Enhance your Career in Networking With IPinBits!!!​

OSPF LOOP PREVENTION

There are two types of routing happens in OSPF.

  • Intra- Area routing – Routes within area. In intra-area routing loops are prevented by OSPF SFP algorithm as in SFP each router calculates shortest path to destination keeping itself as a root of tree.
  • Inter-Area Routing – Now here the things become interesting. Since Link state protocols has inbuilt loop prevention using SFP and Split horizon rule. But Inter area routes are shared by SUMMARY LSA. So the routers knows fully topology for 1 area only. They can not form topology based on SUMMARY LSA. This is same behavior as DISTANT VECTOR protocol where ABR is responsible for Inter-area prefixes.

Since there is no common topology shared among different areas, loop prevention should be based on distance-vector principles. There are three main rules of generating and receiving inter-area routes (type-3 LSAs) in OSPF that prevent control-plane routing loops:

  1. Area Border Router (ABR) is a router that has at least one interface in Area 0 and this interface is NOT in DOWN state. ABR is distinguished by setting the B (border) bit in its router LSA to signal other routers in the same area of its ABR status. Only ABR is allowed to generate summary LSAs and inject them in the attached areas.
  2. ABR expects summary LSAs from Area 0 only. This means there should be at least one adjacency in FULL state built over Area 0 interface. In case if ABR has such adjacency, it will ignore summary-LSAs received over non-backbone areas. These LSAs will be installed in the database, but not used for SPF calculations.
  3. ABR will accept and use summary-LSAs learned over non-backbone area if it DOES NOT have a FULL adjacency built over an Area 0 interface. It is safe to do so, since the ABR will not be able to flood the summary back into Area 0 creating routing loops.

So Considering above rules we will implement in below topology :-

Here according to 1st rule, R1 and R3 will be ABR and share the SUMMARY LSAs. But what about R4, it is also connected to TWO different areas. Lets see :-

AREA 0

R2#sh ip ospf border-routers 


            OSPF Router with ID (2.2.2.2) (Process ID 100)

                Base Topology (MTID 0)


Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route


i 1.1.1.1 [1] via 12.12.12.1, GigabitEthernet0/0, ABR, Area 0, SPF 3
i 3.3.3.3 [1] via 23.23.23.3, GigabitEthernet0/1, ABR, Area 0, SPF 3
------------------------------------------------------------------------
------------------------------------------------------------------------

AREA 1
R5#sh ip ospf border-routers 


            OSPF Router with ID (5.5.5.5) (Process ID 100)

                Base Topology (MTID 0)


Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route


i 1.1.1.1 [1] via 15.15.15.1, GigabitEthernet0/3, ABR, Area 1, SPF 4

------------------------------------------------------------------------
------------------------------------------------------------------------
AREA 2

R6#sh ip ospf border-routers 


            OSPF Router with ID (6.6.6.6) (Process ID 100)

                Base Topology (MTID 0)


Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route
i 3.3.3.3 [1] via 36.36.36.3, GigabitEthernet0/3, ABR, Area 2, SPF 4

So We saw that none of the area considers R4 as border routers. SO there is no summary LSA generated by R4. Lets check and verify on R5:-

R5#sh ip ospf database   


            OSPF Router with ID (5.5.5.5) (Process ID 100)


                Router Link States (Area 1)


Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         834         0x80000002 0x00414C 2
4.4.4.4         4.4.4.4         332         0x80000003 0x00EA81 2
5.5.5.5         5.5.5.5         828         0x80000003 0x00A0DA 2


                Net Link States (Area 1)


Link ID         ADV Router      Age         Seq#       Checksum
15.15.15.5      5.5.5.5         833         0x80000001 0x009546
45.45.45.5      5.5.5.5         829         0x80000001 0x00EF85


                Summary Net Link States (Area 1)


Link ID         ADV Router      Age         Seq#       Checksum
1.1.1.1         1.1.1.1         869         0x80000001 0x0047EC
2.2.2.2         1.1.1.1         829         0x80000001 0x00230C
12.12.12.0      1.1.1.1         869         0x80000001 0x00C350
23.23.23.0      1.1.1.1         829         0x80000001 0x0040B1
34.34.34.0      1.1.1.1         829         0x80000001 0x00BC13
36.36.36.0      1.1.1.1         829         0x80000001 0x007455
46.46.46.0      1.1.1.1         829         0x80000001 0x001595

We can observe that the only router R1 is sending summary LSA to R5. So far we have successfully avoided the LOOP in INTER-AREA routing.But this implementation has some negative effect on the network. Lets check how R6 is communicating to R5.

R6#traceroute 5.5.5.5
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
 1 36.36.36.3 4 msec 4 msec 3 msec
 2 23.23.23.2 7 msec 4 msec 7 msec
 3 12.12.12.1 3 msec 3 msec 10 msec
 4 15.15.15.5 8 msec 10 msec 6 msec

So R6 is communicating with R5 via :- R6-R3-R2-R1-R5So while preventing loop we introduced the sub optimal routing in our network. This also breaks the OSPF Functionality – SHORTEST PATH FIRST. Instead of taking shorter router (R6-R4-R5) the longer route (R6-R3-R2-R1-R5) is preferred.
So to avoid this we will use the RULE no 2. Lets make the R4 as ABR.

How do we make the R4 as ABR – by calling the Loopback interface in area 0

Since Loopback can not form adjacency so R4 will not have full adjacency with AREA 0, so Area 0 will show up as “inactive” on R4. However, this is enough for R4 to start advertising itself as ABR and generating summary LSAs from Area 2 and from Area 1. After this configuration, R6 and R5 will both receive and process those summary LSAs and would be able to use R4 for transit.

R4#sh run | sec ospf
router ospf 100
 network 34.34.34.0 0.0.0.255 area 2
 network 41.41.41.0 0.0.0.255 area 1
 network 45.45.45.0 0.0.0.255 area 1
 network 46.46.46.0 0.0.0.255 area 2
R4#conf t           
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router ospf 100                   
R4(config-router)#network 4.4.4.4 0.0.0.0 area 0    
R4(config-router)#^Z
R4#sh run | sec ospf


*May 25 09:52:58.429: %SYS-5-CONFIG_I: Configured from console by consolerouter ospf 100
 network 4.4.4.4 0.0.0.0 area 0
 network 34.34.34.0 0.0.0.255 area 2
 network 41.41.41.0 0.0.0.255 area 1
 network 45.45.45.0 0.0.0.255 area 1
 network 46.46.46.0 0.0.0.255 area 2

Lets check if the OSPF routers now consider the R4 as ABR.

R6#sh ip ospf border-routers 


            OSPF Router with ID (6.6.6.6) (Process ID 100)

                Base Topology (MTID 0)


Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route
i 4.4.4.4 [1] via 46.46.46.4, GigabitEthernet0/1, ABR, Area 2, SPF 5

i 3.3.3.3 [1] via 36.36.36.3, GigabitEthernet0/3, ABR, Area 2, SPF 5

______________________________________________________________________
----------------------------------------------------------------------
R5#sh ip ospf border-routers 


            OSPF Router with ID (5.5.5.5) (Process ID 100)
                Base Topology (MTID 0)


Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route


i 4.4.4.4 [1] via 45.45.45.4, GigabitEthernet0/2, ABR, Area 1, SPF 6
i 1.1.1.1 [1] via 15.15.15.1, GigabitEthernet0/3, ABR, Area 1, SPF 6

SO now AREA 1 and AREA 2, both consider the R4 as ABR, since R4 is now ABR, it will send summary LSA between Areas. Lets check and verify :-

R6#sh ip ospf database summary 5.5.5.5


            OSPF Router with ID (6.6.6.6) (Process ID 100)


                Summary Net Link States (Area 2)


  LS age: 955
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 5.5.5.5 (summary Network Number)
  Advertising Router: 3.3.3.3
  LS Seq Number: 80000001
  Checksum: 0x70A8
  Length: 28
  Network Mask: /32
        MTID: 0         Metric: 4 


  LS age: 379
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 5.5.5.5 (summary Network Number)
  Advertising Router: 4.4.4.4
  LS Seq Number: 80000001
  Checksum: 0x3ED8
  Length: 28
  Network Mask: /32
      MTID: 0         Metric: 2  

So Now R6 has Two summary LSA for R5, 1 from R3 and another from R4 (Notice the cost here). Lets now check how R6 is reaching R5.

R6#traceroute 5.5.5.5                 
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 46.46.46.4 8 msec 4 msec 5 msec
2 45.45.45.5 6 msec 5 msec 7 msec

SO sub-optimal routing as well as Loop is handled using this method.How about the R3 receives the SUMMARY LSA from new R4 ABR for 5.5.5.5.Will it share the summary LSA further to area 0? Will it use this information.Lets see the OSPF database on R3

   R3#sh ip ospf database summary 5.5.5.5
*May 25 10:13:27.627: %SYS-5-CONFIG_I: Configured from console by console
R3#sh ip ospf database summary 5.5.5.5


            OSPF Router with ID (3.3.3.3) (Process ID 100)


                Summary Net Link States (Area 0)


  LS age: 1795
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 5.5.5.5 (summary Network Number)
  Advertising Router: 1.1.1.1
  LS Seq Number: 80000001
  Checksum: 0x988A
  Length: 28
  Network Mask: /32
        MTID: 0         Metric: 2 




                Summary Net Link States (Area 2)


  LS age: 1793
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 5.5.5.5 (summary Network Number)
  Advertising Router: 3.3.3.3
  LS Seq Number: 80000001
  Checksum: 0x70A8
  Length: 28
  Network Mask: /32
        MTID: 0         Metric: 4 


  LS age: 1212
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 5.5.5.5 (summary Network Number)
  Advertising Router: 4.4.4.4
  LS Seq Number: 80000001
  Checksum: 0x3ED8
  Length: 28
  Network Mask: /32
  MTID: 0         Metric: 2     

We see that R3 is having two LSAs for R5 in AREA 2 and 1 LSA for AREA 0. Lets see which route it will take

R3#traceroute 5.5.5.5
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 23.23.23.2 6 msec 4 msec 5 msec
  2 12.12.12.1 7 msec 10 msec 10 msec
  3 15.15.15.5 7 msec 6 msec 10 msec

The above phenomenon is due to Rule 2. Since R4 does not have full adjacency with area 0, R3 will not process the LSA sent by R4 for SPF calculation. So if we want to take the R3-R4- R5 path, make a virtual link between R3 and R4. This will enable the Full area 0 adjacency on R4 and R3 will now process the LSAs sent by R4. Basically in the last step we repaired a partitioned area 0.

VIRTUAL LINK ON R3 and R4
R3(config)#router ospf 100                 
R3(config-router)#area 2 virtual-link 4.4.4.4
*May 25 10:24:36.248: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on OSPF_VL0 from LOADING to FULL, Loading Done


R4(config)#router ospf 100               
R4(config-router)#area 2 virtual-link 3.3.3.3
*May 25 10:24:03.341: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on OSPF_VL0 from LOADING to FULL, Loading Done




R3#traceroute 5.5.5.5
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 34.34.34.4 5 msec 5 msec 7 msec
  2 45.45.45.5 9 msec 7 msec 9 msec

Related blog posts