Archive for the ‘OSPF’ Category

Fibbing is an architecture that enables central control over distributed routing.

This architecture is based on routing protocol OSPF and its ability to set third party next-hop with some tweak

Main trick is to create multiple LSA5 for same destination with Forward address set to IP addresses which will define path to reach destination

In LSA 5 forwarding address is set to
if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes

In LSA 5 forwarding address is set to non-zero address if
*OSPF is enabled on the ASBR’s next hop interface AND
*ASBR’s next hop interface is non-passive under OSPF AND
*ASBR’s next hop interface is not point-to-point AND
*ASBR’s next hop interface is not point-to-multipoint AND
*ASBR’s next hop interface address falls under the network range specified in the router OSPF command.

Controller speaks OSPF with rest of the OSPF enabled network and in turn push LSA 5 with third party next hop to influence routing centrally.
Controller can be simple computer which is capable of running OSPF and able to push LSA 5 as per our need.

For our demonstration I am using cisco router as controller. Below is the topology diagram in which R5 and switch is part of controller
We are using Secondary IP address which will resolve the third party next hop set by controller

Fibbing Topology

When we try to reach IP 100.100.100.l00 from IP we have 2 path available one via path R4-R2-R1 and other one via R4-R3-R1(marked with blue line)
R4 Before

R1 Before

R4 Before traceroute

Now with help of controller R5 we can move the traffic from IP to IP via path R4-R3-R2-R1(marked with red line)
R1 after

R2 after

R3 after

R4 after

R4 after traceroute

R4 after database

Please check below link for more information


Why OSPF E1 route preferred over E2 route

Posted: December 27, 2014 in OSPF

Route selection within OSPF                                                                   ————————————-

If there is more than one route to the same destination within an OSPF domain,the route preference is defined as follows, regardless of the value of the route metric.

1.Intra-area routes are preferred over inter-area and external routes.

2.Inter-area routes are preferred over external routes.

3.External type 1 routes are preferred over external type 2 routes


Hot potato routing  – sent packet out of autonomous system as quickly as possible (consider internal AS cost to reach AS exit point )

Cold potato routing – hold on the packet in originating autonomous system until it reaches as near to destination as possible (consider external cost to reach destination from As exit point  and ignore the cost to reach AS exit point )

Consider we have 2 E2 routes for same destination with different redistributed cost on the ASBR then OSPF will only consider external cost (redistributed cost) and ignores the internal cost to reach ASBR this behaviour is same as cold potato routing.

Now consider we have 2 E2 routes for same destination with same redistributed cost on the ASBR then OSPF  will compare internal cost to reach ASBR for both routes and select lowest cost path to reach ASBR this behaviour is same as hot potato routing

Reason to prefer OSPF E1 route over E2 route is that OSPF E1 route uses lowest redistributed cost + lowest cost to reach ASBR this behaviour is hot potato + cold potato routing so packet will reach to destination as quickly as possible  

Please check below link for detailed explanation along with example

DR/BDR guarded preemption in OSPF

Posted: December 26, 2014 in OSPF

DR/BDR election is determined based on the interface level ospf priority along with router-id

Highest priority elected as DR and 2nd highest as BDR

If there is tie in priority election goes on router-id

Highest router-id will be DR and 2nd highest as BDR

OSPF DR/BDR election does not support preemption which is not correct if we create race condition (More than one DR or BDR per boradcast domain)

For example Router R1,R2,R6 all connected to the switch Sw1 (all ports in vlan 10) similarly Router R4,R5,R3 connected to switch Sw2 (all ports in vlan 10) . IP configured on the router interface connecting to switch is 10.0.0.x/24 and router loopback IP is x.x.x.x/32 (where x is router number). 

Ospf interface priority of all six router is same so as per router-id based DR/BDR election 

DR – R6   and   BDR – R2  (connected to sw1)

DR – R5   and   BDR – R4  (connected to sw2)

Now if we connect sw1 to sw2 with access port in Vlan 10

there will be 2 DR and 2 BDR on the same broadcast domain(race condition)

In this race condition DR/BDR re-election will occur but this time only DR and BDR will participate in the election(not all routers). 2 DR will compete for DR position and 2 BDR will compete for BDR position In our example

R6 will compete with R5 for DR position

R4 will compete with R2 for BDR position

As a result based on highest router-id R6 will be DR and R4 will be BDR

This process of preemption in race condition can be called as guarded preemption

Please check the below link for discussion of above topic

Need for Master/Slave election in ospf ?

Posted: December 23, 2014 in OSPF

As per ospf design there is single sequence number (DD sequence number )field in the packet in contrast to TCP communication there is no such filed in DBD packet of ospf as acknowledge sequence number as we have it in the TCP  communication

Link state database synchronization consist of two steps

1. DBD exchange

2. actual LSA exchange

For DBD exchange to happen successfully we need

1. DBD packet numbering

2. DBD packet acknowledgement

OSPF DBD exchange packet consist of single DD sequence number they need to decide who will increment sequence number

actual process as follow

1. Before any DBD exchange routers will send Empty DBD packet with [I , M , MS] bits set to 1 and with random DD

sequence number

I – begining of the process(if set to 1) ; M – Means more DBD to follow (if set to 1) ; MS – if set to 1 then Master

2. Router with highest RID will drop empty DBD packet from lower RID

Router with lowest RID will accept empty DBD packet and reply back

with DBD packet with DD sequence number of highest RID intial DBD packet and   I – bit set to 0 ; M – bit set to 1 ; MS – bit set to 0 indicating its a slave

3. And both router goes in to Exchange state where actual DBD exchange will happen

Need for area 0 in OSPF

Posted: December 23, 2014 in OSPF

In OSPF area 0 is used as backbone area and why all traffic between non-backbone area must pass through backbone area?

OSPF does not propagate topological information across area borders; only routing information is conveyed

OSPF acts as link-state for intra-area and distance vector for inter-area so there is chance that routing loop can occur when routing traffic between areas

To avoid routing loop due to distance vector behavior for inter-area communication all traffic must pass through area 0

Need for LSA-4 in OSPF

Posted: December 23, 2014 in OSPF

LSA-5 provides the reachability information about the other domain routes (to reach destinations in other domain forward traffic to ASBR)

LSA-4 provides the information to reach ASBR

so with help of LSA-4/5 we can reach destinations in other domains

LSA-3 provides the reachability information about routes in other area (to reach destination in other area , destination can be ASBR)

so question is why we need LSA-4 if we already have LSA-3 to provide reachability information about routes in other area(to reach ASBR)

We need to keep below two rules in mind to get the answer

1. In ospf domain router is identified by Router-id (32 bit/IP address) but it do not have to be configured on any active ospf enabled interface(unreachable IP can be used as router-id)

2. OSPF does not propagate topological information across area borders; only routing information is conveyed (within area link-state , between area distance-vector)

Within area all router knows about ASBR even if unreachable IP is used as router-id but to provide reachability information of ASBR in other area we need LSA4

Need for areas in OSPF domain

Posted: December 23, 2014 in OSPF

The main purpose of creating areas in an ospf domain is scalability.

Without areas , Every router in the domain would be aware of the every single link and router in the network , So whenever the topology of the domain changed , such as link going up or down. All routers need to recalculate their routing tables

With large number of routers , links and announced prefixes this might put significant load on the CPU