In this design I decided to summarize all OSPF information I’ve got during my CCNP preparations. You can find here OSPF basic configuration, route summarization, stub areas, linked areas, route redistribution from EIGRP to OSPF and vice versa, authentication, etc.
Step 1: Basic network configuration
The draft above shows complete network design, some parts must be already configured:
1) There are three ABR routers in Area 0, one of them is ASBR, because it has connections outside OSPF routing domain.
2) Different OSPF areas: Area 0 is the backbone area, Areas 3 is the regular areas, Area 5 is transit, Area 10 is linked area (I’ll show later how to link it).
3) R5 is the EIGRP router, the same will be also configured on R1 in additional to OSPF.
4) Configure IP ranges and loopback interfaces on R5, R8 and on ISP (Internet connectivity emulation).
Every router has loopback IP according to its name (1.1.1.1 for R1, 8.8.8.8 for R8…).
5) To check Internet connectivity NAT overload must be configured on R1 to reach 50.50.1.1.
I’m not going to show here how to configure all above mentioned, because it’s not a problem for a typical CCNP student. Anyway, you can find all router config files in the end of this note.
Step 2: Basic OSPF configuration
R1
First, disable OSPF on link to ISP:
R1(config)# router ospf 1 R1(config-router)# passive-interface FastEthernet0/1
Advertise networks:
R1(config-router)# network 1.1.1.1 0.0.0.0 area 0 R1(config-router)# network 10.0.0.0 0.0.0.3 area 0 R1(config-router)# network 10.0.1.0 0.0.0.3 area 0 R1(config-router)# ex
Add and distribute to OSPF default route:
R1(config)# ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 R1(config)# router ospf 1 R1(config-router)# default-information originate
R2
R2(config)# router ospf 1 R2(config-router)# network 2.2.2.2 0.0.0.0 area 3 R2(config-router)# network 10.0.0.0 0.0.0.3 area 0 R2(config-router)# network 172.16.0.0 0.0.0.3 area 3
R3
R3(config)# router ospf 1 R3(config-router)# network 3.3.3.3 0.0.0.0 area 5 R3(config-router)# network 10.0.1.0 0.0.0.3 area 0 R3(config-router)# network 172.16.1.0 0.0.0.3 area 5
R6
R6(config)# router ospf 1 R6(config-router)# network 6.6.6.6 0.0.0.0 area 3 R6(config-router)# network 172.16.0.0 0.0.0.3 area 3
R7
R7(config)# router ospf 1 R7(config-router)# network 7.7.7.7 0.0.0.0 area 5 R7(config-router)# network 172.16.1.0 0.0.0.3 area 5 R7(config-router)# network 172.16.100.0 0.0.0.3 area 10
R8
R8(config)# router ospf 1 R8(config-router)# network 8.8.8.8 0.0.0.0 area 10 R8(config-router)# network 80.80.0.0 0.0.0.255 area 10 R8(config-router)# network 80.80.1.0 0.0.0.255 area 10 R8(config-router)# network 80.80.2.0 0.0.0.255 area 10 R8(config-router)# network 80.80.3.0 0.0.0.255 area 10 R8(config-router)# network 172.16.100.0 0.0.0.3 area 10
Step 3: Virtual linking
Routers R1, R2, R3, R6 can’t see any routes from R8, because Area 10 is not connected to backbone Area 0.
According to Cisco recommendations all areas must be connected to backbone area, but sometimes it’s not possible to do, so, there is one solution to fix this: connect Area 10 to Area 0 using Area 5 as transit area, using virtual links. We need to configure routers R3 and R7 for this:
R3
R3(config)# router ospf 1 R3(config-router)# area 5 virtual-link 7.7.7.7
R7
R7(config)# router ospf 1 R7(config-router)# area 5 virtual-link 3.3.3.3
So, now every router knows routes to R8 networks like 80.80.0.0 and 8.8.8.8 and R8 gets default route and can reach Internet.
Step4: Stubbing
To reduce routing information advertised and to reduce CPU usage on routers we can configure stub area. In this case ABR drops all external or even internal routes replacing them with default route. In our design we are configuring totally stubby area to replace both types. The best candidate for this is Area 3 and R6 to be stubbed, but it also must be configure on ABR R2:
R6(config)# router ospf 1 R6(config-router)# area 3 stub no-summary R8(config)# router ospf 1 R8(config-router)# area 3 stub no-summary
R6 should see only routes below after this:
2.0.0.0/32 is subnetted, 1 subnets O 2.2.2.2 [110/2] via 172.16.0.2, 01:23:47, FastEthernet0/0 6.0.0.0/32 is subnetted, 1 subnets C 6.6.6.6 is directly connected, Loopback0 172.16.0.0/30 is subnetted, 1 subnets C 172.16.0.0 is directly connected, FastEthernet0/0 O*IA 0.0.0.0/0 [110/2] via 172.16.0.2, 01:23:47, FastEthernet0/0
Step 5: Redistribution
Let’s configure EIGRP on R5 first:
R5(config)# router eigrp 100 R5(config-router)# no auto-summary R5(config-router)# network 30.30.0.0 0.0.0.255 R5(config-router)# network 30.30.1.0 0.0.0.255 R5(config-router)# network 192.168.0.0 0.0.0.3 R5(config-router)# network 192.168.10.0
Now we need to do almost the same on R1, but we need also to inject default route into EIGRP using “redistribute static”:
R1(config)# router eigrp 100 R1(config-router)# no auto-summary R1(config-router)# redistribute static R1(config-router)# network 192.168.0.0 0.0.0.3
To inject EIGRP routes into OSPF we need to do the next:
R1(config)# router ospf 1 R1(config-router)# redistribute eigrp 100 subnets
After issuing this command every OSPF router can see next routes:
R2#sh ip ro | i E2 E1 - OSPF external type 1, E2 - OSPF external type 2 O E2 192.168.10.0/24 [110/20] via 10.0.0.2, 01:35:36, Serial1/0 O E2 192.168.0.0 [110/20] via 10.0.0.2, 01:35:36, Serial1/0 O E2 30.30.0.0 [110/20] via 10.0.0.2, 00:00:02, Serial1/0 O E2 30.30.1.0 [110/20] via 10.0.0.2, 00:00:07, Serial1/0 O*E2 0.0.0.0/0 [110/1] via 10.0.0.2, 01:35:36, Serial1/0
To make this routers type E1 previous command should be:
R1(config-router)# redistribute eigrp 100 subnets metric-type 1
In this case internal area cost is added to the seed metric.
It’s also possible to inject OSPF routes into EIGRP using the next commands:
R1(config)# router eigrp 100 R1(config-router)# default-metric 100000 10 255 1 1500 R1(config-router)# redistribute ospf 1
But this is not necessary in this design, because R5 already has had default route with next hop to R1 and it will find all routes of OSPF domain.
Step 6: Summarization
To make routing tables shorter it’s always nice to make summarization. And it also helps to reduce CPU usage on routers.
For R8 with its 80.80.x.x networks we can implement internal summarization, but we can’t do this on R8 itself, it’s possible to make this only on ABR. This is R7 in our case:
R7(config)# router ospf 1 R7(config-router)# area 10 range 80.80.0.0 255.255.252.0
Checking on remote router R2:
R2#sh ip ro | i 80 80.0.0.0/22 is subnetted, 1 subnets O IA 80.80.0.0 [110/131] via 10.0.0.2, 01:47:29, Serial1/0
In case of 30.30.x.x routes from R5 we should configure external summarization on R1:
R1(config)# router ospf 1 R1(config-router)#summary-address 30.30.0.0 255.255.254.0
Checking:
R2#sh ip ro | i 30 30.0.0.0/23 is subnetted, 1 subnets O E2 30.30.0.0 [110/20] via 10.0.0.2, 00:00:52, Serial1/0
Step 7: Authorization
To make our design secure we should implement md5 authorization. Issue commands below for each interface on each router considering area numbers:
R1(config)# int f0/1 R1(config-if)# ip ospf message-digest-key 1 md5 0 boobs R1(config-if)# ip ospf authentication message-digest R1(config-if)# ex R1(config-if)# router ospf 1 R1(config-router)# area 0 authentication message-digest
Step 8: Troubleshoot
Some useful troubleshoot commands:
Router#show ip protocol Router#show ip route Router#show ip route ospf Router#show ip ospf Router#show ip ospf int brief Router# show ip ospf virtual-links Router#show ip ospf border-routers Router#show ip ospf database Router#show ip ospf database summary Router#show ip ospf interface Router#show ip ospf neighbor detail Router#debug ip ospf events Router#debug ip ospf adjacency
Summary
R1
! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 ip address 192.168.0.1 255.255.255.252 ip nat inside ip virtual-reassembly speed 100 full-duplex ! interface FastEthernet0/1 ip address 200.0.0.2 255.255.255.252 ip nat outside ip virtual-reassembly speed 100 full-duplex ! interface Serial1/0 ip address 10.0.0.2 255.255.255.252 ip nat inside ip virtual-reassembly delay 2000 serial restart-delay 0 ! interface Serial1/1 ip address 10.0.1.2 255.255.255.252 ip nat inside ip virtual-reassembly serial restart-delay 0 ! router eigrp 100 redistribute static network 192.168.0.0 0.0.0.3 no auto-summary ! router ospf 1 log-adjacency-changes summary-address 30.30.0.0 255.255.254.0 redistribute eigrp 100 subnets passive-interface FastEthernet0/1 network 1.1.1.1 0.0.0.0 area 0 network 10.0.0.0 0.0.0.3 area 0 network 10.0.1.0 0.0.0.3 area 0 default-information originate ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 ! ! no ip http server no ip http secure-server ip nat inside source list 1 interface FastEthernet0/1 overload ! access-list 1 permit any !
R2
! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 ip address 172.16.0.2 255.255.255.252 speed 100 full-duplex ! interface Serial1/0 ip address 10.0.0.1 255.255.255.252 serial restart-delay 0 ! router ospf 1 log-adjacency-changes area 3 stub no-summary network 2.2.2.2 0.0.0.0 area 3 network 10.0.0.0 0.0.0.3 area 0 network 172.16.0.0 0.0.0.3 area 3 !
R3
! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0 ip address 172.16.1.2 255.255.255.252 speed 100 full-duplex ! interface Serial1/1 ip address 10.0.1.1 255.255.255.252 serial restart-delay 0 ! router ospf 1 log-adjacency-changes area 5 virtual-link 7.7.7.7 network 3.3.3.3 0.0.0.0 area 5 network 10.0.1.0 0.0.0.3 area 0 network 172.16.1.0 0.0.0.3 area 5 !
R5
! interface Loopback1 ip address 30.30.0.1 255.255.255.0 ! interface Loopback2 ip address 30.30.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 192.168.0.2 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 192.168.10.1 255.255.255.0 speed 100 full-duplex ! ! router eigrp 100 network 30.30.0.0 0.0.0.255 network 30.30.1.0 0.0.0.255 network 192.168.0.0 0.0.0.3 network 192.168.10.0 no auto-summary !
R6
! interface Loopback0 ip address 6.6.6.6 255.255.255.255 ! interface FastEthernet0/0 ip address 172.16.0.1 255.255.255.252 speed 100 full-duplex ! router ospf 1 log-adjacency-changes area 3 stub no-summary network 6.6.6.6 0.0.0.0 area 3 network 172.16.0.0 0.0.0.3 area 3 !
R7
! interface Loopback0 ip address 7.7.7.7 255.255.255.255 ! interface FastEthernet0/0 ip address 172.16.1.1 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 172.16.100.1 255.255.255.252 speed 100 full-duplex ! ! router ospf 1 log-adjacency-changes area 5 virtual-link 3.3.3.3 area 10 range 80.80.0.0 255.255.252.0 network 7.7.7.7 0.0.0.0 area 5 network 172.16.1.0 0.0.0.3 area 5 network 172.16.100.0 0.0.0.3 area 10 !
R8
! interface Loopback0 ip address 80.80.0.1 255.255.255.0 ! interface Loopback1 ip address 80.80.1.1 255.255.255.0 ! interface Loopback2 ip address 80.80.2.1 255.255.255.0 ! interface Loopback3 ip address 80.80.3.1 255.255.255.0 ! interface Loopback5 ip address 8.8.8.8 255.255.255.255 ! interface FastEthernet0/0 ip address 172.16.100.2 255.255.255.252 speed 100 full-duplex ! router ospf 1 log-adjacency-changes network 8.8.8.8 0.0.0.0 area 10 network 80.80.0.0 0.0.0.255 area 10 network 80.80.1.0 0.0.0.255 area 10 network 80.80.2.0 0.0.0.255 area 10 network 80.80.3.0 0.0.0.255 area 10 network 172.16.100.0 0.0.0.3 area 10 !
ISP
! interface Loopback0 ip address 50.50.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 200.0.0.1 255.255.255.252 speed 100 full-duplex !
THE END
Just my Notes... 