|« Rsync On CentOS 5.6||Networking Appliances Explained »|
|posted in Cisco Networking|
|by Reggle on December 1st, 2011||tags: Cisco, GNS3, OSPF|
The topology above is an example network, consisting of four OSPF areas (one backbone, area 0) and one external EIGRP area. I’ve set up an IP addressing scheme using 10.0.0.0/8 for OSPF and 172.16.0.0/12 for EIGRP. In case you didn’t notice, the second part of the IP address is the same as the area number (10.x.0.0 for area x).
All interfaces are configured with the correct IP addresses, OSPF and EIGRP have been configured correctly and are running. Basic redistribution between the two routing protocols is done on router R5 and also works fine. Here’s the output of ‘show ip route’ on router R0 in area 5:
Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks O E2 172.16.0.0/24 [110/20] via 10.5.3.2, 00:18:54, FastEthernet0/1 O E2 172.16.1.0/30 [110/20] via 10.5.3.2, 00:19:39, FastEthernet0/1 10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks O IA 10.0.0.8/30 [110/20] via 10.5.3.2, 00:36:09, FastEthernet0/1 O IA 10.15.1.0/30 [110/40] via 10.5.3.2, 00:31:07, FastEthernet0/1 O IA 10.15.0.0/24 [110/50] via 10.5.3.2, 00:28:57, FastEthernet0/1 O IA 10.0.0.0/29 [110/30] via 10.5.3.2, 00:33:51, FastEthernet0/1 C 10.5.3.0/30 is directly connected, FastEthernet0/1 C 10.5.2.0/24 is directly connected, FastEthernet1/0 C 10.5.0.0/23 is directly connected, FastEthernet0/0 O IA 10.25.0.0/30 [110/40] via 10.5.3.2, 00:27:00, FastEthernet0/1
The other routers in the OSPF area show similar routing tables. While this configuration works, it’s not that efficient in larger networks in particular. The more routers that are added, the more routes are stored in the routing table using up memory. Dividing the network in areas works, but only if you do something with those areas.
So what can you do with those areas? There are several options: assign them a specific role, or filter the routing table. First something about area roles: these influences how Link-State Advertisements (LSA) are sent, which OSPF routers send to each other to inform about connected and learned routes. These LSAs are gathered in a database. Here’s the output of router R2′s database:
R2#show ip ospf database OSPF Router with ID (10.0.0.10) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 10.0.0.10 10.0.0.10 572 0x80000004 0x00E2C3 2 10.5.3.2 10.5.3.2 767 0x80000003 0x008355 1 10.15.1.1 10.15.1.1 469 0x80000004 0x005284 1 10.25.0.1 10.25.0.1 191 0x80000004 0x00A91A 1 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.0.0.2 10.0.0.10 319 0x80000003 0x006F58 10.0.0.9 10.5.3.2 767 0x80000002 0x00A349 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.5.0.0 10.5.3.2 767 0x80000002 0x00E81D 10.5.2.0 10.5.3.2 767 0x80000002 0x007D8E 10.5.3.0 10.5.3.2 767 0x80000002 0x0056B8 10.15.0.0 10.15.1.1 469 0x80000002 0x0039BA 10.15.1.0 10.15.1.1 473 0x80000002 0x00B748 10.25.0.0 10.25.0.1 194 0x80000002 0x0001EC Summary ASB Link States (Area 0) Link ID ADV Router Age Seq# Checksum 172.16.1.1 10.25.0.1 1748 0x80000001 0x001C33 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 172.16.0.0 172.16.1.1 1699 0x80000003 0x00BE64 0 172.16.1.0 172.16.1.1 1754 0x80000001 0x00A581 0
The router link states (type 1 LSAs) are advertisements from the routers in the area and can’t be influenced. They’re the same for every router in an area. Four routers, four LSAs. The net link states (type 2 LSAs) are advertisements coming from a Designated Router (DR) announcing a subnet. There are two subnets in area 0, so two LSAs. These can be influenced. The third type are LSAs from an Area Border Router, announcing inter-area routes. Six subnets outside area 0, six type 3 LSAs. These can be influenced, but not in the backbone area (area 0). The fourth and fifth types of LSA are to announce an Autonomous System Border Router (ASBR) and routes external to the OSPF network, respectively. They can be influenced everywhere except in the backbone area too.
First, type 2 LSA advertisements. They provide additional information in case of a broadcast subnet, like Ethernet. But when there are only two routers on a subnet, it’s better to make it a point-to-point link. This way, no type 2 LSA is generated, though the type 1 LSA for that link still is, and the routers communicate directly instead of selecting a DR. You can change the interface type with the ‘ip ospf network’ command on the interfaces at both sides of the link:
R2(config)#int f0/0 R2(config-if)#ip ospf network point-to-point
The same is done on f0/0 of router R31. Here’s part of the new database output, with just one link-state now:
Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.0.0.2 10.0.0.10 1218 0x80000003 0x006F58 Next LSA type 5, external routes. By making an area a stub area, you prevent the ABR from flooding type 5 LSA in the area, instead announcing a default route. The command has to be applied to every router in that area. For example, I make area 5 a stub area using the command 'area 5 stub' on routers R0 and R1. After this, the link-state database of R0 doesn't have any type 5 LSA anymore. The routing table has changed too:Gateway of last resort is 10.5.3.2 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks O IA 10.0.0.8/30 [110/20] via 10.5.3.2, 00:08:42, FastEthernet0/1 O IA 10.15.1.0/30 [110/40] via 10.5.3.2, 00:08:42, FastEthernet0/1 O IA 10.15.0.0/24 [110/50] via 10.5.3.2, 00:08:42, FastEthernet0/1 O IA 10.0.0.0/29 [110/30] via 10.5.3.2, 00:08:42, FastEthernet0/1 C 10.5.3.0/30 is directly connected, FastEthernet0/1 C 10.5.2.0/24 is directly connected, FastEthernet1/0 C 10.5.0.0/23 is directly connected, FastEthernet0/0 O IA 10.25.0.0/30 [110/40] via 10.5.3.2, 00:08:43, FastEthernet0/1 O*IA 0.0.0.0/0 [110/11] via 10.5.3.2, 00:08:43, FastEthernet0/1
That’s two routes less than before. But if you make it a totally stubby area, you can filter out the inter-area routes too. The command is ‘area 5 stub no-summary’ on the ABR, R1. It’s not needed on the internal routers (they still need to be stub, though). After this command is done, all type 3 LSA are gone from the link-state database of R1, and the routing table is small and efficient:
Gateway of last resort is 10.5.3.2 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks C 10.5.3.0/30 is directly connected, FastEthernet0/1 C 10.5.2.0/24 is directly connected, FastEthernet1/0 C 10.5.0.0/23 is directly connected, FastEthernet0/0 O*IA 0.0.0.0/0 [110/11] via 10.5.3.2, 00:01:11, FastEthernet0/1
Note that you have to consider if it’s really an advantage to use these commands if there are multiple ABRs because some inter-area routes may take more hops or a slower route using the default route.
The other method, filtering the routing table, requires more thought, but is easier if there are multiple ABRs. This doesn’t influence any sent or received LSAs, but can make the routing table shorter and more efficient. I’m using the following prefix-list:
R8(config)#ip prefix-list PFX-NoLinks permit 0.0.0.0/0 le 26
This defines a prefix-list, name PFX-NoLinks, which will permit any route (0.0.0.0/0) which has 26 or less network-bits. So anything smaller than a /26 (62 hosts) is filtered because of the implicit deny. This can be used on a router towards end users, like R8, who don’t need to reach any of the internal links in the backbone area, just other host subnets. To apply it between the OSPF process and the routing table:
R8(config)#router ospf 1 R8(config-router)#distribute prefix PFX-NoLinks in
The result is clear in the routing table:
Gateway of last resort is not set 172.16.0.0/24 is subnetted, 1 subnets O E2 172.16.0.0 [110/20] via 10.15.1.1, 00:00:41, FastEthernet0/0 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks C 10.15.1.0/30 is directly connected, FastEthernet0/0 C 10.15.0.0/24 is directly connected, FastEthernet0/1 O IA 10.5.2.0/24 [110/41] via 10.15.1.1, 00:00:41, FastEthernet0/0 O IA 10.5.0.0/23 [110/50] via 10.15.1.1, 00:00:41, FastEthernet0/0
Except for a connected route (not handled by OSPF), nothing smaller than a /24 can be seen. Pinging between the host subnets still works.
These are a few methods to improve performance in larger OSPF networks, but certainly not the only ones. Thanks for reading!
About the Author
A thread has been created on the site forum specifically for commenting on this blog post.