksum Sum 0x00000000

It’s Obvious that we don’t have ASBR’s since all of our routers are in the same area, relatively none NOT SO STUBBY AREAS NSSA’s and OPAQUE areas and links.
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000


CONTINUE TO PART 4 - OSPF AUTHENTICATION
  Fri, 14 Mar 2008 21:45:00 +0100

R1 Configuration
Well after you have made sure you have connectivity, let’s configure OSPF on our interfaces on R1 and see the effects.

vyatta@r1:~$ configure
vyatta@r1# set protocols ospf area 0.0.0.0
vyatta@r1# set protocols ospf area 0.0.0.0 network 127.1.1.0/24
vyatta@r1# set protocols ospf area 0.0.0.0 network 10.10.10.0/24
vyatta@r1# set protocols ospf parameters router-id 127.1.1.1
vyatta@r1# set protocols ospf log-adjacency-changes

After configuring the R1 interfaces with OSPF lets take a look at its routing table:

vyatta@r1:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/24 [110/10] is directly connected, eth0, 00:12:21
C>* 10.10.10.0/24 is directly connected, eth0
C>* 127.1.1.0/24 is directly connected, lo

As you see an extra OSPF route has been calculated and added to the routing table on R1 but the fact is that the OSPF route has an administrative cost of 110 while we already have the same route with a cost of 1 which is the directly connected interface and according to the routing table the directly connected route is selected over the OSPF route because of the lower cost it carries with itself. On the other hand we still have not exchanged any other routes with other routers, well this is a fact and the reason is that we haven't yet configured any other router with OSPF yet, now let’s take a look at R1 OSPF database.


vyatta@r1:~$ show ip ospf database
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq# CkSum Link count
127.1.1.1 127.1.1.1 757 0x80000002 0x95f2 2

According to the db or R1 the loopback ip address has been chosen as the id and that’s what we configured before, the advertising router is also the loopback address, the age of the route link state entry is 757 second old, the sequence number is at 0x80000002and every change to the database increments the sequence number and the finally the checksum and the total number of active links on the router which is 2 and the reason is that we only defined ospf for 2 existing interfaces on the router. we still don’t have any network LSA’s and the reason is that R1 is the only OSPF router in the network.

We don’t have any network LSA’s yet so let’s take a look at the router LSA database in detail

vyatta@r1:~$ show ip ospf database router
OSPF Router with ID (127.1.1.1)
Router Link States (Area 0.0.0.0)
LS age: 802
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x1
Flags: 0x0
LS Type: router-LSA
Link State ID: 127.1.1.1
Advertising Router: 127.1.1.1
LS Seq Number: 80000002
Checksum: 0x95f2
Length: 48
Number of Links: 2
Link connected to: Stub Network
(Link ID) Net: 10.10.10.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metric: 10
since we yet don’t have any neighbors defined the network would be considered as a stub network
Link connected to: Stub Network
(Link ID) Net: 127.1.1.1
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metric: 10

Lets take a look at the interfaces we configured for the OSPF protocol

vyatta@r1:~$ show ip ospf interface
eth0 is up
ifindex 2, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,MULTICAST>
Internet Address 10.10.10.1/24, Broadcast 10.10.10.255, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 127.1.1.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 127.1.1.1, Interface Address 10.10.10.1
No backup designated router on this network
Multicast group memberships: OSPFAllRouters OSPFDesignatedRouters
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in 6.701s
Neighbor Count is 0, Adjacent neighbor count is 0

The internet address is the interface ip address, so don’t get confused with that one. since the interface is connected to a ethernet network the network type is considered to be a broadcast type. The interface holds a cost o