ospf part 6: how ospf works? ospf process & Hello content

Hey there! To learn a protocol, always asks how it works. Always remember, protocol is  a set of procedures or set of rules. In ospf, there are actually 7 process or steps to achieve neighbor adjacency. Let us first enumerate those processes.

1.) Down

2.) INIT

3) 2-way

4.) Exstart

5.) Exhange

6.) Loading

7.) Full

1.) DOWN- There will be only two reasons why an ospf network would go down

a.)When an interface is configured with an stafic ospf neighbor

  • this will be topic which is covered on CCNP – route wherein instead that a hello message is sent to a multicast address, it will be sent to just unicast address

 

b.) When hello timer expires and then dead timer takes place.

For us to easily understand, those timers and multicast address that I am telling you. We will discuss first hello message content and its timer.

Hello Message Contents:

1.) Router-ID of local router- router-id of the router which will send hello message

2.) Area-ID- area id of the interface of the local router

3.) Address & Subnet Mask – address & subnet mask of the interface

4.) Authentication type- the password or passive interface configured on the router interface

5.) Hello & Dead Interval – there dyou go!- Hello and dead interval are check alive timers. Hello interval is a message sent by local router to check if neighbor routers are still alive. If neighbor routers did not response after  the default value of 10 seconds, it will wait for 40 seconds for it to declare that the neighbor is officially down. Please take note that 40 seconds is just the default value of ospf dead timer. The values can be also configured.

6.) Router interface priority – likewise I mentioned on the previous blog, priority is used on election of master-slave router. We will further discuss this as we  go on, but just to give you a hint, priority value is used who will be the first router to send its LSDB

7.) DR  & BDR information – let us make it simple, these can be compared to the master-slave routers. DR stands for designated router and BDR stands for back-up designated router. We will dig deeper on this on the next blog pages

8.) Router-ID of the local router’s neighbor – this appears on the neighbor table of the local router

Alright so those are the contents of the hello message which will be sent by the local router to the neighbor router and also the local router should expect those information to be sent by neighbor router to him.

Always remember mate, that there can be multiple protocols which also sends information like hello message or its counterpart. So, the question is how will a router knows that the hello message  is supposed to be sent to him.

17A1

On the image above, the question is how will neighbor router will know that it is that he is the recipient of the hello message? Also how will R3 would know that since EIGRP is configured to him, he is not recipient of the hello message? The message is sent with destination address of 224.0.0.5 which is a multicast address. I mean to say that the hello message is broadcast to the network but intended only to the group of routers that run OSPF protocol.

Let us say that R3 drops the packet since he is not the recipient of the hello message and R1, the neighbor router received the hello message of R2. What will happen next?

R1 will counter check the hello sent by R2. And the following should match:

1.) Area ID – if R1 is on area 0, R2 must be also on area 0

2.) Area type – we will discuss this further but just to give you a hint these are normal, stubby, not so stubby area., sounds very complex but we will discuss this as we go on

3.)Network address & Submet mask

4.) Hello & Dead intervals

5.) Authentication information

6.)Router-ID must be unique

***********************************************************************

OSPF STAGE 2: INIT

How we will transition from DOWN state to INIT ?

 

Here’s how it goes! Let play a scenario wherein R1 and R2 is trying to establish neighbor adjacency

Step1 ospf interface of R1 got activated,  R1 will create its own LSA, remember LSA? HEHE,  R1 will send hello message to its neighbor but since no neighbor routers got ospf activated, hello timer will expire and will proceed to dead timer.

Step2  ospf interface of R2 once got activated,R2 will create its own LSA, R2 will send hello to R1. (

Step3 R1 will counter check the hello message sent of R2

Step 4 once all the parameters are achieved, R1 will add R2 as its neighbor and then the OSPF  process will transition from DOWN to INIT, so let us define INIT stage

INIT STAGE – is when all hello parameters are and then the neighbor router is added on neighbor table of R1, it will remain on INIT stage until it received a hello with its own router-ID. Sound confusing? we will explain that further as we transition to 2-way

Step 5 – Since R1 already added R2 as its own neighbor, R1 will send hello message once again to R2 with hello message wherein the neighbor is R2. Since the hello message has R2’s router-id which will be sent to R2, therefore it is now the time to transition to 2-WAY

***********************************************************************

2-WAY –>  If a router received a hello from a neighbor and sees its own router-id

is included in the list of neighbor

Step 6

18a.png

Let us have a recap from step 5, since R1 is on INIT state and sent hello to R2 with its neighbor router-id as hello content, R2 will add R1 as its neighbor router and will skip to 2-way, Step 6  would be R2 will send hello to R1 with its R1’s router-id as hello content then  R1 will transition to 2-WAY. Once both routers are on 2-way state, it will transition to EXSTART

***********************************************************************

EXSTART – the process of election on routers who will send its DBD

DBD – database descriptor – summary of router-ids of all LSAs inside LSDB

Step 7 Election will be on master-slave process

Master- highest router -id

Slave – lowest router-id

***********************************************************************

EXCHANGE – when we already figured out the master and the slave among routers.

Step 8 On our case, R2 will be the one who will send DBDs. R1 will just confirm that R1 & R2 share the same DBD as a reply ro R2

***********************************************************************

LOADING – it is the process of checking the LSDB of those routers involved to verify that they share the same LSDB

Step 9 After exchange of DBDs , if there are some neighbor information that they missed, master router will send a link state request which will lead to link state update and link state acknowledgment. Here’s how it goes!

Let’s say:

R2 ( master) : hi R1 here  is my ospf database

R1 ( slave) : Got it master!  I will try to counter-check and double check it!

Let’s say R2 has a new network configured to its interface and that network will be 10.0.21.0/24

R1 ( slave): R2 ( master ) , it seems like I don’t have yet the new network 10.0.21.0/24 configured to your interface, can I request to have that one . – THIS IS WHAT WE CALL LINK STATE REQUEST

R2( master) : Ohh oaah! I missed to inform you that, ok  no worries, I will provide you that network as LINK STATE UPDATE

R1( slave): Thank you so much master, I hope that you consider this one as LINK STATE ACKNOWLEGMENT to inform you that I already received the new neighbor information that you got.

***********************************************************************

FULL- we are now done with the final OSPF process wherein we have full neighbor adjacency. Loading state will be finished if all the routers have the same LSDB

***********************************************************************

Just a quick summary of OSPF process!

18b

Oh yeah! Apologies if it is very lengthy  and boring but I hope that I was able to educate you today!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Advertisements

3.4 Configure, verify, and troubleshoot inter-VLAN routing

Finally got motivation to deal with inter-vlan routing. I just spoke with my idol, he is a network engineer in a known BPO company and he is one of those network engineers whom I don’t know personally but I admired him most. And yeah after almost 4 days of procrastination and being easily preoccupied, I am here trying to be the master of intervlan.

 

Need for inter-vlan routing:

The main purpose of VLAN is departmentalization or microsegmentation which means that a certain broadcast domain will be divided to VLAN broadcast domains. However, let us say that VLAN 10 would like to speak with VLAN 20, is there a possibility for VLANs to be connected? Yes, but we need the help of the router.

Be reminded that:

Devices within the same VLAN will only need a router to communicate with each other/ one another.

 

In the event that you would like devices from other vlan speak with one another, we will need the help of the router.

aaaaaa.PNG

If you want to do the network topology, the ip addresses are assigned above, the primary configurations are below:

GEN CONFIG

enable
conf t
line console 0
password cisco
logging sync
exec-timeout 20 30
login
exit
line vty 0 15
password cisco
logging sync
exec-timeout 20 30
login
exit
hostname SW3–> needs to be changed on each devices
enable secret class
service password-encryption
no ip domain-lookup
banner motd “AUTHORIZED ACCESS ONLY”
do wr

************************
@ SW1
vlan 10
name SALES
exit
vlan 20
name ACCOUNTING
exit
vlan 30
name IT
exit
vlan 40
name MARKETING
exit
******************************
@R1

conf t
int se 2/0
ip address 50.0.0.1 255.255.255.0
no shut
exit
int fa 0/0
ip address 192.168.1.1 255.255.255.0
no shut
exit
*******************************
@R2
conf t
int se 2/0
ip address 50.0.0.2 255.255.255.0
no shut
exit
int fa 0/0
ip address 172.16.50.1 255.255.255.0
no shut
exit
**********************************
conf t
vtp version 2
vtp domain cisco
vtp password class
vtp mode server

conf t
vtp version 2
vtp domain cisco
vtp password class
vtp mode server
*****************************
@ SW1
int range fa 0/1-2
switchport mode trunk
switchport trunk native vlan 1
switchport trunk allowed vlan 1,10,20,30,40,50
exit
conf t
vlan 50
name testvlan50
exit

@SW2
int range fa 0/1-2
switchport mode trunk
switchport trunk native vlan 1
switchport trunk allowed vlan 1,10,20,30,40,50
exit
int range fa 0/3-4
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa 0/3
switchport access vlan 10
exit
int fa 0/4
switchport access vlan 20
exit
@SW3
int range fa 0/1-2
switchport mode trunk
switchport trunk native vlan 1
switchport trunk allowed vlan 1,10,20,30,40,50
exit
int range fa 0/3-4
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa 0/3
switchport access vlan 30
exit
int fa 0/4
switchport access vlan 40
exit

***********************
@SW4

vlan 10
no name SALES
name IT
exit
vlan 20
no name ACCOUNTING
exit
vlan 30
no name IT
exit
vlan 40
no name MARKETING
exit

@SW1
int vlan 1
ip address 192.168.1.11 255.255.255.0
shut
no shut
exit

@SW2
conf t
int vlan 1
ip address 192.168.1.12 255.255.255.0
shut
no shut
exit

@SW3
conf t
int vlan 1
ip address 192.168.1.13 255.255.255.0
shut
no shut
exit
@SW4
conf t
int vlan 1
ip address 172.16.50.4 255.255.255.0
shut
no shut
exit

***********************************************************************

Let us verify:

a1.PNG

a2.PNG

a3

 

a4

a5

a6.PNG

 

a7

a8.PNG

a9.PNG

a10.PNG

a11.PNG

How inter-vlan routing  works?

Honestly, I made a research on how inter-vlan routing works, and yeah I got the best on top of the research however it took almost an hour for the explanation to be elaborated. My struggle is how will I make that as simple as possible

We have the network topology below that I hope could make inter-vlan routing

1230e

 

 

Goal: PC1 on different VLAN will connect to PC2 on another VLAN

Before we go any further lemme introduce you subinterfaces

Subinterfaces are like  logical interfaces like loopback interfaces, those are interfaces which are not physically connected to the router but logically connected.

The reason why we implement logical or subinterface because in order for every vlan to be connected to another vlan, they need to be connected to the vlan gateway. In order for us to locate vlan gateway, we must either

1.) connect interfaces for every vlan from switch to router

; it may be costly because routers only have limited ports and if there are 100 vlans , it may need 100 ports  and would require additional modules

2.) The best thing to do since VLANs are also logical LANs, we can connect logical interface or subinterface to routers, and those network addresses of subinterfaces will be automatically directly connected network address.

 

Let us pretend that PC1 already knows the MAC address of R1 ( known by sending broadcast). The encapsulation that PC1 will do is

 

Source IP address (SIP) : 192.168.10.5

Destination IP add (DIP) : ip address of PC2:192.168.20.5

Source MAC (SMAC):  PC1’s mac

Destination MAC ( DMAC): R1’s

The above encapsulation will be the content of the packet that PC 1 will be sending to SW1. SW1 already learned the SMAC because it is part of the process of PC1 learning R1’s MAC address. DMAC as well is already learned by SW1 and SW1  will just forward the packet to SW2. Since the link that connects SW1 and SW2 is a trunk link it will include a tagging vlan details which is the tagging detail of PC1 (vlan 10). SW2 already learned the source and destination MAC address of the packet and will just forward the packet to R1. Since it still came from a trunk port, it will add the VLAN 10 details on the encapsulation of the packet. R1 will accept the packet and will check its routing table. R1 sees that 192.168.20.5 is just part of the network which is directly connected to it. 192.168.20.0/24 is where 192.168.20.5 belongs, so R1 will have an encapsulation of the following:

SIP:192.168.10.5

DIP:192.168.20.5

SMAC: MAC address of R1

DMAC:MAC address of PC2

R1 will forward the packet to SW2 and since R1 interface is a trunk interface, it will enclose it with the encapsulation where 192.168.20.5 belongs and it is the VLAN 20. SW2 doesn’t know the MAC address of PC2, it will replace first the destination MAC address with a broadcast adddress and since it came from trunk interface, it will be encapsulated  with VLAN 20. SW2 will send it on all sw2  vlan 20 interfaces and as well the trunk interfaces.

SW1 will get the packet from SW2 with vlan 20 details and vlan 20 will send a broadcast request to all interfaces where vlan 20 belongs and luckily, PC2 is part of vlan 20.

That’s how PC1 sends packet to PC2 and how inter-vlan works.

This is also called Router on a Stick.

Let us first verify ping connection:

1.) PC1 will ping PC2

2.)PC2 will ping PC3

3.)PC4 will ping the server

4.) PC4 will ping R2

1.)1231a

2.)1231b

3.)1231c

4.)

123g

let us try to configure R1

conf t
int fa 0/0
no ip address
! we will remove the initial ip address on that
!interface
no shut
exit

int fa 0/0.1
ip address 192.168.1.1 255.255.255.0
! moving 192.168.1.1 from parent interface to subinterface

and you will see

1231e.PNG

The highlighted message would like to make sure that the interface that we are adding subinterface ip address has a defined trunking encapsulation which is either IEEE 802.1q (trunking standard) or ISL ( cisco proprietary standard)

so let’s get back with the configuration with the sytax

! encapsulation dot1q (vlan#)

 

int fa 0/0.1
ip address 192.168.1.1 255.255.255.0
! moving 192.168.1.1 from parent interface to subinterface
encapsulation dot1q 1
!syntax:! encapsulation dot1q (vlan#)
! this is to inform the router the subinterface’s vlan and its encapsulation
exit
int fa 0/0.10
ip address 192.168.10.1 255.255.255.0
encapsulation dot1q 10
!syntax:! encapsulation dot1q (vlan#)
! this is to inform the router the subinterface’s vlan and its encapsulation
exit
int fa 0/0.20
ip address 192.168.20.1 255.255.255.0
encapsulation dot1q 20
!syntax:! encapsulation dot1q (vlan#)
! this is to inform the router the subinterface’s vlan and its encapsulation
exit

int fa 0/0.30
ip address 192.168.30.1 255.255.255.0
encapsulation dot1q 30
!syntax:! encapsulation dot1q (vlan#)
! this is to inform the router the subinterface’s vlan and its encapsulation
exit

int fa 0/0.40
ip address 192.168.40.1 255.255.255.0
encapsulation dot1q 40
!syntax:! encapsulation dot1q (vlan#)
! this is to inform the router the subinterface’s vlan and its encapsulation
exit

Let us verify:

1231f.PNG

1.) PC1 will ping PC2

 

1231g.PNG

Ha! what ‘s wrong with the ping connection? I already configured subinterfaces but ping connection is not successful.

Let us try to troubleshoot:

1231h

The first step in troubleshooting is to isolate what part of the connection is causing the ping issue:

Int fa 0/3 must be an access port, so it is ok for us to see it on access mode:

1231i.PNG

 

 

 

So we are now good with the 1st part of the isolation process, let us move to the 2nd part which is the link of SW2 and SW1:

1231k.PNG

It seems like SW2 is now all good.Since it is a switch to switch connection then we must get that interface on trunking mode

Let’s check SW1:

1231l.PNG

; interface fa 0/1 of SW3 is all good as well, let’s check the connection of SW1 and R1:

1231m

Aha! we figured out the fa 0/3 of SW1 is an access mode, we also consider switch to router interfaces as trunk interface so let us try to configure:

@SW1
conf t
int fa 0/3
switchport mode trunk
!let us remember that though fa 0/0 of R1 is also a trunk port, it doesn’t send DTP message so we must configure switch interface instead
exit

Let us first verify ping connection:

1.) PC1 will ping PC2

1231r.PNG

1231s

2.)PC2 will ping PC3

123a.PNG

 

3.)PC4 will ping the server

123b

Note: the ping is not successful because basically we did not configure yet inter-vlan routing on R2

4.) PC4 will ping R2

123f

Since we are getting sad face because the connection is not established on R2 or the inter-vlan routing is not established, let us go with the configuration:

Let us notice on our network topology, that are two existing vlan 10, first is the vlan 10 of R1 and 2nd is the vlan 10 of R2. Let us be reminded it will be ok because they are separated in different broadcast domain. Routers separates broadcast domains and so having two vlans on a network however separated by routers would be ok.

 

Additional configuration:

@SW4

conf t
int fa 0/1
switchport mode trunk
exit

conf t
int vlan 10
ip address 172.16.60.4 255.255.255.0

@R2
en
conf t
int fa 0/0
no ip address
no shut
exit

int fa 0/0.1
encapsulation dot1q 1
ip address 172.16.50.1 255.255.255.0
exit

int fa 0/0.10
encapsulation dot1q 10
ip address 172.16.60.1 255.255.255.0
exit

@R2

! on this portion, I will not discuss the routing protocols used but it is the most convenient way to establish routing on this  network

conf t
router eigrp 100
network 192.168.0.0 0.0.255.255

! advertize the network 192.168.0.0 which is not directly connected to R2
network 50.0.0.0

!advertize the network  50.0.0.0- directly connected and just one network interface so we don’t need wildcard mask as of the moment
no auto

!to disable summarization of the network address
exit

@R1
conf t
router eigrp 100
network 172.16.0.0 0.0.255.255

! advertize the network 172.16.0.0 which is not directly connected to R1
network 50.0.0.0

!!advertize the network  50.0.0.0- directly connected and just one network interface so we don’t need wildcard mask as of the moment
no auto

! to disable summarization of the network address
exit

Note: We will go further to EIGRP but as of the moment, just learn first the syntax

Alright so let’s try to check verification #3 and #4

3.)PC4 will ping the server

aaaaa.PNG

4.) PC4 will ping R2

bbbb.PNG

At last, so that’s how inter-vlan works!

HAPPY NEW YEAR mate!

*****************************End of Blog*******************************

 

 

 

3.2Interpret the components of a routing table

3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort

Alright, so we are moving on interpretation of the components of routing table.

A.) Prefix- it refers to the network address that a router can see.

I got here a topology from the static routing topic.

1226

and the routing table of BPO MAIN:

12a1

All the highlighted ip addresses are prefix. In IPv6 addressing, prefix is the term used to define  network prefix.

B. Network Mask- Nothing complicated with the term ” network mask”. It is still subnet mask that you used to encounter. Subnet mask is actually an abbreviation to subnetwork mask which means the mask of a portion of network subnettted.

12a2

As you can see above, the network mask is highlighted which is 30 and it was subnetted to 8 subnetworks.

C. Next hop- The term next hop may refer to next hop router, next hop ip address or next hop interface.

1226m

The picture above is the best to illustrate next hop. Router 3 or BPO MAIN ‘s next hop routers are MAIN BLDG 2,MAIN BLDG 1,  and BPO BRANCH

In BPO MAIN’s perspective, the next hop ip address are 200.0.0.5, 200.0.0.1 , 200.0.0.26 and 200.0.0.30

D.)Routing protocol code

12a3

The highlighted protocol codes above represent the most commonly used routing protocols. As you can see as well below, network prefix 200.0.0.8 is learned using static protocol by forwarding the packet to directly connected ip addreses 200.0.0.26 and 200.0.0.30.

E.  Administrative distance

There are almost two decision reference for a router to determine what is the best path namely the administrative distance and the metric.

12a5.PNG

As you can see on the above image, on the prefix 200.0.0.8 –> [1/0] is the administrative distance and metric for static routing protocol.

The lower the administrative distance, the more the routers will believe that this is the best path

We can run multiple protocols in a network, so it is best to know that routers follow only the routing protocol listed on routing table with the lowest administrative distance.

Administrative is the reference for believability of the routing protocol.

Common Administrative Distance:

1.)Directly Connected Networks – 0

2.) Static – 1

3.) OSPF – 110

4.) RIP – 120

5.) EIGRP -90

6.) eBGP

Logically, router will follow static routing because we assigned it, we manually configured the routing but then again it is not advisable to large networks. Other dynamic routing protocols can be implemented and eBGP has the best admistrative distance.

F. Metric

Mate, what if I only used one routing protocol? how does a router will check the best routing selection?

Metric will be the reference if there is only one routing protocol.

Same theory applies, the lowest metric will have the best path.

Different routing protocols implement different routing metric. The following will be the metric of routing protocols:

RIP – hop

OSPF – costs

EIGRP – bandwidth + delay+ reliability+ load +MTU

BGP- attributes: weight, local preference, origin, AS path and multi exit descriminator

We will deal soon with those metrics once we hit the configuration as well.

G. Gateway of last resort

12a6.PNG

Gateway of last resort is the gateway we assigned on the router and serves as the path for LAN devices to be connected on the devices that pass through WAN links.

***************************END OF BLOG*********************************