ROUTE Notes – OSPF Neighbor Relationships
Feel free to correct.
Study Questions
- What are the definitions of the hello and dead intervals?
The hello intervals is how often a router sends hello messages. The dead interval is how long to wait before considering a neighbor dead from lack of hello messages; this is 4x the hello interval by default.
- How do you keep OSPF from trying to detect neighbors on an interface?
Don’t configure a network statement for that interface
Make that interface passive
- What type of routers connect to multiple areas?
Area border router (ABR)
- What fields in the hello packet need to match in order for a router to neighbor with another via OSPF?
Subnet
Area
Hello and dead intervals
IP MTU
Authentication method
Authentication key
- What’s another way to put an interface into an OSPF area other than the old network statement?
R1(config-if)#ip ospf 1 area 0
- Don’t the process IDs have to match?
No.
- How is the router ID calculated?
The router ID is discovered just as EIGRP does it. First, it looks for a route-id command. If one does not exist, the highest IP of on a up/up loopback interface is used. If one does not exist, the highest IP of the rest of the up/up interfaces is used.
- What is the protocol, source, and destination in an OSPF hello packet?
OSPF used protocol 89 (not TCP or UDP) sourced from the interface sending the packet to 224.0.0.5.
- What happens after neighbors are brought up successfully?
Topology databases are exchanged. Each router sends all the information it has about the area to its new neighbor.
- What would happen if the MTUs of two potential neighbors was different?
The routers will become neighbors, but the topology exchange will not occur successfully. [I think I’m missing a piece here. This seems very prescriptive in a situation where I would expect more chaos.]
- What types of authentication can be configured with OSPF?
None (type 0)
Cleartext (type 1)
MD5 hash (type 2)
- How do you configure a router to use MD5 authentication with OSPF?
R1(config-router)#area 0 authentication message-digest
- That didn’t work. What are we missing?
You have to set the key, dummy. Do that on the interface.
R1(config-if)#ip ospf message-digest-key 1 md5 KEY
- What is a DR? How about a BDR?
A designated router (DR) is a router that has been elected to advertise all the router for a multi-access segment (like a LAN segment). Every time a change occurs in the network, the router that detected it will notify the DR, who will then relay the information to the other routers on that segment. The backup designated router (BDR) takes over that functionality if the DR fails.
- What are the default hello intervals for broadcast, point-to-point, NBMA, and point-to-multipoint interfaces?
Broadcast: 10 sec
P-P: 10 sec
NBMA: 30
P-M: 30
- How do you change the default hello timer?
R1(config-if)#ip ospf hello-interval X
- What types of segments use DRs and BDRs?
Only broadcast and NBMA segments use DRs and BDRs.
- What are some important states of an OSPF neighbor? [Yes, there are others.]
INIT: A router has received a hello from another router, but its own hello has not been acknowledged.
2WAY: A router has received a hello and a acknowledgement from another router
EXSTART: The DRs and BDRs are elected, and exchanges are beginning with them
FULL: The router has successfully exchanged topology data with the neighbor
What Command Was That?
What command…
- …shows all the OSPF neighbors?
show ip ospf neighbor
- …shows the number of OSPF neighbors on an interface?
show ip ospf interface
– OR –
show ip ospf interface brief
- …shows the DR and BDR on an interface?
show ip ospf interface
- …shows the authentication method used?
show ip ospf interface
- …shows the hello and dead intervals configured on the router?
show ip ospf interface
- …shows the OSPF network type for an interface?
show ip ospf interface
- …shows the state of a neighbor?
show ip ospf neighbor
– OR –
show ip ospf neighbor detail
- Generating Network Diagrams from Netbox with Pynetbox - August 23, 2023
- Out-of-band Management – Useful Beyond Catastrophe - July 13, 2023
- Overlay Management - July 12, 2023
Also, you’re missing a few weird border cases with the OSPF router ID selection:
http://blog.ioshints.info/2009/04/ospf-router-id-selection-all-details.html
Last but not least, all multi-access segments (every subnet that could potentially have more than two routers connected to it) use DR/BDR – effectively this means anything but P2P links (and even P2P Ethernet needs a DR/BDR) … unless, of course, you configure network type point-to-multipoint 😉
You can also change the OSPF network type on a P2P link to force DR election … or change an Ethernet into a point-to-point link with potentially interesting side effects.
Oh, the wonderfully weird world (WWW?) of OSPF 😀
http://itcertguides.blogspot.com/2010/02/ccnp-ospf-chapters.html
It looks like your blog marks me as spammer the moment I include two links in a comment. OK, fair.
Here’s what happens if you have an MTU mismatch: MTU is carried in DBD packet and if there’s a mismatch the receiving router drops the packet. The neighbors stay stuck in EXSTART state for a while (until there’s a timeout) and then drop back to INIT state, only to reenter EXSTART after the next HELLO packet.
http://blog.ioshints.info/2007/10/ospf-neighbors-stuck-in-exstart.html
And here’s the second link: You can turn off the MTU check, but then some really weird things can happen if the router is not able to receive oversized frames:
http://blog.ioshints.info/2009/11/ip-ospf-mtu-ignore-is-dangerous-command.html
Thanks for all the input, Ivan. I’m adding a search of your blog to my list of sources to check if I’m researching a topic. 🙂
Regarding the MTU mismatch, I was thinking that a neighbor would just ignore the packets that included an MTU that was a mimatch, but the cert guide I’m studying only says the “two routers will not exchange topology information.” It does explain what would happen, but there’s no mention of why. Maybe later chapters will explain.
Re MTU mismatch: Some routers cannot receive oversized packets, so the OSPF flooding process might randomly hang up.
DBD (initial database exchange) packets thus contain MTU field which allows the routers to verify whether they can safely communicate or not. If the MTU in the received packet is larger than the interface MTU, the router drops the packet and the neighbors stay stuck in EXSTART state (= I’ve seen the neighbor and I’ve sent him my first DBD packet) until the timeout expires and the quarter-baked adjacency is cleared.