So I'm on Router1 and I'd like to know what other Cisco gear is hooked up to it. That's what CDP is for.
Router1#show cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S -Switch, H - Host, i - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
Router2 Fas0/0 131 R 2811 Fas 0/0
Router4 Ser0/0 131 R 2811 Ser 0/0
This output tells us there are two routers, Router2 and Router4 connected. So let's check out the connectivity to Router4 with a ping!
Router1#ping 172.16.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Great, trust me that Router2 also works. Now let's examine our routing table (RIB).
Router1#sh ip ro
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.10.0 is directly connected, Serial0/0
Just two lonely connected routes. It's not a large network, so let's hop on over to Router2 and look at it's RIB.
Router2#sh ip ro
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
O 172.16.10.0 [110/65] via 10.1.1.1, 00:11:34, FastEthernet0/0
Here we see that one of the two routes has an O on the far left, indicating it's learned via OSPF. Whereas connected routes are added to the RIB from interfaces that are on that router, OSPF routes are dynamically learned by the OSPF routing protocol. We see that 172.16.10.0/24 is learned off of FastEthernet0/0, and in brackets we learn it's administrative distance is 110 and it's OSPF specific metric is 65. This route was learned 11 minutes ago. All straight forward stuff. But the key here is how does OSPF add routes to the RIB in the first place?
If we hop over to Router1 we see the data for OSPF process 100.
Router1#sh ip proto
Routing Protocol is "ospf 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 172.16.10.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
172.16.10.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
172.16.10.1 110
Distance: (default is 110)
The Router ID is the identification of Router1 in the OSPF world. This value isn't an IP address, but just looks like it as it has to be a 32-bit DDN value, even in IPv6 networks it will look like this. Without a Router ID value set, the OSPF process won't start. It's set with the router-id subcommand (for router ospf command), or IOS picks the highest IP number of a Loopback interface, or failing both it picks the highest IP number of any other IPv4 interface which is at least in an up/down state.
Below the Router ID we see "Routing for Networks". This tells us what networks are configured on this OSPF process (process 100) to be advertised into area 0. The final portion "Routing Inoformation Sources" lists the OSPF neighbors from which this router can learn routes and inject them into the RIB.
A useful command is show ip ospf int brief.
Router2#show ip ospf int brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Fa0/0 100 0 10.1.1.2/24 1 BDR 1/1
Router1#show ip ospf int brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Fa0/0 100 0 10.1.1.1/24 1 DR 1/1
Se0/0 100 0 172.16.10.1/24 64 P2P 0/0
Here we see clearly the different world view between Router1 and Router2! The State column tells us what the router thinks that particular entry is in OSPF terms. Router2 has BDR listed for the device off of Fa0/0, which is Router1. So Router2 thinks that Router1 is a BDR, while Router1 thinks that Router2 is a DR. This makes sense. DR is a Designated Router, while BDR is a Backup Designated Router. BDR takes over flooding routing updates when the DR goes down. And since we only have two routers, one of them had to be the primary. Each group of OSPF neighbors on the same data link segment go through the DR/BDR election process, as there can only be one of each per segment. This way there isn't wasting of bandwidth. All the routers on a segment send their updates to the DR, which in turn floods the updates to all the other routers, including the BDR. It's a logical star topology. The route updates are packaged inside of an LSU (Link State Update) packet, containing LSAs (Link State Advertisements). Each router receives LSAs and builds the LSDB (Link State Database). This database is what the SPF (Dijkstra) algorithm is fed with and out come the routes that the SPF adds to the RIB. So the LSDB contains LSAs, from which the SPF extrapolates the routes to add to the routing table. So the OSPF route we saw earlier means that the SPF was run and there was a corresponding LSA in the LSDB of that router! To view the LSDB use show ip ospf database.
Router2#sh ip ospf data
OSPF Router with ID (10.1.1.2) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.1.1.2 10.1.1.2 558 0x80000002 0x00E927 1
172.16.10.1 172.16.10.1 558 0x80000003 0x009623 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.1 172.16.10.1 558 0x80000001 0x0029B7
Router1#sh ip ospf data
OSPF Router with ID (172.16.10.1) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.1.1.2 10.1.1.2 588 0x80000002 0x00E927 1
172.16.10.1 172.16.10.1 588 0x80000003 0x009623 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.1 172.16.10.1 588 0x80000001 0x0029B7
As you can see both routers give us the exact same display. This makes sense since OSPF is a link state routing protocol and the LSUs ensure each router has the exact same set of LSAs in it's database, so that each router can make it's own view on the network from the same set of data.
A command that gives a similar display to show ip ospf interface brief is show ip ospf neighbors, focusing on all the neighbors that router knows.
Router2#sh ip ospf neigh
Neighbor ID Pri State Dead Time Address Interface
172.16.10.1 1 FULL/DR 00:00:40 10.1.1.1 FastEthernet0/0
Router1#sh ip ospf neighb
Neighbor ID Pri State Dead Time Address Interface
10.1.1.2 1 FULL/BDR 00:00:40 10.1.1.2 FastEthernet0/0
As you can see in the State column the DR and BDR terms return, but now with the term FULL before them. Full is one of many states an OSPF neighbor can be in and it indicates that the LSDB has been exchanged fully and is populated, meaning it's full of LSAs! Full is the final state, and along with 2-Way, is the most common in fully working networks. Neighbor ID is just another way of saying "The Neighbor's Router ID".
Here is what the log looks like when the LSDB is "fulled" on Router2:
*Feb 25 10:22:06.334: %OSPF-5-ADJCHG: Process 100, Nbr 172.16.10.1 on FastEthernet0/0 from LOADING to FULL, Loading Done
To get to this point, we had to configure OSPF with very simple commands.
Router2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router2(config)#router ospf 100
Router2(config-router)#network 10.1.1.0 0.0.0.255 area 0
Router2(config-router)#^Z
%SYS-5-CONFIG_I: Configured from console by console
The first one tells the IOS what process number to use, in this case it's process 100 with the router ospf 100 command. Next we tell the IOS what interfaces to suck in with the network command. The first parameter is the subnet ID, in this case 10.1.1.0. Then comes the wildcard mask instead of a netmask, it is 0.0.0.255. This is the same thing as a netmask of 255.255.255.0 or a /24. Wildcard masks are simply inverted netmasks, nothing complicated. Wherever there was a 255 now is a 0 and vice versa. Then we tell it what area that subnet belongs in, and in this case it's area 0, the backbone area. IOS will look for any interfaces within this subnet and start sending OSPF Hello messages to the multicast address 224.0.0.5. Any routers that have OSPF enabled on that segment will process this multicast packet and will reply appropriately. If the parameters of the Hello packets match, the OSPF routers will form adjacencies. Then they will exchange database descriptors which indicate what LSAs they know and don't know. Think of it like loading the headers of email messages before requesting the full bodies. Once the DDs have been exchanged during the ExStart state, the DR will flood the LSAs and the receiver will update it's LSDB. Then when the FULL state is reached it will run the SPF algorithm and form routes for the RIB. Each time there is a network change within an area, the SPF must be re-run to account for convergence. This is why the area separations of OSPF help trim processing time and memory consumption. If the OSPF process only has to worry about routes in one area, it doesn't care about flapping links in another area. Unless it's an ABR, an Area Border Router, these connect other areas to backbone area 0, and thus process more than one area's worth of LSAs.
A useful command for tshoots is show ip ospf interface.
Router2#sh ip ospf interface
FastEthernet0/0 is up, line protocol is up
Internet Address 10.1.1.2/24, Area 0
Process ID 100, Router ID 10.1.1.2, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State BACKUP, Priority 1
Designated Router (ID) 172.16.10.1, Interface address 10.1.1.1
Backup Designated router (ID) 10.1.1.2, Interface address 10.1.1.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:00
Supports Link-local Signaling (LLS)
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.10.1 (Designated Router)
Suppress hello for 0 neighbor(s)
Note that is says on the fourth line State BACKUP. This means that Router2 is the BDR, which we already know. It gives us the Process ID (100) and Router ID (10.1.1.2) of this router, but it also tells us the Router IDs of the DR and the BDR a bit below. It gives us the full view into the timer intervals. The important bit is to note that the Dead interval is 40 seconds by default, after it times out the adjacency to that neighbor goes down.
Another usefull tshooter is show ip ospf, though this one is very long and verbose.
Router2#sh ip ospf
Routing Process "ospf 100" with ID 10.1.1.2
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:00 ago
SPF algorithm executed 3 times
Area ranges are
Number of LSA 3. Checksum Sum 0x00E927
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
A very important thing to look for is the bottom half where it says "Area BACKBONE(0)". In this section it shows how many times the SPF is executing. If you see this wildly increasing it usually means a lot of network instability.
Now you are officially an OSPF baby. :)
