CCNA Certification

CCNA, CCNP, CCIE Certification News

Using OSPF’s

BSCI exam success, not to mention earning your CCNP, can come down to your OSPF route summarization skills.

There are a few different commands and situations you need to be ready for, and one of these situations is the proper use of the “summary-address” command.

The summary-address command should be used on an ASBR in order to summarize routes that are being injected into the OSPF domain via redistribution. In the following example, four routes are being redisitributed into OSPF on R1, making R1 an ASBR.

interface Loopback16
ip address 16.16.16.16 255.0.0.0
!
interface Loopback17
ip address 17.17.17.17 255.0.0.0
!
interface Loopback18
ip address 18.18.18.18 255.0.0.0
!
interface Loopback19
ip address 19.19.19.19 255.0.0.0
R1(config)#router ospf 1
R1(config-router)#redistribute connected subnets

These four routes are seen on downstream router R2 as External Type-2, the default for routes redistributed into OSPF.

R2#show ip route ospf
O E2 17.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 19.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 18.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0

To summarize networks learned by redistribution, use the OSPF command summary-address. You can probably do this summarization in your head, but do so before continuing with the lab.

R1(config)#router ospf 1
R1(config-router)#summary-address 16.0.0.0 252.0.0.0

Look at the change in R2s OSPF table.

R2#show ip route ospf
O E2 16.0.0.0/6 [110/20] via 172.12.123.1, 00:00:05, Serial0

The external routes have been successfully summarized. Note that the summary route is still marked as an E2 route.

Theres an interesting route installed into R1s OSPF table as well.

R1#show ip route ospf
O 16.0.0.0/6 is a summary, 00:01:51, Null0

When you configure summary routes in OSPF, a route to null0 will be installed into the OSPF routing table. This helps to prevent routing loops. Any packets destined for the routes that have been summarized will have a longer match in the routing table….

C 17.0.0.0/8 is directly connected, Loopback17
C 16.0.0.0/8 is directly connected, Loopback16
C 19.0.0.0/8 is directly connected, Loopback19
C 18.0.0.0/8 is directly connected, Loopback18

O 16.0.0.0/6 is a summary, 00:03:10, Null0
O 12.0.0.0/6 is a summary, 00:07:53, Null0

… and packets that do not match one of the summarized routes but do match the summary route will be dropped.

March 17, 2007 Posted by | BSCI, CCNP | Leave a comment

OSPF Virtual Links

Knowing when and how to create an OSPF virtual link is an essential skill for BSCI and CCNP exam success, not to mention how important it can be on your job!

As a CCNA and CCNP candidate, you know the theory of virtual links, so let’s take a look at how to configure a virtual link, as well as some real-world tips that many CCNA and CCNP study guides leave out!

In this configuration, no router with an interface in Area 4 has a physical interface in Area 0. This means a logical connection to Area 0, a virtual link, must be built.

Tn the following example, R1 and R3 are adjacent and both have interfaces in Area 0. R4 has an adjacency with R3 via Area 34, but R4 has no physical interface in Area 0 and is advertising its loopback 4.4.4.4 into OSPF. R1 doesn’t have the route to that loopback.

R1#show ip route ospf
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.1.5, 01:05:45, Ethernet0
172.23.0.0/27 is subnetted, 1 subnets
O IA 172.23.23.0 [110/74] via 172.12.123.3, 00:04:14, Serial0
7.0.0.0/32 is subnetted, 1 subnets
O 7.7.7.7 [110/11] via 10.1.1.5, 01:05:45, Ethernet0

To resolve this, a virtual link will be built between R3 and R4 through Area 34. The area through which the virtual link is built, the transit area, cannot be a stub area of any kind.

R4(config)#router ospf 1
R4(config-router)#area 34 virtual-link 3.3.3.3
R3(config)#router ospf 12d07h: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 172.23.23.4, Ethernet0

R3(config)#router ospf 1
R3(config-router)#area 34 virtual-link 4.4.4.4
R3(config-router)#^Z
2d07h: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on OSPF_VL0 from LOADING to FULL, Loading Done

A few details worth noting… the virtual link command uses the remote device’s RID, not necessarily the IP address on the interface that’s in the transit area. Also, don’t worry about that error message you see in the output from R3 that is normal and you’ll see it until you finish building the virtual link.

Always confirm the virtual link with show ip ospf virtual-link. If you’ve configured it correctly, the VL should come up in a matter of seconds.

R3#show ip ospf virtual-link
Virtual Link OSPF_VL0 to router 4.4.4.4 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 34, via interface Ethernet0, Cost of using 10
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 2/4, retransmission queue length 1, number of retransmission 1
First 0x2C8F8E(15)/0x0(0) Next 0x2C8F8E(15)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
Link State retransmission due in 3044 msec

Viirtual links are actually simple to configure, but for some reason they seem to intimidate people. It’s my experience that the error message highlighted in R3’s output above causes a lot of panic, but the only thing that message means is that you’re not finished configuring the virtual link yet.

There are three main misconfigurations that cause 99% of virtual link configuration issues:

  • Using the wrong OSPF RID value
  • Trying to use a stub area as the transit area
  • Failure to configure link authentication on the virtual link when Area 0 is running authentication

That last one is the one that gets forgotten! A virtual link is really an extension of Area 0, and if Area 0 is running link authentication, the virtual link must be configured for it as well. Pay attention to the details. don’t panic when you see the error message on the second router you configure with the virtual link, and you’ll be ready for any virtual link situation on the job or in the CCNA / CCNP exam room!

March 17, 2007 Posted by | BSCI, CCNP, Education, Technology | Leave a comment

Passive Interface Command And OSPF

To pass the BSCI exam and become a CCNP, you have to be aware of the proper use of passive interfaces.

You learned about passive interfaces in your CCNA studies, but here we’ll review the basic concept and clear up one misconception regarding passive interfaces and OSPF.

Configuring an interface as passive will still allow the interface to receive routing updates, but the interface will no longer transmit them.

While the command itself would make you think this command will be applied at the interface level, that is not the case. Below, we’ll configure ethernet0 as a RIP passive interface.

R1(config)#router rip
R1(config-router)#passive-interface ethernet0

Ethernet0 will no longer send RIP routing updates, but will accept them.

The passive interface concept is clear enough with RIP, IGRP, and EIGRP – all rotocols that send routing update packets. But OSPF doesn’t send routing update ackets – OSPF sends link state advertisements.

It’s the inability of the passive interface command to stop LSAs that lead many o think that passive interfaces cannot be used with OSPF.

Even though OSPF does not sent “routing updates” in the form that RIP, IGRP, and IGRP do, you can still configure an OSPF-enabled interface as passive in order o prevent OSPF traffic from exiting or entering that interface.

No OSPF adjacency can be formed if one of the interfaces involved is a passive nterface, and if you configure an OSPF-enabled interface as passive where an djacency already exists, the adjacency will drop almost immediately.

Let’s see that in action. R1 and R2 have an existing OSPF adjacency over their thernet interfaces. In an effort to reduce routing traffic, R1’s e0 interface s configured as passive. The adjacency drops right away.

R1(config)#router ospf 1
R1(config-router)#passive-interface ethernet0
18:31:11: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0 from FULL to DOWN,
Neighbor Down: Interface down or detached

Knowing how to use the passive interface command is a vital part of being a  CNP, and of being a master networker. Good luck to you in both of these pursuits!

March 17, 2007 Posted by | BSCI, CCNP, Education, Technology | 1 Comment