OSPF – Becoming one with the LSDB…

Out of all of the IGPs we’ve examined so far, OSPF has one of the most complicated RIBs.  Many times, engineers that setup OSPF just configure the default settings, verify the routes are in the FIB, and consider the job done.  Then, later, they have a hard time troubleshooting it once its running because the RIB can be hard to interpret if you aren’t accustomed to it.  The goal of this post is to familiarize yourself with ways to examine the RIB and become better at troubleshooting OSPF issues.

Let’s be clear, I’m not the first one to do this, there are lots of other similar posts to this one out there.  I’ll list them here so that if my explanation doesn’t make sense, you can have another ‘go’ at it somewhere else. 

Darren’s Blog – Demystifying the OSPF Database

IPExpert – Quick look into the OSPF Database: Router LSA

IPExpert – Quick look into the OSPF Database: Summary LSA

IPExpert – Quick look into the OSPF Database: External and ASBR-Summary LSA

So let’s take a look at our topology again…

image

I’ve modified things slightly from a config perspective.  Router3 is advertising a 0’s route into OSPF and switch2 is still receiving the 192.168.0.0/16 advertisement through EIGRP and redistributing it into OSPF.  In addition I’ve converted the link between router1 and router2 to be a normal (non point-to-point) OSPF network type.  All of the areas have been reverted to normal areas as well. 

So let’s now imagine that we are router2.  Recall that the strength of OSPF is that each router (for the most part) knows the entire topology.  For instance, let’s take a look at the database summary on router2…

image 
Here we can see all of the LSAs that router2 has received.  In this case we have type 1 (Router), type 2 (Network), type 3 (Network Summary), type 4 (ASBR), and type 5 (AS External) LSAs.  While we’ve spent most of the time up until now looking at the entire database, we can view specific LSA types by extending the ‘show ip ospf database’ command.  For instance…

image

When you execute one of these more specific commands, you get the detailed LSA information.  Let’s start by looking at the router LSAs (type 1). 

Router LSAs (Type 1)
As stated, when looking at specific LSA types, you get the detailed information about the LSAs.  It’s useful (required in most cases) to filter this down to a more manageable output.  The router LSAs have an easy way of doing that by adding additional commands to the show command…

image

These are really handy!  Imagine an area with tens or maybe even hundreds of routers.  The output of ‘show ip ospf database router’ would be overwhelming.  That being said, I want to focus on two specific commands. 

show ip ospf router self-originate

and

show ip ospf router <Router ID>

The self-originate command gives us information about the LSA that the local router is originating.  For instance…

image
As you can see, this router LSA is for router2 (RID 2.2.2.2).   This is a real wealth of information!  You can see the 4 links that router2 has (4 because the links are point-to-point), the IP interfaces and mask of each of the links, and the neighboring router’s RID.  Likewise, we can examine router LSAs we received from other routers…

image
Same sort of information here, but it shows the information relevant router1.  Recall that type 1 LSAs are flooded only within a certain area.  That being said, we only see router1’s link that exists in area 2.   Examining the router LSAs that a router has gives you a good idea of what router’s exist in a given area as well as the networks attached to those interfaces.  Using these LSAs alone you could build a pretty decent network diagram of a given area.

Network LSAs (Type 2)
The type 2 LSA shares information with us about intra area broadcast network segments that have more than 1 OSPF router attached to them.  Recall that these LSAs are only generated by a segments designated router.  Once again, we can use the following show commands to look at more specific network LSAs…

show ip ospf database network self-originate

and

show ip ospf database network <Router ID>

image

The most valuable piece of information found in a network LSA (in my opinion) is the list of attached routers.  Since the DR is the only device originating this LSA, it’s good to know what other router’s live on that segment.  

Network Summary LSAs (Type 3)
The network summary LSAs get viewed slightly differently than the router or network LSAs.  Here are out options for viewing them…

image

If we are on an ABR, we would be interested in the self-originate command.  Since router2 isn’t an ABR, we wont see any output with that command.  If we want to see the summaries that are being advertised by a particular ABR on rotuer2, we can use the ‘adv-router’ command.  For instance…

image
Here’s a sample of the output we see.  These are all the summaries that router4 is advertising into area 2.   

When I started working with OSPF, one of the main areas of confusion I had with OSPF was how OSPF shows the actual network prefix in the database.  As you can see in the above output, the network itself get’s advertised as a ‘Link State ID’.  So for instance, the LSAs listed above are for the networks 10.0.0.0 /30 and 10.0.0.8/30.  However, with the network LSAs (type 2), the link state ID is the IP address of the advertising router, not the network itself.  In the case of the network LSA, you’d have to look at the mask and figure out based on the IP of the designated router what the subnet actually is. 

ASBR Summary LSA (Type 4)
I think the type 4 LSAs are pretty neat.  On a normal OSPF router looking at the type 4 LSAs can tell you exactly which OSPF routers are advertising ‘external’ route into your network.  For instance…

image
One quick look at this output and I can tell you that routers 3 (3.3.3.3)  and switch2 (10.10.10.10) are advertising external routes into OSPF.  Don’t get confused by the advertising router piece of this output.  That just tells you that routers (1.1.1.1) and router4 (4.4.4.4) are the ABRs advertising these LSAs into this area.  Recall that these LSA types are just used to identify the actual ASBRs, not tell you about the prefixes they are advertising.

AS External LSA (Type 5)
The type 5 LSAs describe to us exactly which prefixes the ASBRs are advertising into OSPF.  A quick output will give us a lot of information…

image
Note that the output could be delimited further with the ‘adv-router’ flag which in this case would be the router ID of the actual ASBR, not the ABR that advertised the LSA into the area.   This LSA type also tells us the ASBR that’s advertising the router with the link state ID in this case being the actual network prefix. 

Note that the metric for the two routes coming from 10.10.10.10 is 20.  20 is the default cost for routes advertised into OSPF.  Also note that the metric type if type2.  Recall from the earlier OSPF post that we saw that E1 (type 1) routers were preferred over E2 (type 2) routes.  I never really explained the differences so here it is. 

Type 2 routes only include the cost of the redistributed route.  That is, the cost that the ASBR has for the route upon redistribution (20 in this case) is the same cost that a router 10 hops away will see for the route.  Basically, the metric for E2 routes is the same across the entire OSPF network. 

Type 1 routes include the cost of the redistributed route, PLUS the cost to get to the ASBR.  For instance, let’s change the routes being advertised by switch2 to be type 1 routes so you can see the difference…

image

Now let’s look at the OSPF database again for external routes being advertised by switch2…

image
So we can see the LSA is now a type 1 LSA, but the metric is still listed as 20.  What gives? 

This my friends is the point in this post I’ve been waiting to get to.  This is where it all comes together in a glorious moment where everything clicks.  So here we go…

Let’s take a look at the route for 192.168.0.0/16 in the FIB.  Recall that we’ve been looking at the OSPF database (RIB) up until this point.  This is just where OSPF keeps all of it’s info.  Just because we see something in the OSPF RIB doesn’t mean that we’ll see it in the FIB…

image

Aha!  So the metric really isn’t 20, it’s 95.  But where did that come from?  The OSPF RIB shows 20 for that LSA.  Here’s what happens…

Since it’s a type 1 (E1) route, we need to account for not only the redistributed metric (20), but also the path to get to the ASBR.  The type 5 LSA doesn’t tell us that, so we need to look at the other LSAs to figure this out.

Find the cost to the area ABR 
In our case, that cost is 1 since we are one hop away from the ABRs router1 and router4…

image

Find the cost to the ASBR advertising the type 5 LSA
To do this, we can look at the type 4 (ASBR) LSA…

image

Here we can see the metric 74 to get to that ASBR.  Recall that router 5 still has the manual cost of 70 configured on it’s interface.  We can verify this by looking at the diagram as well…

image

Find the external cost of the metric 
We already saw this in the type 5 LSA…

image

But the cost in this LSA is 20.  Add it all together and what do we get?

image

95!  I guess I was hoping that this would be an ahah! moment for you.  I know it was for me when I finally grasped the concept that route metrics and path determination in OSPF are a accumulation of multiple LSAs, not just specific ones. 

It should also be noted here that the default route (from 3.3.3.3) showed as a metric of 1 in the type 5 LSA above.  That’s the default metric for the 0’s route being advertised in via the ‘default information originate’ command. 

That wraps up this post, thanks for reading!

Tags: , ,

Reply

Your email address will not be published. Required fields are marked *