Basic OSPF Configuration

Basic OSPF Commands

Router(config)# router ospf <process-id>

Creates the OSPF process with the selected ID and enters its configuration mode.

Router(config-router)# network <prefix> <wildcard_mask> area <area_id>

This command does two things:
One, selects which interfaces will be part of the OSPF process - all interfaces that are matched by the prefix coupled with the wildcard mask will participate in OSPF.
Two, selects which directly connected routes will be advertised - all directly connected networks that are matched by the prefix coupled with the wildcard mask will be advertised.

The wildcard mask can be considered the inverse of the subnet mask. All bits that are set to 0 will have to be equal, while all bits set to 1 can be anything.
For example, this prefix+wildcard combination: 192.168.0.0 0.0.0.255, matches all IP addresses in the range 192.168.0.0 - 192.168.0.255, because all the wildcard bits in the last byte are set to 1, which means only the 192.168.0 part of the IP address has to match.

Router(config-router)# passive-interface <interface>

This command disables the OSPF Hello Messages on the specified interface. It is used mostly on Loopback interfaces to prevent process cycles being used on unnecessary updates and on Tunnel interfaces to prevent routing loops. It is a best practice to issue this command for loopback interfaces and interfaces that do not run OSPF. The network will still be advertised.


Configuration Example

Topology

c2ospf1.png

Description

We have three routers, router R1 being connected to the Internet Service Provider. Our objective is to offer connectivity to the loopback networks on R2 and R3 to 200.200.200.1 representing the internet.

We will simulate the networks 192.168.0.0/24 and 192.168.1.0/24 on router R2 and networks 192.168.2.0/24 and 192.168.3.0/24 on R3 by assigning them to loopback interfaces. For the connections between routers we will use /30 subnets from the network 192.168.255.0/24.

For this to work, ISP needs a static route to our network:

ISP(config)# ip route 192.168.0.0 255.255.0.0 141.85.10.2

The ISP will never have this kind of route, this is just for lab testing purposes. They will have a route to your public address space.

Configuration

To enter an OSPF process, we use this command:

R1(config)# router ospf 1

1 is the process id on the local router. This is entirely up to you and has no global significance. You will probably want all your OSPF routers to have the same process id for easier maintenance, but there are no process id requirements for OSPF to work.

Once in the OSPF process, we tell it what interfaces it will run OSPF on and which area that interface is in:

R1(config-router)# network 192.168.255.1 0.0.0.0 area 0
R1(config-router)# network 192.168.255.5 0.0.0.0 area 0

The IP addresses are the ones configured on the interfaces. This tells the router to run OSPF on the interfaces which match the network statements above, and to put them in area 0.

I use the interface IP address with the quad 0 wildcard mask, because it specifies exactly what interfaces I want. This could have been accomplished using the ip address 192.168.255.0 with a wildcard mask of 0.0.0.255 and it would have matched both interfaces at once. Although this is fine for now, in the future it will also match any interface on which I set an IP address from the 192.168.255.0/24 subnet.

It is not necessary to advertise the 141.85.10.0/30 subnet because our hosts do not generally need to have connectivity to the link between our border router and the ISP.

On to router R2:

R2(config)# router ospf 1
R2(config-router)# network 192.168.255.2 0.0.0.0 area 0
R2(config-router)# network 192.168.255.9 0.0.0.0 area 0
R2(config-router)# network 192.168.0.0 0.0.0.255 area 0
R2(config-router)# network 192.168.1.0 0.0.0.255 area 0

As soon as the first network command is entered, OSPF forms an adjacency with neighbor R1:

%OSPF-5-ADJCHG: Process 1, Nbr 192.168.255.5 on Serial0/1 from LOADING to FULL, Loading Done

The network commands for subnets 192.168.0.0/24 and 192.168.1.0/24 work with a quad 0 wildcard mask as well, but the exact IP address must be specified. You can see the routes starting to appear on router R1 already:

R1#sh ip route
141.85.0.0/30 is subnetted, 1 subnets
C 141.85.10.0 is directly connected, Serial0/0
192.168.255.0/30 is subnetted, 3 subnets
C 192.168.255.4 is directly connected, Serial0/2
C 192.168.255.0 is directly connected, Serial0/1
O 192.168.255.8 [110/128] via 192.168.255.2, 00:00:12, Serial0/1
192.168.0.0/32 is subnetted, 1 subnets
O 192.168.0.1 [110/65] via 192.168.255.2, 00:00:12, Serial0/1
192.168.1.0/32 is subnetted, 1 subnets
O 192.168.1.1 [110/65] via 192.168.255.2, 00:00:13, Serial0/1

Notice that the simulated networks are advertised with a /32 mask. This is because OSFP considers loopback interfaces as stub hosts and will advertise them accordingly. This behavior can be changed. If these were actual physical interfaces, they would have been advertised with the correct mask.

Finally, router R3:

R3(config)# router ospf 1
R3(config-router)# network 192.168.255.6 0.0.0.0 area 0
R3(config-router)# network 192.168.255.10 0.0.0.0 area 0
R3(config-router)# network 192.168.2.0 0.0.0.255 area 0
R3(config-router)# network 192.168.3.0 0.0.0.255 area 0

The configuration is almost complete. Every host and router has connectivity inside the OSPF domain. We now need a default route to the internet. We could accomplish this with static routes or we could use OSPF to redistribute a default route.

For this, we need a static route on router R1 and we need to tell the OSPF process on R1 to advertise this default route to the entire domain:

R1(config)#ip route 0.0.0.0 0.0.0.0 141.85.10.1
R1(config)#router ospf 1
R1(config-router)#default-information originate

The default-information originate command instructs the router to redistribute its default route to the neighbors in its OSPF domain. This only happens if the router actually has a default route. This route can either be a static route or a route learned from another routing protocol.

We now have full connectivity and our loopback interfaces can ping the IP address in the internet:

R2#ping ip 200.200.200.1 source l0

Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/45/60 ms

R3#ping ip 200.200.200.1 source l0

Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.3.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/45/60 ms

The routing table on R1 should look like this:

R1#sh ip route
Gateway of last resort is 141.85.10.1 to network 0.0.0.0

141.85.0.0/30 is subnetted, 1 subnets
C 141.85.10.0 is directly connected, Serial0/0
192.168.255.0/30 is subnetted, 3 subnets
C 192.168.255.4 is directly connected, Serial0/2
C 192.168.255.0 is directly connected, Serial0/1
O 192.168.255.8 [110/128] via 192.168.255.6, 00:01:36, Serial0/2
[110/128] via 192.168.255.2, 00:01:36, Serial0/1
192.168.0.0/32 is subnetted, 1 subnets
O 192.168.0.1 [110/65] via 192.168.255.2, 00:01:37, Serial0/1
192.168.1.0/32 is subnetted, 1 subnets
O 192.168.1.1 [110/65] via 192.168.255.2, 00:01:37, Serial0/1
192.168.2.0/32 is subnetted, 1 subnets
O 192.168.2.1 [110/65] via 192.168.255.6, 00:01:37, Serial0/2
192.168.3.0/32 is subnetted, 1 subnets
O 192.168.3.1 [110/65] via 192.168.255.6, 00:01:38, Serial0/2
S* 0.0.0.0/0 [1/0] via 141.85.10.1

The other routing tables should look very similar. The big difference is that the default route is advertised by OSPF as an External Type 2 route:

O*E2 0.0.0.0/0 [110/1] via 192.168.255.5, 00:00:44, Serial0/2

It doesn't make much of a difference. It is considered an external route, just like any routes that are redistributed from other sources.

These final commands work for every dynamic routing protocol and are used for security and efficiency purposes.

R2(router-config)# passive-interface l0
R2(router-config)# passive-interface l1
R3(router-config)# passive-interface l0
R3(router-config)# passive-interface l1

This prevents the router from sending any OSPF messages and forming neighbor relationships on interfaces you do not want it to. You will always want to configure this for interfaces that connect to hosts and possibly on interfaces where you are running a different routing protocol, because the other side will only drop these packets. There is no reason to do an additional processing effort and occupy bandwidth sending useless messages.

An alternative to this is making every single interface passive using the passive-interface default command and then activating the interfaces you actually want to run OSPF:

R2(router-config)# passive-interface default
R2(router-config)# no passive-interface s0/1
R2(router-config)# no passive-interface s0/3
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License