Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
OSPF area design requires the use of a backbone area, area 0, with each area connecting
to area 0 through an ABR. However, in some cases two backbone areas exist; in other
cases, a nonbackbone area may not have a convenient point of connection to the backbone
area, for example:
Figure 8-1 shows an example of each of the first two cases.
The problems in each case have different symptoms, but the problems all stem from the
area design requirements: Each area should be contiguous, and each nonbackbone area
should connect to the backbone area through an ABR. When the network does not meet
these requirements, engineers could simply redesign the areas. However, OSPF provides
an alternative tool called an OSPF virtual link.
Understanding OSPF Virtual Link Concepts
An OSPF virtual link allows two ABRs that connect to the same nonbackbone area to
form a neighbor relationship through that nonbackbone area, even when separated by
many other routers and subnets. This virtual link acts like a virtual point-to-point connection
between the two routers, with that link inside area 0. The routers form a neighbor relationship,
inside area 0, and flood LSAs over that link.
For example, consider the topology in Figure 8-2, which shows an example of the third of
the three cases described in the beginning of this section. In this case, two companies
merged. Both companies had a small office in the same city, so for expediency’s sake, they
connected the two former Enterprise internetworks through a newly combined local sales
office in area 1.
Although adding the link between branch offices may be a cost-effective temporary
choice, it creates a design problem: Two backbone areas now exist, and OSPF requires
that the backbone area be contiguous. To solve this problem, the engineer configures a
virtual link between ABRs C1 and C2. The virtual link exists inside area 0, making area 0
contiguous.
www.CareerCert.info
Area 1
Backbone
Area
Site 1 Site 2
Case 2
(New)
Area 111 Area 0
(Old)
Area 222
Case 1
Figure 8-1 Examples of Area Design Issues
Chapter 8: OSPF Virtual Links and Frame Relay Operations 261
To define the virtual link, each router configures the other router’s RID and a reference to
the area through which the virtual link passes (area 1 in this case). The two routers send
the usual OSPF message types, encapsulated inside unicast IP packets, with a destination
IP address of the router on the other end of the virtual link. Any routers between the two
routers that create the virtual link—for instance, the two branch routers in Figure 8-2—
just forward these OSPF packets like any other packet. The neighbors on the ends of the
virtual link flood their LSDBs to each other so that all routers in both parts of area 0 learn
the routes from the other area 0.
parameters must be added to the area virtual-link command. The following list summarizes
the key configuration options on the area virtual-link router subcommand:
■ The remote-RID in the area area-num virtual-link remote-RID command refers to
the other router’s RID.
■ The area-num in the area area-num virtual-link remote-RID command refers to the
transit area over which the packets flow between the two routers.
■ The transit area over which the two routers communicate must not be a stubby area.
■ The optional configuration of OSPF neighbor authentication parameters, normally
configured as interface subcommands, must be configured as additional parameters
on the area virtual-link command.
■ The optional configuration of Hello and Dead intervals, normally configured as interface
subcommands, must be configured as additional parameters on the area virtuallink
command.
■ The router assigns the virtual link an OSPF cost as if it were a point-to-point link. The
router calculates the cost as the cost to reach the router on the other end of the link,
as calculated using the transit area’s LSDB.
Example 8-1 shows the configuration of a virtual link on Router C1 and Router C2 shown
in Figure 8-2. The configuration shows the virtual link, referencing area 1 as the transit
area, with each router referring to the other router’s RIDs. The configuration also shows
the loopback IP addresses on which the ABR’s RIDs are based being advertised into OSPF.
Example 8-1 OSPF Virtual Link Configuration on Routers C1 and C2
! On Router C1:
router ospf 1
area 1 virtual-link 4.4.4.4
!
interface fastethernet0/0
ip address 10.1.1.1 255.255.255.0
ip ospf 1 area 0
!
interface fastethernet0/1
ip address 10.21.1.1 255.255.255.0
ip ospf 1 area 1
!
interface loopback 1
ip address 1.1.1.1 255.255.255.0
ip ospf 1 area 1
! On Router C2:
router ospf 4
area 1 virtual-link 1.1.1.1
Key
Topic
www.CareerCert.info
264 CCNP ROUTE 642-902 Official Certification Guide
!
interface fastethernet0/0
ip address 10.1.1.1 255.255.255.0
ip ospf 4 area 0
!
interface fastethernet0/1
ip address 10.21.1.1 255.255.255.0
ip ospf 4 area 1
!
interface loopback 1
ip address 4.4.4.4 255.255.255.0
ip ospf 4 area 1
Verifying the OSPF Virtual Link
To prove whether the virtual link works, a neighbor relationship between C1 and C2 must
reach FULL state, resulting in all routers in both parts of area 0 having the same area 0
LSDB. Example 8-2 shows the working neighbor relationship, plus status information for
the virtual link with the show ip ospf virtual-link command.
Example 8-2 OSPF Virtual Link Configuration on Routers C1 and C2
C1#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 4.4.4.4 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet0/1, Cost of using 3
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
!
! next, note that the neighbor reaches FULL state, with no DR elected.
C1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
4.4.4.4 0 FULL/ - - 10.24.1.1 OSPF_VL0
2.2.2.2 1 FULL/DR 00:00:35 10.21.1.2
FastEthernet0/1
www.CareerCert.info
Chapter 8: OSPF Virtual Links and Frame Relay Operations 265
C1#show ip ospf neighbor detail 4.4.4.4
Neighbor 4.4.4.4, interface address 10.24.1.1
In the area 0 via interface OSPF_VL0
Neighbor priority is 0, State is FULL, 6 state changes
DR is 0.0.0.0 BDR is 0.0.0.0
Options is 0x32 in Hello (E-bit, L-bit, DC-bit)
Options is 0x72 in DBD (E-bit, L-bit, DC-bit, O-bit)
LLS Options is 0x1 (LR)
Neighbor is up for 00:00:21
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
The only new command in the example, show ip ospf virtual-links, details some items
unique to virtual links. In particular, the first highlighted portion shows the assignment of
a name to the link (VL0); if multiple were configured, each would have a different number.
This virtual link name/number is then referenced inside the LSDB. It also shows that the
routers both allow the use of the Do Not Age (DNA) bit, so periodic reflooding will not
occur over this virtual link. It lists a cost of 3; as it turns out, each of the three interfaces
between Router C1 and C2 have an OSPF cost of 1, so C1’s area 1 cost to reach C4 is 3.
The output also confirms that the routers have reached a fully adjacent state and is suppressing
the periodic Hello messages.
The familiar show ip ospf neighbor command lists a few new items as well. Note that the
interface refers to the virtual link “OSPF VL0” instead of the interface, because there is no
interface between the neighbors. It also lists no dead timer, because the neighbors choose
to not use the usual Hello/Dead interval process over a virtual link. (Instead, if all the transit
area’s routes to reach the router on the other router of the link fail, the virtual link fails.)
Finally, the show ip ospf neighbor detail 4.4.4.4 command shows the interesting phrase
“In the area 0 via interface OSPF VL0,” confirming that the neighborship does indeed exist
in area 0.
Note: OSPF does not require that the RID IP address range be advertised as a route in
OSPF. As a result, the RID listed in the area virtual-link command may not be pingable,
but the virtual link still work.
Configuring Virtual Link Authentication
Because virtual links have no underlying interface on which to configure authentication,
authentication is configured on the area virtual-link command itself. Table 8-2 shows the
variations of the command options for configuring authentication on virtual links. Note
that the configuration shown in Table 8-2 may be typed in one longer area virtual-link
command, as shown in the table, or the authentication type and key can be configured on
www.CareerCert.info
266 CCNP ROUTE 642-902 Official Certification Guide
Key
Topic
Table 8-2 Configuring OSPF Authentication on Virtual Links
Type
(Name)
Type
(Number)
Command Syntax for Virtual Links
none 0 area num virtual-link router-id authentication null
clear text 1 area num virtual-link router-id authentication authenticationkey
key-value
MD5 2 area num virtual-link router-id authentication message-digest
message-digest-key key-num md5 key-value
separate area virtual-link commands. Regardless, IOS stores two different area virtuallink
commands into the running-config: one command that enables the type of authentication,
and one that lists the authentication key, as shown in upcoming Example 8-3.
Example 8-3 shows a modified version of the configuration shown in Example 8-2, now
with MD5 authentication configured on both C1 and C2.
Example 8-3 OSPF Virtual Link Configuration on Routers C1 and C2
! On Router C1 - configuring the authentication type and key
Router ospf 1
Area 1 virtual-link 4.4.4.4 authentication message-digest message-digest-key 1
md5 fred
! On Router C2 - configuring the authentication type and key
router ospf 4
Area 1 virtual-link 1.1.1.1 authentication message-digest message-digest-key 1
md5 fred
!
! The router separated the authentication type and authentication key
! into two separate commands.
C2#show running-config
! line omitted for brevity
router ospf 4
area 1 virtual-link 1.1.1.1 authentication message-digest
area 1 virtual-link 1.1.1.1 message-digest-key 1 md5 fred
C2#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 1.1.1.1 is up
! lines omitted for brevity
Message digest authentication enabled
Youngest key id is 1
www.CareerCert.info
Chapter 8: OSPF Virtual Links and Frame Relay Operations 267
This concludes the discussion of OSPF virtual links. As mentioned in the introduction of
this chapter, the chapter now changes focus completely to discuss OSPF issues when using
Frame Relay.
No comments:
Post a Comment